You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
feat(security): Generalize boot flow page for non-AM64x SoCs
Currently, the secure boot section is tailored for AM64x. But the same
information is applicable to non-AM64x SoCs, that is AM62x, AM62P. Therefore
generalize the page and add it these other devices' TOCs.
Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Copy file name to clipboardExpand all lines: source/linux/Foundational_Components_Secure_Boot.rst
+14-8Lines changed: 14 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -69,14 +69,20 @@ The exact location is device dependent. More details can be found in the device
69
69
* DMSC firmware: `Texas Instruments Foundational Security (TIFS)` + Device/Power Manager: After authentication/decryption, DMSC firmware replaces the Secure ROM as the authenticator entity executing on the DMSC core.
70
70
* R5 SPL: The R5 SPL bootloader is executed on the R5 core.
71
71
72
-
.. ifconfig:: CONFIG_part_variant in ('AM62x')
72
+
.. ifconfig:: CONFIG_part_variant not in ('AM64X')
The contents of this first stage image are authenticated and decrypted by the Secure ROM. Contents include:
77
83
78
-
* `Texas Instruments Foundational Security (TIFS)` firmware: After authentication/decryption, TIFS firmware replaces the Secure ROM as the authenticator entity executing on the TIFS core.
79
-
* R5 SPL`: The R5 SPL bootloader is executed on the R5 core.
84
+
* `Texas Instruments Foundational Security (TIFS)` firmware: After authentication/decryption, TIFS firmware replaces the Secure ROM as the authenticator entity executing on the TIFS core.
85
+
* R5 SPL`: The R5 SPL bootloader is executed on the R5 core.
80
86
81
87
.. rubric:: R5 SPL
82
88
@@ -195,9 +201,9 @@ HS Boot Flow Tools
195
201
196
202
U-boot:
197
203
198
-
The ti-u-boot source is a project used to create tiboot3.bin, tispl.bin, and u-boot.img. To create tiboot3.bin for AM64x family devices, u-boot builds R5 SPL and
204
+
The ti-u-boot source is a project used to create tiboot3.bin, tispl.bin, and u-boot.img. To create tiboot3.bin for Sitara family devices, u-boot builds R5 SPL and
199
205
binman packages it in a `tiboot3.bin` image. To build A53 SPL, binman takes ATF (bl31.bin), OPTEE (bl32.bin), A53 SPL, and A53 DTBs and packages
200
-
them in a `tispl.bin` image. The openssl library can then then be used to sign each component as specified in k3-am64x-binman.dtsi.
206
+
them in a `tispl.bin` image. The openssl library can then then be used to sign each component as specified in k3-<soc>-binman.dtsi.
201
207
202
208
.. code-block:: console
203
209
@@ -246,7 +252,7 @@ OPTEE:
246
252
Ti-linux-firmware:
247
253
248
254
The ti-linux-firmware is a TI repository where all firmware releases are stored. Firmwares for a device family can also be found in the pre-built SDK
249
-
under <path-to-tisdk>/board-support/prebuilt-images/am64xx-evm. Binman expects to find the device firmware with the following appended to u-boot build command:
255
+
under <path-to-tisdk>/board-support/prebuilt-images/<evm>. Binman expects to find the device firmware with the following appended to u-boot build command:
250
256
BINMAN_INDIRS=<path-to-tisdk>/board-support/prebuilt-images, and expects to find a ti-sysfw directory in this path.
0 commit comments