Add mkimage support for generating and verifying MXS bootstream.
The implementation here is mostly a glue code between MXSSB v0.4
and mkimage, but the long-term goal is to rectify this and merge
MXSSB with mkimage more tightly. Once this code is properly in
U-Boot, MXSSB shall be deprecated in favor of mkimage-mxsimage
support.
Note that the mxsimage generator needs libcrypto from OpenSSL, I
therefore enabled the libcrypto/libssl unconditionally.
MXSSB: http://git.denx.de/?p=mxssb.git;a=summary
The code is based on research presented at:
http://www.rockbox.org/wiki/SbFileFormat
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Tom Rini <trini@ti.com>
Cc: Fabio Estevam <fabio.estevam@freescale.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Otavio Salvador <otavio@ossystems.com.br>
Add support for setting the CSF (Command Sequence File) pointer
which is used for HAB (High Assurance Boot) in the imximage by
adding e.g.
CSF 0x2000
in the imximage.cfg file.
This will set the CSF pointer accordingly just after the padded
data image area. The boot_data.length is adjusted with the
value from the imximage.cfg config file.
The resulting u-boot.imx can be signed with the FSL HAB tooling.
The generated CSF block needs to be appended to the u-boot.imx.
Signed-off-by: Stefano Babic <sbabic@denx.de>
Define the galois index table offset in chip head file. So user do not need
to set by himself. Driver will set it correctly according to sector_size.
Signed-off-by: Josh Wu <josh.wu@atmel.com>
Acked-by: Scott Wood <scottwood@freescale.com>
[rebased on master]
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Due to the nand SPL on some board(e.g. P1022DS)has a size limit, it can
not be more than 4K. So, the SPL cannot initialize the DDR with the SPD
code. This patch introduces TPL to enable a loader stub that is loaded
by the code from the SPL. It initializes the DDR with the SPD or other
operations.
The TPL's size is sizeable, the maximum size is decided by the memory's
size that TPL runs. It initializes the DDR through SPD code, and copys
final uboot image to DDR. So there are three stage uboot images:
* spl_boot, * tpl_boot, * final uboot image
Signed-off-by: Ying Zhang <b40530@freescale.com>
Acked-by: York Sun <yorksun@freescale.com>
The code from the internal on-chip ROM. It loads the final uboot image
into DDR, then jump to it to begin execution.
The SPL's size is sizeable, the maximum size must not exceed the size of L2
SRAM. It initializes the DDR through SPD code, and copys final uboot image
to DDR. So there are two stage uboot images:
* spl_boot, 96KB size. The env variables are copied to L2 SRAM, so that
ddr spd code can get the interleaving mode setting in env. It loads
final uboot image from offset 96KB.
* final uboot image, size is variable depends on the functions enabled.
Signed-off-by: Ying Zhang <b40530@freescale.com>
Acked-by: York Sun <yorksun@freescale.com>
Fixup an easy conflict over adding the clk_get prototype and USB_OTG
defines for am33xx having moved.
Conflicts:
arch/arm/include/asm/arch-am33xx/hardware.h
Signed-off-by: Tom Rini <trini@ti.com>
Now that nothing uses CONFIG_ARCH_DEVICE_TREE, stop defining it.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Acked-by: Simon Glass <sjg@chromium.org>
The MIPS code uses centralized u-boot.lds script already,
and dynamic relocation is supported as well.
Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
Cc: Daniel Schwierzeck <daniel.schwierzeck@googlemail.com>
Add a const keyword to the sect_buf argument of
ide_write_data to fix the following warning:
cmd_ide.c: In function '__ide_output_data':
cmd_ide.c:548: warning: passing argument 2 of 'ide_write_data' discards qualifiers from pointer target type
/devel/u-boot.git/include/ide.h:76: note: expected 'ulong *' but argument is of type 'const ulong *'
Also modify the driver-model documentation to
match with the new prototype.
Compile tested only.
Cc: Macpaul Lin <macpaul@andestech.com>
Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
commit 54965b6136 (README: mxs: Introduce README.mxs) should have changed the
file name to README.mxs, as it covers both mx23 and mx28 now.
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Fix a trivial conflict in arch/arm/dts/exynos5250.dtsi about gpio and
serial.
Conflicts:
arch/arm/dts/exynos5250.dtsi
Signed-off-by: Tom Rini <trini@ti.com>
Remove CONFIG_SPLASH_SCREEN_PREPARE from README
Add doc/README.splashprepare to document functionality
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
Acked-by: Igor Grinberg <grinberg@compulab.co.il>
Create a README.mxs file that contains instructions on how to use U-boot for
both MX23 and MX28.
As boot from NAND has only been tested on mx28, make it clear that it only
applies to MX28.
While at it, do some small cleanups for the sake of consistency:
- Use "MX28" instead of "i.MX28"
- Use "section" instead of "chapter" when referring to specific parts of the
reference manual chapters.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
MX28 can boot from SSP0 or SSP1, so it is better not to hardcode the SSP port
in the instructions.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
In order to improve readability keep the text within 80 columns.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
This patch introduces support for command line arguments to Plan 9.
Plan 9 generally dedicates a small region of kernel memory (known
as CONFADDR) for runtime configuration. A new environment variable
named confaddr was introduced to indicate this location when copying
arguments.
Signed-off-by: Steven Stallion <sstallion@gmail.com>
[trini: Adapt for Simon's changes about correcting argc, no need to bump
by 2 now]
Signed-off-by: Tom Rini <trini@ti.com>
Add a description of how to implement verified boot using signed FIT images,
and a simple test which verifies operation on sandbox.
The test signs a FIT image and verifies it, then signs a FIT configuration
and verifies it. Then it corrupts the signature to check that this is
detected.
Signed-off-by: Simon Glass <sjg@chromium.org>
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).
Add support for signing of FIT configurations using the libfdt's region
support.
Please see doc/uImage.FIT/signature.txt for more information.
Signed-off-by: Simon Glass <sjg@chromium.org>
Normally, multiple public keys can be provided and U-Boot is not
required to use all of them for verification. This is because some
images may not be signed, or may be optionally signed.
But we still need a mechanism to determine when a key must be used.
This feature cannot be implemented in the FIT itself, since anyone
could change it to mark a key as optional. The requirement for
key verification must go in with the public keys, in a place that
is protected from modification.
Add a -r option which tells mkimage to mark all keys that it uses
for signing as 'required'.
If some keys are optional and some are required, run mkimage several
times (perhaps with different key directories if some keys are very
secret) using the -F flag to update an existing FIT.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
When signing an image, it is useful to add some details about which tool
or person is authorising the signing. Add a comment field which can take
care of miscellaneous requirements.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
When signing images it is sometimes necessary to sign with different keys
at different times, or make the signer entirely separate from the FIT
creation to avoid needing the private keys to be publicly available in
the system.
Add a -F option so that key signing can be a separate step, and possibly
done multiple times as different keys are avaiable.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
FIT image verification requires public keys. Add a convenient option to
mkimage to write the public keys to an FDT blob when it uses then for
signing an image. This allows us to use:
mkimage -f test.its -K dest.dtb -k keys test.fit
and have the signatures written to test.fit and the corresponding public
keys written to dest.dtb. Then dest.dtb can be used as the control FDT
for U-Boot (CONFIG_OF_CONTROL), thus providing U-Boot with access to the
public keys it needs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
Keys required for signing images will be in a specific directory. Add a
-k option to specify that directory.
Also update the mkimage man page with this information and a clearer list
of available commands.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de> (v1)
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a library which supports tracing of execution using built-in gcc
features and a microsecond timer. This can be used to record a list of
function which are executed, along with a timestamp for each. Later
this information can be sent to the host for processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch adds the driver for keyboard that's controlled by ChromeOS EC.
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Hung-ying Tyan <tyanh@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
This patch adds the cros_ec driver that implements the protocol for
communicating with Google's ChromeOS embedded controller.
Signed-off-by: Bernie Thompson <bhthompson@chromium.org>
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Doug Anderson <dianders@chromium.org>
Signed-off-by: Gabe Black <gabeblack@chromium.org>
Signed-off-by: Hung-ying Tyan <tyanh@chromium.org>
Signed-off-by: Louis Yung-Chieh Lo <yjlou@chromium.org>
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Signed-off-by: Sean Paul <seanpaul@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
1. Misalignment will be found in the doc/README.srio-pcie-boot-corenet
file when the tabs are set to 8 characters. And the standard for
u-boot should be 8 character tabs! So this issue should be amended.
2. Add a NOTE for the ENV parameters of the Slave.
Signed-off-by: Liu Gang <Gang.Liu@freescale.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
Small conflict over DRA7XX updates and adding SRAM_SCRATCH_SPACE_ADDR
Conflicts:
arch/arm/include/asm/arch-omap5/omap.h
Signed-off-by: Tom Rini <trini@ti.com>