Instead of hardcoding -luuid -lgnutls as the flags needed to build
mkeficapsule, use pkg-config when available.
We gracefully fallback on the previous behavior of hardcoding -luuid
-lgnutls if pkg-config is not available or fails with an error.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
If the device is a GP and we detect a signing certificate then remove it.
It would fail to authenticate otherwise as the device is GP and has no
secure authentication services in SYSFW.
This shouldn't happen often as trying to boot signed images on GP devices
doesn't make much sense, but if we run into a signed image we should at
least try to ignore the certificate and boot the image anyway. This could
help with users of GP devices who only have HS images available.
If this does happen, print a nice big warning.
Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
We can skip the image authentication check at runtime if the device is GP.
This reduces the delta between GP and HS U-Boot builds. End goal is
to re-unify the two build types into one build that can run on all
device types.
Signed-off-by: Andrew Davis <afd@ti.com>
On HS-FS devices signing boot images is optional. To ease use
we check if we are HS-FS and if no certificate is attached
to the image we skip the authentication step with a warning
that this will fail when the device is set to security enforcing.
Signed-off-by: Andrew Davis <afd@ti.com>
K3 SoCs are available in a number of device types such as
GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
and should print this out as part of the SoC information line.
We add this as part of the common.c file as it will be used
to also modify our security state early in the device boot.
Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Since commit 2a73606668 ("serial: Rename SERIAL_SUPPORT to SERIAL")
SPL_SERIAL_SUPPORT is named SPL_SERIAL. So let's update the comment to
point to the correct Kconfig option in the comment of VPL_SERIAL.
Fixes: 747093dd40 ("vpl: Add Kconfig options for VPL")
Cc: Quentin Schulz <foss+uboot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Since commit 103c5f1806 ("mmc: Rename MMC_SUPPORT to MMC"),
SPL_MMC_SUPPORT is named SPL_MMC, so let's fix the ifdef.
Fixes: fbc6b14143 ("imx: imx8mp_rsb3720a1: convert to DM_SERIAL")
Cc: Quentin Schulz <foss+uboot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
SPL_GPIO_SUPPORT is named SPL_GPIO since commit 83061dbd1c ("Rename
GPIO_SUPPORT to GPIO"), SPL_MMC_SUPPORT is named SPL_MMC since commit
103c5f1806 ("mmc: Rename MMC_SUPPORT to MMC"), SPL_SERIAL_SUPPORT is
named SPL_SERIAL since commit 2a73606668 ("serial: Rename
SERIAL_SUPPORT to SERIAL") so let's select the correct Kconfig options.
Fixes: 8b71576f38 ("mx7ulp_com: add support for SPL")
Cc: Quentin Schulz <foss+uboot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Since commit 83061dbd1c ("Rename GPIO_SUPPORT to GPIO"),
SPL_GPIO_SUPPORT has been renamed to SPL_GPIO, meaning that SPL_GPIO_HOG
can never be enabled.
Let's fix this by using the proper name for the Kconfig option.
Fixes: 1d99e673c7 ("gpio: Enable hogging support in SPL")
Cc: Quentin Schulz <foss+uboot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
If 'extension apply all' is executed and no extension is found, the return
value of do_extension_apply() is undefined. Return CMD_RET_FAILURE in this
case.
Fixes: 2f84e9cf06 ("cmd: add support for a new "extension" command")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Kory Maincent <kory.maincent@bootlin.com>
When attempting to load images from multiple MMC devices in sequence,
spl_mmc_load() chooses the wrong device from the second attempt onwards.
The reason is that MMC initialization is only done on its first call and
spl_mmc_load() will then continue using this same device for all future
calls.
Fix this by checking the devnum of the "cached" device struct against
the one which is requested. If they match, use the cached one but if
they do not match, initialize the new device.
This fixes specifying multiple MMC devices in the SPL's boot order to
fall back when U-Boot Proper is corrupted or missing on the first
attempted MMC device.
Fixes: e1eb6ada4e ("spl: Make image loader infrastructure more universal")
Signed-off-by: Harald Seiler <hws@denx.de>
Some setups do not use Xen hypervisor console for logging, e.g. they
use emulated PL011 hardware or shared peripherals (real UART). In such
cases Xen HVC will be disabled on a build time and will cause issues in
current driver implementation.
This commit fixes build issues in Xen event channel driver, caused
by absense of console event channel, that is not available when console
config is disabled. Now console related code will be removed when
Xen HVC is turned off.
Signed-off-by: Dmytro Firsov <dmytro_firsov@epam.com>
Reviewed-by: Anastasiia Lukianenko <vicooodin@gmail.com>
Reviewed-by: Anastasiia Lukianenko <vicooodin@gmail.com<mailto:vicooodin@gmail.com>>
Signed-off-by: Dmytro Firsov <dmytro_firsov@epam.com<mailto:dmytro_firsov@epam.com>>
The source code contains an error:
- argv[2] contains <channel> arg, variable for env_set is in argv[3]
- number of args is 4
Revert 54d24d7260
cmd: simplify do_adc_single()
Fixes 9de612ae4d
cmd: adc: Add support for storing ADC result in env variable
Reviewed-by: Simon Glass <sjg@chromium.org>
To work correctly, this driver depends on SYSCON to get the base address
from the parent dts node.
Signed-off-by: Billy Tsai <billy_tsai@aspeedtech.com>
Reviewed-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
After a discussion with Tom Rini, we've agreed that I am going to take
over custodianship of the MPC85XX platform, since it seems other people
do not have necessary interest or time and getting things done over
there takes too long.
Since I am only working on one MPC85XX board, Turris 1.x, and do not
have time to do thorough reviews of patches for this entire platform
(other than those concerning Turris 1.x board), for other boards I will
only run patches through CI and checkpatch, and then send them via PR
upwards to Tom.
Signed-off-by: Marek Behún <kabel@kernel.org>
Acked-by: Tom Rini <trini@konsulko.com>
Documentation:
* Detail how configuration signatures are calculated
* Further expand on Image locations and provide example
* Describe system configuration
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmLkE0AACgkQxIHbvCwF
GsSmqQ/+N6b9ABQaWBbLIR0PLAVN6K8gY8HU/CNs+lM2AYcp75890J4/KsB3oueG
7/thHuv72R9aGVn9JvQKVjz6UfG47g6IyOeV3oRQJfY1vHw1aUd/WXXZFeCnAPVl
hlxYy+r6pe9rgssoktzp7Ruh8Lgce1tEJNmK978aMp3gnPxl553WwNyi/8mDezDO
ogt8AqxK3TiLTVpq3Lq1dnInaSWTVObCfdazD2JqY9pydvPOAoRDZsJRbr0RQBU+
25vvRWKB84y7saHi0g+wjLHk+8rDxhIGh7wHwWszEqb5fhY2cbwyPS8pdVYbr+p0
yMjFCyhO9bJ5FGQgPtVGHdKtcsI0hQt18kYCutXQ/ujATUjFrHXvlE1yx9RneDmv
sDMnWGGA2N9PLg/jaa8TNjZ5eSji0jq5PEPeD4Yvj2cmmZacA6sCkbURE0Ngv36R
m9nfXRj6y+DQJ1Wg2fDzp+PtQmHcXyJnNsNuMD9U0g0EHtc7FhHJJDRW06YukCxD
x8hGXxnePJq4A/7Zu+wHY3rT6XhQ51SWtiTHY04lRbDnV+hxtrKLAvDepAky78Gl
EuTqg3vVllAxEUJLX5kWFZlEhyjOCfqUirSoUVoc6nsLcHY81xxZFGroXm/EQFxz
ecMRYwAUXKhZTrUy5AtnB0NQ4rxnf2PWXo+98Ok79ZLwMSf6Aj4=
=EHQo
-----END PGP SIGNATURE-----
Merge tag 'doc-2022-10-rc2' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for doc-2022-10-rc2
Documentation:
* Detail how configuration signatures are calculated
* Further expand on Image locations and provide example
* Describe system configuration
Start by describing in general the best practices for how to implement
configuration of some aspect of U-Boot. This generally means finding
the right choices for when something should be static or dynamically
configured and enabled. Then further document when to use CONFIG or CFG
namespaces for static configuration.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Describe exactly which bytes are hashed and in what order
when signing a configuration.
Signed-off-by: Martin Bonner <martingreybeard@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Start by elaborating on what some of our constraints tend to be with
image location values, and document where these external constraints
can come from. Provide a new subsection, an example based on the TI
ARMv7 OMAP2PLUS families of chips, that gives sample values and explains
why we use these particular values. This is based on what is in
include/configs/ti_armv7_common.h as of fb3ad9bd92 ("TI: Add, use a
DEFAULT_LINUX_BOOT_ENV environment string") as this contains just the
values referenced in this document now and not some of the further
additions that are less generic.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
There is a bug in Turris Omnia's schematics, whereupon the MPP[26] pin,
which is routed to CN11 pin header, is documented as SPI CS1, but
MPP[26] pin does not support this function. Instead it controls chip
select 2 if in "spi0" mode.
Fix the name of the pin node in pinctrl node and fix the comment in SPI
node.
Signed-off-by: Marek Behún <kabel@kernel.org>
* Add SPDX-License-Identifier
* Add SFP and LED nodes
* Fix PHY nad NOR nodes
* Remove duplicates from u-boot.dtsi file
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Linux kernel uses compatible string "marvell,armada370-nand-controller" for
nand controllers on Armada 370/XP/38x. U-Boot currently uses mix of
"marvell,armada370-nand" and "marvell,mvebu-pxa3xx-nand".
So unify it and use just Linux kernel compatible string.
Signed-off-by: Pali Rohár <pali@kernel.org>
Acked-by: Michael Trimarchi <michael@amarulasolutions.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Now when CONFIG_SYS_TEXT_BASE has sane value, use it for calculation of
other SPL offset values: CONFIG_SPL_MAX_SIZE, CONFIG_SYS_MMC_U_BOOT_* and
CONFIG_SYS_SPI_FLASH_U_BOOT_* macros.
No functional change.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
On some boards upper 4 bits of i2c boot input data (register 0) are
inverted. Information which bits are inverted is stored in register 2.
So invert read input data back according to register 2 prior processing
them. This fixes printing "rom_loc: value" line during booting.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
U-Boot for initial L2 SRAM uses L2 memory-mapping mode and not L2 with
locked lines. P2020 reference manual about L2 memory-mapping mode says:
Accesses to memory-mapped SRAM are cacheable only in the corresponding
e500 L1 caches.
So there is no need to set Caching-Inhibit I-bit for second part of initial
L2 SRAM mapping in TLB entry. Remove it. First part of initial L2 SRAM
mapping already does not have I-bit set.
For more details see also:
https://lore.kernel.org/u-boot/20220508150844.qqxg452rs4wtf5bs@pali/
Signed-off-by: Pali Rohár <pali@kernel.org>
QorIQ U-Boot binary for SD card booting compiled during build process
(either u-boot.bin or u-boot-with-spl.bin) cannot be directly loaded by
QorIQ pre-PBL BootROM. Compiled U-Boot binary first needs to be processed
by Freescale boot_format tool as described in doc/README.mpc85xx-sd-spi-boot
BootROM requires that image on SD card must contain special boot sector.
Implement support for generating this special boot sector directly in
U-Boot start code. Boot sector needs to be at the beginning of the image,
so when compiling only proper U-Boot without SPL then it needs to be in
proper U-Boot. When compiling SPL with proper U-Boot then it needs to be
only in SPL.
Support can be enabled by a new config option FSL_PREPBL_ESDHC_BOOT_SECTOR.
Via other two additional options FSL_PREPBL_ESDHC_BOOT_SECTOR_START and
FSL_PREPBL_ESDHC_BOOT_SECTOR_DATA it is possible to tune how final U-Boot
image could be stored on the SD card.
Signed-off-by: Pali Rohár <pali@kernel.org>
Negative return value from cmd main function cause U-Boot to print criplic
error message: exit not allowed from main input shell.
Set return value on error to 1.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Armada 3700 BootROM supports also images with sha512 checksums and
mox-imager tool [1] generates such bootable images. Without sha512 support
U-Boot bubt command just prints error message:
Error: Unsupported hash_algorithm_id = 64
Error: Image header verification failed
This patch adds support for sha512 checksum validation for Armada 3700
images. With it bubt prints:
Image checksum...OK!
[1] - https://gitlab.nic.cz/turris/mox-boot-builder.git
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
net_loop() returns signed int type and negative value represents error.
tftp_read_file() returns unsigned size_t type and zero value represents
error. Casting signed negative value to unsigned size_t type cause losing
information about error and bubt thinks that no error happened, and
continue erasing SPI-NOR which cause malfunction device.
Fix this issue by correctly propagating failure during tftp transport.
With this change when there is no eth link, bubt does not erase SPI-NOR
anymore.
=> bubt
Burning U-Boot image "flash-image.bin" from "tftp" to "spi"
ethernet@30000 Waiting for PHY auto negotiation to complete......... TIMEOUT !
ethernet@30000: No link.
Error: Failed to read file flash-image.bin from tftp
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Current image type verification code is specific to 32-bit Armada SoCs but
used only for Armada 38x. Implement image type verification for Armada 3700
and enable Armada 38x image verification for all 32-bit Armada SoCs.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This driver registers GPIO controller and allows U-Boot to control GPIO
pins on MCU which is connected to Turris Omnia via i2c.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Current pin control driver applies SDHCI PHY MUX selection
when board DT calls for eMMC function on MPP wires.
However, for CP side eMMC, only the "armada-8k-cpm-pinctrl"
compatibility string is taken into account, which causes
CP-SDHCI on Armada-7K boards to fail.
This patch adds "armada-7k-pinctrl" compatibility string
handling for the CP-SDHCI PHY configuration case.
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-by: Igal Liberman <igall@marvell.com>
Reviewed-by: Stefan Roese <sr@denx.de>
These functions are required for 'pinmux status -a' command to print
current configuration of each MPP pin.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
To automatically enable GPIO functionality of some MPP pin, it is required
to implement .gpio_request_enable and .gpio_disable_free callbacks in
pinctrl driver and set .request and .rfree callbacks in GPIO driver to
pinctrl_gpio_request / pinctrl_gpio_free functions.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Currently bank name is just one alphabetical letter.
Change it to mvebu and number.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Device tree property "ngpios" contains number of gpios.
Use it when available.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
To use particular pin GPIO, it needs to be first switched to GPIO by
pinctrl. Use pinctrl_gpio_request() and pinctrl_gpio_free() for this
purpose.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This change allows to use pinctrl_gpio_request() function as a direct
pointer for dm_gpio_ops's .request callback.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
