From: Nathan Morrisson <nmorris...@phytec.com> Add the SMPK and ti-degenerate keys using CONFIG entries. These keys are set by the build system and are stored outside of u-boot.
Signed-off-by: Nathan Morrisson <nmorris...@phytec.com>
Signed-off-by: Daniel Schultz <d.schu...@phytec.de>
---
arch/arm/dts/k3-am625-phycore-som-binman.dtsi | 72 ++++++++++++++-----
1 file changed, 56 insertions(+), 16 deletions(-)
diff --git a/arch/arm/dts/k3-am625-phycore-som-binman.dtsi
b/arch/arm/dts/k3-am625-phycore-som-binman.dtsi
index 31456d23167..9682ab532ed 100644
--- a/arch/arm/dts/k3-am625-phycore-som-binman.dtsi
+++ b/arch/arm/dts/k3-am625-phycore-som-binman.dtsi
@@ -8,6 +8,13 @@
#include "k3-binman.dtsi"
+#ifndef CONFIG_PHYTEC_K3_KEY_BLOB_COPY
+&binman {
+ /delete-node/ custMpk;
+ /delete-node/ ti-degenerate-key;
+ };
+#endif
+
#ifdef CONFIG_TARGET_PHYCORE_AM62X_R5
&binman {
tiboot3-am62x-hs-phycore-som.bin {
@@ -18,7 +25,7 @@
combined;
dm-data;
sysfw-inner-cert;
- keyfile = "custMpk.pem";
+ keyfile = CONFIG_PHYTEC_K3_MPK_KEY;
sw-rev = <1>;
content-sbl = <&u_boot_spl>;
content-sysfw = <&ti_fs_enc>;
@@ -64,7 +71,7 @@
combined;
dm-data;
sysfw-inner-cert;
- keyfile = "custMpk.pem";
+ keyfile = CONFIG_PHYTEC_K3_MPK_KEY;
sw-rev = <1>;
content-sbl = <&u_boot_spl_fs>;
content-sysfw = <&ti_fs_enc_fs>;
@@ -117,7 +124,7 @@
content-dm-data = <&combined_dm_cfg_gp>;
load-dm-data = <0x43c3a800>;
sw-rev = <1>;
- keyfile = "ti-degenerate-key.pem";
+ keyfile = CONFIG_PHYTEC_K3_DEGENERATE_KEY;
};
u_boot_spl_unsigned: u-boot-spl {
no-expanded;
@@ -172,7 +179,7 @@
core = "secure";
load = <0x40000>;
sw-rev = <CONFIG_K3_X509_SWRV>;
- keyfile = "custMpk.pem";
+ keyfile = CONFIG_PHYTEC_K3_MPK_KEY;
countersign;
tifsstub;
};
@@ -210,7 +217,7 @@
core = "secure";
load = <0x60000>;
sw-rev = <CONFIG_K3_X509_SWRV>;
- keyfile = "ti-degenerate-key.pem";
+ keyfile = CONFIG_PHYTEC_K3_DEGENERATE_KEY;
tifsstub;
};
tifsstub_gp: tifsstub-gp.bin {
@@ -227,6 +234,24 @@
fit {
images {
+ atf {
+ ti-secure {
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ };
+
+ tee {
+ ti-secure {
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ };
+
+ spl {
+ ti-secure {
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ };
+
tifsstub-hs {
description = "TIFSSTUB";
type = "firmware";
@@ -268,7 +293,7 @@
dm {
ti-secure {
content = <&dm>;
- keyfile = "custMpk.pem";
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
};
dm: blob-ext {
filename = "ti-dm.bin";
@@ -282,7 +307,7 @@
compression = "none";
ti-secure {
content =
<&spl_am625_phyboard_lyra_dtb>;
- keyfile = "custMpk.pem";
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
};
spl_am625_phyboard_lyra_dtb: blob-ext {
filename =
SPL_AM625_PHYBOARD_LYRA_DTB;
@@ -313,6 +338,9 @@
images {
uboot {
description = "U-Boot for
phyCORE-AM62x";
+ ti-secure {
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
};
som-no-rtc {
@@ -321,8 +349,11 @@
compression = "none";
load = <0x8F000000>;
arch = "arm";
-
- blob-ext {
+ ti-secure {
+ content =
<&am6xx_phycore_disable_rtc_dtbo>;
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ am6xx_phycore_disable_rtc_dtbo:
blob-ext {
filename =
"dts/upstream/src/arm64/ti/k3-am6xx-phycore-disable-rtc.dtbo";
};
};
@@ -333,8 +364,11 @@
compression = "none";
load = <0x8F001000>;
arch = "arm";
-
- blob-ext {
+ ti-secure {
+ content =
<&am6xx_phycore_disable_spi_not_dtbo>;
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ am6xx_phycore_disable_spi_not_dtbo:
blob-ext {
filename =
"dts/upstream/src/arm64/ti/k3-am6xx-phycore-disable-spi-nor.dtbo";
};
};
@@ -345,8 +379,11 @@
compression = "none";
load = <0x8F002000>;
arch = "arm";
-
- blob-ext {
+ ti-secure {
+ content =
<&am6xx_phycore_disable_eth_phy_dtbo>;
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ am6xx_phycore_disable_eth_phy_dtbo:
blob-ext {
filename =
"dts/upstream/src/arm64/ti/k3-am6xx-phycore-disable-eth-phy.dtbo";
};
};
@@ -357,8 +394,11 @@
compression = "none";
load = <0x8F003000>;
arch = "arm";
-
- blob-ext {
+ ti-secure {
+ content =
<&am6xx_phycore_disable_qspi_nor_dtbo>;
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
+ };
+ am6xx_phycore_disable_qspi_nor_dtbo:
blob-ext {
filename =
"dts/upstream/src/arm64/ti/k3-am6xx-phycore-qspi-nor.dtbo";
};
};
@@ -370,7 +410,7 @@
compression = "none";
ti-secure {
content =
<&am625_phyboard_lyra_dtb>;
- keyfile = "custMpk.pem";
+ keyfile =
CONFIG_PHYTEC_K3_MPK_KEY;
};
am625_phyboard_lyra_dtb: blob-ext {
filename =
AM625_PHYBOARD_LYRA_DTB;
--
2.25.1
