diff --git a/arch/arm/mach-imx/Kconfig b/arch/arm/mach-imx/Kconfig index 16bcdea089..404221da4d 100644 --- a/arch/arm/mach-imx/Kconfig +++ b/arch/arm/mach-imx/Kconfig @@ -106,3 +106,11 @@ config FLASH_MCUFIRMWARE_SUPPORT depends on ARCH_MX7ULP || ARCH_IMX8M help This enables the mcu firmware flash support for some SOCs. + +config IMX_TRUSTY_OS + bool "Support Trusty OS related feature" + depends on ARCH_MX6 || ARCH_MX7 + select SYS_ARM_CACHE_WRITEALLOC + +config SYS_ARM_CACHE_WRITEALLOC + bool "support cache write alloc" diff --git a/arch/arm/mach-imx/Makefile b/arch/arm/mach-imx/Makefile index 651199cca3..df0ef5ba37 100644 --- a/arch/arm/mach-imx/Makefile +++ b/arch/arm/mach-imx/Makefile @@ -47,6 +47,7 @@ endif obj-$(CONFIG_SATA) += sata.o obj-$(CONFIG_SECURE_BOOT) += hab.o obj-$(CONFIG_SYSCOUNTER_TIMER) += syscounter.o +obj-$(CONFIG_IMX_TRUSTY_OS) += trusty.o endif ifeq ($(SOC),$(filter $(SOC),mx7ulp)) obj-y += cache.o diff --git a/arch/arm/mach-imx/mx6/soc.c b/arch/arm/mach-imx/mx6/soc.c index 4dd14d7a20..e871936d60 100644 --- a/arch/arm/mach-imx/mx6/soc.c +++ b/arch/arm/mach-imx/mx6/soc.c @@ -226,6 +226,20 @@ u32 __weak get_board_rev(void) } #endif +#ifdef CONFIG_IMX_TRUSTY_OS +#ifdef CONFIG_MX6UL +void smp_set_core_boot_addr(unsigned long addr, int corenr) +{ + return; +} + +void smp_waitloop(unsigned previous_address) +{ + return; +} +#endif +#endif + static void init_csu(void) { #ifdef CONFIG_ARMV7_NONSEC diff --git a/arch/arm/mach-imx/mx7/soc.c b/arch/arm/mach-imx/mx7/soc.c index f9deb3c272..7b77e1712a 100644 --- a/arch/arm/mach-imx/mx7/soc.c +++ b/arch/arm/mach-imx/mx7/soc.c @@ -308,6 +308,20 @@ void reset_misc(void) #endif } +#ifdef CONFIG_IMX_TRUSTY_OS +#ifdef CONFIG_MX7D +void smp_set_core_boot_addr(unsigned long addr, int corenr) +{ + return; +} + +void smp_waitloop(unsigned previous_address) +{ + return; +} +#endif +#endif + void reset_cpu(ulong addr) { struct watchdog_regs *wdog = (struct watchdog_regs *)WDOG1_BASE_ADDR; diff --git a/arch/arm/mach-imx/trusty.S b/arch/arm/mach-imx/trusty.S new file mode 100644 index 0000000000..2ca9b3c83a --- /dev/null +++ b/arch/arm/mach-imx/trusty.S @@ -0,0 +1,69 @@ +/* + * (C) Copyright 2009-2016 Freescale Semiconductor, Inc. + * + * Copyright 2017 NXP + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include +#include +#include +#include +_regs_save: + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + .word 0 + +#ifdef CONFIG_IMX_TRUSTY_OS +ENTRY(trusty_os_init) + isb + + /* Save current registers */ + mov ip, r0 + adr r0, _regs_save + str ip, [r0] + add r0, r0, #4 @ Get _regs_save from instruction offset + + str sp, [r0] + add r0, r0, #4 + + stmia r0!, {r1-r12} @ Save r1 - r12 + + str lr, [r0] + adr lr, end_init_tee @ save return address to lr + + dsb + + ldr r1, =TRUSTY_OS_ENTRY + ldr r0, =TRUSTY_OS_RAM_SIZE + movs pc, r1 @ Go to TEE codes +end_init_tee: + /* Restore saved registers */ + adr lr, _regs_save + ldr r0, [lr] + add lr, lr, #4 + + ldr sp, [lr] + add lr, lr, #4 + + ldmfd lr!, {r1-r12} + ldr lr, [lr] + + dsb + + bx lr +ENDPROC(trusty_os_init) +#endif diff --git a/common/board_r.c b/common/board_r.c index 6d6adc13a9..f9cd2e26a0 100644 --- a/common/board_r.c +++ b/common/board_r.c @@ -676,6 +676,15 @@ static int initr_check_fastboot(void) } #endif +#ifdef CONFIG_IMX_TRUSTY_OS +extern void tee_setup(void); +static int initr_tee_setup(void) +{ + tee_setup(); + return 0; +} +#endif + static int run_main_loop(void) { #ifdef CONFIG_SANDBOX @@ -893,6 +902,9 @@ static init_fnc_t init_sequence_r[] = { #ifdef AVB_RPMB initr_avbkey, #endif +#ifdef CONFIG_IMX_TRUSTY_OS + initr_tee_setup, +#endif #ifdef CONFIG_FSL_FASTBOOT initr_check_fastboot, #endif diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c index 9d91ab93b8..3fab4577c4 100644 --- a/drivers/usb/gadget/f_fastboot.c +++ b/drivers/usb/gadget/f_fastboot.c @@ -29,6 +29,13 @@ #ifdef CONFIG_FASTBOOT_FLASH_MMC_DEV #include #endif + +#ifdef CONFIG_IMX_TRUSTY_OS +extern int armv7_init_nonsec(void); +extern void trusty_os_init(void); +#include +#endif + #ifdef CONFIG_FASTBOOT_FLASH_NAND_DEV #include #endif @@ -246,6 +253,13 @@ static char *fb_response_str; #ifdef CONFIG_FSL_FASTBOOT +#ifndef TRUSTY_OS_MMC_BLKS +#define TRUSTY_OS_MMC_BLKS 0x7FF +#endif +#ifndef TEE_HWPARTITION_ID +#define TEE_HWPARTITION_ID 2 +#endif + #define ANDROID_MBR_OFFSET 0 #define ANDROID_MBR_SIZE 0x200 #ifdef CONFIG_BOOTLOADER_OFFSET_33K @@ -269,6 +283,7 @@ struct fastboot_device_info fastboot_devinfo; enum { PTN_GPT_INDEX = 0, + PTN_TEE_INDEX, #ifdef CONFIG_FLASH_MCUFIRMWARE_SUPPORT PTN_M4_OS_INDEX, #endif @@ -1299,6 +1314,13 @@ static int _fastboot_parts_load_from_ptable(void) ptable[PTN_GPT_INDEX].flags = FASTBOOT_PTENTRY_FLAGS_UNERASEABLE; strcpy(ptable[PTN_GPT_INDEX].fstype, "raw"); + /* Trusty OS */ + strcpy(ptable[PTN_TEE_INDEX].name, FASTBOOT_PARTITION_TEE); + ptable[PTN_TEE_INDEX].start = 0; + ptable[PTN_TEE_INDEX].length = TRUSTY_OS_MMC_BLKS; + ptable[PTN_TEE_INDEX].partition_id = TEE_HWPARTITION_ID; + strcpy(ptable[PTN_TEE_INDEX].fstype, "raw"); + /* Add m4_os partition if we support mcu firmware image flash */ #ifdef CONFIG_FLASH_MCUFIRMWARE_SUPPORT strcpy(ptable[PTN_M4_OS_INDEX].name, FASTBOOT_MCU_FIRMWARE_PARTITION); @@ -1554,6 +1576,58 @@ static AvbOps fsl_avb_ops = { }; #endif +#ifdef CONFIG_IMX_TRUSTY_OS +void tee_setup(void) +{ + /* load tee from boot1 of eMMC. */ + int mmcc = mmc_get_env_dev(); + struct blk_desc *dev_desc = NULL; + + struct mmc *mmc; + mmc = find_mmc_device(mmcc); + if (!mmc) { + printf("boota: cannot find '%d' mmc device\n", mmcc); + goto fail; + } + + dev_desc = blk_get_dev("mmc", mmcc); + if (NULL == dev_desc) { + printf("** Block device MMC %d not supported\n", mmcc); + goto fail; + } + + /* below was i.MX mmc operation code */ + if (mmc_init(mmc)) { + printf("mmc%d init failed\n", mmcc); + goto fail; + } + + struct fastboot_ptentry *tee_pte; + char *tee_ptn = FASTBOOT_PARTITION_TEE; + tee_pte = fastboot_flash_find_ptn(tee_ptn); + mmc_switch_part(mmc, TEE_HWPARTITION_ID); + if (!tee_pte) { + printf("boota: cannot find tee partition!\n"); + } + + if (blk_dread(dev_desc, tee_pte->start, + tee_pte->length, (void *)TRUSTY_OS_ENTRY) < 0) { + printf("Failed to load tee."); + } + mmc_switch_part(mmc, FASTBOOT_MMC_USER_PARTITION_ID); + +#ifdef NON_SECURE_FASTBOOT + armv7_init_nonsec(); + trusty_os_init(); + trusty_ipc_init(); +#endif + +fail: + return; + +} +#endif + void fastboot_setup(void) { #ifdef CONFIG_USB_GADGET @@ -1990,6 +2064,10 @@ int do_boota(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { if (boot_buf != NULL) free(boot_buf); +#ifdef CONFIG_IMX_TRUSTY_OS + /* put ql-tipc to release resource for Linux */ + trusty_ipc_shutdown(); +#endif if (check_image_arm64) { #ifdef CONFIG_CMD_BOOTI do_booti(NULL, 0, 4, boot_args); diff --git a/drivers/usb/gadget/fastboot_lock_unlock.c b/drivers/usb/gadget/fastboot_lock_unlock.c index 230f892f67..da4b9501e5 100644 --- a/drivers/usb/gadget/fastboot_lock_unlock.c +++ b/drivers/usb/gadget/fastboot_lock_unlock.c @@ -50,7 +50,7 @@ int fastboot_flash_find_index(const char *name); -#ifndef FASTBOOT_ENCRYPT_LOCK +#if !defined(FASTBOOT_ENCRYPT_LOCK) || defined(NON_SECURE_FASTBOOT) /* * This will return FASTBOOT_LOCK, FASTBOOT_UNLOCK or FASTBOOT_ERROR diff --git a/include/fsl_fastboot.h b/include/fsl_fastboot.h index 8deac211d3..2180e15707 100644 --- a/include/fsl_fastboot.h +++ b/include/fsl_fastboot.h @@ -38,7 +38,9 @@ #define FASTBOOT_MMC_BOOT_PARTITION_ID 1 #define FASTBOOT_MMC_USER_PARTITION_ID 0 #define FASTBOOT_MMC_NONE_PARTITION_ID -1 +#define FASTBOOT_MMC_BOOT1_PARTITION_ID 2 +#define FASTBOOT_PARTITION_TEE "tos" #define FASTBOOT_PARTITION_PRDATA "presistdata" #ifdef CONFIG_AVB_SUPPORT