Add an initial VPL build for sandbox. This includes the flow:

   TPL (with of-platdata) -> VPL -> SPL -> U-Boot

To run it:

   ./tpl/u-boot-tpl -D

The -D is needed to get the default device tree, which includes the serial
console info.

Add a Makefile check for OF_HOSTFILE which is the option that enables
devicetree control on sandbox.

Series-changes: 4
- Add a sandbox_vpl build
- Update cover letter

Series-changes: 6
- Add docs for sandbox_vpl build
- Drop TPL_HASH_SUPPORT patch since we only have SPL_HASH now

Series-to: u-boot
Series-cc: trini
Series-version: 6
Series-links: 256138 4:253010
Cover-letter:
vpl: Introduce a verifying program loader
U-Boot provides a verified-boot feature based around FIT, but there is
no standard way of implementing it for a board. At present the various
required pieces must be built up separately, to produce a working
implementation. In particular, there is no built-in support for selecting
A/B boot or recovery mode.

This series introduces VPL, a verified program loader phase for U-Boot.
Its purpose is to run the verified-boot process and decide which SPL
binary should be run. It is critical that this decision happens before
SPL runs, since SPL sets up SDRAM and we need to be able to update the
SDRAM-init code in the field.

Adding VPL into the boot flow provides a standard way of implementing
verified boot. This series includes the phase itself, some useful Kconfig
options and a sandbox_vpl build for sandbox.
END

Change-Id: If1e267f286be9b2be553157103cd0146503ea50e
Signed-off-by: Simon Glass <sjg@chromium.org>