Use external blob otpcmd.bin to replace the 0xff filled OTP programming
command block to create a firmware image that provisions the OTP on
first boot. This otpcmd.bin is generated from the customer keys using
steps described in the meta-iot2050 integration layer for the device.
Based on original patch by Baocheng Su.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
There are many ways to get a signed firmware for the IOT2050 devices,
namely for the parts under user-control. This script documents one way
of doing it, given a signing key. Augment the board documentation with
the required procedure around it.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Allows to create a public key device tree dtsi for inclusion into U-Boot
SPL and proper during first build already. This can be achieved via
CONFIG_DEVICE_TREE_INCLUDES.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Add hashes and configuration signature stubs to prepare verified boot
of main U-Boot by SPL.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Will be needed when CONFIG_ENV_WRITEABLE_LIST is enabled. The listed
variables shall remain writable, for informational purposes - they have
to be considered untrusted because the persistent U-Boot env is not
protected.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Allows run-time control over watchdog auto-start and the timeout via
setting the environment variable watchdog_timeout_ms. A value of zero
means "do not start". Use CONFIG_WATCHDOG_TIMEOUT_MSECS as initial value
and this to zero by default. Users can then enable the watchdog once the
use and OS which picks it up during boot.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Anything that is not boot-env related is better kept there by now.
At this chance, also drop a stale comment from iot2050.h
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The latest version of the binary-only firmware parts come in a combined
form of FSBL and sysfw containers. This implies some layout changes to
the generated firmware image but also makes handling of artifacts much
simpler (4 files less). The env locations will not change, just the
space reserved for U-Boot will shrink from 4 to 3 MB - still plenty of
space left in practice.
Adjust configuration and documentation accordingly.
Along this change, add a new reservation for update commands of the
user-controlled OTP part. A specific userspace tool will fill it, and
the FSBL will evaluate it during boot. This reservation will use 64K of
the former sysfw section.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Refactor according to the entry `fit: Entry containing a FIT` of
document tools/binman/README.entries.
As the generator uses the device tree name for the config description,
board_fit_config_name_match requires a small adjustment as well.
Signed-off-by: Su Baocheng <baocheng.su@siemens.com>
[Jan: re-add now required CONFIG_OF_LIST, update config matching]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Due to different signature keys, the PG1 and the PG2 boards can no
longer use the same FSBL (tiboot3). This makes it impossible anyway to
maintaine a single flash.bin for both variants, so we can also split the
build.
A new target is added to indicates the build is for PG1 vs. PG2 boards.
Hence now the variants have separated defconfig files.
The runtime board_is_sr1() check does make no sense anymore, so remove
it and replace with build time check.
Documentation is updated accordingly. New binary artifacts are already
available via meta-iot2050.
Signed-off-by: Su Baocheng <baocheng.su@siemens.com>
[Jan: refactor config option into targets, tweak some wordings]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
-----BEGIN PGP SIGNATURE-----
iQFQBAABCgA6FiEEqxhEmNJ6d7ZdeFLIHrMeAg6sL8gFAmQirs0cHGV1Z2VuLmhy
aXN0ZXZAY29sbGFib3JhLmNvbQAKCRAesx4CDqwvyIWBCACz3Bh76v3vbqhaQPBq
ZGB+jnaZQsWW9r285dCmQFA/xGLbQoMVIhzvLVmEcZdr0d9wHUEsy1IzC6tak2MJ
NkiYcNRb3lnYEDthvjGdpz6QIGZBBOj8l8ha70z4ZvzBwTfOReB04N5207n5Tzq/
hAFAWcM3VxfVXF2Xb8O/HbyEbOVXKY65xWinAIZqvGscox+vx3Vj9m1aLqcQP0Wy
bCZowynfyKWiFrHr5TYgpmL4ROsj3jbnRhC0dqyB+ewRdRAK4uVJXRj23ywwDcGH
VqlYFVFT8EY5HSzCG8VGMtGqV+H4+K4RYiTLtDwtbHWdXnUKLKORXtXi2xcHHxS1
rj5U
=kb6/
-----END PGP SIGNATURE-----
Merge tag 'u-boot-at91-2023.07-a' of https://source.denx.de/u-boot/custodians/u-boot-at91 into next
First set of u-boot-at91 features for the 2023.07 cycle:
This feature set includes the clock changes required for sam9x60 SoC to
support USB host.
After the conversion to DM_SERIAL in commit 01f372d8d6 ("udoo_neo:
Select DM_SERIAL and drop iomux board level init") the SPL log is gone
and the U-Boot proper log becomes incomplete:
Core: 80 devices, 18 uclasses, devicetree: separate
MMC: FSL_SDHC: 1, FSL_SDHC: 2
Loading Environment from MMC... OK
In: serial@2020000
Out: serial@2020000
Err: serial@2020000
Net: eth0: ethernet@2188000
Hit any key to stop autoboot: 0
Introduce the u-boot.dtsi file that passes the u-boot,dm-pre-reloc
properties to the relevant nodes so that UART can be used early in SPL.
With this change, the complete SPL and U-Boot messages are seen again.
Signed-off-by: Fabio Estevam <festevam@denx.de>
The second call to cli_ch_process() is in the wrong place, meaning that
the one of the characters of an invalid escape sequence is swallowed
instead of being returned.
Fix the bug and add a test to cover this.
This behaviour matches that of the code before cli_getch() was
introduced. This was verified on the commit before b08e9d4b66 i.e.:
7d850f85aa ("sandbox: Enable mmc command and legacy images")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This function does not behave as expected when unknown escape sequences
are sent to it:
- it fails to store (and thus echo) the last character of the invalid
sequence
- it fails to set esc_len to 0 when it finishes emitting the invalid
sequence, meaning that the following character will appear to be part
of a new escape sequence
- it processes the first character of the rejected sequence as a valid
character, just starting the sequence all over again
The last two bugs conspire to produce an "impossible condition #876"
message which is the main symptom of this behaviour.
Fix these bugs and add a test to verify the behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
While this change is correct for v2023.04 it is not correct for next
(where this is right now) nor post-v2023.04.
This reverts commit 8653e5d3b7.
Signed-off-by: Tom Rini <trini@konsulko.com>
- A series of minor cleanups to DISTRO_DEFAULTS and BOOTSTD so that the
rk3399 bootstd migration can be complete and functional now, and make
future migrations easier.
The defined altbootcmd was specific to distro_bootcmd which is not
longer in use on these platforms, so drop it.
Tested-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
When we do not enable DISTRO_DEFAULTS (generally, to get distro_bootcmd)
we instea do want to imply BOOTSTD_DEFAULTS so that when using bootstd
the general distro boot functionality will still work.
Signed-off-by: Tom Rini <trini@konsulko.com>
These board have moved to standard boot but the old 'distro_bootcmd'
command is still active. Disable DISTRO_DEFAULTS to fix this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Vagrant Cascadian <vagrant@debian.org>
These two features use a lot of common options. Move them into a common
CONFIG to reduce duplication.
Use 'select' for most options since these are things that boards aren't
supposed to override. For now it is not possible to disable
BOOT_DEFAULTS but we may take another look later.
Note that five options use 'imply' to match existing behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Rework a bit so we don't grow so many platforms unintentionally]
Signed-off-by: Tom Rini <trini@konsulko.com>
Unfortunately the IRAM used to stash the bootstage records in TPL
becomes inaccessible after SPL runs. Presumably this is because of ATF
taking it over.
We could move the stash to another address in SPL, before passing it to
U-Boot proper. But it seems easier to wait until we have support for
standard passage[1] which should not be too far away.
For now, disable it in TPL and SPL.
[1] https://patchwork.ozlabs.org/project/uboot/cover/
20220117150428.1580273-1-sjg@chromium.org/
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Vagrant Cascadian <vagrant@debian.org>
Add the configs required to use the SAM9X60's USB clock.
Signed-off-by: Sergiu Moga <sergiu.moga@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
[claudiu.beznea: added CONFIG_AT91_SAM9X60_USB to
sam9x60_curiosity_mmc1_defconfig]
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
In order for some of the functionalities, such as the USB clocks,
to work properly we need some clocks to be properly initialised
at the very beginning of booting.
Signed-off-by: Sergiu Moga <sergiu.moga@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Clock setup was intended for setting clocks at boot time on SAMA7G5,
e.g. for root clocks like PLLs, that were used to feed IPs needed alive
in u-boot (e.g. Ethernet clock feed by a PLL). Export this functionality
to all at91 clocks as it may be necessary on other SoCs.
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Register into DM the clocks required to properly enable USB functionality
within the bootloader.
Signed-off-by: Sergiu Moga <sergiu.moga@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Implement sam9x60 USB clock driver. This clock has
three parents: PLLA, UPLL and MAINXTAL. The driver is
aware of the three possible parents with the help of the
two mux tables provied to the driver during the registration
of the clock.
Signed-off-by: Sergiu Moga <sergiu.moga@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
With recent CONFIG_TEXT_BASE changes, there are inconsistencies between
several settings.
Adjust CONFIG_SYS_MONITOR_LEN to allow more code space. Move the MRC
cache out of the way too.
Fixes: e23cae3080 ("x86: som-db5800-som-6867: Adjust CONFIG_TEXT_BASE")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With recent CONFIG_TEXT_BASE changes, there are inconsistencies between
several settings.
Adjust CONFIG_SYS_MONITOR_LEN to allow more code space. Move the MRC
cache out of the way too.
Fixes: 5d1c8342ae ("x86: dfi-bt700: Adjust CONFIG_TEXT_BASE")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With recent CONFIG_TEXT_BASE changes, there are inconsistencies between
several settings.
Adjust CONFIG_SYS_MONITOR_LEN to allow more code space. Move the MRC
cache out of the way too.
Fixes: 388f93f963 ("x86: conga-qeval20-qa3-e3845: Adjust CONFIG_TEXT_BASE")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
With recent CONFIG_TEXT_BASE changes, there are inconsistencies between
several settings.
Adjust CONFIG_SYS_MONITOR_LEN to allow more code space. Move the MRC
cache out of the way too.
Fixes: f38be30868 ("x86: bayleybay: Adjust CONFIG_TEXT_BASE")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With recent CONFIG_TEXT_BASE changes, there are inconsistencies between
several settings.
Adjust CONFIG_SYS_MONITOR_LEN to allow more code space. Move the MRC
cache out of the way too.
Add documentation on how to make this change safely.
Fixes: 66e2c665f3 ("x86: minnowmax: Adjust CONFIG_TEXT_BASE")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Documenation:
* add man-page for efi command
UEFI:
* Let EFI app call ExitBootServices() before legacy booting kernel
* Support zboot and bootm in the EFI app
* Let efi command show configuration tables
* Support booting a 64-bit kernel from 64-bit EFI app
* Allocate device-tree copy from high memory
* simplify efi_str_to_u16()
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmQfHDAACgkQxIHbvCwF
GsRCWg/8DOCb1igYd8D2nnCTfNEQRkkRvOyc8W3O687fX04e9N3eV8eEFvgBnecL
zF2OT+VmQPq2eWIopOfqCWrIFDr1sbSUAdcPT8aM3s/2/ONFTnnUsvt8G3Qp8vyY
nY+M466bl8Fh841aGtmqsuwBHTddjF8WFUcsj2FAG3laHbnSsVANHDPhSe7C6Fg+
g3FtXZf51SEudTTK8RLa/+df4tji/UX0BLOIr6JZ+xqb+y/Tg/P2N5DAqIQCBTL1
BZ7U/yVXs8M9MHU8T5TtshUL1WvFogbZYkx1kRAH3Rkg0ArD1rxV0Xd64Gmrdoyi
71filEFNV860ytsxBjCbE+YaczqRR1oteyPlak0ApmGf+FRKIU047hpuS2RBsJqv
g1xZg9EsoU4wbsOfVd7FHER63YGPfmH9pa5A5ULpq60tYuoTthToV1up2XVjxiZm
hSxWGmz7dzMlqtuJiKm1R2Nug4N6a+SPSA+l8JDWSBxXZ5Ld5HZaZ99DR+phYcbE
nzZfIePoPq8JCVb7vMpIi7m1MdUEjNUNAWEjHa1Gug71qbgULQ4mi+z192F+h51E
HQ8qs+T6GFzFBrNPrem4wxfNa3UeBQzyTbYiaAcQgSuY942jn9ZrZ78epZbBbPCI
r6LSgBlmtkQoyuPzgk6oX7NRU7Mqd9jOEQaWo7RF8LjdO5UgIrM=
=a5J7
-----END PGP SIGNATURE-----
Merge tag 'efi-next-20230325' of https://source.denx.de/u-boot/custodians/u-boot-efi into next
Pull request for efi-next-20230325
Documenation:
* add man-page for efi command
UEFI:
* Let EFI app call ExitBootServices() before legacy booting kernel
* Support zboot and bootm in the EFI app
* Let efi command show configuration tables
* Support booting a 64-bit kernel from 64-bit EFI app
* Allocate device-tree copy from high memory
* simplify efi_str_to_u16()
UEFI:
* Create unique device paths for USB devices with the same vendor
and product id.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmQewugACgkQxIHbvCwF
GsSLMA/+LlG5/QsfJC++3i6v1QtDNksv2VNyEXIUnane2QGj/Ch7fwoK3nKm9KOD
KEOnYKONFZfiPKK1On7ITJwnhR8dsag/5x+JAsjmFc4n2TE1XqN5H0JmCc1X7Ees
bB92jSlaMpYi2wZQ2CPmzTOsG9jSVOv0u+CrL3cbrIuuXmsKY8MpfDeuvHCwiEXJ
w5WhAwJoS1LF6rqndHZJIczI74S3ixAQ4BhpiMxNvNdm2Vl/0A43SuxlEIU16HMz
tTiwKCc0IrQg03CF8atFPfJCq4v0xF2cjBV9hn93BZiKety6YCQptdmCjyNjUnuZ
mrT3Wqth6vcYmL16FIkbZl7GADMt8d5sA5daORI56qSseEVtHYmJ3RqO6ZgYebNP
hQwGwVB23lGF742hB1IXvjXVeqHoIGFSDb/aI1IZ3zdZJ/OFOqSkFe8CfTLq3rR9
SB6pbxsOzL7jwi4MbcWrdByk79933XMUfr8fm+yIkqf3yhWlihnQmr6au/X27SmW
veAXfQmjrPsMYFlEgVI+oFXYUKRp0McO0tLO3gNd/ROMNAs0w1f3NV5hz8dCx0Sp
r4Fi+pthrG41fF8Vcc4bK6XqddXONfhZ4uOWGLoGr9lAnixw4iF6oN7lYPvBJL/T
ej2zCL/vLRWawJ9OJ97uA10FFtUKla6JpD1b2JscQNWGJxspj58=
=oE1C
-----END PGP SIGNATURE-----
Merge tag 'efi-2023.04-rc5' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2023.04-rc5
UEFI:
* Create unique device paths for USB devices with the same vendor
and product id.
The bootefi command creates a copy of the device-tree within the first
127 MiB of memory. This may lead to overwriting previously loaded binaries
(e.g. kernel, initrd).
Linux EFI stub itself copies U-Boot's copy of the device-tree. This means
there is not restriction for U-Boot to place the device-tree copy to any
address. (Restrictions existed for 32bit ARM before Linux commit
7a1be318f579 ("ARM: 9012/1: move device tree mapping out of linear region")
for legacy booting.
Reported-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Add an option to package a kernel into the debugging script used for
EFI.
The name of the kernel must be added to the script. By default it is
assumed that the kernel is built in the /tmp/kernel directory.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a command (for the app and payload) to display the tables provided
by EFI. Note that for the payload the tables should always be present, so
an error message is unnecessary and would bloat the code.
Signed-off-by: Simon Glass <sjg@chromium.org>
This code is used with EFI_LOADER but is also useful (with some
modifications) for the EFI app and payload. Move it into a shared
file.
Show the address of the table so it can be examined if needed. Also show
the table name as unknown if necessary. Our list of GUIDs is fairly
small.
Signed-off-by: Simon Glass <sjg@chromium.org>
These are currently only available when running with EFI_LOADER.
Expand this to include the app and payload, since it is useful to be
able to decode things there.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide information about the GUIDs supplied by QEMU, so far as it is
known.
These values are used in the 'efi table' command as well as the printf
format string %sU
Signed-off-by: Simon Glass <sjg@chromium.org>
These have been disabled due to the rudimentary support available. It is
a little better now, so enable these options.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When running the EFI app, we need to exit boot services before jumping
to Linux.
At some point it may be possible to jump to Linux and pass on the system
table, and:
* install the device-tree as configuration table
* use LoadImage() to load the kernel image (e.g. from memory)
* start the image with StartImage()
This should allow the Linux efistub to be used. For now, this is not
implemented.
Signed-off-by: Simon Glass <sjg@chromium.org>