From: Alexandru Gagniuc <mr.nuke.me@gmail.com>
To: u-boot@lists.denx.de, uboot-stm32@st-md-mailman.stormreply.com,
patrick.delaunay@foss.st.com
Cc: Alexandru Gagniuc <mr.nuke.me@gmail.com>,
patrice.chotard@foss.st.com, etienne.carriere@linaro.org
Subject: [PATCH v2 00/11] stm32mp1: Support falcon mode with OP-TEE payloads
Date: Tue, 7 Sep 2021 18:59:22 -0500 [thread overview]
Message-ID: <20210907235933.2798330-1-mr.nuke.me@gmail.com> (raw)
My goal when I started on this project a year ago was to get to linux
userspace within a second from power on. Oh, and it had to be secure!
Contrast that to the two minutes it took the STLinux demo to come up.
It was obvious that the accepted way of running an FSBL, then SSBL was
going to blow the time budget. There really wasn't a good solution,
and traditional falcon mode with "spl export" command was not secure.
I chose to use SPL with a FIT payload. We have to add certain logic to
SPL, as well as some FDT modifications that would be normally done in
u-boot. The boot flow is
SPL -> OP-TEE -> Linux
One of the major complaints of v1 was that we shouldn't be patching
the devicetree with optee nodes in SPL. Instead, we should let OP-TEE
add the required nodes. I tried it, found a huge boot time penalty,
and decided against it.
Another issue from v1 that I was unable to address is the MAC address.
It was suggested to use the "nvmem-cells" FDT property to tell linux
where in the OTP to read the MAC. Because of the way the linux BSEC
driver is written, this would only work with TF-A, but fails with SPL.
There is also the issue of how to make the optee/ library available to
SPL. Patrick has a couple of patches up regarding the issue, so I have
not touched it in this series.
Changes since v1:
- Move SYS_MMCSD_RAW_MODE_KERNEL_SECTOR to Kconfig instead of stm32mp1.h
- Create a new defconfig for STM32MP in falcon mode
- Rework board_fit_config_name_match() per Patrick's suggestions
- Use "u-boot,falcon-gpios" instead of "st,fastboot-gpios"
- Only update shadow registers in SPL for BSEC .probe()
Alexandru Gagniuc (11):
spl: Move SYS_MMCSD_RAW_MODE_KERNEL_SECTOR to Kconfig
stm32mp1: Add support for baudrates higher than 115200
stm32mp1: Add support for falcon mode boot from SD card
board: stm32mp1: Implement board_fit_config_name_match() for SPL
fdt_support: Implement fdt_ethernet_set_macaddr()
arm: stm32mp: bsec: Update OTP shadow registers in SPL
arm: stm32mp: Factor out reading MAC address from OTP
stm32mp1: spl: Configure MAC address when booting OP-TEE
lib: Makefile: Make optee library available in SPL
ARM: dts: stm32mp: Add OP-TEE "/firmware" node to SPL dtb
stm32mp1: spl: Copy optee nodes to target FDT for OP-TEE payloads
README | 4 -
arch/arm/dts/stm32mp157a-dk1-u-boot.dtsi | 3 +
arch/arm/mach-stm32mp/bsec.c | 4 +-
arch/arm/mach-stm32mp/cpu.c | 59 ++++--
.../arm/mach-stm32mp/include/mach/sys_proto.h | 3 +
arch/arm/mach-stm32mp/spl.c | 3 +
board/st/stm32mp1/spl.c | 53 +++++
common/fdt_support.c | 30 +++
common/spl/Kconfig | 11 ++
configs/am335x_boneblack_vboot_defconfig | 1 +
configs/am335x_evm_defconfig | 1 +
configs/am335x_igep003x_defconfig | 1 +
configs/am335x_shc_defconfig | 1 +
configs/am335x_shc_ict_defconfig | 1 +
configs/am335x_shc_netboot_defconfig | 1 +
configs/am335x_shc_sdboot_defconfig | 1 +
configs/am335x_sl50_defconfig | 1 +
configs/am3517_evm_defconfig | 1 +
configs/am43xx_evm_defconfig | 1 +
configs/am43xx_evm_rtconly_defconfig | 1 +
configs/am43xx_evm_usbhost_boot_defconfig | 1 +
configs/am57xx_evm_defconfig | 1 +
configs/devkit8000_defconfig | 1 +
configs/display5_defconfig | 1 +
configs/display5_factory_defconfig | 1 +
configs/dra7xx_evm_defconfig | 1 +
configs/gwventana_emmc_defconfig | 1 +
configs/gwventana_gw5904_defconfig | 1 +
configs/gwventana_nand_defconfig | 1 +
configs/igep00x0_defconfig | 1 +
configs/imx6dl_mamoj_defconfig | 1 +
configs/imx6q_logic_defconfig | 1 +
configs/imx6qdl_icore_mipi_defconfig | 1 +
configs/imx6qdl_icore_mmc_defconfig | 1 +
configs/imx6qdl_icore_rqs_defconfig | 1 +
configs/mccmon6_nor_defconfig | 1 +
configs/omap35_logic_defconfig | 1 +
configs/omap35_logic_somlv_defconfig | 1 +
configs/omap3_logic_defconfig | 1 +
configs/omap3_logic_somlv_defconfig | 1 +
configs/omap4_panda_defconfig | 1 +
configs/omap5_uevm_defconfig | 1 +
configs/stm32mp15_falcon_defconfig | 181 ++++++++++++++++++
include/configs/brppt1.h | 1 -
include/configs/devkit8000.h | 2 -
include/configs/display5.h | 1 -
include/configs/embestmx6boards.h | 1 -
include/configs/gw_ventana.h | 1 -
include/configs/imx6-engicam.h | 1 -
include/configs/imx6_logic.h | 1 -
include/configs/imx6dl-mamoj.h | 1 -
include/configs/ls1043ardb.h | 1 -
include/configs/mccmon6.h | 1 -
include/configs/mx6sabreauto.h | 1 -
include/configs/mx6sabresd.h | 1 -
include/configs/pico-imx6.h | 1 -
include/configs/pico-imx6ul.h | 1 -
include/configs/pico-imx7d.h | 1 -
include/configs/sama5d3_xplained.h | 1 -
include/configs/stm32mp1.h | 4 +
include/configs/tam3517-common.h | 1 -
include/configs/ti_armv7_common.h | 1 -
include/configs/vyasa-rk3288.h | 1 -
include/configs/xea.h | 1 -
include/configs/xilinx_zynqmp.h | 1 -
include/configs/zynq-common.h | 1 -
include/fdt_support.h | 17 ++
lib/Makefile | 2 +-
scripts/config_whitelist.txt | 1 -
69 files changed, 386 insertions(+), 45 deletions(-)
create mode 100644 configs/stm32mp15_falcon_defconfig
--
2.31.1
next reply other threads:[~2021-09-07 23:59 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-07 23:59 Alexandru Gagniuc [this message]
2021-09-07 23:59 ` [PATCH v2 01/11] spl: Move SYS_MMCSD_RAW_MODE_KERNEL_SECTOR to Kconfig Alexandru Gagniuc
2021-10-04 13:26 ` [Uboot-stm32] " Patrick DELAUNAY
2021-09-07 23:59 ` [PATCH v2 02/11] stm32mp1: Add support for baudrates higher than 115200 Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 03/11] stm32mp1: Add support for falcon mode boot from SD card Alexandru Gagniuc
2021-10-04 14:57 ` [Uboot-stm32] " Patrick DELAUNAY
2021-10-07 19:09 ` Alex G.
2021-09-07 23:59 ` [PATCH v2 04/11] board: stm32mp1: Implement board_fit_config_name_match() for SPL Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 05/11] fdt_support: Implement fdt_ethernet_set_macaddr() Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 06/11] arm: stm32mp: bsec: Update OTP shadow registers in SPL Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 07/11] arm: stm32mp: Factor out reading MAC address from OTP Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 08/11] stm32mp1: spl: Configure MAC address when booting OP-TEE Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 09/11] lib: Makefile: Make optee library available in SPL Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 10/11] ARM: dts: stm32mp: Add OP-TEE "/firmware" node to SPL dtb Alexandru Gagniuc
2021-09-07 23:59 ` [PATCH v2 11/11] stm32mp1: spl: Copy optee nodes to target FDT for OP-TEE payloads Alexandru Gagniuc
2021-10-04 15:04 ` [PATCH v2 00/11] stm32mp1: Support falcon mode with " Patrick DELAUNAY
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210907235933.2798330-1-mr.nuke.me@gmail.com \
--to=mr.nuke.me@gmail.com \
--cc=etienne.carriere@linaro.org \
--cc=patrice.chotard@foss.st.com \
--cc=patrick.delaunay@foss.st.com \
--cc=u-boot@lists.denx.de \
--cc=uboot-stm32@st-md-mailman.stormreply.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox