Commit graph

81879 commits

Author SHA1 Message Date
Pali Rohár
8ac3615e8d arm: mvebu: Espressobin: When emmc is not present disable it also in OF_LIVE
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-09-13 06:38:08 +02:00
Pali Rohár
f7b0bbca2b cmd: mvebu/bubt: Check for A38x/A37xx OTP secure bits and secure boot
For obvious reasons BootROMS rejects unsigned images when secure boot is
enabled in OTP secure bits. So check for OPT secure bits and do not allow
flashing unsigned images when secure boot is enabled. Access to OTP via
U-Boot fuse API is currently implemented only for A38x and A37xx SoCs.

Additionally Armada 3700 BootROM rejects signed trusted image when secure
boot is not enabled in OTP. So add also check for this case. On the other
hand Armada 38x BootROM acceps images with secure boot header when secure
boot is not enabled in OTP.

OTP secure bits may have burned also boot device source. Check it also and
reject flashing images to target storage which does not match OTP.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-09-13 06:38:08 +02:00
Pali Rohár
5a06534933 cmd: mvebu/bubt: Check for A38x image data checksum
Currently for A38x image is checked only header checksum.
So check also for image data checksum to prevent flashing broken image.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-09-13 06:38:08 +02:00
Stefan Roese
ca076d9689 tools: kwboot: Change KWBOOT_MSG_RSP_TIMEO_AXP to 10ms
Testing on the theadorable Armada XP platform has shown, thaz using the
current value of 1000ms as response timeout does not result in reliable
booting via kwboot. Using 10ms seems to be much better. So let's change
this value to this 10ms instead.

Signed-off-by: Stefan Roese <sr@denx.de>
Acked-by: Pali Rohár <pali@kernel.org>
2022-09-13 06:38:08 +02:00
Tony Dinh
a8a0c55f9d arm: kirkwood: Add CONFIG_SUPPORT_PASSING_ATAGS
Add CONFIG_SUPPORT_PASSING_ATAGS and friends to support legacy
image method of booting. Debian and OpenWrt installer use uImage
with appended DTB for these Kirkwood boards.

Signed-off-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-09-13 06:38:08 +02:00
Simon Glass
d1962ac797 Makefile: Add a pcheck option to run tests in parallel
Running tests in parallel is much faster, e.g. 15 seconds to run the tests
on sandbox (only), instead of 100 seconds (on a 16-core machine). Add a
'make pcheck' option to access this feature.

Note that the tools/ tests still run each tool's tests once after the
other, although within that, they do run in parallel. So for example,
the buildman tests run in parallel, then the binman tests run in
parallel. There would be a signiificant advantage to running them all
in parallel together, but that would require a large amount of
refactoring, e.g. with more use of pytest fixtures.

Update the documentation to represent the current state.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
e1c0811114 dtoc: Drop sys.exit() in test_fdt
This breaks using pytest to run the tests. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
45a226a16b test/py: Support --build when running tests in parallel
At present when -n is used, all workers try to build U-Boot at once.
Add a lock to ensure that only one of them builds, with the others using
the build that is produced.

The lock file is removed on startup.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
486680272e test/py: Move U-Boot building into a function
This is a lot of code in a function that is too long. Split out the
building code.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
f6e6022ff1 test: Refactor arg parsing for the run script
Tidy up this code a little. Also use '-k' consistently, since -m is more
limited in what it can accept.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
b681669aa5 test: Make test_gpio_read() independent
This assumes that the GPIO starts as 0 but it does not if
test_gpio_input() ran first and test_gpio_exit_statuses() was skipped.
This can happen when running tests in parallel.

Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
d401187fec test: Mark test_gpt tests as slow
Mark all the tests in this file as slow, since they take a while.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
c7c113dc13 test: Mark all but the first vboot test as slow
When doing a quick check we don't need to run all the vboot tests. Just
run the first one, which is enough to catch most problems.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
a1f620eb4f test: Make test_efi_bootmgr() single-threaded
This test seems to fail when run in parallel. Mark it single-threaded to
avoid any problems.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
e2c5113523 test: Make test_sqfs_ls() single-threaded
This test seems to interfere with the other test in this file. Mark it
single-threaded to avoid any problems.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
c620ea45a7 test: Update FIT tests to run in parallel
Use a different temporary dir for each test, to allow them to run in
parallel.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
78ac0deafd test: Make test_bind_unbind_with_uclass() single-threaded
This test seems to rely on the other test in this file. Mark it
single-threaded to avoid any problems.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
cc85d905cd test/py: Allow tests to be marked single-threaded only
Add a new 'singlethread' marker to allow tests to be skipped when running
in parallel.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
44384c70f9 test: Fix bootm_test_subst_var() running independently
This test relies on the silent_linux env variable being set. Add this
to the code so it can run without relying on other bootm tests having been
run first.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Simon Glass
2aa1188467 test: Fix test_pinmux to run in parallel
At present test_pinmux_status() assumes that test_pinmux_dev() has run
beforehand. Drop this assumption so we can run the tests in parallel.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 18:06:36 -04:00
Tom Rini
0ba282e0ee Binman VPL support (patch was lost)
Add board_rng_seed() as a temporary solution
 -----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmMfNjoRHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreaPVAf/SjZXU864AaleX1mCYtOSdhpAictwaJwY
 k1MJ/NxuRzvkF+yUMqnJMXVCUno3M9g3zYP4caworu2xL/YEXKCCswyowpNGBMZP
 uR84CgroKxLMjx2OPyWIpaAYEJz6O61Nj3AXuUx7y9XwOCiDImOi1et97LfgPA/z
 sxBp7Q0QpPMFWiJ6oijH9PdnzoN2A2ddSSYzDiRUtCOsc5XOq6rx27PH10yDyFyV
 oBhE/siuERnIt/MvPqs0aNIiKJ6lyjcqkMnDU94LD36EAT6Z3ll5tzJR1f7+DC3p
 VFppSypxCJdIw07qliCcCFQhFAe5BcmWQ+FuDydWu3OjOVc/WX0V2w==
 =r1u5
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-12sep22' of https://source.denx.de/u-boot/custodians/u-boot-dm

Binman VPL support (patch was lost)
Add board_rng_seed() as a temporary solution
2022-09-12 09:47:16 -04:00
Simon Glass
6ad2452bc6 binman: Add VPL support
Add support for U-Boot's Verifying Program Loader phase.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-12 06:41:14 -06:00
Rasmus Villemoes
6dca1d9ad3 fdt_support: add optional board_rng_seed() hook
A recurring theme on LKML is the boot process deadlocking due to some
process blocking waiting for random numbers, while the kernel's
Cryptographic Random Number Generator (crng) is not initalized yet,
but that very blocking means no activity happens that would generate
the entropy necessary to finalize seeding the crng.

This is not a problem on boards that have a good hwrng (when the
kernel is configured to trust it), whether in the CPU or in a TPM or
elsewhere. However, that's far from all boards out there. Moreover,
there are consumers in the kernel that try to obtain random numbers
very early, before the kernel has had any chance to initialize any
hwrng or other peripherals.

Allow a board to provide a board_rng_seed() function, which is
responsible for providing a value to be put into the rng-seed property
under the /chosen node.

The board code is responsible for how to actually obtain those
bytes.

- One possibility is for the board to load a seed "file" from
  somewhere (it need not be a file in a filesystem of course), and
  then ensure that that the same seed file does not get used on
  subsequent boots.

  * One way to do that is to delete the file, or otherwise mark it as
    invalid, then rely on userspace to create a new one, and living
    with the possibility of not finding a seed file during some boots.

  * Another is to use the scheme used by systemd-boot and create a new
    seed file immediately, but in a way that the seed passed to the
    kernel and the new (i.e. next) seed cannot be deduced from each
    other, see the explanation at
    https://lore.kernel.org/lkml/20190929090512.GB13049@gardel-login/
    and the current code at
    https://github.com/systemd/systemd/blob/main/src/boot/efi/random-seed.c

- The board may have an hwrng from which some bytes can be read; while
  the kernel can also do that, doing it in U-Boot and providing a seed
  ensures that even very early users in the kernel get good random
  numbers.

- If the board has a sensor of some sort (temperature, humidity, GPS,
  RTC, whatever), mixing in a reading of that doesn't hurt.

- etc. etc.

These can of course be combined.

The rng-seed property is mixed into the pool used by the linux
kernel's CRNG very early during boot. Whether it then actually
contributes towards the kernel considering the CRNG initialized
depends on whether the kernel has been configured with
CONFIG_RANDOM_TRUST_BOOTLOADER (nowadays overridable via the
random.trust_bootloader command line option). But that's for the BSP
developer to ultimately decide.

So, if the board needs to have all that logic, why not also just have
it do the actual population of /chosen/rng-seed in ft_board_setup(),
which is not that many extra lines of code?

I considered that, but decided handling this logically belongs in
fdt_chosen(). Also, apart from saving the board code from the few
lines of boilerplate, doing it in ft_board_setup() is too late for at
least some use cases. For example, I want to allow the board logic to
decide

  ok, let's pass back this buffer and use that as seed, but also let's
  set random.trust_bootloader=n so no entropy is credited.

This requires the rng-seed handling to happen before bootargs
handling. For example, during the very first boot, the board might not
have a proper seed file, but the board could still return (a hash of)
some CPU serial# or whatnot, so that at least no two boards ever get
the same seed - the kernel always mixes in the value passed in
rng-seed, but if it is not "trusted", the kernel would still go
through the same motions as it would if no rng-seed was passed before
considering its CRNG initialized. I.e., by returning that
unique-to-this-board value and setting random.trust_bootloader=n, the
board would be no worse off than if board_rng_seed() returned nothing
at all.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
2022-09-12 06:41:14 -06:00
Michal Simek
91687c4c3c xilinx: zynq: Disable LMB for mini configurations
There shouldn't be a reason to have LMB on for these configurations.
LMB was already disabled for ZynqMP by commit 0063487a5b60 ("configs:
zynqmp: Disable LMB for mini u-boot").

Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/07d95f619a15672d1a234eddcfbb54c0ab382eaa.1662460867.git.michal.simek@amd.com
2022-09-12 12:05:06 +02:00
Ashok Reddy Soma
d434921def xilinx: zynqmp: Disable LMB for mini u-boot
LMB is not required for mini u-boot which runs out of on chip memory.
Disable CONFIG_LMB from mini u-boot defconfig's.

Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/45fad28825f0f236ad45e700aca1f39afbb22236.1659691195.git.michal.simek@amd.com
2022-09-12 12:05:06 +02:00
Michal Simek
85007da94b cmd: bdinfo: Enable dumping lmb data when LMB is enabled
The commit 9996cea75f ("lmb/bdinfo: dump lmb info via bdinfo") added
support for dumping LMB information as the part of bdinfo. But code itself
should be called only when LMB is enabled.

Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Link: https://lore.kernel.org/r/3e40c8bb77550dfca9f7eb48fe644a018d971411.1662537127.git.michal.simek@amd.com
2022-09-12 12:05:06 +02:00
Ashok Reddy Soma
2fb4b5ae54 xilinx: zynqmp: Disable various configs for mini U-Boot
With 2022.01-rc3 upgrade, the size of the mini U-Boot increased and is
not able to fit in OCM. Hence disable unnecessary configs and make room.

Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/306b57818601fa3571bc75c4182f25aaa3f2a793.1659691195.git.michal.simek@amd.com
2022-09-12 12:03:17 +02:00
Michal Simek
86cba52a98 xilinx: versal: Enable i2c mux uclass with pca954x driver
Xilinx is using pca954x i2c muxes on a lot of boards that's why enable this
driver by default.

Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/c090aea3436c7a4ebe698da6cbc70e70a14baae3.1659691195.git.michal.simek@amd.com
2022-09-12 12:03:17 +02:00
Janne Ylalehto
cf5c48d102 xilinx: zynqmp: Fix AES with a user provided key
The user provided key address was not flushed in struct aes because of
the flushing location in the function.

Signed-off-by: Janne Ylalehto <ylalehto@gmail.com>
Link: https://lore.kernel.org/r/20220816124525.19671-1-ylalehto@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-09-12 12:03:17 +02:00
Stefan Herbrechtsmeier
7a0bc18b63 fpga: zynq: Remove post config info message for SPL
The drivers informs the user that a post config was not run after FPGA
configuration. This message is unnecessary in SPL because the
ps7_post_config function is called via spl_board_prepare_for_boot
function before jump_to_image_no_args function from board_init_r
function.

Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Link: https://lore.kernel.org/r/20220808145331.24723-1-stefan.herbrechtsmeier-oss@weidmueller.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-09-12 12:03:17 +02:00
Stefan Herbrechtsmeier
b7e0750d88 zynq: Convert arm twd timer to DM driver
Move arm twd timer driver from zynq to generic location.

DM timer drivers are designed differently to original driver. Timer is
counting up and not down.
Information about clock rates are find out in timer_pre_probe() that's
why there is no need to get any additional information from DT in the
driver itself (only register offset).

Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Link: https://lore.kernel.org/r/20220805061629.1207-1-stefan.herbrechtsmeier-oss@weidmueller.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-09-12 12:03:17 +02:00
Tom Rini
a5fc388ed9 Pull request for efi-2022-10-rc5
Documentation:
 
 * man-page for tftpput
 
 UEFI:
 
 * fix driver binding protocol for block IO devices
 * don't delete invalid handles
 * add a unit test for the EFI Conformance Profile Table
 
 Other:
 
 * correct short text for tftpboot
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmMbeUEACgkQxIHbvCwF
 GsSGsw//WJAuuzP5ufWGxJk2pR9v9LatIsV+w2W1fBTsTb/dbMZ4Sika2Z1izeer
 vmakldnOTLoTXZxng/Ke9J7PEefS8NSUgHbXYLq6a5ckrsji58kGHhDvUjrU2eOf
 D4SBh8eGW/wgmnzHgmsVU0vcXbtWUomWlV4v8SGjYWq5KOTOdFGYmMddqv8cnUVa
 wXHktLaDi9TzzFdfeYPbAlKboQTdRkw0CbzY8z6jlxm2Yd/i7Iw9v7MWwFN5rv1N
 Zlx9Kl0SV1Jz//yzUajyiXXVYK+kVcpjDcvOPhx4GL96mcvW4yyGlOKjpUkTR3H3
 l7112u4lwNSUIJIeDMCazqKgdGMsl+RLuJymAIRCdaBs3c0FsuX4WHNAr0H1KT9X
 oVnzeBKZKjFTT76Q39F80O0JrdDMxqMm1fGiy1ySlRCJNd+dlYZKoopt8PpWkk1E
 IBHsE1m1OXe+n2PNrh6YR9egv9RmfdwBEl0wBftNb9DQ+gNAvR7wVRpmDRCqYuBR
 l/k6GsznHK4hh1Wh+BhrrUeQ3YbboK3RvGA9toYp6BEk/5F2dDuy5pVM7OETjGEY
 DaKjqPjMv41SCIzpcEkzPJEvQ0tEFuk+GEC168IXQmcV/gttvuLNLFfnlLE1amQr
 g09ePeaXKzjiWYSi5wEz1GQs7W9WBnJ5+2zOL41ih125xra6/NE=
 =1zZW
 -----END PGP SIGNATURE-----

Merge tag 'efi-2022-10-rc5' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2022-10-rc5

Documentation:

* man-page for tftpput

UEFI:

* fix driver binding protocol for block IO devices
* don't delete invalid handles
* add a unit test for the EFI Conformance Profile Table

Other:

* correct short text for tftpboot
2022-09-09 15:07:05 -04:00
Heinrich Schuchardt
8cf8ad3533 efi_driver: don't bind internal block devices
UEFI block devices can either mirror U-Boot's internal devices or be
provided by an EFI application like iPXE.

When ConnectController() is invoked for the EFI_BLOCK_IO_PROTOCOL
interface for such an application provided device we create a virtual
U-Boot block device of type "efi_blk".

Currently we do not call ConnectController() when handles for U-Boot's
internal block devices are created. If an EFI application calls
ConnectController() for a handle relating to an internal block device,
we erroneously create an extra "efi_blk" block device.

E.g. the UEFI shell has a command 'connect -r' which calls
ConnectController() for all handles with device path protocol.

In the Supported() method of our EFI_DRIVER_BINDING_PROTOCOL return
EFI_UNSUPPORTED when dealing with an U-Boot internal device.

Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
Fixes: commit 05ef48a248 ("efi_driver: EFI block driver")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-09-09 16:07:54 +02:00
Etienne Carriere
7932548939 lib: efi_loader: don't delete invalid handles
Change efi_delete_handle() to not free EFI handles twice.

This change tries to resolved an issue seen since U-Boot v2022.07
in which ExitBootService() attempts to release some EFI handles twice.

The issue was seen booting a EFI shell that invokes 'connect -r' and
then boots a Linux kernel. Execution of connect command makes EFI
subsystem to bind a block device for each root block devices EFI handles.
However these EFI device handles are already bound to a driver and we
can have 2 registered devices relating to the same EFI handler. On
ExitBootService(), the loop removing the devices makes these EFI handles
to be released twice which corrupts memory.

This patch prevents the memory release operation caused by the issue but
but does not resolve the underlying problem.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

Add log message.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-09-09 16:07:54 +02:00
Heinrich Schuchardt
1e30e377a6 efi_selftest: unit test for EFI Conformance Profile Table
Add a new unit test to test the integrity of the
EFI Conformance Profile Table.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-09-09 16:07:54 +02:00
Heinrich Schuchardt
b33f246c0b efi_selftest: export efi_st_get_config_table()
We can use efi_st_get_config_table() in multiple unit tests.
Export the function.

Export system-table and boot-services.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-09-09 16:07:54 +02:00
Heinrich Schuchardt
afb70d1ef4 doc: man-page for tftpput
Provide a man-page for the tftpput command.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-09-09 16:07:54 +02:00
Heinrich Schuchardt
651031ef7c cmd: correct short text for tftpboot
The command's name is a misnomer.
The command loads a file but does not run (boot) it.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-09-09 16:07:54 +02:00
Heinrich Schuchardt
5f46c6eba5 cmd: fix tftpput command
Calling tftpput with less than 2 arguments must lead to a failure.

If tftpput is called with two arguments, these are the address and
the size of the file to be transferred.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-09-09 16:07:54 +02:00
Tom Rini
e9de8c8c64 - simplify the STM32MP15x package parsing code
- remove test on CONFIG_DM_REGULATOR in stm32mp1 board
   and enable CONFIG_DM_REGULATOR for stm32f769-disco
 - handle ck_usbo_48m clock provided by USBPHYC to fix the command 'usb start'
   after alignment with Linux kernel v5.19 DT (clocks = <&usbphyc>)
 - Fix SYS_HZ_CLOCK value for stih410-b2260 board
 - Switch STMM32MP15x DHSOM to FMC2 EBI driver
 - Remove hwlocks from pinctrl in STM32MP15x to avoid issue with kernel
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEE56Yx6b9SnloYCWtD4rK92eCqk3UFAmMZoW4ACgkQ4rK92eCq
 k3W2MAgAsmy2aSlMYo/AGlJ/KCrZuk6OirNHtdOdacvbcdUUbpkNpBSjdkrRm2If
 VUnY1utIIJe6gFgnBUxXJ3RF5FZuhkdawc6V25HtDp6H3WamzJknKs5Vc4TlKp59
 hZCOto7/+G/cd2XLdCKFUBl+new1pdDPsEm56+57DeZ7QGAQRX35PUQ5+HBjQJ/N
 n/wJgS6wkEdIQLLwmCVxbHUkC+pRotTza5F2A0qZJgYPMcMpVFYKtzIa4GbWB5YS
 MKGHbM8f3C8RLPQaHHTRycoA2Yor1I52B4Oi7605c5zHQr9pjrgtWsernDzkIhsB
 ThYHSYQBUBTY4HBfzFwzCkVGqqLWNg==
 =PMFY
 -----END PGP SIGNATURE-----

Merge tag 'u-boot-stm32-20220907' of https://source.denx.de/u-boot/custodians/u-boot-stm

- simplify the STM32MP15x package parsing code
- remove test on CONFIG_DM_REGULATOR in stm32mp1 board
  and enable CONFIG_DM_REGULATOR for stm32f769-disco
- handle ck_usbo_48m clock provided by USBPHYC to fix the command 'usb start'
  after alignment with Linux kernel v5.19 DT (clocks = <&usbphyc>)
- Fix SYS_HZ_CLOCK value for stih410-b2260 board
- Switch STMM32MP15x DHSOM to FMC2 EBI driver
- Remove hwlocks from pinctrl in STM32MP15x to avoid issue with kernel
2022-09-08 08:33:41 -04:00
Tom Rini
e3fce5e560 Merge tag 'fsl-qoriq-2022-9-7' of https://source.denx.de/u-boot/custodians/u-boot-fsl-qoriq
- Pali's patch not in my patchwork, got missed.
- Sean's patch pending for sometime, I just fix conflict when apply
  Sean's patch, so pick up.
2022-09-07 08:39:12 -04:00
Tom Rini
fc2f4085d3 binman fixes for bintool support
-----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmMYjgoRHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIrea87Af9H605i3fkhZEmQUoGLgYVHnL6HTnWqVOk
 1H7ysnSGkErwZKx+jQXG6dbW0Rkx4yPDYUMRkXQOdJPpgHZXlcp7FtOin3jT00Z/
 M0+Se4NF4pUBqBdaNWtsSAicS+2snfbcHErI60XU2bu/E86Es+rqFstUZfd/Hcw9
 HxFOf9pT8dbokg1K3hYh1tBco0NC4+iHfWheDWV9qLOQxG5LdzCWlBKkt9pegljH
 NHKrjMYvpU68e80I8rPIppJxyHipZgXorr9JKFLqS6cNgolbPF+cy9K10zEObno5
 DCY7IuBv2BmY5ghwW2oN90gXkT0jqatSBbYBlu8oG0ioyRY2MDv6Yw==
 =i2Ik
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-7sep22' of https://source.denx.de/u-boot/custodians/u-boot-dm

binman fixes for bintool support
2022-09-07 08:38:44 -04:00
Sean Anderson
857e313a3d net: fm: Add support for FIT firmware
Fman microcode is executable code (AFAICT) loaded into a
coprocessor. As such, if verified boot is enabled, it must be verified
like other executable code. However, this is not currently done.

This commit adds verified boot functionality by encapsulating the
microcode in a FIT, which can then be signed/verified as normal. By
default we allow fallback to unencapsulated firmware, but if
CONFIG_FIT_SIGNATURE is enabled, then we make it mandatory. Because
existing Layerscape do not use this config (instead enabling
CONFIG_CHAIN_OF_TRUST), this should not break any existing boards.

An example (mildly-abbreviated) its is provided below:

/ {
    #address-cells = <1>;

    images {
        firmware {
            data = /incbin/(/path/to/firmware);
            type = "firmware";
            arch = "arm64";
            compression = "none";
	    signature {
                algo = "sha256,rsa2048";
                key-name-hint = "your key name";
            };
        };
    };

    configurations {
        default = "conf";
        conf {
            description = "Load FMAN microcode";
            fman = "firmware";
        };
    };
};

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:44:55 +08:00
Sean Anderson
f1061c5701 net: Convert fit verification to use fit_get_data_*
Several ethernet drivers load firmware from FIT images. Convert them to
use the fit_get_data helpers.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:50 +08:00
Sean Anderson
7b42bde075 cmd: fpga: Convert to use fit_get_data_node
This converts the FIT loading process of the fpga command to use
fit_get_data_node.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:47 +08:00
Sean Anderson
bdbdaede67 ARMv8/sec_firmware: Convert to use fit_get_data_conf_prop
This reduces sec_firmware_get_data to a single call to
fit_get_data_conf_prop. I think sec_firmware_check_copy_loadable could also
be converted, but it does not map as straightforwardly, so I have left it
for a future cleanup.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:45 +08:00
Sean Anderson
37feaf2f72 image: fit: Add some helpers for getting data
Several different firmware users have repetitive code to extract the
firmware data from a FIT. Add some helper functions to reduce the amount
of repetition. fit_conf_get_prop_node (eventually) calls
fdt_check_node_offset_, so we can avoid an explicit if. In general, this
version avoids printing on error because the callers are typically
library functions, and because the FIT code generally has (debug)
prints of its own. One difference in these helpers is that they use
fit_image_get_data_and_size instead of fit_image_get_data, as the former
handles external data correctly.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:44 +08:00
Sean Anderson
1b0e98221d ARMv8/sec_firmware: Remove SEC_FIRMWARE_FIT_CNF_NAME
The config to use for FIT images can be better specified by enabling
CONFIG_MULTI_DTB_FIT and implementing board_fit_config_name_match.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:43 +08:00
Pali Rohár
33043b396c board: freescale: p1_p2_rdb_pc: Calculate offsets for eSDHC boot sector
Correctly calculate offsets between SPL and proper U-Boot when new config
option CONFIG_FSL_PREPBL_ESDHC_BOOT_SECTOR for generating eSDHC boot sector
is enabled. Otherwise SPL would not be able to boot proper U-Boot.

Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 11:47:30 +08:00
Pali Rohár
645993bdd7 board: freescale: p1_p2_rdb_pc: Delete watchdog max6370 node in load_default mode
CPLD in load_default mode ignores watchdog reset signal. It does not reset
board when watchdog triggers reset signal.

Detect load_default mode by GPIO7 - LOAD_DEFAULT_N and delete watchdog
max6370 node from device to prevent registering driver for non-working
watchdog.

Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 11:46:45 +08:00