With full SPL enabled, the loaded image overwrites the mxs_spl_data
location. Moving it a slightly lower address fixes this.
Signed-off-by: Mans Rullgard <mans@mansr.com>
When building in Thumb mode, the linker might generate mode switching
stubs in .glue sections. Include these in the final link.
Signed-off-by: Mans Rullgard <mans@mansr.com>
The code attempts to preserve the value of LR by storing it in R12/IP
across the lowevel_init() call. However, this register is not saved
by the callee. Use a register that guaranteed to be preserved instead.
Signed-off-by: Mans Rullgard <mans@mansr.com>
With the full SPL framework enabled, lowlevel_init() is required.
Make the empty stub weak so boards can override it.
Signed-off-by: Mans Rullgard <mans@mansr.com>
This patch removes warp7_secure_defconfig. A previous patch set
CONFIG_ARMV7_BOOT_SEC_DEFAULT=y on the unsecure WaRP7 config. Fabio asked
if I could confirm that the NXP and upstream kernels will boot on the WaRP7
with CONFIG_ARMV7_BOOT_SEC_DEFAULT=y. I can confirm that this is the case,
so there's no need to support the secure defconfig - drop it now.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Suggested-by: Fabio Estevam <fabio.estevam@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Without this commit we do have an explicit dependency on CONFIG_PHYLIB
when one wants to set PHY ADDR on a iMX board (FEC + driver model).
This shall be changed to CONFIG_FEC_MXC_PHYADDR, as only when we do have
it set, we shall mask out other devices.
As a side effect, when CONFIG_FEC_MXC_PHYADDR is not set, we scan PHY bus
for connected PHY devices.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
This reverts commit b5b0e4e351.
Commit f916757300 ("imx: Create distinct pre-processed mkimage
config files") provided a proper fix for the parallel mkimage
config files build failure, so the original workaround can be
safely reverted now.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Reviewed-by: Stefano Babic <sbabic@denx.de>
mx7dsabresd_secure_defconfig was introduced to allow booting NXP kernel
that has CAAM support and needs to boot in secure mode.
Instead of keeping two different config targets for the same board,
remove mx7dsabresd_secure_defconfig and select
CONFIG_ARMV7_BOOT_SEC_DEFAULT inside mx7dsabresd_defconfig so that
this target could be used to boot both mainline and the vendor kernel.
This makes maintenance task easier and avoid potentially confusion
for the end user.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Acked-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
This patch adds support for verifying a signed boot.scr. With this in place
it's possible for run-time Linux to update boot.scr to set different
variables such as switching between different boot partitions, pointing to
different kernels etc and for u-boot to verify these changes via the HAB
prior to executing the commands contained in boot.scr.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
setexpr allows us to do arithmetic for env variables - something that is
both useful and required when doing HAB authentication without hard-coding
HAB load addresses.
This patch enables CMD_SETEXPR for the WaRP7 defconfig.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
This patch introduces the environment variable ivt_offset. When we define a
load address for Linux or DTB or any file the IVT associated with that file
is prepended. We extract the actual load addresses from u-boot.cfg and feed
these values into the code-signing process - hence we want u-boot to have
the real load addresses exported in uboot.cfg.
ivt_offset represents the addition or subtraction from the load address
that must happen to find an IVT header.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Doing secure boot on the WaRP7 using a common image format and the same
variable to represent the base address for each call means we can reduce
down the command to a single environment command.
This patch adds warp7_auth_or_fail as a wrapper around
"hab_auth_img_or_fail ${hab_ivt_addr} ${filesize} 0".
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
We need to know the name of a signed boot-script, its better to have a
separate variable for this then to simply append some fixed string to an
existing image name.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Assigning the UUID discovery path to a tweakable environment variable means
that later steps in the boot process - particularly a boot script can
change the target root partition of a particular Linux boot.
Retargeting the rootfs is an important feature when doing ping/pong
upgrades allowing a boot script to select ping or pong as necessary without
reprogramming the bootloader.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Adding CONFIG_WARP7_ROOT_PART allows a defconfig to specify which partition
is use as the root partition on WaRP7, this is a desirable change in order
to support a different partitioning schemes. The default is the current
partition #2.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
In order to sign images with the IMX code-signing-tool (CST) we need to
know the load address of a given image. The best way to derive this load
address is to make it into a define - so that u-boot.cfg contains the
address - which we can then parse when generating the IMX CST headers.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: Ryan Harkin <ryan.harkin@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
This patch enables CONFIG_BOOTM_TEE. Once enabled its possible to
chain-load Linux through OPTEE.
Loading kernel to 0x80800000
=> run loadimage
Load FDT to 0x83000000
=> run loadfdt
Load OPTEE to 0x84000000
=> fatload mmc 0:5 0x84000000 /lib/firmware/uTee.optee
Then chain-load to the kernel via OPTEE
=> bootm 0x84000000 - 0x83000000
Image Name:
Image Type: ARM Trusted Execution Environment Kernel Image (uncompressed)
Data Size: 249844 Bytes = 244 KiB
Load Address: 9dffffe4
Entry Point: 9e000000
Verifying Checksum ... OK
Loading Kernel Image ... OK
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Various function associated with booting the WaRP7 in High Assurance Boot
(HAB) mode are enabled by switching on CONFIG_SECURE_BOOT.
This patch enables CONFIG_SECURE_BOOT for the WaRP7 defconfig.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
In order to sign images with the IMX code-signing-tool (CST) we need to
know the load address of a given image. The best way to derive this load
address is to make it into a define - so that u-boot.cfg contains the
address - which we can then parse when generating the IMX CST headers.
This patch makes the OPTEE_LOAD_ADDR available via u-boot.cfg for further
parsing by external tools.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: Ryan Harkin <ryan.harkin@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Right now a region of 0x300000 bytes is allocated at the end of DRAM for
the purposes of loading an OPTEE firmware inside of it. This patch adds the
printout of the relevant address ranges.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Subtracts CONFIG_OPTEE_TZDRAM_SIZE from the available DRAM size.
On WaRP7 we simply define the OPTEE region as from the maximum DRAM address
minus CONFIG_OPTEE_TZDRAM_SIZE bytes.
Note the OPTEE boot process will itself subtract the DRAM region it lives
in from the memory map passed to Linux.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Requires setting CONFIG_OPTEE=y and setting an OPTEE TrustZone DRAM base in
include/configs/warp7.h.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
This patch adds an environment variable called "hab_enabled" which gets set
to a boolean status indicating whether HAB is enabled or not.
Subsequent patches can use this environment variable to determine if its
necessary to run a given binary through the hab_auth_img console command.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
In order to correctly produce an image with a IVT/DCD header we need to
define a CSF in imximage.cfg. We just use the mx7 default here.
All we have to do with this option switched on is "make u-boot.imx" and we
then will get
- u-boot.imx
- u-boot.imx.log
The log file is really important because it gives the addresses for the HAB
that we will require to sign the u-boot image using the CST. Since the
addresses can change this logfile is a critical output.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
This patch adds BOOTROM_IVT_HDR_OFFSET at 0xC00. The BootROM expects to
find the IVT header at a particular offset in an i.MX image.
Defining the expected offset of the IVT header in the first-stage BootROM
image format is of use of later stage authentication routines where those
routines continue to follow the first-stage authentication layout.
This patch defines the first stage offset which later patch make use of.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Cc: Breno Lima <breno.lima@nxp.com>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
commit 8519c9c98a ("tools/imximage: use 0x prefix in HAB Blocks line")
adds an 0x prefix to each HAB Block number to make it easier for host tools
to process the HAB Block output, however it neglects to apply the same
prefix to the DCD Blocks directive. You need the DCD Blocks directive if
you are making a u-boot recovery image which the BootROM will accept via
the USB upload utility.
This disparity results in a fruity output like this with HAB Blocks
prefixed but DCD Blocks not prefixed - which is pretty inconsistent.
This patch fixes the difference assuming the original commit was a
legitimate change.
Old:
Image Type: Freescale IMX Boot Image
Image Ver: 2 (i.MX53/6/7 compatible)
Mode: DCD
Data Size: 430080 Bytes = 420.00 KiB = 0.41 MiB
Load Address: 877ff420
Entry Point: 87800000
HAB Blocks: 0x877ff400 0x00000000 0x00066c00
DCD Blocks: 00910000 0000002c 000001d4
New:
Image Type: Freescale IMX Boot Image
Image Ver: 2 (i.MX53/6/7 compatible)
Mode: DCD
Data Size: 430080 Bytes = 420.00 KiB = 0.41 MiB
Load Address: 877ff420
Entry Point: 87800000
HAB Blocks: 0x877ff400 0x00000000 0x00066c00
DCD Blocks: 0x00910000 0x0000002c 0x000001d4
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Cc: Breno Lima <breno.lima@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
use the generic filesystem command 'load' rather
than 'fatload' to avoid per-fs specific commands.
Signed-off-by: Pierre-Jean TEXIER <texier.pj2@gmail.com>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Acked-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
With clang-4.0 and later we see:
warning: logical not is only applied to the left hand side of this bitwise
operator [-Wlogical-not-parentheses]
if ((!gd->flags & GD_FLG_RELOC))
^ ~
And while the compiler suggests adding parenthesis around gd->flags, a
reading of the code says that we want to know when GD_FLG_RELOC is not
set and then return.
Cc: Simon Glass <sjg@chromium.org>
Cc: Anatolij Gustschin <agust@denx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Some last minute fixes for 2018.05. Most of them are minor fixes. On
top we have some functional improvements for the device path logic
which should also help us be more compatible.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJa3jXOAAoJECszeR4D/txgtUoQAMoECv8KFcY062S67h/iAfVz
8tUA9G2DwOPq/QjUqjqNM6TAzbASwCb91hQv1DTb1WEsGeY6xzrawNw6/JazWki3
ZkBoE0/NQMRBKXccxlC6d0N/9EHRBhIRBiZlPbG2AqKLQ16Uan3CqSH7wo20EWSz
U3FIbU7mCEllZ5TZTYJcAgotkAaxZCgt3tC+sbbf/GLbHly7wa+e9gQ2ELHD2ftG
996lwbZJ2CjKx28O9FmFx4U24/TgYwKZ9og+E1ZpuSqtgAhiS/obWDaW3iMIEXyH
u0xGlvlNqEwcwZ6DI3CWCUxrdXvnH9LrNEgqbHVHvCd9xWVofFjHk9ncWVNL1TP5
dKhWpy8sgqZGwza8oP2Np3frlhzLa0gwJX0VNXHySxZH5UQaPq6hZFLEtpG3fya3
8Jgwg1NEaTSCQHEH8b0dwqJGLOPpt6U6xAQesDfnnlKBziR67rSQfoaOqEXEuznw
gN30cs0dq/sF4gjQyPTfpKgCCDBVF8K61n3MFuNkZkTIF17jTSUeLMWE9iXVOTsV
ybeabG2KEqB0mFxoM7GrMK9b3HxVj4jCf45/NoWJ/LP4bt5x+43+OWt7CuzCVlLJ
8utm0F9pdno+2NF4zQokETpeMsq2qR+aMgGpkELNazjnUOQok1gZL5iaV+aYIAnS
ABf3eW+3ZVRDpu3grRvx
=o2Ra
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-2018.05' of git://github.com/agraf/u-boot
Patch queue for efi - 2018-04-23
Some last minute fixes for 2018.05. Most of them are minor fixes. On
top we have some functional improvements for the device path logic
which should also help us be more compatible.
Staticize the function since it's only used in mmc.c .
Signed-off-by: Marek Vasut <marek.vasut@gmail.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Tom Rini <trini@konsulko.com>
Provide unit tests for the EFI_DEVICE_PATH_UTILITIES_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The missing services of the EFI_DEVICE_PATH_UTILITIES_PROTOCOL are
implemented.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Device paths may consist of multiple instances. Up to now we have only
considered the size of the first instance. For the services of the
EFI_DEVICE_PATH_UTILITIES_PROTOCOL in most cases the total length of the
device path is relevant.
So let's rename efi_dp_size() to efi_dp_instance_size() and create a new
function efi_dp_size() that calculates the total device path length.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_dp_size() is meant to return the device path length without the end
node.
The length of a device path containing only an end node was incorrectly
reported as 4.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The logic of the AppendDevicePath service of the
EFI_DEVICE_PATH_UTILITIES_PROTOCOL is incorrectly implemented:
* if both paths are NULL an end node has to be returned
* if both paths are not NULL the end node of the second device path has to
be kept
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the CreateDeviceNode service of the device path utility protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Executing a test after failed setup may lead to unexpected behavior like
an illegal memory access. So after a setup failure we should skip to
teardown.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We do not support bootefi booting ARMv7 in non-secure mode.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
According to the documentation the EFI log category is called LOGC_EFI.
All other categories start with LOGC_. So let's fix it.
Fixes: 1973b381a1 ("log: add category LOGC_EFI")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently, the address region, 0xf8000 - 0x100000, is used for SPL
stack for the 32bit SoCs. Because the U-Boot proper image starts
from 0x70000, the maximum size of the U-Boot proper image is 544KB
(0x70000 - 0xf8000) for the NOR boot mode. Now uniphier_v7_defconfig
is almost hitting this size limit. Changing CONFIG_SPL_STACK can
raise the size limit with less impact. With this, the size limit
will increase to 576KB (0x70000 - 0x100000). If we need to increase
it even more, we would be able to change CONFIG_SYS_UBOOT_BASE at the
cost of the flashing command changes.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Some boards support an SD card and an eMMC device at the same time.
Since both belong to 'mmc', they are identified by a device number.
When the device number of the eMMC is 1 instead 0, "mmc dev" command
must be performed to switch the target device before flashing images.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
