Factor out armv7m fragment to spl_perform_fixups(), which is an arch/board
specific function designed for this purpose.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
This implementation is intended to be copied to other projects and
modified, to as to foster a standard means of communcating runtime
information between firmware projects.
The GPL-2 license is too restrictive for some projects, e.g. those
intended as reference implementations rather than designed for
collaborative open-source development.
Update the license to make this easier to share.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we do support allocating the bloblist but the Kconfig is a bit
strange, since we still have to specify an address in that case. Partly
this is because it is a pain to have CONFIG options that disappears when
its dependency is enabled. It means that we must have #ifdefs in the code,
either in the C code or header file.
Make use of IF_ENABLED_INT() and its friend to solve that problem, so we
can separate out the location of bloblist into a choice. Put the address
and size into variables so we can log the result.
Add the options for SPL as well, so we can use CONFIG_IS_ENABLED().
Signed-off-by: Simon Glass <sjg@chromium.org>
We typically refer to the different U-Boot builds that a board runs
through as phases. This avoids confusion with the word 'stage' which is
used with bootstage, for example. Fix up some bloblist Kconfig help
which uses the wrong term.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present if someone adds a tag in the middle of the list it works well
enough within a U-Boot build. But if these tags are used in another
project, or with an older version of SPL, the numbers make become
inconsistent.
Use explicit tag numbers that never change, to resolve this problem.
Allocate areas for existing U-Boot tags and set up an area for use by
projects and vendors, as well as for private use. Keep tags above
0x10000 unallocated for now.
Update bloblist_tag_name() and the tests to work with this new setup.
Signed-off-by: Simon Glass <sjg@chromium.org>
The EC event log tag is no-longer used. The vboot handoff is now handled
by the vboot context instead.
Drop these unused tags.
Signed-off-by: Simon Glass <sjg@chromium.org>
Documentation:
* Add Sunxi board description
UEFI:
* Improvements to U-Boot running on top of UEFI
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmHOp5gACgkQxIHbvCwF
GsTonA//Y8wwlaXA1TD6B0fIEcQiZucDJQD0nbHugx+1xw/7w9wHX1qfM4Tskqc4
y4RA3QyoyUp7tvesP6/EA3mAUSEUp0nrtLPyCJjjXV1lrOaXhwvbdqrhOCqUQLen
h6RNjhujVtbC90wBWYPal3Ip0hdIUROe3qp9Mk2p4zAru8jBEShn+PTRIeHvf6UV
9BZ8j9LCivC7hUAG3Cyv+KFhW1s47IN54WddedIREEWk4vIdrUMRLjW/kW8ZbDxx
gi1Eec25Rte6+p5k/+TJkvCwA8GC1kW+MFMYWxcAARZlUd0yr/S6ru5yaW8km0KQ
kKgcYGp878hVB41JFEhiGUf9CkwU2oo+3NZGIfNv/vG45J4UppyqNffm9c3ZudWC
S6DqRVPSp1YQEs45SIVZGx+LK6s1iTBn3DJ/dX68NavuUIYX2nnveUBgtW5vdzGf
ba0yh4a0EU36hcjd2o3y3sEAjiy+PF8SAZ+f2HQ7JaLjsCWF1zNFGsiAxaEStHp8
aVrUN0cWQPKnnI2A8DCqjmMaSBDKZDK59k6EeC1ZFdMmGivHEO61A0sDiUTz+IRW
U7XLvjAA5IVKAtij6T/iab6qvhgwABJRL9lZI5DMiFxJRSl4uSYe9YviG7+EzUg0
XMIs5nK6jBB74HPKqhBouiSUiRa9UHY/rdyNhJACHQ8GODzCf04=
=YdSB
-----END PGP SIGNATURE-----
Merge tag 'efi-next' of https://source.denx.de/u-boot/custodians/u-boot-efi into next
Pull request of efi-next
Documentation:
* Add Sunxi board description
UEFI:
* Improvements to U-Boot running on top of UEFI
Since EFI does not relocate and uses the same global_data pointer
throughout the board-init process, drop this unnecessary setup, to avoid
a hang.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
- support for showing a logo without splash screen config
- support for BMP drawing to depths other than 16bpp
- tests for the different types of supported BMP images
- support showing a logo when running coreboot via qemu
-----BEGIN PGP SIGNATURE-----
iGwEABECACwWIQSC4hxrSoIUVfFO0kRM6ATMmsalXAUCYcsdCQ4cYWd1c3RAZGVu
eC5kZQAKCRBM6ATMmsalXCLhAJ9pLJE3SpQRzpm+Nu4EMbCDzZKr+wCfbxnAZ9LC
zS1XZ6u9Se4ysDb+PYs=
=Hf5j
-----END PGP SIGNATURE-----
Merge tag 'video-next-20211228' of https://source.denx.de/u-boot/custodians/u-boot-video into next
- various fixes to the sandbox display support
- support for showing a logo without splash screen config
- support for BMP drawing to depths other than 16bpp
- tests for the different types of supported BMP images
- support showing a logo when running coreboot via qemu
This converts the following to Kconfig:
CONFIG_SYS_FSL_CLK
We move the exiting option to common/Kconfig near the other options to
control the contents of board_init_f() and note that this is a legacy
option. We further restrict this to where the call is going to be
non-empty, for the SoCs that had only been using this for some
MMC-related clocks.
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_VIDEO_LOGO
Note that this option depends on CONFIG_DM_VIDEO now, since cfb_console is
deprecated. The only relevant code is now in splash.c
Drop the check for DM_VIDEO in that file.
Signed-off-by: Simon Glass <sjg@chromium.org>
The video driver uses this for debugging, but if used before relocation it
crashes at present. Avoid trying to output debugging before the console is
ready.
Signed-off-by: Simon Glass <sjg@chromium.org>
When running, if the devicetree failed to come from the expected source,
show a warning, e.g:
U-Boot ...
DRAM: 128 MiB
Core: 42 devices, 11 uclasses, devicetree: separate
Warning: Unexpected devicetree source (not from a prior stage)
Warning: U-Boot may not function properly
Flash: 64 MiB
...
These warnings should only appear if the board config has been changed, or
the prior stage is broken.
Signed-off-by: Simon Glass <sjg@chromium.org>
It can be confusing to figure out where the devicetree came from. It seems
important enough to warrant a message during boot. Add information about
the number of devices and uclasses too since it is helpful to have some
idea what is going on with driver model.
Report the devicetree source in bdinfo too.
This looks something like this, with > marking the new line.
U-Boot 2021.10-00190 (Oct 30 2021 - 09:01:29 -0600)
DRAM: 128 MiB
> Core: 42 devices, 11 uclasses, devicetree: passage
Flash: 64 MiB
Signed-off-by: Simon Glass <sjg@chromium.org>
Move Turris MOX specific remove_disabled_nodes() to fdt_support with
name fdt_delete_disabled_nodes(), so that others can potentially use it.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Add functions
fdt_node_offset_by_pathf(),
fdt_create_phandle_by_pathf(),
fdt_set_status_by_pathf()
to get node offset, get/create node phandle and set status for node
given by path/alias formatted with sprintf.
Add functions
fdt_create_phandle_by_compatible(),
fdt_set_status_by_compatible()
to get/create node phandle and set status for first node given by
compatible.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
This function does not necessarily create a new phandle. If a phandle
exists, no new phandle is created.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Since no one uses this feature and I am not aware of any parsers of this
in Linux, remove it.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Pratyush Yadav <p.yadav@ti.com>
Cc: Tim Harvey <tharvey@gateworks.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit f0921f5098 ("fdt: Sync up to the latest libfdt") introduced
fdt_generate_phandle() in libfdt, making fdt_alloc_phandle() obsolete in
fdt_support.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: "hui.song" <hui.song_1@nxp.com>
Cc: Meenakshi Aggarwal <meenakshi.aggarwal@nxp.com>
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Cc: Ioana Ciornei <ioana.ciornei@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Typically the bloblist is positioned at a fixed address in memory until
relocation. This is convenient when it is set up in SPL or before
relocation.
But for EFI we want to set it up only when U-Boot proper is running. Add
a way to allocate it using malloc() and update the documentation to cover
this aspect of bloblist.
Note there are no tests of this feature at present, nor any direct testing
of bloblist_init().
This can be added, e.g. by making this option controllable at runtime.
Signed-off-by: Simon Glass <sjg@chromium.org>
When, for various reasons, a bad FIT image is used where a loadable
image is marked as 0 length, attempt is made for a 0 length allocation and
read of 0 byte read operation.
Instead provide warning in log and skip attempting to do such a load.
Signed-off-by: Nishanth Menon <nm@ti.com>
Reviewed-by: Aswath Govindraju <a-govindraju@ti.com>
Add a new function to activate an existing simple frame buffer node
and add the associated reserved memory, with no-map properties.
This device tree update is only done when the video device is active
and the video buffer is used.
This patch uses '#if CONFIG_IS_ENABLED(DM_VIDEO)' because
gd->video_bottom and gd->video_top are only defined when CONFIG_DM_VIDEO
is activated.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Rename the function named lcd_dt_simplefb* to fdt_simplefb* to be aligned
with the associated file name fdt_simplefb.h/fdt_simplefb.c
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Matthias Brugger <mbrugger@suse.com>
Rename the file lcd_simplefb.c to fdt_simplefb.c to be aligned
with the configuration name and with the associated include file
./include/fdt_simplefb.h
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
This converts the following to Kconfig:
CONFIG_LCD_DT_SIMPLEFB
This patch also renames this config to CONFIG_FDT_SIMPLEFB as the code in
common/lcd_simplefb.c support CONFIG_LCD and CONFIG_VIDEO.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Matthias Brugger <mbrugger@suse.com>
Before relocation there is generally not as much available memory and not
that much console output. At present the console-output buffer is the same
side before and after relocation. Add a separate Kconfig option to remove
this limitation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Even if U-Boot has relocation disabled via GD_FLG_SKIP_RELOC , the
relocated stage of U-Boot still picks GD from new_gd location. The
U-Boot itself is not relocated, but GD might be, so copy the GD to
new GD location even if relocation is disabled.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Peng Fan <peng.fan@oss.nxp.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
The last board that used to set CONFIG_LYNXKDI has been removed in
commit 242836a893 ("powerpc: ppc4xx: remove pcs440ep support"),
doc/README.lynxkdi only talks about a MPC8260 board being supported,
and the mpc8260 support has been removed four years ago in commit
2eb48ff7a2 ("powerpc, 8260: remove support for mpc8260") already,
and common/lynxkdi.c only consists of an "#error" statement these
days, so it seems like the LYNX KDI code is dead code nowadays.
Let's remove it now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Quite a lot of the code in common/relates to booting and images. Before
adding more it seems like a good time to move the code into its own
directory.
Most files with 'boot' or 'image' in them are moved, except:
- autoboot.c which relates to U-Boot automatically running a script
- bootstage.c which relates to U-Boot timing
Drop the removal of boot* files from the output directory, since this
interfers with the symlinks created by tools and there does not appear
to be any such file from my brief testing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
Tested-by: Artem Lapkin <email2tema@gmail.com>
This statement has an unmatched parentheses, fix it.
Signed-off-by: Leo Yu-Chi Liang <ycliang@andestech.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
When building a system that has both TPL and SPL_OS_BOOT, code which
tests for CONFIG_SPL_OS_BOOT will be built and enabled in TPL, which is
not correct. While there is no CONFIG_TPL_OS_BOOT symbol at this time
(and likely will not ever be) we can use CONFIG_IS_ENABLED(OS_BOOT) in
these common paths to ensure we only compile these parts in the SPL
case.
Signed-off-by: Tom Rini <trini@konsulko.com>
Allow usage of the bootstage facilities in SPL.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The data blob apparently does not need to be modified through the fit
field of the image_sign_info struct so make it point to const to avoid
the need to cast away constness in functions that assign a pointer to
const data to the field.
fit_image_setup_verify already had to cast away constness as it assigned
a const void * argument to the field. The cast can now be removed.
Signed-off-by: Hannu Lounento <hannu.lounento@vaisala.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The padding pss is only supported on u-boot and tools since
commit 2bbed3ff8c ("image: Use Kconfig to enable FIT_RSASSA_PSS on host")
This commit adds the config SPL_FIT_RSASSA_PSS to support
the padding pss in the SPL.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Make sure to (if applicable) flush the D-cache, invalidate I-cache,
and disable MMU and caches before jumping to OPTEE.
This fixes the SDP->SPL->OPTEE boot flow on iMX6Q and most likely on
some other ARM SoCs.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
After DM_VIDEO conversion the 'vidconsole' is the correct name
for the frame buffer console. 'video' will not work, so update
the description of the config option.
Signed-off-by: Anatolij Gustschin <agust@denx.de>
At present U-Boot has a header file called lz4.h for its own use. If the
host has its own lz4 header file installed (e.g. from the 'liblz4-dev'
package) then host builds will use that instead.
Move the U-Boot file into its own directory, as is done with various
other headers with the same problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is far too long. Before trying to remove #ifdefs, split out
the code that deals with selecting the FDT into a separate function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use boolean variables to deal with the strange #ifdef logic of this
function, so we can remove the #ifdefs.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is far too long. Before trying to remove #ifdefs, split out
the code that deals with selecting the ramdisk into a separate function.
Leave the code indented as it was for easier review. The next patch cleans
this up along with checkpatch violations.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is only used in one place and does not need to use the
preprocessor. Move it to the C file and convert it to a normal function.
Drop fit_unsupported() since it is not used.
Signed-off-by: Simon Glass <sjg@chromium.org>
We can use the new host_build() function for this, so drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough and the board code is now in a separate file. Update the only place
where this is used and drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a host Kconfig for CRC32. With this we can use CONFIG_IS_ENABLED(CRC32)
directly in the host build, so drop the unnecessary indirection.
Add a few more conditions to SPL_CRC32 to avoid build failures as well as
TPL_CRC32. Also update hash.c to make crc32 optional and to actually take
notice of SPL_CRC32.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a host Kconfig for OF_LIBFDT. With this we can use
CONFIG_IS_ENABLED(OF_LIBFDT) directly in the tools build, so drop the
unnecessary indirection.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Make use of the host Kconfig for FIT. With this we can use
CONFIG_IS_ENABLED(FIT) directly in the host build, so drop the unnecessary
indirection.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
We can use the __maybe_unused attribute to avoid some of the #ifdefs in
this file. Update the functions accordingly.
Note: The actual hashing interface is still a mess, with four separate
combinations and lots of #ifdefs. This should really use a driver
approach, e.g. as is done with partition drivers.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.
For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.
Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.
Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.
This allows us to drop the image.h code and the I_WANT_MD5 hack.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
some options to enable the various FIT options expected in these tools.
This will ensure that the code builds correctly when CONFIG_TOOLS_xxx
is distinct from CONFIG_xxx.
Drop some #ifdefs which are immediately unnecessary (many more are in
later patches).
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
With the new TOOLS_LIBCRYPTO and some other changes, it seems that we are
heading towards calling this a tools build rather than a host build,
although of course it does happen on the host.
I cannot think of anything built by the host which cannot be described as
a tool, so rename this function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a macro to handle manually relocating a pointer. Update the iamge code
to use this to avoid needing #ifdefs.
This also fixes a bug where the 'done' flag was not set.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rather than adding an #ifdef and open-coding this calculation, add a
helper function to handle it. Use this in the image code.
Signed-off-by: Simon Glass <sjg@chromium.org>
To avoid having #ifdefs in a few functions which are completely different
in the board and host code, create a new image-host.c file.
Signed-off-by: Simon Glass <sjg@chromium.org>
To avoid a large #ifdef in the image.c file, move the affected code into
a separate file.
Avoid any style fix-ups for easier review. Those are in the next patch.
Signed-off-by: Simon Glass <sjg@chromium.org>
Adjust this function so that preprocessor macros are not needed. With
this, the host build uses more of the same header files as the target
build.
Rather than definining CONFIG_SYS_MALLOC_LEN, add a CONSERVE_MEMORY
define, since that is the purpose of the value.
This appears to have no impact on code size from a spot check of a few
boards (snow, firefly-rk3288, boston32r2el, m53menlo).
Signed-off-by: Simon Glass <sjg@chromium.org>
The zstd implementation prints the error in image_decomp() which is
incorrect and does not match other algorithms. Drop this and let the
caller report the error.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this function is full of preprocessor macros. Adjust it to
check for an unsupported algorithm after the switch(). This will allow
us to drop the macros.
Fix up the return-value path and an extra blank line while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
The existing zstd API requires the same sequence of calls to perform its
task. Create a helper for U-Boot, to avoid code duplication, as is done
with other compression algorithms. Make use of of this from the image
code.
Note that the zstd code lacks a test in test/compression.c and this should
be added by the maintainer.
Signed-off-by: Simon Glass <sjg@chromium.org>
cherry-picked from NXP code:
719d665a87c6: ("MLK-20467 imx8m: Fix issue for booting signed image through uuu")
which fixes secure boot on imx8m based boards. Problem was
that FIT header and so IVT header too, was loaded to
memallocated address. So the ivt header address coded
in IVT itself does not fit with the real position.
Signed-off-by: Heiko Schocher <hs@denx.de>
Tested-by: Tim Harvey <tharvey@gateworks.com>
add hook function spl_load_simple_fit_fix_load()
which is called after fit image header is loaded.
Signed-off-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
bootm_low is used as a base address is used to allocate space for the
FDT blob, initrd, cmdline, etc. when booting Linux. Set the default
value for RISC-V to the start of the first DRAM bank, so platforms can
get their DRAM layout from the device tree, and do not need to define
CONFIG_SYS_SDRAM_BASE.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
The configuration CONFIG_OPTEE is defined 2 times:
1- in lib/optee/Kconfig for support of OPTEE images loaded by bootm command
2- in drivers/tee/optee/Kconfig for support of OP-TEE driver.
It is abnormal to have the same CONFIG define for 2 purpose;
and it is difficult to managed correctly their dependencies.
Moreover CONFIG_SPL_OPTEE is defined in common/spl/Kconfig
to manage OPTEE image load in SPL.
This definition causes an issue with the macro CONFIG_IS_ENABLED(OPTEE)
to test the availability of the OP-TEE driver.
This patch cleans the configuration dependency with:
- CONFIG_OPTEE_IMAGE (renamed) => support of OP-TEE image in U-Boot
- CONFIG_SPL_OPTEE_IMAGE (renamed) => support of OP-TEE image in SPL
- CONFIG_OPTEE (same) => support of OP-TEE driver in U-Boot
- CONFIG_OPTEE_LIB (new) => support of OP-TEE library
After this patch, the macro have the correct behavior:
- CONFIG_IS_ENABLED(OPTEE_IMAGE) => Load of OP-TEE image is supported
- CONFIG_IS_ENABLED(OPTEE) => OP-TEE driver is supported
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
We have individual SOC symbols for each keystone 2 platform. Use the
existing CONFIG_ARCH_KEYSTONE rather than CONFIG_SOC_KEYSTONE to
encompass all of the keystone families.
Signed-off-by: Tom Rini <trini@konsulko.com>
The current API is outdated as it requires a devicetree pointer.
Move these functions to use the ofnode API and update this globally. Add
some tests while we are here.
Correct the call in exynos_dsim_config_parse_dt() which is obviously
wrong.
Signed-off-by: Simon Glass <sjg@chromium.org>
Header file version.h does not use anything from timestamp.h. Including of
timestamp.h has side effect which cause recompiling object file at every
make run because timestamp.h changes at every run.
So remove timestamp.h from version.h and include timestamp.h in files
which needs it.
This change reduce recompilation time of final U-Boot binary when U-Boot
source files were not changed as less source files needs to be recompiled.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Add in lib/acpi/acpi_table.c and test/dm/acpi.c, rework a few others]
Signed-off-by: Tom Rini <trini@konsulko.com>
More C files do not use compile time timestamp macros and do not have to be
recompiled every time when SOURCE_DATE_EPOCH changes.
This patch moves version_string[] from version.h to version_string.h and
updates other C files which only needs version_string[] string to include
version_string.h instead of version.h. After applying this patch these
files are not recompiled every time when SOURCE_DATE_EPOCH changes.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The hash algorithm selection was streamlined in commit 92055e138f
("image: Drop if/elseif hash selection in calculate_hash()"). Said
commit kept the call to cpu_to_uimage() to convert the CRC to big
endian format.
This would have been correct when calling crc32_wd(). However, the
->hash_func_ws member of crc32 points to crc32_wd_buf(), which already
converts the CRC to big endian. On a little endian host, doing both
conversions results in a little-endian CRC. This is incorrect.
To remedy this, simply drop the call to cpu_to_uimage(), thus only
doing the byte-order conversion once.
Fixes: 92055e138f ("image: Drop if/elseif hash selection in
calculate_hash()")
Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
We are not guaranteed to have the padding_pkcs_15_verify symbol since
commit 92c960bc1d ("lib: rsa: Remove #ifdefs from rsa.h"), and
commit 61416fe9df ("Kconfig: FIT_SIGNATURE should not select RSA_VERIFY")
The padding_algos only make sense with RSA verification, which can now
be disabled in lieu of ECDSA. In fact this will lead to build failures
because of the missing symbol mentioned earlier.
To resolve this, move the padding_algos to a linker list, with
declarations moved to rsa_verify.c. This is consistent with commit
6909edb4ce ("image: rsa: Move verification algorithm to a linker list")
One could argue that the added #ifdef USE_HOSTCC is ugly, and should
be hidden within the U_BOOT_PADDING_ALGO() macro. However, this would
be inconsistent with the "cryptos" list. This logic for was not
previously explored:
Without knowledge of the U_BOOT_PADDING_ALGO() macro, its use is
similar to something being declared. However, should #ifndef
USE_HOSTCC be part of the macro, it would not be obvious that it
behaves differently on host code and target code. Having the #ifndef
outside the macro makes this obvious.
Also, the #ifdef is not always necessary. For example ecda-verify
makes use of U_BOOT_CRYPTO_ALGO() without any accompanying #ifdefs.
The fundamental issue is a lack of separation of host and target code
in rsa_verify. Therefore, the declaration of a padding algo with the
external #ifdef is more readable and consistent.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
calculate_hash() would try to select the appropriate hashing function
by a if/elseif contruct. But that is exactly why hash_lookup_algo()
exists, so use it instead.
This does mean that we now have to 'select HASH' to make sure we get
the hash_lookup_algo() symbol. However, the change makes sense because
even basic FITs will have to deal with "hash" nodes.
My only concern is that the 'select SPL_HASH' might cause some
platform to grow above its SPL size allowance
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Make FSL_CAAM be implied only on ARM && SPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
MD5 is being called directly in some places, but it is not available
via hash_lookup_algo("md5"). This is inconsistent with other hasing
routines. To resolve this, add an "md5" entry to hash_algos[].
The #ifdef clause looks funnier than those for other entries. This is
because both MD5 and SPL_MD5 configs exist, whereas the other hashes
do not have "SPL_" entries. The long term plan is to get rid of the
ifdefs, so those should not be expected to survive much longer.
The md5 entry does not have .hash_init/update/finish members. That's
okay because hash_progressive_lookup_algo() will catch that, and
return -EPROTONOSUPPORT, while hash_lookup_algo() will return the
correct pointer.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Use CONFIG_IS_ENABLED not IS_ENABLED for MD5 check]
Signed-off-by: Tom Rini <trini@konsulko.com>
All of these configs exist. Stick to using CONFIG_[ST]PL_HASH, and drop all
references to CONFIG_[ST]PL_HASH_SUPPORT. This means we need for
CHAIN_OF_TRUST to select SPL_HASH now.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add TPL case, fix CHAIN_OF_TRUST, other tweaks]
Signed-off-by: Tom Rini <trini@konsulko.com>
Originally CONFIG_FIT_SHAxxx enabled specific SHA algos for and only
for hash_calculate() in common/image-fit.c. However, since commit
14f061dcb1 ("image: Drop IMAGE_ENABLE_SHAxxx"),
the correct selector was changed to CONFIG_SHAxxx.
The extra "_FIT_" variants are neither used, nor needed. Remove them.
One defconfig disables FIT_SHA256, which is now changed to 'SHA256'.
CMD_MVEBU_BUBT needs to select select SHA256 to avoid undefined
references to "sha256_*()". bubt.c needs sha256, so this selection is
correct. It is not clear why this problem did not manifest before.
Note that SHA selection in SPL is broken for this exact reason. There
is no corresponding SPL_SHAxxx. Fixing this is is beyond the scope of
this change.
Also note that we make CONFIG_FIT now imply SHA256, to make up for
FIT_SHA256 previously being a default y option.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add imply SHA256 to FIT]
Signed-off-by: Tom Rini <trini@konsulko.com>
The enable_caches is a generic hook for architecture-implemented, we
leverage this function to enable caches for RISC-V
Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Rick Chen <rick@andestech.com>
The code under drivers/net is related to ethernet networking drivers, in
some fashion or another. Drop these from the top-level Makefile and
also move the phy rule into drivers/net/Makefile which is where it
belongs. Make the new rule for drivers/net check for the build-stage
relevant ETH symbol.
Fix up some Kconfig dependencies while we're here to mirror how the
Makefile logic now works.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Introduce ETH, Kconfig dependency changes, am43xx fix]
Signed-off-by: Tom Rini <trini@konsulko.com>
Move the power/ rules into drivers/power to avoid clutter in the Makefile
and drivers/Makefile files.
We must select SPL_POWER if SPL_POWER_DOMAIN is used, since the two are
currently independent and boards do not necessarily enable SPL_POWER.
Add a TPL_POWER as well, as that is used by one board.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
Rename this option so that CONFIG_IS_ENABLED can be used with it.
Oddly there is already an SPL_CACHE option. Drop it in favour of this one.
Drop the special SPL Makefile rule which is now superfluous.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rename these options so that CONFIG_IS_ENABLED can be used with them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
[trini: Fixup some incorrect renames]
Signed-off-by: Tom Rini <trini@konsulko.com>
Currently it is possible to cancel loadx and loady commands by pressing
CTRL+X (CAN character) at least 3 times quickly.
All other U-Boot commands, including loadb and loads can be cancelled by
CTRL+C. So allow it also in xyz-modem code used by loadx and loady
commands. Implement it by handling CTRL+C (ETX character) in the same way
as CTRL+X (CAN character).
Due to how x/y-modem protocol works, it is required to press
CTRL+C or CTRL+X at least 3 times quickly.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
In x-modem protocol EOF is not an error state at the end of file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Variable xyz.len is set to -1 on error. At the end xyzModem_stream_read()
function calls memcpy() with length from variable xyz.len. If this variable
is set to -1 then value passed to memcpy is casted to unsigned value, which
means to copy whole address space. Which then cause U-Boot crash. E.g. on
arm64 it cause CPU crash: "Synchronous Abort" handler, esr 0x96000006
Fix this issue by checking that value stored in xyz.len is valid prior
trying to use it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Calculate hash using DM driver if supported.
For backward compatibility, the call to legacy
hash functions is reserved.
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
default n/no doesn't need to be specified. It is default option anyway.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
[trini: Rework FSP_USE_UPD portion]
Signed-off-by: Tom Rini <trini@konsulko.com>
First, we convert CONFIG_SYS_I2C_LEGACY to Kconfig. Next, as you cannot
have SYS_I2C_LEGACY and DM_I2C at the same time, introduce
CONFIG_SPL_SYS_I2C_LEGACY so that we can enable the legacy option only
in SPL. Finally, for some PowerPC cases we also need
CONFIG_TPL_SYS_I2C_LEGACY support. Convert all of the existing users to
one or more symbols.
Signed-off-by: Tom Rini <trini@konsulko.com>
xilinx:
- Disable CONFIG_ARCH_FIXUP_FDT_MEMORY
- Print information about cpu via soc drivers and enable DISPLAY_CPUINFO
- Wire infrastructure for DTB_RESELECT and MULTI_DTB_FIT
zynq:
- Wire single QSPI
- Use power-source instead of io-standard properties
- Enable nor on zc770-xm012
zynqmp:
- Change handling around multi_boot()
- Setup offset for u-boot.itb in spi
- Generate run time dfu_alt_info for capsule update
- Use explicit values for enums (zynqmp_firmware.h)
- Enable RTC/SHA1/BUTTON/BUTTON_GPIO command
- Disable WDT driver by default
- Bind usb/scsi via preboot because of EFI
- DT updates/fixes
- Add soc driver
- Fix SPL SPI boot mode
versal:
- Add soc driver
sdhci:
- Update tap delay programming for zynq_sdhci driver
cmd:
- Fix RTC uclass handling in date command
- Update pwm help message
- Update reset help message
watchdog:
- Fix wwdt compilation
rtc:
- Deal with seq alias in rtc uclass
- Add zynqmp RTC driver
fdt:
- Add kernel-doc for fdt_fixup_memory_banks()
-----BEGIN PGP SIGNATURE-----
iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCYSilpgAKCRDKSWXLKUoM
Id2JAJ9jY19JiEpOd3vuRCT5CE/pzX4yDACeP8DiXDzSi5tLHwDWUCBobUTze2s=
=5lnj
-----END PGP SIGNATURE-----
Merge tag 'xilinx-for-v2021.10-rc3' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze
Xilinx changes for v2021.10-rc3
xilinx:
- Disable CONFIG_ARCH_FIXUP_FDT_MEMORY
- Print information about cpu via soc drivers and enable DISPLAY_CPUINFO
- Wire infrastructure for DTB_RESELECT and MULTI_DTB_FIT
zynq:
- Wire single QSPI
- Use power-source instead of io-standard properties
- Enable nor on zc770-xm012
zynqmp:
- Change handling around multi_boot()
- Setup offset for u-boot.itb in spi
- Generate run time dfu_alt_info for capsule update
- Use explicit values for enums (zynqmp_firmware.h)
- Enable RTC/SHA1/BUTTON/BUTTON_GPIO command
- Disable WDT driver by default
- Bind usb/scsi via preboot because of EFI
- DT updates/fixes
- Add soc driver
- Fix SPL SPI boot mode
versal:
- Add soc driver
sdhci:
- Update tap delay programming for zynq_sdhci driver
cmd:
- Fix RTC uclass handling in date command
- Update pwm help message
- Update reset help message
watchdog:
- Fix wwdt compilation
rtc:
- Deal with seq alias in rtc uclass
- Add zynqmp RTC driver
fdt:
- Add kernel-doc for fdt_fixup_memory_banks()
Add kernel-doc description for fdt_fixup_memory_banks() because it is
implemented in one specific way and this information should be available
for others to decide if their SoC conforms to it.
If you don't want U-Boot to update your memory DT layout please disable
CONFIG_ARCH_FIXUP_FDT_MEMORY.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
FIT signatures can now be implemented with ECDSA. The assumption that
all FIT images are signed with RSA is no longer valid. Thus, instead
of 'select'ing RSA, only 'imply' it. This doesn't change the defaults,
but allows one to explicitly disable RSA support.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
The "-E" option to mkimage generates a FIT with external data using the
data-size and data-offset properties which must both be ignored when
verifying a signature.
Add "data-offset" to the list of excluded properties for signature
verification; since the line is now too long, re-format the list to
one-per-line and make it static since the data is constant.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
It is a pain to have to specify the value 10 in each call. Add a new
dectoul() function and update the code to use it.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is a pain to have to specify the value 16 in each call. Add a new
hextoul() function and update the code to use it.
Add a proper comment to simple_strtoul() while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function seems to assume that the chr[] variable contains zeros at
the start, which is not always true. Use strlcpy() to be safe.
Signed-off-by: Simon Glass <sjg@chromium.org>
The autoboot tests are a recent addition to U-Boot, providing much-needed
coverage in this area.
A side effect of the keyed autoboot test is that this feature is enabled
in sandbox always. This changes the autoboot prompt and confuses the
pytests. Some tests become slower, for example the vboot tests take about
27s now instead of 3s.
We don't actually need this feature enabled to be able to run the tests.
Add a switch to allow sandbox to turn it on and off as needed. Use this
in the one test that needs it.
Add a command-line flag in case this is desired in normal use.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 25c8b9f298 ("test: add first autoboot unit tests")
Reviewed-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Now that proper load and execution addresses are set in v1 kwbimage we
can use it for loading and booting U-Boot proper.
Use the new spl_parse_board_header() function to implement parsing the
kwbimage v1 header. Use information from this header to locate offset and
size of the U-Boot proper binary, instead of using the legacy U-Boot
header which is prepended to the U-Boot proper binary stored at fixed
offset. This has the advantage that we do not need to relay on legacy
U-Boot header anymore and therefore U-Boot proper binary can be stored at
any offset, as is the case when loading & booting U-Boot proper by
BootROM. The CONFIG_SYS_U_BOOT_OFFS option is therefore not used by SPL
code anymore.
Also allow to compile U-Boot SPL without CONFIG_SPL_SPI_FLASH_SUPPORT,
CONFIG_SPL_MMC_SUPPORT or CONFIG_SPL_SATA_SUPPORT set. In this case
BootROM is used for loading and executing U-Boot proper. This reduces the
size of U-Boot's SPL image. By default these config options are enabled
and so BootROM loading is not used. In some cases BootROM reads from SPI
NOR at lower speed than U-Boot SPL. So people can decide whether they
want to have smaller SPL binary at the cost of slower boot.
Therefore dependency on CONFIG_SPL_DM_SPI, CONFIG_SPL_SPI_FLASH_SUPPORT,
CONFIG_SPL_SPI_LOAD, CONFIG_SPL_SPI_SUPPORT, CONFIG_SPL_DM_GPIO,
CONFIG_SPL_DM_MMC, CONFIG_SPL_GPIO_SUPPORT, CONFIG_SPL_LIBDISK_SUPPORT,
CONFIG_SPL_MMC_SUPPORT, CONFIG_SPL_SATA_SUPPORT and
CONFIG_SPL_LIBDISK_SUPPORT is changed from strict to related "imply"
(which can be selectivelly turned off and causes booting via BootROM).
Options CONFIG_SYS_SPI_U_BOOT_OFFS,
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR and
CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_DATA_PART_OFFSET have to to be set to
zero as they define the location where kwbimage header starts. It is the
location where BootROM expects start of the kwbimage from which it reads,
parses and executes SPL part. The same applies to option
CONFIG_SPL_SATA_RAW_U_BOOT_SECTOR, which has to be set to one.
Update all config files to set correct values of these options and set
CONFIG_SYS_U_BOOT_OFFS to the correct value - the offset where U-Boot
proper starts.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Platform specific BootROM may use its own image type for loading SPL or
U-Boot proper. In some cases it makes sense to not use BootROM supplied
code for booting U-Boot proper but rather to use U-Boot SPL for this,
e.g. when U-Boot SPL can load U-Boot proper faster than BootROM. In this
case it is required for platform board code to parse and load U-Boot in
BootROM specific image type.
This change adds support for parsing platform / board / BootROM specific
image types via weak function spl_parse_board_header() which is called
before marking boot image as a raw.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Some image types (e.g. kwbimage v1) store the offset to SPL binary and
offset to U-Boot proper binary in their headers. To avoid reading SPL
binary when loading U-Boot proper, add support for specifying offset in
struct spl_image_info, which defines the offset from the beginning of
the header and the beginning of the executable data.
Initial support is added only for SPI, MMC and SATA code. We can extend
it later if needed.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Rename these options so that CONFIG_IS_ENABLED can be used with them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
It is quite confusing that CONFIG_SYS_I2C selects the legacy I2C and
CONFIG_DM_I2C selects the current I2C. The deadline to migrate I2C is less
than a year away.
Also we want to have a CONFIG_I2C for U-Boot proper just like we have
CONFIG_SPL_I2C for SPL, so we can simplify the Makefile rules.
Rename this symbol so it is clear it is going away.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Rename this option so that CONFIG_IS_ENABLED can be used with it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
OP-TEE requires some particular setup, which is not needed for linux
or other payloads. Add a hook for platform-specific code to perform
any OP-TEE related configuration and initialization.
A weak function is used because it is symmetrical to other
spl_board_prepare_for_*() implementations. A solution to avoid the use
of weak functions would trivially apply to all these implementations.
However, re-designing this is beyond the scope of this patch.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
In general, Falcon mode means we're booting a linux kernel directly.
With FIT images, however, an OP-TEE secure kernel can be booted before
linux. Thus, if the next stage is an IH_OS_TEE, this isn't necessarily
a problem.
Of course, a general solution would involve mmc_load_image_raw_os()
only loading the binary, and leaving the decision of suitability to
someone else. However, a rework of the boot flow is beyond the scope
of this patch. Accept IH_OS_TEE as a valid OS value.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
This adds tests for the crypt-based and plain SHA256-based password hashing
algorithms in the autoboot flow.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
In case crypt-based hashing is enabled this will be the default mechanism
that is used. If a user wants to have support for both, the environment
variable `bootstopusesha256` can be set to `true` to allow plain SHA256
based hashing of the password.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
The key-sequence based unlock mechanisms are sensitive to junk symbols
that could have been sent to stdin and are still waiting to be retrieved.
Enabling this option will read all symbols off stdin before displaying the
autoboot prompt (and starting to read the password from stdin).
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
In case a user has to enter a complicated password it is sometimes
desireable to give the user more time than the default timeout.
Enabling this feature will disable the timeout entirely in case the user
presses the <Enter> key before entering any other character.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
While doing code-review internally this got nitpicked by 2 reviewers, so
I decided to include this here.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Hook into the autoboot flow as an alternative to the existing
mechanisms.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
When we build U-Boot with POSITION_INDEPENDENT we must have
SYS_TEXT_BASE be set to zero. Make this the default in that case.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Switch to fit_image_get_data_and_size() for consistency with all other
data loaded from FIT.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
It's possible that LOAD_FIT_FULL will have different values for TPL and
SPL, in which case just checking CONFIG_SPL_LOAD_FIT_FULL causes this to
be compiled in to the TPL even though functions and struct members it
depends on are not.
Use CONFIG_IS_ENABLED() to ensure the correct TPL/SPL variant is
checked.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present when function names are logged, the output is a little hard to
read since every function is a different length. Add a way to pad the
names so that the log messages line up vertically. This doesn't work if
the function name is very long, but it makes a big difference in most
cases.
Use 20 characters as a default since this covers the vast majority of
functions.
Signed-off-by: Simon Glass <sjg@chromium.org>
If SPL fails to boot, try to provide an error code to indicate what is
wrong. For example, if a uclass is missing, this can return -EPFNOSUPPORT
(-96) which provides useful information.
Add a helper for accessing the image-loader name so we can drop the use
of #ifdefs in this code.
Put this feature behind a CONFIG_SHOW_ERRORS option to avoid increasing
the code size.
Signed-off-by: Simon Glass <sjg@chromium.org>
If signature verification is not in use we don't need to worry about
the risk of using @ in node names. Update fit_image_verify() to allow
it if the function is not enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is possible to add a blob that ends at the end of the bloblist, but at
present this is not supported. Fix it and add a regression test for this
case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Sometimes a blob needs to expand, e.g. because it needs to hold more log
data. Add support for this. Note that the bloblist must have sufficient
spare space for this to work.
Signed-off-by: Simon Glass <sjg@chromium.org>
Function pointers from crypto_algos array are relocated, when
NEEDS_MANUAL_RELOC is set. This relocation doesn't happen if the algo
is placed in a linker list. Implement this relocation.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Crytographic algorithms (currently RSA), are stored in linker lists.
The crypto_algos array is unused, so remove it, and any logic
associated with it.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move the RSA verification crytpo_algo structure out of the
crypto_algos array, and into a linker list.
Although it appears we are adding an #ifdef to rsa-verify.c, the gains
outweigh this small inconvenience. This is because rsa_verify() is
defined differently based on #ifdefs. This change allows us to have
a single definition of rsa_verify().
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The purpose of this change is to enable crypto algorithms to be placed
in linker lists, rather than be declared as a static array. The goal
is to remove the crypto_algos array in a subsequent patch.
Create a new linker list named "cryptos", and search it when
image_get_crypto_algo() is invoked.
NOTE that adding support for manual relocation of crypto_algos within
linker lists is beyond the scope of this patch.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Remove any ifdefs in image-sig.c that were previously used to
differentiate from the host code. Note that all code dedicated to
relocating ->sign() and ->add_verify_data)_ can be safely removed,
as signing is not supported target-side.
NOTE that although it appears we are removing ecdsa256 support, this
is intentional. ecdsa_verify() is a no-op on the target, and is
currently only used by host code.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
We already have a host Kconfig for these SHA options. Use
CONFIG_IS_ENABLED(SHAxxx) directly in the code shared with the host build,
so we can drop the unnecessary indirections.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
We already have a host Kconfig for SHA1. Use CONFIG_IS_ENABLED(SHA1)
directly in the code shared with the host build, so we can drop the
unnecessary indirection.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this
option.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this
option.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Drop the ENABLE and SUPPORT parts of this, which are redundant.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
These option are named inconsistently with other SPL options, thus making
them incompatible with the CONFIG_IS_ENABLED() macro. Rename them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
The ENABLE part of this name is redundant, since all boolean Kconfig
options serve to enable something. The SUPPORT part is also redundant
since Kconfigs can be assumed to enable support for something. Together
they just serve to make these options overly long and inconsistent
with other options.
Rename FIT_ENABLE_SHAxxx_SUPPORT to FIT_SHAxxx
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
At the moment android_image_get_kcomp() can automatically detect
LZ4 compressed kernels and the compression specified in uImages.
However, especially on ARM64 Linux is often compressed with GZIP.
Attempting to boot an Android image with a GZIP compressed kernel
image currently results in a very strange crash, e.g.
Starting kernel ...
"Synchronous Abort" handler, esr 0x02000000
...
Code: 5555d555 55555d55 555f5555 5d555d55 (00088b1f)
Note the 1f8b, which are the "magic" bytes for GZIP images.
U-Boot already has the image_decomp_type() function that checks for
the magic bytes of bzip2, gzip, lzma and lzo. It's easy to make use
of it here to increase the chance that we do the right thing and the
user does not become confused with strange crashes.
This allows booting Android boot images that contain GZIP-compressed
kernel images.
Signed-off-by: Stephan Gerhold <stephan@gerhold.net>
The current fitImage DTO implementation expects each fitImage image
subnode containing DTO to have 'load' property, pointing somewhere
into memory where the DTO will be loaded. The address in the 'load'
property must be different then the base DT load address and there
must be sufficient amount of space between those two addresses.
Selecting and using such hard-coded addresses is fragile, error
prone and difficult to port even across devices with the same SoC
and different DRAM sizes.
The DTO cannot be applied in-place because fdt_overlay_apply_verbose()
modifies the DTO when applying it onto the base DT, so if the DTO was
used in place within the fitImage, call to fdt_overlay_apply_verbose()
would corrupt the fitImage.
Instead of copying the DTO to a specific hard-coded load address,
allocate a buffer, copy the DTO into that buffer, apply the DTO onto
the base DT, and free the buffer.
The upside of this approach is that it is no longer necessary to
select and hard-code specific DTO load address into the DTO. The
slight downside is the new malloc()/free() overhead for each DTO,
but that is negligible (*).
(*) on iMX8MM/MN and STM32MP1
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Add <linux/sizes.h>]
Signed-off-by: Tom Rini <trini@konsulko.com>
The sysinfo_get_str() implementation checks whether the sysinfo was even
detected. In U-Boot proper, sysinfo_detect() is not called anywhere but
on one specific board. Call sysinfo_detect() before sysinfo_get_str() to
make sure the sysinfo is detected and sysinfo_get_str() returns valid
value instead of -EPERM.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Replace uclass_first_device_err(UCLASS_SYSINFO, &dev) with sysinfo_get(&dev).
The board_info code may use sysinfo to print board information, so use the
sysinfo functions consistently. The sysinfo_get() is internally implemented
as return uclass_first_device_err(UCLASS_SYSINFO, &dev) anyway, so there is
no functional change.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Factor out eMMC boot partition selection code into
default_spl_mmc_emmc_boot_partition() function and implement
weak spl_mmc_emmc_boot_partition(), so that architecture or
board code can override the eMMC boot partition selection.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Faiz Abbas <faiz_abbas@ti.com>
Cc: Harald Seiler <hws@denx.de>
Cc: Lokesh Vutla <lokeshvutla@ti.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Ye Li <ye.li@nxp.com>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
When we do not have bootstage enabled, rather than include an empty
dummy function, we just don't reference it. This saves us space in some
tight builds. This also shows a few cases where show_boot_progress was
incorrectly guarded before.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
GCC provides a symbol _init in crti.o on x86_64 and aarch64 but not on
RISC-V. The following lines leads to a build error for sandbox_defconfig on
RISC-V due to the missing symbol:
common/board_f.c:269:
#elif defined(CONFIG_SANDBOX) || defined(CONFIG_EFI_APP)
gd->mon_len = (ulong)&_end - (ulong)_init;
The sandbox code is not copied into the memory allocated using mmap().
Hence we can safely use gd->mon_len = 0 to avoid the reference to _init.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Rick Chen <rick@andestech.com>
clk:
- Add driver for Xilinx Clocking Wizard IP
fdt:
- Also record architecture in /fit-images
net:
- Fix plat/priv data handling in axi emac
- Add support for 10G/25G speeds
pca953x:
- Add missing dependency on i2c
serial:
- Fix dependencies for DEBUG uart for pl010/pl011
- Add setconfig option for cadence serial driver
watchdog:
- Add cadence wdt expire now function
zynq:
- Update DT bindings to reflect the latest state and descriptions
zynqmp:
- Update DT bindings to reflect the latest state and descriptions
- SPL: Add support for ECC DRAM initialization
- Fix R5 core 1 handling logic
- Enable firmware driver for mini configurations
- Enable secure boot, regulators, wdt
- Add support xck devices and 67dr
- Add psu init for sm/smk-k26 SOMs
- Add handling for MMC seq number via mmc_get_env_dev()
- Handle reserved memory locations
- Add support for u-boot.itb generation for secure OS
- Handle BL32 handoffs for secure OS
- Add support for 64bit addresses for u-boot.its generation
- Change eeprom handling via nvmem aliases
-----BEGIN PGP SIGNATURE-----
iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCYN105QAKCRDKSWXLKUoM
IZiFAJ9CIiEpHiBbnAhA0VOMGoaXHGULywCdED/5dNgVtc1C7y4avzETbEyWzD4=
=CdMa
-----END PGP SIGNATURE-----
Merge tag 'xilinx-for-v2021.10' of https://source.denx.de/u-boot/custodians/u-boot-microblaze into next
Xilinx changes for v2021.10
clk:
- Add driver for Xilinx Clocking Wizard IP
fdt:
- Also record architecture in /fit-images
net:
- Fix plat/priv data handling in axi emac
- Add support for 10G/25G speeds
pca953x:
- Add missing dependency on i2c
serial:
- Fix dependencies for DEBUG uart for pl010/pl011
- Add setconfig option for cadence serial driver
watchdog:
- Add cadence wdt expire now function
zynq:
- Update DT bindings to reflect the latest state and descriptions
zynqmp:
- Update DT bindings to reflect the latest state and descriptions
- SPL: Add support for ECC DRAM initialization
- Fix R5 core 1 handling logic
- Enable firmware driver for mini configurations
- Enable secure boot, regulators, wdt
- Add support xck devices and 67dr
- Add psu init for sm/smk-k26 SOMs
- Add handling for MMC seq number via mmc_get_env_dev()
- Handle reserved memory locations
- Add support for u-boot.itb generation for secure OS
- Handle BL32 handoffs for secure OS
- Add support for 64bit addresses for u-boot.its generation
- Change eeprom handling via nvmem aliases
The original code is in the public domain. Licenses/README states that the
general license for U-Boot is GPL 2.0+. So we can mark the malloc code as
GPL 2.0+ too.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
On ARM64 secure OS can run as 64bit or 32bit that's why it is necessary to
record information about architecture that other code can read it and
properly pass it to TF-A and start in 64bit or 32bit mode.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Replace typo CONFIG_USE_AUTOBOOT_MENUKEY with
CONFIG_AUTOBOOT_USE_MENUKEY as when they were introduced initially there
was some mismatch in which name was used where.
Fixes: 8fc31e23aa ("autoboot: Rename CONFIG_MENUKEY to CONFIG_AUTOBOOT_MENUKEY")
Signed-off-by: Da Xue <da@libre.computer>
board_fit_image_post_process() passes only start and size of the image,
but type of the image is not passed. So pass fit and node_offset, to
derive information about image to be processed.
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Tero Kristo <kristo@kernel.org>
If the console output buffer is exhausted, characters are silently dropped
from the end. Detect this condition and report an error when reading back
the characters.
Signed-off-by: Simon Glass <sjg@chromium.org>
Save the 'no-map' information present in 'reserved-memory' node to allow
correct handling when the MMU is configured in board to avoid
speculative access.
This binding is defined in
doc/device-tree-bindings/reserved-memory/reserved-memory.txt
Additional properties:
...
no-map (optional) - empty property
- Indicates the operating system must not create a virtual mapping
of the region as part of its standard mapping of system memory,
nor permit speculative access to it under any circumstances other
than under the control of the device driver using the region.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Add defconfig and board support for HiFive Unmatched.
Signed-off-by: Green Wan <green.wan@sifive.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Rick Chen <rick@andestech.com>
When we think of Kconfig, we usually think of features that we like
to enable or not. Ideally, we wouldn't use Kconfig to fix a build
issue, although sometimes it might make sense. With Kconfig it's hard
to guarantee that the fix is universal. We can only say that it works
for the set of tested configurations. In the majority of cases, it's
preferable to let the linker figure things out for us.
The reverted commit attempted to fix a build issue by adding an
invisible Kconfig option. This is wrong in several ways:
It invents a new Kconfig variable when CONFIG_HASH already
exists for the same purpose.
Second, hash-checksum.c makes use of the hash_progressive_lookup_algo()
symbol, which is only provided with CONFIG_HASH, but this dependency
was not expressed in the reverted patch.
It feels like Kconfig is turning into a listing of all available
source files, and a buffet to 'select' which ones to compile. The
purpose of this revert is to enable the next change to make use of
CONFIG_HASH instead of adding to Kconfig.
This reverts commit 87316da05f.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Acked-by: Masahisa Kojima <masahisa.kojima@linaro.org>
A lot of entries were using spaces instead of tab for alignment that's why
it is good to fix it to use the same style everywhere.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Now that we have switched to binman to generate u-boot.itb for all
RISC-V boards, USE_SPL_FIT_GENERATOR is no longer needed and can
be dropped.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
It should be FDT, not FTD.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Rick Chen <rick@andestech.com>
Build error occurs when CONFIG_EFI_SECURE_BOOT or
CONFIG_EFI_CAPSULE_AUTHENTICATE is enabled,
because hash-checksum.c is not compiled.
Since hash_calculate() implemented in hash-checksum.c can be
commonly used aside from FIT image signature verification,
this commit itroduces HASH_CALCULATE option to decide
if hash-checksum.c shall be compiled.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit a479f103dc ("hash: Allow for SHA512 hardware implementations")
defined function definitions for hardware accelerated SHA384 and SHA512.
If CONFIG_SHA_HW_ACCEL=y, these functions are used.
We already have boards using CONFIG_SHA_HW_ACCEL=y but none implements the
new functions hw_sha384() and hw_sha512().
For implementing the EFI TCG2 protocol we need SHA384 and SHA512. The
missing hardware acceleration functions lead to build errors on boards like
peach-pi_defconfig.
Introduce a new Kconfig symbol CONFIG_SHA512_HW_ACCEL to control if the
functions hw_sha384() and hw_sha512() shall be used to implement the SHA384
and SHA512 algorithms.
Fixes: a479f103dc ("hash: Allow for SHA512 hardware implementations")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
