Use enum efi_memory_type and enum_allocate_type in the definitions of the
efi_allocate_pages(), efi_allocate_pool().
In the external UEFI API leave the type as int as the UEFI specification
explicitely requires that enums use a 32bit type.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This commit adds the comment of the TCG Specification
efi_tcg2.h file refers, and comment for the structure.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
'make htmldocs' does not use file doc/board/st/st.rst because the name
matches the directory name. Let's rename it to st-dt.rst.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Having "i.MX7D/i.MX8MM SRC_GPR10 PERSIST_SECONDARY_BOOT for bootloader A/B
switching" at the top level of the documentation tree does not make sense.
Move it to board specific information.
Fixes: 59e3d1bd49 ("doc: imx: psb: Document usage of SRC_GPR10 PERSIST_SECONDARY_BOOT for A/B switching")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Highlights:
- Handle TF-A boot with FIP for STM32MP1
- Fix board_get_usable_ram_top(0) for STM32MP1
- DT alignement with kernel v5.14 for STM32MP1
- SPI-NOR DT update for DHSOM
- Add UCLASS API for ECDSA singnature and implement it for STM32MP1
This test verifies that ECDSA_UCLASS is implemented, and that
ecdsa_verify() works as expected. The definition of "expected" is
"does not find a device, and returns -ENODEV".
The lack of a hardware-independent ECDSA implementation prevents us
from having one in the sandbox, for now.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
FIT signatures can now be implemented with ECDSA. The assumption that
all FIT images are signed with RSA is no longer valid. Thus, instead
of 'select'ing RSA, only 'imply' it. This doesn't change the defaults,
but allows one to explicitly disable RSA support.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
The STM32MP ROM provides several service. One of them is the ability
to verify ecdsa256 signatures. Hook the ROM API into the ECDSA uclass.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Implement the crypto_algo .verify() function for ecdsa256. Because
it backends on UCLASS_ECDSA, this change is focused on parsing the
keys from devicetree and passing this information to the specific
UCLASS driver.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Define a UCLASS API for verifying ECDSA signatures. Unlike
UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
the ECDSA class focuses on verification. This is done so that it
better aligns with mach-specific implementations, such as stm32mp.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
The SPI NOR is a bit further away from the SoC on DHCOR than on DHCOM,
which causes additional signal delay. At 108 MHz, this delay triggers
a sporadic issue where the first bit of RX data is not received by the
QSPI controller.
There are two options of addressing this problem, either by using the
DLYB block to compensate the extra delay, or by reducing the QSPI bus
clock frequency. The former requires calibration and that is overly
complex for SPL, so opt for the second option. This incurs 20ms delay
during boot, when SPL loads U-Boot to DRAM.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The DHSOM SPI NOR is using 4k erase blocks, make use of it
and define the default environment sector size to 4k.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Device tree alignment with Linux kernel v5.14-rc3
- ARM: dts: stm32: move stmmac axi config in ethernet node on stm32mp15
- ARM: dts: stm32: Configure qspi's mdma transfer to block for stm32mp151
- ARM: dts: stm32: add a new DCMI pins group on stm32mp15
- ARM: dts: stm32: fix ltdc pinctrl on microdev2.0-of7
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The function board_get_usable_ram_top can be called after relocation
with total_size = 0 to get the uppermost pointer that is valid to access
in U-Boot.
When total_size = 0, the reserved memory should be not take in account
with lmb library and 'gd->ram_base + gd->ram_size' can be used.
It is the case today in lib/efi_loader/efi_memory.c:efi_add_known_memory()
and this patch avoids that the reserved memory for OP-TEE is not part of
the EFI available memory regions.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The MTD tee partitions used to save the OP-TEE binary are needed when
TF-A doesn't use the FIP container to load binaries.
This patch puts under CONFIG_STM32MP15x_STM32IMAGE flag the associated
code in U-Boot binary and prepare the code cleanup when
CONFIG_STM32MP15x_STM32IMAGE support will be removed after TF-A migration
to FIP support.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
TF-A for STM32MP15 now supports the FIP: it is a packaging format which
includes the secure monitor, u-boot-nodtb.bin and u-boot.dtb
This FIP file is loaded by FSBL = TF-A BL2.
This patch updates the board documentation to use this FIP file and no
more u-boot.stm32 (with STM32 image header) which is no more generated.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add TF-A FIP support for trusted boot on STM32MP15x,
when STM32MP15x_STM32IMAGE is not activated.
With FIP support the SSBL partition is named "fip" and its size is 4MB,
so the ENV partition name in device tree (for SD card or eMMC)
or offset in defconfig (CONFIG_ENV_OFFSET / CONFIG_ENV_OFFSET_REDUND)
need to be modified.
With FIP the TEE MTD partitions are removed because the OP-TEE binray are
included in the FIP containers.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
With FIP support in TF-A (when CONFIG_STM32MP15x_STM32IMAGE
is not activated), the DT nodes needed by OP-TEE are added by OP-TEE
firmware in U-Boot device tree, present in FIP.
These nodes are only required in trusted boot, when TF-A load the file
u-boot.stm32, including the U-Boot device tree with STM32IMAGE header,
in this case OP-TEE can't update the U-Boot device tree.
Moreover in trusted boot mode with FIP, as the OP-TEE nodes are present
in U-Boot device tree only when needed the function
stm32_fdt_disable_optee can be removed.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
By default for trusted boot with TF-A, U-Boot (u-boot-nodtb)
is located in FIP container with its device tree and with
the secure monitor (provided by TF-A or OP-TEE).
The FIP file is loaded by TF-A BL2 and each components is
extracted at the final location.
This patch add CONFIG_STM32MP15x_STM32IMAGE to request the
STM32 image generation for SOC STM32MP15x
when FIP container is not used (u-boot.stm32 is loaded by TF-A
as done previously to keep the backward compatibility).
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add the support of the BSEC clock used by the STM32MP misc driver
since the commit 622c956cad ("stm32mp: bsec: manage clock when present
in device tree") even if this clock is not yet defined in kernel device
tree stm32mp151.dtsi.
This patch avoids issue for basic boot when this secure clock are not
provided by secure world with SCMI.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Documentation:
* Require Sphinx >= 2.4.4 for 'make htmldocs'
* Move devicetree documentation to restructured text and update it
* Document stm32mp1 devicetree bindings
UEFI
* Extend measurement to UEFI variables and ExitBootServices()
* Support Uri() node in devicetree to text protocol
* Add Linux magic token to RISC-V EFI test binaries
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmEYlbcACgkQxIHbvCwF
GsRP6g/8C1HWK4ZKJspHBt3ib09XwiJHTTVym//Crqo1+J32scS32Uktx6PvOODD
axmE60cSblDKL3+1uVRMRF2rEGta3pjYyPe/ie7VhqvFU5c7BxHbBSAe0fKTXWtR
7DVFKn4f0Yv1k3MD/WV/3L9LXEJeOC+UHANNUYfQsuC42kPhq3wZTrHJdJeqr2R3
VBaxk/xpMXsHkMZF+xmhPd6BtaYC6CMw57HHRYlKCOZbIYaV/ncdR1/am2/Yx+cF
w9hPVStZynp0E6oykbNiClIrpg7XknkS6Pf70UC9ZbX2mc3vOoXf/ZfC0Wgx/aBf
ifIszIKXlhHY/1bzwR6hLP8TjOGKZzF/rjgF95N8KJWVccyYWYbyO30WTvFmD4/D
LXd0hH2olXGE8ZumvWtyHuHTel6kO4FVn1Wk+symofH8Wsj29o0ZjvhJoCgQRu4+
Ngm3JMVcO7DCkPc+tCCahZL1N06qdsUg2d7j/uM/M92A/X3lkUMRP2HsySHuE7Gg
3Oc3hcazauxiz0gygAWFGbGqs9wrPnkPcRsrn8cQkjyK9a4JVsJfjUwKO3ZvTjVr
ID24pQhEeim0elDOaOCxceCoes3zIgVAW058r3/jN+MaCSzIIWEG9plPIdvAejGi
SjNYK+aWnoWrAVG6rsXO+EhWj49qekvB4XKSb3JV1Z9KP9WAN7E=
=GyC+
-----END PGP SIGNATURE-----
Merge tag 'efi-2021-10-rc2-2' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2021-10-rc2-2
Documentation:
* Require Sphinx >= 2.4.4 for 'make htmldocs'
* Move devicetree documentation to restructured text and update it
* Document stm32mp1 devicetree bindings
UEFI
* Extend measurement to UEFI variables and ExitBootServices()
* Support Uri() node in devicetree to text protocol
* Add Linux magic token to RISC-V EFI test binaries
Refactor efi_append_scrtm_version() to use common
function for adding eventlog and extending PCR.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
TCG PC Client PFP spec requires to measure
"Exit Boot Services Invocation" if ExitBootServices() is invoked.
Depending upon the return code from the ExitBootServices() call,
"Exit Boot Services Returned with Success" or "Exit Boot Services
Returned with Failure" is also measured.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Swap two ifs in efi_exit_boot_services().
efi_tcg2_notify_exit_boot_services must have EFIAPI signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
TCG PC Client PFP spec requires to measure "Boot####"
and "BootOrder" variables, EV_SEPARATOR event prior
to the Ready to Boot invocation.
Since u-boot does not implement Ready to Boot event,
these measurements are performed when efi_start_image() is called.
TCG spec also requires to measure "Calling EFI Application from
Boot Option" for each boot attempt, and "Returning from EFI
Application from Boot Option" if a boot device returns control
back to the Boot Manager.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
TCG PC Client PFP spec requires to measure the secure
boot policy before validating the UEFI image.
This commit adds the secure boot variable measurement
of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr".
Note that this implementation assumes that secure boot
variables are pre-configured and not be set/updated in runtime.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Add the Linux magic to the EFI file header to allow running our test
programs with GRUB's linux command.
MajorImageVersion = 1 indicates a kernel that can consume the
EFI_LOAD_FILE2_PROTOCOL. This allows to dump the GRUB provided intird with
our initrddump.efi tool.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
iPXE used Uri() device path nodes. So we should support them in the
device path to text protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
With device tree binding migration to yaml it is difficult to synchronize
the binding from Linux kernel to U-Boot.
Instead of maintaining the same dt bindings, this patch adds in the U-Boot
documentation the path to the device tree bindings in Linux kernel for
STMicroelectronics devices, when they are used without modification.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add links for referenced text files.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This question comes up every now and then with people coming from Linux.
Add some notes about it so we can point to it in the mailing list.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This file is about 10 years old and the updates have not covered
everything that has changed, particularly in the last few years. Update
the information and add mention of the u-boot.dtsi files.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fix typos.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Move this to rST format, largely unchanged to start with. Add an index
for this topic, as well as an empty intro.
Note this patch does not include updates! Is it just a conversion to the
new format. See the next patch.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchart <xypron.glpk@gmx.de>
Adjust the Latex formatting to match Linux v5.13.1:
* add Latex margins
* reformat the code in doc/conf.py to match Linux
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Now that the spi-nor fix has been made in u-boot/master via:
commit 87e7219f9c ("mtd: spi-nor: Respect flash's hwcaps in spi_nor_adjust_hwcaps()")
enable CONFIG_SPI_FLASH_SMART_HWCAPS on Intel Crown Bay again.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Update SeaBIOS build instructions using exact command that involves
"make olddefconfig", and mention SeaBIOS release 1.14.0 has been
used for testing.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Enable SeaBIOS support for any kernel that requires legacy BIOS
services.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Make px30 SFC clock configurable
Signed-off-by: Jon Lin <jon.lin@rock-chips.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
The Odroid Go Advance uses a Rockchip Serial Flash Controller with an
XT25F128B SPI NOR flash chip. This adds support for both. Note that
while both the controller and chip support quad mode, only two lines
are connected to the chip. Changing the pinctrl to bus2 and setting tx
and rx lines to 2 for this reason.
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Signed-off-by: Jon Lin <jon.lin@rock-chips.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Adds support for XT25F128B used on Odroid Go Advance. Unfortunately
this chip uses a continuation code which I cannot seem to parse, so
there are possibly going to be collisions with chips that use the same
manufacturer/ID.
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Signed-off-by: Jon Lin <jon.lin@rock-chips.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Add the serial flash controller to the devicetree for the PX30.
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Signed-off-by: Jon Lin <jon.lin@rock-chips.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
This patch adds support for setting the correct pin configuration
for the Rockchip Serial Flash Controller found on the PX30.
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Signed-off-by: Jon Lin <jon.lin@rock-chips.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
This patch adds support for the Rockchip serial flash controller
found on the PX30 SoC. It should work for versions 3-5 of the SFC
IP, however I am only able to test it on v3.
This is adapted from the WIP SPI-MEM driver for the SFC on mainline
Linux. Note that the main difference between this and earlier versions
of the driver is that this one does not support DMA. In testing
the performance difference (performing a dual mode read on a 128Mb
chip) is negligible. DMA, if used, must also be disabled in SPL
mode when using A-TF anyway.
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Signed-off-by: Jon Lin <jon.lin@rock-chips.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>