In order to maintain the chain of trust, each stage of the boot process
will first authenticate each binary it loads before continuing. To
extend this to the kernal and its dtbs we can package the kernal and
its dtbs into another fitImage for Uboot to authenticate and extend the
chain of trust all the way to the kernel.
When 'boot_fit' is set, indicating we're using the secure bootflow, look
for and authenticate the kernel's fitImage.
Signed-off-by: Judith Mendez <jm@ti.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
We're currently using CONFIG_BOOTCOMMAND to run custom boot scripts to
jump into linux. While this works, let's begin the transition to more
distribution friendly jumps to linux by enabling distro_bootcmd.
Convert the custom bootcmd to a distro_bootcmd
Signed-off-by: Judith Mendez <jm@ti.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Texas Instruments has begun enabling security settings on the SoCs it
produces to instruct ROM and TIFS to begin protecting the Security
Management Subsystem (SMS) from other binaries we load into the chip by
default.
One way ROM and TIFS do this is by enabling firewalls to protect the
OCSRAM and HSM RAM regions they're using during bootup.
The HSM RAM the wakeup SPL is in is firewalled by TIFS to protect
itself from the main domain applications. This means the 'bootindex'
value in HSM RAM, left by ROM to indicate if we're using the primary
or secondary boot-method, must be moved to OCSRAM (that TIFS has open
for us) before we make the jump to the main domain so the main domain's
bootloaders can keep access to this information.
Signed-off-by: Bryan Brattlof <bb@ti.com>
Texas Instruments has begun enabling security setting on the SoCs they
produce to instruct ROM and TIFS to begin protecting the Security
Management Subsystem (SMS) from other binaries we load into the chip by
default.
One way ROM does this is by enabling firewalls to protect the OCSRAM
region it's using during bootup. Only after TIFS has started (and had
time to disable the OCSRAM firewall region) will we have write access to
the region.
This means we will need to move the stack & heap from OCSRAM to HSM RAM
and reduce the size of BSS and the SPL to allow it to fit properly.
Signed-off-by: Bryan Brattlof <bb@ti.com>
In its current form, the am62a's wakeup SPL is fairly small, however
this will not remain as more boot modes are eventually added. To protect
us from overflowing our ~256k of HSM SRAM, add limits and check during
the wakeup SPL build.
Signed-off-by: Bryan Brattlof <bb@ti.com>
TI boards use a custom (though faily common to TI boards) mechanism for
booting Linux. We would like to use the "distroboot" approach.
Enable distroboot as a further option to use for booting on am625 should
the existing options fail.
Signed-off-by: Martyn Welch <martyn.welch@collabora.com>
The boot mode detection assumes that BOOT_DEVICE_MMC2 should always
result in MMCSD_MODE_FS, but MMCSD_MODE_RAW is also a valid option for
this port.
The current logic also avoids looking at the bootmode pin strapping,
which should be the primary means of determining whether a device is
being booted in MMCSD_MODE_EMMCBOOT mode.
Switch around the logic to check the boot mode to determine whether the
eMMC boot mode is expected or MMC/SD boot mode. From there we can look
at the boot mode config if in MMC/SD boot mode to determine whether to
attempt RAW or FS based booting.
This change allows U-Boot to also be successfully booted from RAW
offsets in addition to from a filesystem.
Signed-off-by: Martyn Welch <martyn.welch@collabora.com>
In f422c4bec the configuration option to support s28hs512t SPI flashes
was changed from CONFIG_SPI_FLASH_S28HS512T to CONFIG_SPI_FLASH_S28HX_T
to support the wider family. Follow this change in the AM62x EVM
configurations.
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
Reviewed-by: Dhruva Gole <d-gole@ti.com>
To quote the author:
Update in U-Boot env mmc backend with several cosmetic changes or
corrections and 2 new features:
1/ CONFIG_ENV_MMC_USE_DT = no more use CONFIG_ENV_OFFSET
in the mmc ENV backend when this config is activated.
Requested by the STM32MP STMicroelectronics boards which activate
several ENV_IS_IN_XXX; the value of CONFIG_ENV_OFFSET is invalid for
SD-Card / eMMC boot; this offset should only used in SPIFlash backend
(sf.c) for SPI-NOR boot.
If this offset is used on mmc backend, when partition name in GPT is
not aligned with U-Boot DT: "u-boot,mmc-env-partition", the behavior
is difficult to debug: a partition is corrupted on 'env save' command.
2/ selects the GPT env partition by the "u-boot-env" type GUID introduced
by the commit c0364ce1c6 ("doc/README.gpt: define partition
type GUID for U-Boot environment")
This feature can also avoid issue when 'u-boot-env' partition name
change in GPT partitioning but not in the U-Boot DT with
"u-boot,mmc-env-partition"
Remove the unused macro STR(X) since the commit 2b2f727500 ("env: mmc:
allow support of mmc_get_env_dev with OF_CONTROL")
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add a debug message to indicate a potential issue when
"u-boot,mmc-env-partition" is present in config node of device tree
but this partition name is not found in the mmc device.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Since commit c0364ce1c6 ("doc/README.gpt: define partition type GUID for
U-Boot environment"), a specific type GUID can be used to indicate
the U-Boot environment partition on the device with GPT partition table.
This patch uses this type GUID to found the env partition as fallback
when the partition name property "u-boot,mmc-env-partition" is not present
in config node or if the indicated partition name is not found.
The mmc_offset_try_partition() function is reused, it selects the first
partition with the correct type GUID when the parameter 'str' is NULL.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Activate by default CONFIG_ENV_MMC_USE_DT as "u-boot,mmc-env-partition"
should be always use in STMicroelectronics boards device tree to locate
the environment for mmc backend. The 2 defines:
CONFIG_ENV_OFFSET=0x280000
CONFIG_ENV_OFFSET_REDUND=0x2C0000
are only valid for spi-nor and not for SD-Card or eMMC.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add a new config CONFIG_ENV_MMC_USE_DT to force configuration of the
U-Boot environment offset with device tree config node.
This patch avoids issues when several CONFIG_ENV_IS_IN_XXX are activated,
the defconfig file uses the same value for CONFIG_ENV_OFFSET or
CONFIG_ENV_OFFSET_REDUND for the several ENV backends (SPI_FLASH, EEPROM
NAND, SATA, MMC).
After this patch a bad offset value is not possible when the selected
partition in device tree is not found.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
When ENV_IS_EMBEDDED is enabled, ret is not defined but is used as a
return value in env_mmc_load().
This patch correct this issue and simplify the existing code, test only
one time #if defined(ENV_IS_EMBEDDED) and not in the function.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
This file has a lot of conditional code and much of it is unnecessary.
Clean this up to reduce the number of build combinations.
This patch replaces the test on CONFIG_ENV_OFFSET_REDUND for the
more coherent CONFIG_SYS_REDUNDAND_ENVIRONMENT.
This patch also corrects a compilation issue in init_mmc_for_env()
when CONFIG_SYS_MMC_ENV_PART is not activated, env_mmc_orig_hwpart is
not defined.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Introduce ENV_MMC_OFFSET defines.
It is a preliminary step to the next patches to simplify the code.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
It is incorrect to keep commands in the arch/ folder.
Signed-off-by: Alexey Romanov <avromanov@sberdevices.ru>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Link: https://lore.kernel.org/r/20230110105650.54580-3-avromanov@sberdevices.ru
[narmstrong: moved after cmd/sound in index.rst]
Signed-off-by: Neil Armstrong <neil.armstrong@linaro.org>
This function can be used by other modules. Also add comments.
Signed-off-by: Alexey Romanov <avromanov@sberdevices.ru>
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Link: https://lore.kernel.org/r/20230110105650.54580-2-avromanov@sberdevices.ru
Signed-off-by: Neil Armstrong <neil.armstrong@linaro.org>
The new JetHub D1+ has a microSD slot. Add rescue boot from microSD
Signed-off-by: Viacheslav Bocharov <adeep@lexina.in>
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Link: https://lore.kernel.org/r/20221222093358.204520-1-adeep@lexina.in
Signed-off-by: Neil Armstrong <neil.armstrong@linaro.org>
TI phy requires a reset before PHY address detection to make sure
correct strapping via MIO is detected. Facilitate the same using
ethernet-phy-id compatible string. GPIO reset entry will be added in
a separate commit.
This support is present in RevA but needs to be extended to RevB/1.0/1.1
versions which are built on top.
Fixes: 13622c7a9d ("arm64: zynqmp: Describe TI phy as ethernet-phy-id")
Signed-off-by: Harini Katakam <harini.katakam@amd.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/6d500a83a787316353d4b26c75d1b51d29e3730e.1670854455.git.michal.simek@amd.com
The Cadence GEM/MACB driver now utilizes the platform-level reset on the
ZynqMP platform. Add reset definitions to the ZynqMP platform device
tree to allow this to be used.
Linux upstream commit (e461bd6f43f4e568f7436a8b6bc21c4ce6914c36).
Signed-off-by: Robert Hancock <robert.hancock@calian.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/14e3637735dbc626659e96d142f04a63398362f8.1670590595.git.michal.simek@amd.com
There are currently no platform that are both CONFIG_SYS_NS16550_MEM32
and not (per how the logic was prior to being broken in 0478dac62a
("kbuild: Remove uncmd_spl logic")) enabled in CONFIG_DM_SERIAL. We drop
this line out now so that platforms which do use
CONFIG_SYS_NS16550_MEM32 and depending on stage may or may not have
DM_SERIAL set.
Fixes: 0478dac62a ("kbuild: Remove uncmd_spl logic")
Reported-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Tested-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> #on Ringneck PX30, Puma RK3399
For some newer SoCs like RK3568, the Rockchip has not released
any DDR drivers yet so idbloader needs to create manually using
DDR binaries offered by rkbin. This indeed no requirement to
enable TPL in the U-Boot source code.
If we mark TPL disabled and mark BINMAN enabled by default then
there would be an issue of binman_init failure during board
relocation. This is true as binman failed to find the top-level
node like u-boot-tpl here.
Here is the boot issue observed in Radxa-CM3 RK3566 board,
U-Boot 2023.01-rc4-00057-gac2505d463-dirty (Jan 04 2023 - 23:44:18 +0530)
Model: Radxa Compute Module 3(CM3) IO Board
DRAM: 2 GiB
binman_init failed:-2
initcall sequence 000000007ffd2008 failed at call 0000000000a18cac (err=-2)
### ERROR ### Please RESET the board ###
This might be fixed via binman node in rockchip-u-boot.dtsi however
disable BINMAN_FDT for evb-rk3568 defconfig for now as we are at the
end of the release cycle.
Fixes: 05713d5707 ("rockchip: generate u-boot-rockchip.bin with binman
for ARM64 boards")
Cc: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
- rawnand: omap_gpmc: driver model support
-----BEGIN PGP SIGNATURE-----
iQJYBAABCgBCFiEE6GOTDNYiFygVXvMmQBtB6IWRjvEFAmO6pUskHGRhcmlvLmJp
bmFjY2hpQGFtYXJ1bGFzb2x1dGlvbnMuY29tAAoJEEAbQeiFkY7xo+kQAIRCr9c5
DPOa+yFSFnSrEj6Ci+Csx0+VFef+pzUU3phu5T8HG8bCkKtMmPopau37coFhzty/
87yQtVJoq5tMWdle8Lwg9SStYTjt2c9Vg6nZvNFaLDWkZm2zLJpgOB6KM+AIEvpG
PLJ2nVYqwoaZbW3o1eHPescKl3A7vkMuUxIZ/3NJtKOezuqhR42nHyNDaGLMbI2o
fvm17vc6gh07+ekR06frVOmUdxYbNcfEjCPLgf2fAqkAuBw17TB2akpDuTSYSck5
QcIZqJeKwCJjCKEzOlXZHktiX3E1CohOcEcPBKlWPvNORokc/ghcHFvvT846FFqE
VEZb0P/4lkvSCVBCwTbgnKtN1O8mN/lnHVMubQXWyP5ZK7PPn7BzyzOZfCm+Emdm
41B2H2+3+IRhTY9uYPyPXnyTQ/pDUZ2i7EXIguUAWOaq6GE8w9ICty1c7pxnCG5+
mm/4nhMrbQzQ7y4Snp1jZTcdvFczuBNFIEsSvOyHagXVCRHJi1/YT4L4t1mvUX5J
VPnidkrdQFIJpfJadEk/D3E43XXyqKtFpHy1yn1cqqiDd/TIGUmcf9oAkT6wuUZf
DoQjdRKJnr6nyPVfWF/cQ4c4qcDXvA5TIKztxrb/whaff+2I/vXW2QnV2YX3zyxt
Ry6YvBOH0xYTWNmQ7uFecjkpeKhb4FrKuUUf
=Agfn
-----END PGP SIGNATURE-----
Merge tag 'u-boot-nand-20230108' of https://source.denx.de/u-boot/custodians/u-boot-nand-flash into next
Pull request for u-boot-nand-20230108
- rawnand: omap_gpmc: driver model support
The "SCRIPT FAILED" string is copied from scan_dev_for_scripts script,
update it so it prints "EXTLINUX FAILED" instead in scan_dev_for_extlinux
script.
Signed-off-by: Marek Vasut <marex@denx.de>
Support u-boot driver model. We still retain
support legacy way of doing things if ELM_BASE
is defined in <asm/arch/hardware.h>
We could completely get rid of that if all
platforms defining ELM_BASE get rid of that definition
and enable CONFIG_SYS_NAND_SELF_INIT and are verified
to work.
Signed-off-by: Roger Quadros <rogerq@kernel.org>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Link: https://lore.kernel.org/all/20221220102203.52398-9-rogerq@kernel.org
Link: https://lore.kernel.org/all/CABGWkvrvKiVA_yaDnHJcHEKwc+pEuLdz=i6HQEY0oJQvohCUsw@mail.gmail.com
Adds DT binding documentation for the TI Error Location Module.
This is picked up from the Linux Kernel.
Signed-off-by: Roger Quadros <rogerq@kernel.org>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Link: https://lore.kernel.org/all/20221220102203.52398-8-rogerq@kernel.org
The symbol is required for NAND support in SPL when using
OMAP_GPMC driver.
Signed-off-by: Roger Quadros <rogerq@kernel.org>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Link: https://lore.kernel.org/all/20221220102203.52398-7-rogerq@kernel.org
Enables SPL NAND support for ARCH_K3 by enabling
SPL_NAND_INIT and SPL_SYS_NAND_SELF_INIT.
Legacy OMAP2plus platforms still rely on SPL_NAND_AM33XX_BCH
instead.
Signed-off-by: Roger Quadros <rogerq@kernel.org>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Link: https://lore.kernel.org/all/20221220102203.52398-6-rogerq@kernel.org
Adds driver model support.
We need to be able to self initialize the NAND controller/chip
at probe and so enable CONFIG_SYS_NAND_SELF_INIT.
Doing so requires nand_register() API which is provided by nand.c
and needs to be enabled during SPL build via CONFIG_SPL_NAND_INIT.
But nand.c also provides nand_init() so we need to get rid of nand_init()
in omap_gpmc driver if CONFIG_SPL_NAND_INIT is set.
Signed-off-by: Roger Quadros <rogerq@kernel.org>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Link: https://lore.kernel.org/all/20221220102203.52398-5-rogerq@kernel.org
