config ARCH_STM32MP
bool "Support STMicroelectronics STM32MP Socs with cortex A"
select ARCH_MISC_INIT
+ select ARCH_SUPPORT_TFABOOT
select BOARD_LATE_INIT
select CLK
select DM
config STM32MP15x
bool "Support STMicroelectronics STM32MP15x Soc"
- select ARCH_SUPPORT_PSCI if !STM32MP1_TRUSTED
+ select ARCH_SUPPORT_PSCI if !TFABOOT
+ select ARM_SMCCC if TFABOOT
select CPU_V7A
- select CPU_V7_HAS_NONSEC if !STM32MP1_TRUSTED
+ select CPU_V7_HAS_NONSEC if !TFABOOT
select CPU_V7_HAS_VIRT
select OF_BOARD_SETUP
select PINCTRL_STM32
select STM32_RESET
select STM32_SERIAL
select SYS_ARCH_TIMER
- imply SYSRESET_PSCI if STM32MP1_TRUSTED
- imply SYSRESET_SYSCON if !STM32MP1_TRUSTED
+ imply SYSRESET_PSCI if TFABOOT
+ imply SYSRESET_SYSCON if !TFABOOT
help
support of STMicroelectronics SOC STM32MP15x family
STM32MP157, STM32MP153 or STM32MP151
endchoice
-config STM32MP1_TRUSTED
- bool "Support trusted boot with TF-A"
- default y if !SPL
- select ARM_SMCCC
- help
- Say Y here to enable boot with TF-A
- Trusted boot chain is :
- BootRom => TF-A.stm32 (clock & DDR) => U-Boot.stm32
- TF-A monitor provides proprietary SMC to manage secure devices
-
config STM32MP1_OPTEE
bool "Support trusted boot with TF-A and OP-TEE"
- depends on STM32MP1_TRUSTED
+ depends on TFABOOT
default n
help
Say Y here to enable boot with TF-A and OP-TEE
return !!(readl(address + bank) & bit);
}
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
/**
* bsec_check_error() - Check status of one otp
* @base: base address of bsec IP
return ret;
}
-#endif /* CONFIG_STM32MP1_TRUSTED */
+#endif /* CONFIG_TFABOOT */
/* BSEC MISC driver *******************************************************/
struct stm32mp_bsec_platdata {
static int stm32mp_bsec_read_otp(struct udevice *dev, u32 *val, u32 otp)
{
-#ifdef CONFIG_STM32MP1_TRUSTED
+#ifdef CONFIG_TFABOOT
return stm32_smc(STM32_SMC_BSEC,
STM32_SMC_READ_OTP,
otp, 0, val);
static int stm32mp_bsec_read_shadow(struct udevice *dev, u32 *val, u32 otp)
{
-#ifdef CONFIG_STM32MP1_TRUSTED
+#ifdef CONFIG_TFABOOT
return stm32_smc(STM32_SMC_BSEC,
STM32_SMC_READ_SHADOW,
otp, 0, val);
static int stm32mp_bsec_write_otp(struct udevice *dev, u32 val, u32 otp)
{
-#ifdef CONFIG_STM32MP1_TRUSTED
+#ifdef CONFIG_TFABOOT
return stm32_smc_exec(STM32_SMC_BSEC,
STM32_SMC_PROG_OTP,
otp, val);
static int stm32mp_bsec_write_shadow(struct udevice *dev, u32 val, u32 otp)
{
-#ifdef CONFIG_STM32MP1_TRUSTED
+#ifdef CONFIG_TFABOOT
return stm32_smc_exec(STM32_SMC_BSEC,
STM32_SMC_WRITE_SHADOW,
otp, val);
static int stm32mp_bsec_write_lock(struct udevice *dev, u32 val, u32 otp)
{
-#ifdef CONFIG_STM32MP1_TRUSTED
+#ifdef CONFIG_TFABOOT
if (val == 1)
return stm32_smc_exec(STM32_SMC_BSEC,
STM32_SMC_WRLOCK_OTP,
return 0;
}
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
static int stm32mp_bsec_probe(struct udevice *dev)
{
int otp;
.ofdata_to_platdata = stm32mp_bsec_ofdata_to_platdata,
.platdata_auto_alloc_size = sizeof(struct stm32mp_bsec_platdata),
.ops = &stm32mp_bsec_ops,
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
.probe = stm32mp_bsec_probe,
#endif
};
#define PKG_MASK GENMASK(2, 0)
#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
static void security_init(void)
{
/* Disable the backup domain write protection */
writel(BIT(0), RCC_MP_AHB5ENSETR);
writel(0x0, GPIOZ_SECCFGR);
}
-#endif /* CONFIG_STM32MP1_TRUSTED */
+#endif /* CONFIG_TFABOOT */
/*
* Debug init
}
#endif /* !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD) */
-#if !defined(CONFIG_STM32MP1_TRUSTED) && \
+#if !defined(CONFIG_TFABOOT) && \
(!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD))
/* get bootmode from ROM code boot context: saved in TAMP register */
static void update_bootmode(void)
#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)
dbgmcu_init();
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
security_init();
update_bootmode();
#endif
if ((boot_mode & TAMP_BOOT_DEVICE_MASK) == BOOT_SERIAL_UART)
gd->flags |= GD_FLG_SILENT | GD_FLG_DISABLE_CONSOLE;
#if defined(CONFIG_DEBUG_UART) && \
- !defined(CONFIG_STM32MP1_TRUSTED) && \
+ !defined(CONFIG_TFABOOT) && \
(!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD))
else
debug_uart_init();
if (IS_ENABLED(CONFIG_STM32MP1_OPTEE))
mode = "trusted with OP-TEE";
- else if (IS_ENABLED(CONFIG_STM32MP1_TRUSTED))
+ else if (IS_ENABLED(CONFIG_TFABOOT))
mode = "trusted";
else
mode = "basic";
static void sysconf_init(void)
{
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
u8 *syscfg;
#ifdef CONFIG_DM_REGULATOR
struct udevice *pwr_dev;
if (IS_ENABLED(CONFIG_STM32MP1_OPTEE))
mode = "trusted with OP-TEE";
- else if (IS_ENABLED(CONFIG_STM32MP1_TRUSTED))
+ else if (IS_ENABLED(TFABOOT))
mode = "trusted";
else
mode = "basic";
static void sysconf_init(void)
{
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
u8 *syscfg;
#ifdef CONFIG_DM_REGULATOR
struct udevice *pwr_dev;
CONFIG_ARM=y
CONFIG_ARCH_STM32MP=y
+CONFIG_TFABOOT=y
CONFIG_SYS_MALLOC_F_LEN=0x3000
CONFIG_ENV_SECT_SIZE=0x40000
CONFIG_ENV_OFFSET=0x280000
CONFIG_ARM=y
CONFIG_ARCH_STM32MP=y
+CONFIG_TFABOOT=y
CONFIG_SYS_MALLOC_F_LEN=0x3000
CONFIG_ENV_SECT_SIZE=0x40000
CONFIG_ENV_OFFSET=0x280000
DECLARE_GLOBAL_DATA_PTR;
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
#if !defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD)
/* activate clock tree initialization in the driver */
#define STM32MP1_CLOCK_TREE_INIT
priv->info.base = STM32_DDR_BASE;
-#if !defined(CONFIG_STM32MP1_TRUSTED) && \
+#if !defined(CONFIG_TFABOOT) && \
(!defined(CONFIG_SPL) || defined(CONFIG_SPL_BUILD))
priv->info.size = 0;
return stm32mp1_ddr_setup(dev);
#include <linux/sizes.h>
#include <asm/arch/stm32.h>
-#ifndef CONFIG_STM32MP1_TRUSTED
+#ifndef CONFIG_TFABOOT
/* PSCI support */
#define CONFIG_ARMV7_PSCI_1_0
#define CONFIG_ARMV7_SECURE_BASE STM32_SYSRAM_BASE
projects / oweals / u-boot.git / commitdiff