Fix Coverity Issue 9006658. In fill_dbbt_data, an integer overflow occurs,
with the result converted to a wider integer type
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix Coverity Issue 9006657. In read_fcb, leak of memory to system
resource "fcb_raw_page". Adjust the sequence to check the mtd bad
block prior than allocation of "fcb_raw_page", also check the NULL
return of allocation.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix Coverity Issue 9006655. In write_fcb, leak of memory to resource
"fcb_raw_page". Since we have initialized the "ret" to 0, should return
the value of ret.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Fix Coverity Issue 9006654. In write_fcb, use of an uninitialized
variable "ret".
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
When doing DDR scrub, the DDR may enter into self refresh if the
selfref_en is enabled before DDR scrub. This will cause scrub
can't complete that SBRSTAT.scrub_done won't be set.
Since the selfref_en can be programmed during the course of
normal operation, move it after DDR scrub
Signed-off-by: Ye Li <ye.li@nxp.com>
Acked-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
use CONFIG_TARGET_IMX8MN_DDR4_EVK for DDR4 EVK board, we will use
CONFIG_TARGET_IMX8MN_EVK for LPDDR4 EVK board.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The field Media.LastBlock of the EFI_BLOCK_IO_PROTOCOL.Media was filled
incorrectly both for block devices as well as for partitions.
The field must be filled with the index of the last logical block (LBA):
* block devices: device size minus 1
* partitions: partition size minus 1
Reported-by: Alexander von Gluck IV <kallisti5@unixzen.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI specification requires event notification levels to be
> TPL_APPLICATION and <= TPL_HIGH_LEVEL.
With the patch the CreateEvent() and CreatedEventEx() services are changed
to check that the notification level is not TPL_APPLICATION.
Reference:
UEFI Specification 2.8 Errata B, table 27 "TPL Restrictions",
"Event Notification Levels"
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Miscellaneous fixes in the mkeficapsule utility -- these include a few
resource leak issues flagged by Coverity along with some additional
code improvements suggested by Heinrich during code review.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Fill reserved members of efi_firmware_management_capsule_image_header
structure with zero's for safety.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: CID 316354
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
CID 316361 says:
> Passing argument "count * 8UL /* sizeof (*files) */" to
> function "dlmalloc" and then casting the return value to "u16 **" is
> suspicious. In this particular case "sizeof (u16 **)" happens to be equal
> to "sizeof (u16 *)", but this is not a portable assumption.
> > 767 tmp_files = malloc(count * sizeof(*files));
The change in this patch fixes the ambiguity.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: CID 316361
For readability use *tmp_files instead of tmp_files[0]
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
CID 316364 says:
> Null pointer dereferences (FORWARD_NULL)
> printf("Result total size: 0x%x\n", result->variable_total_size);
at do_efi_capsule_res().
The code is basically safe because a buffer for "result" is allocated
by malloc() and filled up by the second get_variable(), which fails any way
if the allocation has failed.
But the first (and second) get_variable() possibly returns an error other
than EFI_SUCCESS. We always need to check the return code from
get_variable() before accessing the data in "result".
While this change won't suppress CID 316364, the resulting code is much
safer.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Use the correct GUID when closing the file load protocol.
Remove an unnecessary check (Coverity CID 316363).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The short name and extension of FAT files are stored in adjacent fields of
the directory entry. For some operations like calculating a checksum or
copying both fields it is preferable to treat both as one structure.
Change the definition of the directory entry structure to include a
structure comprising the name and the extension field.
This resolves Coverity CID 316357, CID 316350, CID 316348.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Provide function description for flush_dir().
Move all error messages for flush_dir() from the callers to the function.
Move mapping of errors to -EIO to the function.
Always check return value of flush_dir() (Coverity CID 316362).
In fat_unlink() return -EIO if flush_dirty_fat_buffer() fails.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UBI_IOCVOLUP ioctl can fail if exclusive access to the volume isn't
obtained. If this happens, the flush operation doesn't return error,
leaving the caller without knowledge of missing flush.
Fix this by forwarding the error (-1) from ubi_update_start().
Fixes: 34255b92e6 ("tools: env: Add support for direct read/write UBI volumes")
Signed-off-by: Martin Hundebøll <martin@geanix.com>
These commands were disabled when CONFIG_FIT_SIGNATURE is disabled, but
they do not depend on crypto support so they can be unconditionally
enabled.
Signed-off-by: Joel Stanley <joel@jms.id.au>
When CONFIG_FIT_CIPHER=y and CONFIG_FIT_SIGNATURE=n is there is no
implementation of image_get_host_blob for mkimage/dumpimage:
/usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
Move the implementation to a common file so it can be shaed between
image-cipher.c and image-fit-sig.c.
Signed-off-by: Joel Stanley <joel@jms.id.au>
If CONFIG_FIT_CIPHER is enabled without CONFIG_FIT_SIGNATURE then
mkimage/dumpimage will fail to link:
/usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x10): undefined reference to `EVP_aes_128_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x40): undefined reference to `EVP_aes_192_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x70): undefined reference to `EVP_aes_256_cbc'
/usr/bin/ld: tools/lib/aes/aes-encrypt.o: in function `image_aes_encrypt':
aes-encrypt.c:(.text+0x22): undefined reference to `EVP_CIPHER_CTX_new'
/usr/bin/ld: aes-encrypt.c:(.text+0x6f): undefined reference to `EVP_EncryptInit_ex'
/usr/bin/ld: aes-encrypt.c:(.text+0x8d): undefined reference to `EVP_EncryptUpdate'
/usr/bin/ld: aes-encrypt.c:(.text+0xac): undefined reference to `EVP_CIPHER_CTX_free'
/usr/bin/ld: aes-encrypt.c:(.text+0xf2): undefined reference to `EVP_EncryptFinal_ex'
collect2: error: ld returned 1 exit status
Signed-off-by: Joel Stanley <joel@jms.id.au>
The propoerty sign-images points to images in the configuration
node. But thoses images may references severals "sub-images" (for
example for images loadable). This commit adds the support of
severals sub-images.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit creates a function fit_config_add_hash that will be
used in the next commit to support several 'sub-images'.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
The dm root node is needed early in the spl to allow the timer to be
used. This change calls spl_early_init to initialize the dm root node.
Signed-off-by: Greg Gallagher <greg@embeddedgreg.com>
Giant board is a tiny SBC based on the Adafruit Feather form factor,
created by groboards it contains a SAMA5D2 processor (SAMA5D27),
128 MB of RAM and a microSD card for storage.
Signed-off-by: Greg Gallagher <greg@embeddedgreg.com>
Take into account all RGMII interface types. Depending on it
the RGMII PHY's timings are setup.
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
clk_set_rate() returns the set rate in case of success and a
negative number in case of failure. Consider failure only the
negative numbers.
Fixes: 3ef64444de ("dm: net: macb: Implement link speed change callback")
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Different implementation of USER IO register needs different
mapping for bit fields of this register. Add implementation
for this and, since clken is part of USER IO and it needs to
be activated based on per SoC capabilities, add caps in
macb_config where clken specific information needs to be filled.
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Because ATMEL_BASE_ROM is defined to 0x100000, it already points
to the begin of the index table for 512 byte sectors correction.
Thus its offset must be zero and the index of the table for 1024
byte sectors must start at offset 0x8000.
Signed-off-by: Kai Stuhlemmer (ebee Engineering) <kai.stuhlemmer@ebee.de>
[ta: update commit message]
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Offsets are described in the datasheet at section:
"11.4.4.2 NAND Flash Boot: PMECC Error Detection and Correction".
For testing I "injected" bit flips into u-boot NAND memory area,
and then read back. PMECC could not correct the errors. With the
offsets updated everything is fine.
Fixes: 3225f34e5c ("ARM: atmel: add sama5d3xek support")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
When CONFIG_ATMEL_NAND_HW_PMECC is set, CONFIG_PMECC_CAP defaults
to the value of 2. At the conversion to Kconfig for the PMECC config
values, some boards/defconfigs were wrongly configured.
Update CONFIG_PMECC_CAP to the PMECC_CAP value before the conversion.
Fixes: 49ad40298c ("ARM: at91: Convert SPL_GENERATE_ATMEL_PMECC_HEADER to Kconfig")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
SPL_GENERATE_ATMEL_PMECC_HEADER selects:
ATMEL_NAND_HWECC [=y] && ATMEL_NAND_HW_PMECC [=y].
With the removal of SPL_GENERATE_ATMEL_PMECC_HEADER,
ATMEL_NAND_HW_PMECC and ATMEL_NAND_HWECC were no longer
selected. Also, when the SPL_GENERATE_ATMEL_PMECC_HEADER was removed,
the configs were not updated using savedefconfig, thus the
'commit d168bcb6fe ("configs: Resync with savedefconfig")'
further removes the CONFIG_PMECC_CAP value.
Update defconfigs and add CONFIG_ATMEL_NAND_HW_PMECC,
which selects ATMEL_NAND_HWECC, in order to restore NAND PMECC
support. Restore CONFIG_PMECC_CAP value.
Fixes: 57f76c2a47 ("configs: at91: remove SPL_GENERATE_ATMEL_PMECC_HEADER from non-nand configs")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Use dev_read_prop instead of using the fdt_read_property which
reads from the GD struct's fdt.
This way the node is accessed via the device config instead of the
global struct, which makes code more portable and GD independent.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
- New board: rk3328 NanoPi R2S board;
- Fix init voltage for some rk3399 boards;
- enable rng for rk3399 by default;
- set default to SPI bus 1 for SPI-flash for some board;
- add dwc PCIe controller driver on rockchip platform;
Add Rockchip dwc based PCIe controller driver for rk356x platform.
Driver support Gen3 by operating as a Root complex.
Signed-off-by: Shawn Lin <shawn.lin@rock-chips.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>