Adds support for Network Interface controllers found on
OcteonTX SoC platforms.
Signed-off-by: Suneel Garapati <sgarapati@marvell.com>
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Joe Hershberger <joe.hershberger@ni.com>
Adds support for NAND controllers found on OcteonTX or
OcteonTX2 SoC platforms. Also includes driver to support
Hardware ECC using BCH HW engine found on these platforms.
Signed-off-by: Aaron Williams <awilliams@marvell.com>
Signed-off-by: Suneel Garapati <sgarapati@marvell.com>
Signed-off-by: Stefan Roese <sr@denx.de>
- Fix verified boot on BE targets
- Add support for multiple required keys in verified boots
- Add support for Initialization Vectors in AES keys in FIT images
- Assorted fixes in the RSA code
Commit fdf0819afb (rsa: fix alignment issue when getting public
exponent) changed the logic to avoid doing an 8-byte access to a
possibly-not-8-byte-aligned address.
However, using rsa_convert_big_endian is wrong: That function converts
an array of big-endian (32-bit) words with the most significant word
first (aka a BE byte array) to an array of cpu-endian words with the
least significant word first. While the exponent is indeed _stored_ as
a big-endian 64-bit word (two BE words with MSW first), we want to
extract it as a cpu-endian 64 bit word. On a little-endian host,
swapping the words and byte-swapping each 32-bit word works, because
that's the same as byte-swapping the whole 64 bit word. But on a
big-endian host, the fdt32_to_cpu are no-ops, but
rsa_convert_big_endian() still does the word-swapping, breaking
verified boot.
To fix that, while still ensuring we don't do unaligned accesses, add
a little helper that first memcpy's the bytes to a local fdt64_t, then
applies fdt64_to_cpu(). [The name is chosen based on the
[bl]eXX_to_cpup in linux/byteorder/generic.h].
Fixes: fdf0819afb ("rsa: fix alignment issue when getting public exponent")
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
The algo name should match between the FIT's signature node and the
U-Boot's control FDT.
If we do not check it, U-Boot's control FDT can expect sha512 hash but
nothing will prevent to accept image with sha1 hash if the signature is correct.
Signed-off-by: Matthieu CASTET <castet.matthieu@free.fr>
This commit add the support in u-boot to read the IV
in the FIT image instead of u-boot device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Binaries may be encrypted in a FIT image with AES. This
algo needs a key and an IV (Initialization Vector). The
IV is provided in a file (pointer by iv-name-hint in the
ITS file) when building the ITB file.
This commits adds provide an alternative way to manage
the IV. If the property iv-name-hint is not provided in
the ITS file, the tool mkimage will generate an random
IV and store it in the FIT image.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
We assign first_deleted = 0. There is no need to check its value without
any further assignment in between.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add documentation about 'required-mode' property in /signature node
in U-Boot's control FDT.
Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This patch adds vboot tests to verify the support for multiple
required keys using new required-mode DTB policy.
This patch also fixes existing test where dev
key is assumed to be marked as not required, although
it is marked as required.
Note that this patch re-added sign_fit_norequire().
sign_fit_norequire() was removed as part of the following:
commit b008677daf ("test: vboot: Fix pylint errors").
This patch leverages sign_fit_norequire() to fix the
existing bug.
Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently FIT image must be signed by all required conf keys. This means
Verified Boot fails if there is a signature verification failure
using any required key in U-Boot DTB.
This patch introduces a new policy in DTB that can be set to any required
conf key. This means if verified boot passes with one of the required
keys, U-Boot will continue the OS hand off.
There were prior attempts to address this:
https://lists.denx.de/pipermail/u-boot/2019-April/366047.html
The above patch was failing "make tests".
https://lists.denx.de/pipermail/u-boot/2020-January/396629.html
Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
- Minor cleanup on K3 env variables
- Fix OSPI compatible for J721e
- Drop unused property in omap-usb2-phy
- Update Maintainer for am335x-guardian board.
"ti,dis-chg-det-quirk" property is not part of Linux kernel DT binding
documentation. Therefore drop this and instead use soc_device_match()
to distinguish b/w AM654 SR1.0 and SR2.0 devices similar to Linux kernel
driver.
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Use DEFAULT_LINUX_BOOT_ENV to define the standard addresses used in rest
of TI platforms as defined in ti_armv7_common.h
This avoids the standard pitfalls we've had with kernel images and fdt
addresses stomping on each other.
As part of this process, redefine overlayaddr to be dtboaddr (defined
in ti_armv7_common.h for this very purpose) and get rid of the
definition of overlayaddr..
Signed-off-by: Nishanth Menon <nm@ti.com>
Use dtboaddr to define the overlay address common to all TI platforms
instead of creating a new overlayaddr for the purpose.
Signed-off-by: Nishanth Menon <nm@ti.com>
Use DEFAULT_LINUX_BOOT_ENV to define the standard addresses used in rest
of TI platforms as defined in ti_armv7_common.h
This avoids the standard pitfalls we've had with kernel images and fdt
addresses stomping on each other.
As part of this process, redefine overlayaddr to be dtboaddr (defined
in ti_armv7_common.h for this very purpose).. we will get rid of
overlayaddr later in the series.
Signed-off-by: Nishanth Menon <nm@ti.com>
Reset the channel completely during channel release in order to clear
teardown bit before handing over to next user or jumping to Linux.
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>
Update detect_enable_hyperflash() to look for "ti,am654-ospi" compatible
to match the upstream DT node.
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
doc/README.log was already moved to doc/develop/logging.rst but has been
recreated by an incorrect merge.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Since the previous patch, net_init now exposes some errors, so check for
them.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
net_init does not always succeed, and there is no existing mechanism to
discover errors. This patch allows callers of net_init (such as net_init)
to handle errors. The root issue is that eth_get_dev can fail, but
net_init_loop doesn't expose that. The ideal way to fix eth_get_dev would
be to return an error with ERR_PTR, but there are a lot of callers, and all
of them just check if it's NULL. Another approach would be to change the
signature to something like
int eth_get_dev(struct udevice **pdev)
but that would require rewriting all of the many callers.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This driver interferes with other sandbox tests since it causes log output
to be interspersed with "No ethernet found." messages. Disable this driver
by default.
Enable it for the syslog tests so that they still pass.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present all log devices are enabled by default. Add a function to allow
devices to be disabled or enabled at runtime.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present there is no way to disable a log driver. But the syslog driver
causes (attempted) network traffic in sandbox every time a log message
is printed, which is often.
Add a flag to enable a log driver. Adjust struct log_device to use a short
for next_filter_num so that no more memory is used for devices. Also fix
a missing line in the struct log_driver comment while here.
To maintain compatibility, enable it for all drivers for now.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is sometimes useful to output hex dumps in SPL. Add a config option to
allow this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
At present if CONFIG_LOG enabled, putting LOG_DEBUG at the top of a file
(before log.h inclusion) causes _log() to be executed for every log()
call, regardless of the build- or run-time logging level.
However there is no guarantee that the log record will actually be
displayed. If the current log level is lower than LOGL_DEBUG then it will
not be.
Add a way to signal that the log record should always be displayed and
update log_passes_filters() to handle this.
With the new behaviour, log_debug() will always log if LOG_DEBUG is
enabled.
Move log_test_syslog_nodebug() into its own file since it cannot be made
to work where it is, with LOG_DEBUG defined.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present MKIMAGE_DTC_PATH is in the devicetree menu but not within
'devicetree control' since it does not relate to that. As a result it
shows up in the top menu.
It actually relates to the mkimage tool, so create a new tools menu for it
and move it there.
Signed-off-by: Simon Glass <sjg@chromium.org>
This relates to booting since it is the default devicetree provided to
Linux. Move it under the 'boot options' menu.
Signed-off-by: Simon Glass <sjg@chromium.org>
There are a number of miscellaneous boot images at the top level of the
kconfig menu. Move these into the 'boot options' menu.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the autoboot options are in cmd/Kconfig but they don't really
relate to commands. They relate to booting, so move this menu under the
boot menu.
Signed-off-by: Simon Glass <sjg@chromium.org>
Most of the boot options are in common/Kconfig but that file is already
extremely large. Create a new Kconfig.boot to hold the boot options.
Signed-off-by: Simon Glass <sjg@chromium.org>