From 46e372feb784f533cd92e73f51f90b4fe4d336e5 Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Tue, 11 Nov 2025 08:16:25 +0100 Subject: [PATCH 1/6] arm: dts: k3-am642-evm: Remove duplicate node The device tree contained a duplicate DT node 'main_mmc1_pins_default', which was already defined a few lines below. This patch removes the redundant entry. Signed-off-by: Philippe Schenker Reviewed-by: Anshul Dalal --- arch/arm/dts/k3-am642-evm-u-boot.dtsi | 4 ---- 1 file changed, 4 deletions(-) diff --git a/arch/arm/dts/k3-am642-evm-u-boot.dtsi b/arch/arm/dts/k3-am642-evm-u-boot.dtsi index 705b3baa81c..6469f43fca8 100644 --- a/arch/arm/dts/k3-am642-evm-u-boot.dtsi +++ b/arch/arm/dts/k3-am642-evm-u-boot.dtsi @@ -19,10 +19,6 @@ dr_mode="peripheral"; }; -&main_mmc1_pins_default { - bootph-all; -}; - &sdhci0 { bootph-all; }; From 5d3697b7cf0006fee3fa12966643d605ae0777cc Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Tue, 11 Nov 2025 08:16:26 +0100 Subject: [PATCH 2/6] remoteproc: k3-r5: cast size to size_t6dd When compiling for R5 core with CONFIG_REMOTEPROC_TI_K3_R5F, passing 'size' (ulong) to ti_secure_image_post_process() caused a type mismatch compiler error. On platforms where ulong and size_t differ in size, directly casting could lead to out-of-bounds memory access. Fix by introducing a size_t temporary variable, passing it to the function, and writing back the potentially modified value for use in subsequent calls. Signed-off-by: Philippe Schenker Acked-by: Andrew Davis --- drivers/remoteproc/ti_k3_r5f_rproc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/remoteproc/ti_k3_r5f_rproc.c b/drivers/remoteproc/ti_k3_r5f_rproc.c index c738607c109..48ebdaf0693 100644 --- a/drivers/remoteproc/ti_k3_r5f_rproc.c +++ b/drivers/remoteproc/ti_k3_r5f_rproc.c @@ -315,6 +315,7 @@ static int k3_r5f_load(struct udevice *dev, ulong addr, ulong size) bool mem_auto_init; void *image_addr = (void *)addr; int ret; + size_t size_img; dev_dbg(dev, "%s addr = 0x%lx, size = 0x%lx\n", __func__, addr, size); @@ -341,7 +342,9 @@ static int k3_r5f_load(struct udevice *dev, ulong addr, ulong size) k3_r5f_init_tcm_memories(core, mem_auto_init); - ti_secure_image_post_process(&image_addr, &size); + size_img = size; + ti_secure_image_post_process(&image_addr, &size_img); + size = size_img; ret = rproc_elf_load_image(dev, addr, size); if (ret < 0) { From 40768f5ed3ef82ac11236cdd2e50cde79b5debe5 Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Tue, 11 Nov 2025 08:16:27 +0100 Subject: [PATCH 3/6] soc: ti: pruss: Fix size ptr type in probe When compiling for R5 with CONFIG_TI_PRUSS enabled, the pruss_probe() function passed a u64* to ofnode_get_addr_size_index(), which expects an fdt_size_t*. This caused a compiler error about incompatible pointer types. Cast the size pointer to fdt_size_t* to match the function signature. Signed-off-by: Philippe Schenker --- drivers/soc/ti/pruss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/soc/ti/pruss.c b/drivers/soc/ti/pruss.c index e3bb2ede554..4bc0ff8c2c1 100644 --- a/drivers/soc/ti/pruss.c +++ b/drivers/soc/ti/pruss.c @@ -163,7 +163,7 @@ static int pruss_probe(struct udevice *dev) for (i = 0; i < ARRAY_SIZE(mem_names); i++) { idx = ofnode_stringlist_search(memories, "reg-names", mem_names[i]); priv->mem_regions[i].pa = ofnode_get_addr_size_index(memories, idx, - (u64 *)&priv->mem_regions[i].size); + (fdt_size_t *)&priv->mem_regions[i].size); } sub_node = ofnode_find_subnode(node, "cfg"); From fe114f3662c655cae44b45370d6dc4de2055a611 Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Tue, 11 Nov 2025 08:16:28 +0100 Subject: [PATCH 4/6] mach-k3: security: Propagate verified image addr The ti_secure_image_check() function may relocate the image during authentication, updating image_addr to point to the verified location. The caller was not updated with this new address, causing it to reference the original unverified location. Update p_image with the verified image address after authentication to ensure subsequent operations use the correct location. Signed-off-by: Philippe Schenker --- arch/arm/mach-k3/security.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c index 3468a370a45..c7017bba99a 100644 --- a/arch/arm/mach-k3/security.c +++ b/arch/arm/mach-k3/security.c @@ -119,6 +119,8 @@ void ti_secure_image_post_process(void **p_image, size_t *p_size) */ *p_size = image_size; + *p_image = (void *)(uintptr_t)image_addr; + /* * Output notification of successful authentication to re-assure the * user that the secure code is being processed as expected. However From 3a43fc9016c3c37eefca10ed404c95ac7cecd3dc Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Tue, 11 Nov 2025 08:16:29 +0100 Subject: [PATCH 5/6] remoteproc: k3-r5: Use verified image address After ti_secure_image_post_process() authenticates the image, it may relocate it to a different memory location and update image_addr to point to the verified image. However, rproc_elf_load_image() and rproc_elf_get_boot_addr() were still using the original "addr" parameter, potentially operating on the unverified or stale image location instead of the authenticated image. Use image_addr (cast to ulong to match function signatures) after authentication to ensure all operations work with the verified image. Signed-off-by: Philippe Schenker --- drivers/remoteproc/ti_k3_r5f_rproc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/remoteproc/ti_k3_r5f_rproc.c b/drivers/remoteproc/ti_k3_r5f_rproc.c index 48ebdaf0693..c6356729e9d 100644 --- a/drivers/remoteproc/ti_k3_r5f_rproc.c +++ b/drivers/remoteproc/ti_k3_r5f_rproc.c @@ -346,13 +346,13 @@ static int k3_r5f_load(struct udevice *dev, ulong addr, ulong size) ti_secure_image_post_process(&image_addr, &size_img); size = size_img; - ret = rproc_elf_load_image(dev, addr, size); + ret = rproc_elf_load_image(dev, (ulong)image_addr, size); if (ret < 0) { dev_err(dev, "Loading elf failedi %d\n", ret); goto proc_release; } - boot_vector = rproc_elf_get_boot_addr(dev, addr); + boot_vector = rproc_elf_get_boot_addr(dev, (ulong)image_addr); dev_dbg(dev, "%s: Boot vector = 0x%llx\n", __func__, boot_vector); From 0c192f52cfb8a4b1c29d61750f48e016ba6b978b Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Tue, 11 Nov 2025 08:16:30 +0100 Subject: [PATCH 6/6] remoteproc: k3-r5: Implement is_running operation Add is_running callback to query the R5F core halt status via the TI-SCI processor control API. This allows the remoteproc framework to determine whether the R5F core is currently runnin. The core is considered running when the PROC_BOOT_CTRL_FLAG_R5_CORE_HALT bit is not set in the control flags. Signed-off-by: Philippe Schenker Reviewed-by: Andrew Davis --- drivers/remoteproc/ti_k3_r5f_rproc.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/drivers/remoteproc/ti_k3_r5f_rproc.c b/drivers/remoteproc/ti_k3_r5f_rproc.c index c6356729e9d..7326f5a4b30 100644 --- a/drivers/remoteproc/ti_k3_r5f_rproc.c +++ b/drivers/remoteproc/ti_k3_r5f_rproc.c @@ -573,6 +573,22 @@ static void *k3_r5f_da_to_va(struct udevice *dev, ulong da, ulong size, bool *is return map_physmem(da, size, MAP_NOCACHE); } +static int k3_r5f_is_running(struct udevice *dev) +{ + struct k3_r5f_core *core = dev_get_priv(dev); + u32 cfg, ctrl, sts; + u64 boot_vec; + int ret; + + dev_dbg(dev, "%s\n", __func__); + + ret = ti_sci_proc_get_status(&core->tsp, &boot_vec, &cfg, &ctrl, &sts); + if (ret) + return -1; + + return !!(ctrl & PROC_BOOT_CTRL_FLAG_R5_CORE_HALT); +} + static int k3_r5f_init(struct udevice *dev) { return 0; @@ -590,6 +606,7 @@ static const struct dm_rproc_ops k3_r5f_rproc_ops = { .stop = k3_r5f_stop, .load = k3_r5f_load, .device_to_virt = k3_r5f_da_to_va, + .is_running = k3_r5f_is_running, }; static int k3_r5f_rproc_configure(struct k3_r5f_core *core)