Include a file with the initial values for non-volatile UEFI variables
into the U-Boot binary. If this variable is set, changes to variable PK
will not be allowed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
To determine if a varible is on the of the authentication variables
PK, KEK, db, dbx we have to check both the name and the GUID.
Provide a function converting the variable-name/guid pair to an enum and
use it consistently.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The file based and the OP-TEE based UEFI variable store are mutually
exclusive. Define them as choice options in Kconfig.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Some distributions provide UEFI binaries like Shim that have been signed
using a Microsoft certificate. Provide the download paths for the public
keys.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Update the UEFI secure state when variable 'PK' is updated in the TEE
variables implementation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
When using secure boot functions needed both for file and TEE based UEFI
variables have to be moved to the common code module efi_var_common.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
A previous commit adds support for displaying variables RO flag.
Let's add it on the TEE backed variable storage as well.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Skip messages should only be written if the setup is not suitable for
testing.
If DHCP is enabled, we should not write a skip message if no static network
configuration is supplied.
Likewise if a static network configuration is supplied, we should not write
a skip message if DHCP is not enabled.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In our Python tests we want to run 'bootefi hello'. Enable it by default
when compiling with CMD_BOOTEFI_SELFTEST.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The `fitupd' command is not used by any board. The `dfu tftp' command
provides the same capabilities.
So let's drop the `fitupd' command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
As explained in the CONFIG_DM_MDIO text inside drivers/net/Kconfig:
"Useful in particular for systems that support
DM_ETH and have a stand-alone MDIO hardware block shared by multiple
Ethernet interfaces."
i.MX6 has a single FEC instance, so there is no need to select
CONFIG_DM_MDIO.
Remove it from the i.MX6 defconfig files.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
OF graph endpoint connections must be bidirectional and dtc warn if they
are not. i.MX7 based DTs have an error and generate
warnings:
arch/arm/dts/imx7d-sdb.dtb: Warning (graph_endpoint):
/replicator/ports/port@0/endpoint: graph connection to node
'/soc/tpiu@30087000/port/endpoint' is not bidirectional
arch/arm/dts/imx7d-sdb.dtb: Warning (graph_endpoint):
/soc/tpiu@30087000/port/endpoint: graph connection to node
'/replicator/ports/port@1/endpoint' is not bidirectional
Signed-off-by: Ilko Iliev <iliev@ronetix.at>
This commit enables imx28 based XEA board's u-boot.sb (SPL) to download
u-boot proper (u-boot.img) via Ymodem protocol.
This is extremely useful in the recovery scenario where u-boot.sb is
downloaded via uuu utility to SDRAM [*], and then one can upload u-boot
proper via serial console to fully debrick the device.
Note - debricking procedure of imx28 devices:
- NXP's original USB based tools (like mxsldr or uuu) expect single
u-boot.sb which is a relic of the old U-Boot (~2013) without SPL and
U-Boot proper distinction.
[*] On Host:
------------
cat << EOF > imx28_xea.lst
uuu_version 1.3.0
SDPS: boot -f /srv/tftp/xea/u-boot.sb
SDPU: done
EOF
Please start picocom:
sudo picocom -b 115200 -s "sz -vv" /dev/ttyUSB1
sudo ./uuu/uuu -V imx28_xea.lst
On the U-boot console one shall see:
Trying to boot from UART
CCC
Then please press CTRL+A, S
and type u-boot.img
Signed-off-by: Lukasz Majewski <lukma@denx.de>
Acked-by: Peng Fan <peng.fan@nxp.com>
as patch
gpio: search for gpio label if gpio is not found through bank name
is now in mainline, but functionality is disabled, we
need to enable
CONFIG_DM_GPIO_LOOKUP_LABEL
for the aristainetos boards.
Signed-off-by: Heiko Schocher <hs@denx.de>
After "4b969deac0 watchdog: imx: Add DM support", the imx watchdog
can be started by wdt command. But the imx watchdog driver only
support start with the default timeout.
This commit adds the support for setting the timeout which pass from
the wdt command into the imx watchdog. If the timeout out of the
valid range(0.5~128s), start the watchdog with a timeout within the
valid range and the timeout is the one which closest to the passed
timeout.
Signed-off-by: Yuezhang.Mo <yuezhang.mo@sony.com>
Reviewed-by: Andy.Wu <Andy.Wu@sony.com>
Reviewed-by: stefano Babic <sbabic@denx.de>
Quoting Ye Li from NXP:
"We have confirmed with PMIC team, 0x35 is used only on early chips
and not used any more. 0x25 is the final address."
Fix it by merging power_pca9450a_init and power_pca9450b_init into one
function power_pca9450_init.
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Even if the HAB fuse is not set we want to be able to use the Cryptographic
Accelerator and Assurance Module (CAAM) for generating random numbers. So
SYS_FSL_HAS_SEC should be selected even if IMX_HAB is not set.
arch_misc_init() has to be called to initialize the CAAM.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The current URL for the pico imx6ul board is not valid anymore. Change
to a different URL that works.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Current mxc_gpio DM driver allocates the platdata in bind function to
handle both OF_CONTROL enabled case and disabled case. This implementation
puts the devfdt_get_addr in bind, which introduces much overhead especially
in board_f phase.
Change the driver to a common way for handling the cases by using
ofdata_to_platdata and using DM framework to allocate platdata.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Add SCFW API sc_misc_get_boot_container to get current boot container
set index.
The index value returns 1 for primary container set, 2 for secondary
container set.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
i.MX platforms provide large AHB mapped space for QSPI, each
controller has 256MB. However, current driver only maps small
size (AHB buffer size) of AHB space, this implementation
causes i.MX failed to boot M4 with QSPI XIP image.
Add config CONFIG_FSL_QSPI_AHB_FULL_MAP (default enabled for i.MX)
to address above problem.
When the config is set:
1. Full AHB space is divided to each CS.
2. A dedicated LUT entry is used for AHB read only.
3. The MODE instruction in LUT is replaced to standard ADDR instruction
4. The address in spi_mem_op is used to SFAR and AHB read
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Reviewed-by: Kuldeep Singh <kuldeep.singh@nxp.com>
Add compatible string and driver data for i.MX7ULP.
Meanwhile, the address set to SFA1AD/SFA2AD/SFB1AD/SFB2AD should
align with 1KB, because the lowest 10 bits are reserved by the
registers definition.
For i.MX7ULP which has only 128Bytes AHB buffer, must align it
when setting the registers and selecting cs.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Reviewed-by: Kuldeep Singh <kuldeep.singh@nxp.com>
While the general policy of not taking changes to the project via pull
requests directly on GitHub has not changed, it can be useful to submit
a PR there in order to trigger a CI run on Azure. These are run
automatically and the results are populated back to GitHub. Add a note
to the template to reflect this.
Signed-off-by: Tom Rini <trini@konsulko.com>
Convert pcm058 support to use device trees and the driver model.
Add rudimentary boot scripts to the environment, expand README.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Stefano Babic <sbabic@denx.de>
Add Phytec Mira device tree files, for use with pcm058.
>From Linux 5.6, commit 7111951b8d49 upstream
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Stefano Babic <sbabic@denx.de>
As per the SD physical layer specification version 7.10, erase
command (CMD38) and stop transmission command (CMD12) will generate
R1b response.
R1b = R1 + busy signal
A non-zero value after the R1 response indicates card is ready for
next command.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Erase block start address (CMD32) and erase block end address (CMD33)
command will generate R1 response for mmc SPI mode.
R1 response is 1 byte long for mmc SPI, so assign 1 byte as a response
for this commands.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Send status command (CMD13) will send R1 response under SD mode
but R2 response under SPI mode.
R2 response is 2 bytes long, so read 2 bytes for mmc SPI mode
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
The content of ssr is useful only for erase operations.
This saves erase time.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
R1 response is 1 byte long for mmc SPI commands as per the updated
physical layer specification version 7.10.
So correct the resp and resp_size for existing commands
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
When variable i will become 0, while(i--) loop breaks but variable i will
again decrement to -1 because of i-- and that's why below condition
"if (!i && (r != resp_match_value)" will never execute, So doing "i--"
inside of while() loop solves this problem.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Current codes assume the OPTEE address is at the end of first DRAM bank.
Adjust the process to allow OPTEE in the middle of first bank.
When OPTEE memory is removed from first bank, it may split the first bank
to two banks, adjust the MMU table for the split case,
Since the default CONFIG_NR_DRAM_BANKS is 4, it is enough, just enlarge
i.MX8MP evk to default to avoid issue.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
Tested-by: Silvano di Ninno <silvano.dininno@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
We use non-dm code to configure the clk settings in order to simplify
dm clk driver in future, so remove the duplicated code from clk driver
Signed-off-by: Peng Fan <peng.fan@nxp.com>
To fused part, we need to disable nodes of dtb to let kernel boot.
To mfgtool, USB issue when using super-speed for mfgtool, temporally
work around the problem to use high-speed only.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
To use one defconfig for all boot device, we have to runtime set
env offset and return env medium according to the boot device.
This patch overrides the env_get_offset and env_get_location to
implement the feature.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
iMX8MP has 6 fused parts in each qualification tier, with core, VPU,
ISP, NPU or DSP fused respectively.
The configuration tables for enabled modules:
MIMX8ML8DVNLZAA Quad Core, VPU, NPU, ISP, DSP
MIMX8ML7DVNLZAA Quad Core, NPU, ISP
MIMX8ML6DVNLZAA Quad Core, VPU, ISP
MIMX8ML5DVNLZAA Quad Core, VPU
MIMX8ML4DVNLZAA Quad Lite
MIMX8ML3DVNLZAA Dual Core, VPU, NPU, ISP, DSP
Add the support in U-Boot
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
ROM SError happens on two cases:
1. ERR050342, on iMX8MQ HDCP enabled parts ROM writes to GPV1 register, but
when ROM patch lock is fused, this write will cause SError.
2. ERR050350, on iMX8MQ/MM/MN, when the field return fuse is burned, HAB
is field return mode, but the last 4K of ROM is still protected and cause
SError.
Since ROM mask SError until ATF unmask it, so then ATF always meets the
exception. This patch works around the issue in SPL by enabling SPL
Exception vectors table and the SError exception, take the exception
to eret immediately to clear the SError.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Add imx_eqos_txclk_set_rate/imx_get_eqos_csr_clk to override the
weak function in driver
Add set_clk_eqos to configure eQoS clk
Signed-off-by: Peng Fan <peng.fan@nxp.com>