CONFIG_$(SPL_TPL_)SYS_MALLOC_F_LEN is defined as hex. If set to zero
manually, .config contains '0x0' and not '0' as value.
The default value for CONFIG_SPL_SYS_MALLOC_F_LEN should not be set to 0
but to 0x0 if CONFIG_SPL_FRAMEWORK=n to match a manually set value.
Fixes: c0126bd862 ("spl: Support bootstage, log, hash and early malloc in TPL")
Fixes: b616947052 ("SPL: Do not enable SPL_SYS_MALLOC_SIMPLE without SPL_FRAMEWORK by default")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add rule to compile bmp.c at SPL and u-boot proper when CONFIG_SPL_BMP
and CONFIG_BMP are defined.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
To enable splash screen and loading bmp from boot media, add rules to
compile splash.c and splash_source.c at SPL stage only when
CONFIG_SPL_SPLASH_SCREEN and CONFIG_SPL_SPLASH_SOURCE are defined.
Signed-off-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
USB hubs run in host mode not in gadget mode. Hence, compiling usb_hub.c
should not be selected by CONFIG_USB_GADGET.
Suggested-by: Marek Vasut <marex@denx.de>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Marek Vasut <marex@denx.de>
The current cread_line() function is very long. It handles the escape
processing inline. The menu command does similar processing but at the
character level, so there is some duplication.
Split the character processing into a new function cli_ch_process() which
processes individual characters and returns the resulting input character,
taking account of escape sequences. It requires the caller to set up and
maintain its state.
Update cread_line() to use this new function.
The only intended functional change is that an invalid escape sequence
does not add invalid/control characters into the input buffer, but instead
discards these.
Signed-off-by: Simon Glass <sjg@chromium.org>
The main issue the driver addresses is that a USB hub needs to be
powered before it can be discovered. This is often solved by using
"regulator-always-on".
This driver is inspired by the Linux v6.1 driver. It only enables (or
disables) the hub vdd (3v3) supply, so it can be enumerated.
Scanning of the device tree is done in a similar manner to the sandbox,
by the usb-uclass. DT part looks like:
&usbh_ehci {
...
#address-cells = <1>;
#size-cells = <0>;
hub@1 {
compatible = "usb424,2514";
reg = <1>;
vdd-supply = <&v3v3>;
};
};
When the bus gets probed, the driver is automatically probed/removed from
the bus tree, as an example on stm32:
STM32MP> usb start
starting USB...
STM32MP> dm tree
Class Index Probed Driver Name
-----------------------------------------------------------
usb 0 [ + ] ehci_generic | |-- usb@5800d000
usb_hub 0 [ + ] usb_onboard_hub | | `-- hub@1
usb_hub 1 [ + ] usb_hub | | `-- usb_hub
STM32MP> usb tree
USB device tree:
1 Hub (480 Mb/s, 0mA)
| u-boot EHCI Host Controller
|
+-2 Hub (480 Mb/s, 2mA)
Signed-off-by: Fabrice Gasnier <fabrice.gasnier@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Add the basic infrastructure to periodically execute code, e.g. all
100ms. Examples for such functions might be LED blinking etc. The
functions that are hooked into this cyclic list should be small timewise
as otherwise the execution of the other code that relies on a high
frequent polling (e.g. UART rx char ready check) might be delayed too
much. This patch also adds the Kconfig option
CONFIG_CYCLIC_MAX_CPU_TIME_US, which configures the max allowed time
for such a cyclic function. If it's execution time exceeds this time,
this cyclic function will get removed from the cyclic list.
How is this cyclic functionality executed?
The following patch integrates the main function responsible for
calling all registered cyclic functions cyclic_run() into the
common WATCHDOG_RESET macro. This guarantees that cyclic_run() is
executed very often, which is necessary for the cyclic functions to
get scheduled and executed at their configured periods.
This cyclic infrastructure will be used by a board specific function on
the NIC23 MIPS Octeon board, which needs to check periodically, if a
PCIe FLR has occurred.
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Now that we have consistently named symbols to enable USB host or gadget
controller support in SPL or full U-Boot, we do not need to
unconditionally build USB files nor depend on non-SPL symbols to know
when to build these common files.
Signed-off-by: Tom Rini <trini@konsulko.com>
Add a way to create and dispatch events without needing to allocate
memory. Also add a way to 'spy' on events, thus allowing 'hooks' to be
created.
Use a linker list for static events, which we can use to replace functions
like arch_cpu_init_f(). Allow an EVENT_DEBUG option which makes it
easier to see what is going on at runtime, but uses more code space.
Dynamic events allow the creation of a spy at runtime. This is not always
necessary, but can be enabled with EVENT_DYNAMIC if needed.
A 'test' event is the only option for now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Commit 98f705c9ce ("powerpc: remove 4xx support") removed (in 2017) the
last code that made use of bedbug debugger support. Since there aren't
any boards left that define either CONFIG_CMD_BEDBUG or a real
bedbug_init(), drop this feature from u-boot.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rename the file lcd_simplefb.c to fdt_simplefb.c to be aligned
with the configuration name and with the associated include file
./include/fdt_simplefb.h
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
This converts the following to Kconfig:
CONFIG_LCD_DT_SIMPLEFB
This patch also renames this config to CONFIG_FDT_SIMPLEFB as the code in
common/lcd_simplefb.c support CONFIG_LCD and CONFIG_VIDEO.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Matthias Brugger <mbrugger@suse.com>
The last board that used to set CONFIG_LYNXKDI has been removed in
commit 242836a893 ("powerpc: ppc4xx: remove pcs440ep support"),
doc/README.lynxkdi only talks about a MPC8260 board being supported,
and the mpc8260 support has been removed four years ago in commit
2eb48ff7a2 ("powerpc, 8260: remove support for mpc8260") already,
and common/lynxkdi.c only consists of an "#error" statement these
days, so it seems like the LYNX KDI code is dead code nowadays.
Let's remove it now.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Quite a lot of the code in common/relates to booting and images. Before
adding more it seems like a good time to move the code into its own
directory.
Most files with 'boot' or 'image' in them are moved, except:
- autoboot.c which relates to U-Boot automatically running a script
- bootstage.c which relates to U-Boot timing
Drop the removal of boot* files from the output directory, since this
interfers with the symlinks created by tools and there does not appear
to be any such file from my brief testing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
Tested-by: Artem Lapkin <email2tema@gmail.com>
To avoid a large #ifdef in the image.c file, move the affected code into
a separate file.
Avoid any style fix-ups for easier review. Those are in the next patch.
Signed-off-by: Simon Glass <sjg@chromium.org>
All of these configs exist. Stick to using CONFIG_[ST]PL_HASH, and drop all
references to CONFIG_[ST]PL_HASH_SUPPORT. This means we need for
CHAIN_OF_TRUST to select SPL_HASH now.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add TPL case, fix CHAIN_OF_TRUST, other tweaks]
Signed-off-by: Tom Rini <trini@konsulko.com>
Add support for stack protector for UBOOT, SPL, and TPL
as well as new pytest for stackprotector
Signed-off-by: Joel Peshkin <joel.peshkin@broadcom.com>
Adjust UEFI build flags.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We move qfw into its own uclass and split the PIO functions into a
specific driver for that uclass. The PIO driver is selected in the
qemu-x86 board config (this covers x86 and x86_64).
include/qfw.h is cleaned up and documentation added.
Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
This Trusted Application allows enabling SCP03 as well as provisioning
the keys on TEE controlled secure element (ie, NXP SE050).
All the information flowing on buses (ie I2C) between the processor
and the secure element must be encrypted. Secure elements are
pre-provisioned with a set of keys known to the user so that the
secure channel protocol (encryption) can be enforced on the first
boot. This situation is however unsafe since the keys are publically
available.
For example, in the case of the NXP SE050, these keys would be
available in the OP-TEE source tree [2] and of course in the
documentation corresponding to the part.
To address that, users are required to rotate/provision those keys
(ie, generate new keys and write them in the secure element's
persistent memory).
For information on SCP03, check the Global Platform HomePage and
google for that term [1]
[1] globalplatform.org
[2] https://github.com/OP-TEE/optee_os/
check:
core/drivers/crypto/se050/adaptors/utils/scp_config.c
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
obj-$(CONFIG_$(SPL_TPL_)YMODEM_SUPPORT) += xyzModem.o is there,
no need obj-$(CONFIG_SPL_YMODEM_SUPPORT) += xyzModem.o
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The main purpose of this patch is to separate a generic interface for
updating firmware using DFU drivers from "auto-update" via tftp.
This function will also be used in implementing UEFI capsule update
in a later commit.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
My goal is to sync lib/libfdt/ with scripts/dtc/libfdt/, that is,
make lib/libfdt/ contain only wrapper files.
fdt_region.c was written only for U-Boot to implement the verified
boot. So, this belongs to the same group as common/fdt_support.c,
which is a collection of U-Boot own fdt helpers.
Move lib/libfdt/fdt_region.c to common/fdt_region.c . This is
necessary only when CONFIG_(SPL_TPL_)_FIT_SIGNATURE is enabled.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Do not build image_sign_info helper functions in SPL if not needed.
Fixes: b983cc2da0 ("lib: rsa: decouple rsa from FIT image verification")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Provide a log driver that broadcasts RFC 3164 messages to syslog servers.
rsyslog is one implementation of such a server.
The messages are sent to the local broadcast address 255.255.255.255 on
port 514.
The environment variable log_hostname can be used to provide the HOSTNAME
field for the messages. The optional TIMESTAMP field of RFC 3164 is not
provided.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Android Boot Image v2 adds "DTB" payload (and corresponding field in the
image header). Provide functions for its handling:
- android_image_get_dtb_by_index(): Obtain DTB blob from "DTB" part of
boot image, by blob's index
- android_image_print_dtb_contents(): Iterate over all DTB blobs in
"DTB" part of boot image and print those blobs info
"DTB" payload might be in one of the following formats:
1. concatenated DTB blobs
2. Android DTBO format
The latter requires "android-image-dt.c" functionality, so this commit
selects that file for building for CONFIG_ANDROID_BOOT_IMAGE option.
Right now this new functionality isn't used, but it can be used further.
As it's required to apply some specific dtbo blob(s) from "dtbo"
partition, we can't automate this process inside of "bootm" command. But
we can do next:
- come up with some new command like "abootimg" to extract dtb blob
from boot image (using functions from this patch)
- extract desired dtbo blobs from "dtbo" partition using "adtimg"
command
- merge dtbo blobs into dtb blob using "fdt apply" command
- pass resulting dtb blob into bootm command in order to boot the
Android kernel with Android ramdisk from boot image
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Rename the existing 'dtimg' command to 'adtimg', in order to:
- Suggest the Android origins and scope
- Be consistent with the upcoming 'abootimg' command (naming
suggested by Simon [*])
The change in _not_ backward compatible, but its benefits outweigh its
downsides, given that we don't expect active users of 'dtimg' today.
Perform the rename in several steps:
1. Rename *.c file and Kconfig symbol. This should allow
'git log --follow' to properly track the history of 'adtimg.c'
2. 's/dtimg/adtimg/g' in the internal namespace of 'adtimg.c'
ELF comparison [**] before and after shows no functional change.
[*] https://patchwork.ozlabs.org/patch/1182212/#2291600
[**] diff -u <(objdump -d cmd/dtimg.o) <(objdump -d cmd/adtimg.o)
Cc: Tom Rini <trini@konsulko.com>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Simon Glass<sjg@chromium.org>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
This patch determines the A/B-specific bootloader message structure
that is the basis for implementation of recovery and A/B update
functions. A/B metadata is stored in this structure and used to decide
which slot should we use to boot the device. Also some basic functions
for A/B metadata manipulation are implemented (like slot selection).
The patch was extracted from commits [1], [2] with some coding style
fixes.
[1] https://android-review.googlesource.com/c/platform/external/u-boot/+/729878/2
[2] https://android-review.googlesource.com/c/platform/external/u-boot/+/729880/2
Signed-off-by: Ruslan Trofymenko <ruslan.trofymenko@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This debug mode is used by CubeMX DDR tuning tools
or manualy for tests during board bring-up.
It is simple console used to change DDR parameters and check
initialization.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Since there is the SPL_USB_HOST_SUPPORT for enabling USB support in SPL,
makes more sense to rename the SPL_USB_SUPPORT as SPL_USB_STORAGE.
Everything that is not part of the usb storage support in SPL is now
build under SPL_USB_HOST_SUPPORT.
Signed-off-by: Abel Vesa <abel.vesa@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
CLI support with the HUSH parser is not currently SPL safe due to it's
use of realloc. That function is not defined for SPLs that use
SYS_MALLOC_SIMPLE. CLI support can be built in to SPL and some functions
do work, but use of some like run_command() will cause build to fail.
When no SPL code calls this function build works as the compiler removes
this unreachable code so the unresolved symbols are ignored.
If DFU support is enabled in SPL then MMU DFU support may get brought in
also, this code does make a call to run_command() causing build to fail
if the HUSH parser is not built-in. To break this odd and unneeded
dependency chain we use CONFIG_IS_ENABLED where appropriate to prevent
calls into HUSH code from SPL. This also removes our need to pull in the
rather unrelated source file when SPL_DFU is defined.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The symbol CONFIG_SPL_DFU_SUPPORT in SPL build has the same
meaning as CONFIG_DFU in regular U-Boot. Drop the _SUPPORT
to allow for cleaner use in code.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Lukasz Majewski <lukma@denx.de>
Enable DM for USB peripheral in the musb-new driver.
Also make sure that the driver can be used in the SPL.
This implies that:
* the driver must work with and without the OF_CONTROL option. That
in turn, implies that the platform data can be passed in a struct
ti_musb_platdata or be read from the dtb
* usb.o is linked in the SPL if host support is enabled
Another change is that the driver does not fail to bind (and stop the boot
process) if one of the child driver does not bind. Reporting the error is
enough. This kind of error would appear if the port is configured in the
DTS but the driver is not activated in the config.
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Common USB code is built whenever USB is enabled (in non-SPL builds).
The USB uclass is built whenever (SPL_)DM_USB is enabled. Both need to
be independent from CMD_USB.
Signed-off-by: Sven Schwermer <sven@svenschwermer.de>
At present there is no standard way in U-Boot to pass information from SPL
to U-Boot proper. But sometimes SPL wants to convey information to U-Boot
that U-Boot cannot easily figure out. For example, if SPL sets up SDRAM
then it might want to pass the size of SDRAM, or the location of each
bank, to U-Boot proper.
Add a new 'bloblist' feature which provides this. A bloblist is set up in
the first phase of U-Boot that runs (i.e. TPL or SPL). The location of
this info may be in SRAM or CAR (x86 cache-as-RAM) or somewhere else.
Information placed in this region is preserved (with a checksum) through
TPL and SPL and ends up in U-Boot. At this point it is copied into SDRAM
so it can be used after relocation.
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Andreas Dannenberg <dannenberg@ti.com>
It is sometimes useful to log information in SPL and TPL. Add support for
this.
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
At present these features are supported in SPL but not TPL. Update the
Kconfig and Makefile to allow this.
Also add a few Makefile comments to make earier to track what is going on.
Signed-off-by: Simon Glass <sjg@chromium.org>
dtimg command allows user to work with Android DTB/DTBO image format.
Such as, getting the address of desired DTB/DTBO file, printing the dump
of the image in U-Boot shell, etc.
This command is needed to provide Android boot with new Android DT image
format further.
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
1. Since libavb library alone is highly portable, introduce dedicated
Kconfig symbol for AVB bootloader-dependent operations, so it's possible
to build libavb separately. AVB bootloader-dependent operations include:
* Helpers to process strings in order to build OS bootargs.
* Helpers to access MMC, similar to drivers/fastboot/fb_mmc.c.
* Helpers to alloc/init/free avb ops.
2. Add CONFIG_FASTBOOT dependency, as fastboot buffer is
re-used in partition verification operations.
Reported-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Tested-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Implement AVB ops on top of existing mmc subsystem API. Currently there
is a full implementation of such operations, defined by [1]
AVB2.0 specification:
.read_from_partition() - reads N bytes from a partition identified by
a name.
.write_to_partition() - Writes N bytes to a partition identified by a name.
.validate_vbmeta_public_key() - checks if the given public ‘vbmeta’
partition is trusted.
.get_unique_guid_for_partition() - Gets the GUID for a partition identified
by a string name.
As [1] specification recommends to use tamper-evident storage for storing
rollback indexes and device state (LOCKED/UNLOCKED),
currently are only stubs instead of full implementation for these ops:
.read_rollback_index() - Gets the rollback index for a given index location
.write_rollback_index() - Sets the rollback index to a given location
.read_is_device_unlocked() - Gets where the device is unlocked
[1] https://android.googlesource.com/platform/external/avb/+/master/README.md
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Introduce CONFIG_IMAGE_SPARSE and CONFIG_CMD_MMC_SWRITE so the "mmc
swrite" command is separated from the fastboot code.
Move image-sparse from common to lib so it's clear it's library code.
Rename CONFIG_FASTBOOT_FLASH_FILLBUF_SIZE to CONFIG_IMAGE_SPARSE_FILLBUF_SIZE
and migrate it to Kconfig.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Acked-by: Jassi Brar <jaswinder.singh@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>