Commit graph

90804 commits

Author SHA1 Message Date
Heinrich Schuchardt
a083ae71e0 acpi: use 64-bit addresses in FADT table
Fields X_FIRMWAE_CTRL and X_DSDT must be 64bit wide. Convert pointers to
to uintptr_t to fill these.

If field X_FIRMWARE_CTRL is filled, field FIRMWARE must be ignored. If
field X_DSDT is filled, field DSDT must be ignored. We should not fill
unused fields.

See the field definitions in chapter "5.2.9 Fixed ACPI Description Table
(FADT)" of the ACPI Specification 6.5.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:45:07 -07:00
Simon Glass
70fe238594 fdt: Allow the devicetree to come from a bloblist
Standard passage provides for a bloblist to be passed from one firmware
phase to the next. That can be used to pass the devicetree along as well.
Add an option to support this.

Tests for this will be added as part of the Universal Payload work.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:07 -07:00
Simon Glass
06ef8089f8 efi: Correct smbios-table installation
At present this code allocates memory when writing the tables and
then unnecessarily adds another memory map when installing it.

Adjust the code to allocate the tables using the normal U-Boot
mechanism. This avoids doing an EFI memory allocation early in
U-Boot, which may use memory that would be overwritten by a
'load' command, for example.

Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:45:07 -07:00
Simon Glass
a8efebe719 acpi: Write pointers to tables instead of addresses
Sandbox uses an API to map between addresses and pointers. This allows
it to have (emulated) memory at zero and avoid arch-specific addressing
details. It also allows memory-mapped peripherals to work.

As an example, on many machines sandbox maps address 100 to pointer
value 10000000.

However this is not correct for ACPI, if sandbox starts another program
(e.g EFI app) and passes it the tables. That app has no knowledge of
sandbox's address mapping. So to make this work we want to store
10000000 as the value in the table.

Add two new 'nomap' functions which clearly make this exeption to how
sandbox works.

This should allow EFI apps to access ACPI tables with sandbox, e.g. for
testing purposes.

Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:07 -07:00
Simon Glass
5e3adc44a4 acpi: Rename test dm_test_setup_ctx_and_base_tables()
Use the word 'acpi' in this test so that it runs along with all the
other ACPI tests.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:07 -07:00
Simon Glass
aa8499680c efi: smbios: Drop support for SMBIOS2 tables
Only the v3 table is supported now, so always use this when installing
the EFI table.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:07 -07:00
Simon Glass
1c5f6fa388 smbios: Drop support for SMBIOS2 tables
These tables are a pain since there is no way to handle memory above
4GB. Use SMBIOS3 always.

This should hopefully not create problems on x86 devices, since SMBIOS3
was released seven years ago (2015).

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Peter Robinson <pbrobinson@gmail.com>
2024-01-07 13:45:07 -07:00
Simon Glass
31f950a963 smbios: Require the caller to align the SMBIOS table
All callers handle this alignment, so drop the unnecessary code. This
simplifies things a little.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:07 -07:00
Simon Glass
138e69149b efi: Use the correct GUID for the SMBIOS table
EFI does not use the 'anchor string' to determine the SMBIOS table
version, instead preferring to have two separate GUIDs. Use the correct
one, depending on the table version.

Call unmap_system() to balance to the use of map_sysmem()

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:07 -07:00
Simon Glass
b2b58e1ef5 smbios: Correct gd_smbios_start()
This should access arch-specific properties. Fix it and update the
existing usage.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:06 -07:00
Simon Glass
70924294f3 smbios: Use SMBIOS 3.0 to support an address above 4GB
When the SMBIOS table is written to an address above 4GB a 32-bit table
address is not large enough.

Use an SMBIOS3 table in that case.

Note that we cannot use efi_allocate_pages() since this function has
nothing to do with EFI. There is no equivalent function to allocate
memory below 4GB in U-Boot. One solution would be to create a separate
malloc() pool, or just always put the malloc() pool below 4GB.

- Use log_debug() for warning
- Rebase on Heinrich's smbios.h patch
- Set the checksum for SMBIOS3

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:06 -07:00
Heinrich Schuchardt
de4b91ca68 smbios: SMBIOS 3.0 (64-bit) Entry Point structure
Add definition of the SMBIOS 3.0 (64-bit) Entry Point structure.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:45:06 -07:00
Simon Glass
f19cf8d43a smbios: Move the rest of the SMBIOS2 code
Move all of this logic into the else clause, since it will not be used
for SMBIOS3

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:06 -07:00
Simon Glass
58c638330a smbios: Refactor 32-bit code into an else statement
In preparation for adding support for SMBIOS3 move this code into an
else statement. There is no functional change.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:06 -07:00
Tom Rini
c2c598e87c Merge branch 'staging' of https://source.denx.de/u-boot/custodians/u-boot-tegra into next
Documentation updates for endeavoru, lg_x3, grouper and transformers,
addition of MIPI calibration clock name for T114 (inline with T124+),
conversion of TEGRA_SUPPORT_NON_SECURE into Kconfig and endeavoru
stability improvements.
2024-01-06 09:57:56 -05:00
Tom Rini
18fa946ab9 Merge branch '2024-01-05-fw_env-fixes' into next
- A few fw_env fixes
2024-01-06 09:57:30 -05:00
Anthony Loiseau
d73a664186 fw_env: autodetect NAND erase size and env sectors
As already done for NOR chips, if device ESIZE and ENVSECTORS static
configurations are both zero, then autodetect them at runtime.

Cc: Joe Hershberger <joe.hershberger@ni.com>
cc: Stefan Agner <stefan@agner.ch>
cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Anthony Loiseau <anthony.loiseau@allcircuits.com>
2024-01-05 15:41:47 -05:00
Rafał Miłecki
9e3003f79d fw_env: keep calling read() until whole flash block is read
It's totally valid for read() to provide less bytes than requested
maximum. It may happen if there is no more data available yet or source
pushes data in small chunks.

This actually happens when trying to read env data from NVMEM device.
Kernel may provide NVMEM content in page size parts (like 4096 B).

This fixes warnings like:
Warning on /sys/bus/nvmem/devices/u-boot-env0/nvmem: Attempted to read 16384 bytes but got 4096
Warning on /sys/bus/nvmem/devices/u-boot-env0/nvmem: Attempted to read 12288 bytes but got 4096
Warning on /sys/bus/nvmem/devices/u-boot-env0/nvmem: Attempted to read 8192 bytes but got 4096

Since the main loop in flash_read_buf() is used to read blocks this
patch adds a new nested one.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-05 15:41:47 -05:00
Rafał Miłecki
73b30800f5 fw_env: rename variables holding env data content
Rename "addr0" and "addr1" to "buf0" and "buf1" accordingly. Name "addr"
suggests that variable contains a numeric value being some kind of
address. Name "buf" is de facto a standard name for pointer to allocated
memory for reading data to.

While at it drop redundant checks for NULL before calling free().

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-05 15:41:47 -05:00
Rafał Miłecki
f29c5ca33d fw_env: fix reading NVMEM device's "compatible" value
Call to fread() was changed to check for return value. The problem is it
can't be checked for returning 1 (as it is) to determine success.

We call fread() with buffer size as "size" argument. Reading any
"compatible" value shorter than buffer size will result in returning 0
even on success.

Modify code to use fstat() to determine expected read length.

This fixes regression that broke using fw_env with NVMEM devices.

Fixes: c059a22b77 ("tools: env: fw_env: Fix unused-result warning")
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-05 15:41:47 -05:00
Svyatoslav Ryhel
86e581a560 board: htc: endeavoru: add an early SPL RCM hook
Unlike all other supported Tegra devices and most known Tegra devices, the
HTC One X has no hardware way to enter APX/RCM mode, which may lead to a
dangerous situation when, if BCT is set correctly and the bootloader is
faulty, the device will hang in a permanent brick state. Exiting from this
state can be done only by disassembling the device and shortening the
testpad to the ground.

To prevent this or to minimize the probability of such an accident, it was
proposed to add the RCM rebooting hook as early into SPL as possible since
SPL is much more robust and has minimal changes that can break bootflow.

gpio_early_init_uart() function was chosen as it is the earliest function
exposed for setup by the device. Hook performs a check for volume up button
state and triggers RCM if it is pressed.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-05 18:05:42 +02:00
Tom Rini
0d53be75c7 Merge patch series "ATF and OP-TEE Firewalling for K3 devices."
Manorit Chawdhry <m-chawdhry@ti.com> says:

K3 devices have firewalls that are used to prevent illegal accesses to
memory regions that are deemed secure. The series prevents the illegal
accesses to ATF and OP-TEE regions that are present in different K3
devices.

AM62X, AM62AX and AM64X are currently in hold due to some firewall
configurations that our System Controller (TIFS) needs to handle.
The devices that are not configured with the firewalling nodes will not
be affected and can continue to work fine until the firewall nodes are
added so will be a non-blocking merge.

Test Logs: https://gist.github.com/manorit2001/4cead2fb3a19eb5d19005b3f54682627
CICD Run: https://github.com/u-boot/u-boot/pull/442
2024-01-04 16:53:49 -05:00
Manorit Chawdhry
7ff09d484e docs: board: ti: k3: Add secure booting documentation
This commit adds a general flow to explain the usage of firewalls and
the chain of trust in K3 devices.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
4ebb8ae040 docs: board: ti: k3: Cleanup FIT signature documentation
The previous documentation had been very crude so refactor it to make it
cleaner and concise.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
8ae586e08c arm: dts: k3-j7200-binman: Add firewall configurations
The following commits adds the configuration of firewalls required to
protect ATF and OP-TEE memory region from non-secure reads and
writes using master and slave firewalls present in our K3 SOCs.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Tested-by: Thomas Richard <thomas.richard@bootlin.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
b8dea0c85e arm: dts: k3-j721s2-binman: Add firewall configurations
The following commits adds the configuration of firewalls required to
protect ATF and OP-TEE memory region from non-secure reads and
writes using master and slave firewalls present in our K3 SOCs.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
c485567ee6 arm: dts: k3-j721e-binman: Add firewall configurations
The following commits adds the configuration of firewalls required to
protect ATF and OP-TEE memory region from non-secure reads and
writes using master and slave firewalls present in our K3 SOCs.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
89caf6d6c5 arm: dts: k3-binman: Add k3-security.h and include it in k3-binman.dtsi
For readability during configuring firewalls, adding k3-security.h file
and including it in k3-binman.dtsi to be accessible across K3 SoCs

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Reviewed-by: Andrew Davis <afd@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
ba51299f60 binman: ftest: Add test for ti-secure firewall node
Add test for TI firewalling node in ti-secure.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
a3e407bef7 binman: ti-secure: Add support for firewalling entities
We can now firewall entities while loading them through our secure
entity TIFS, the required information should be present in the
certificate that is being parsed by TIFS.

The following commit adds the support to enable the certificates to be
generated if the firewall configurations are present in the binman dtsi
nodes.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
b1839fcf75 dtoc: Change dst to self in debug message
Fix the error message to not use dst and use self as it is copying the
properties to self.

While using templating if there are no subnodes defined, we end up in
this situation where "dst" isn't defined and it tries to print the error
message and fails.

'UnboundLocalError: local variable 'dst' referenced before assignment'

Fixes: 55e1278d5e ("dtoc: Allow inserting a list of nodes into another")

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-04 16:48:00 -05:00
Svyatoslav Ryhel
5c39fbfa13 ARM: tegra114: support nonsecure state detection
Principle is exactly the same as on T124, testing of register
which behaves differently in secure and non-secure states.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-03 20:20:12 +02:00
Svyatoslav Ryhel
e692aded5e ARM: tegra114: expand MC register map
This expansion is required for nonsecure detection to work correctly.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-03 20:18:38 +02:00
Svyatoslav Ryhel
27e69fe99a ARM: tegra124: convert TEGRA_SUPPORT_NON_SECURE into Kconfig
Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-03 20:18:24 +02:00
Tom Rini
42fb448a20 configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2024-01-03 09:26:16 -05:00
Tom Rini
93a0138acb Prepare v2024.01-rc6
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmWVa0gACgkQFHw5/5Y0
 tyyxaAv/XwG8mzltTwMHc65IHmeupJLhBPBJgrZyZPlHRWNThSKBcbtTKnJIxN/j
 ZAakyMFykkZCs+xfpckjzyY9CA2B5pkZ1RMKj5AgiWOH3+vbCPN92/wzs+NVpN78
 ek1Ht2McIM51pdLYe50hYuqIU/Y8rWsptpK9/t2rdGSa79G70uo3DTGNYVyGcLNF
 b63B42FLnu11+MkyfN7z2Q3y0OlKpT/oZHb6R4rWNWNQqDbpficpEvoJdA1LzeAg
 GouCZ7Ib1qffoydbj1wruYT7Pkg9AsPs1tNa2eENJldfthlx9PFrW4be1t8bRput
 WnpbSbxRBw1sS8dukjCi0st+lhUNyuapT2J7hmtuXSMVprxK0UzQMbdGo9suxSlT
 DwTuTsNvwGzIk5E4SRZZI+xSUqpeCKnnVC7OLcqGKSAsoZIv5s5Fq/VgIIQ7gzNY
 LA+kdSjVeiKfsPzXCXCvILMqffwS8J9zIYdoxmq4o9XsmksabDCDUZpEy9IQ3gbB
 6MPxZgnj
 =Sqkn
 -----END PGP SIGNATURE-----

Merge tag 'v2024.01-rc6' into next

Prepare v2024.01-rc6
2024-01-03 09:22:47 -05:00
Tom Rini
80cb22c58b Prepare v2024.01-rc6
Signed-off-by: Tom Rini <trini@konsulko.com>
2024-01-03 09:11:33 -05:00
Tom Rini
b2cbf968dd configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2024-01-03 09:09:56 -05:00
Nishanth Menon
e703bfcb38 arm: dts: k3-am62a*: Sync with kernel v6.7-rc1
Sync with kernel v6.7-rc1 and sync up the u-boot dts files accordingly.

Signed-off-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:52:19 -05:00
Nishanth Menon
244c9fd1a5 arm: mach-k3: am62a: Add main_timer0 id to the dev list
main_timer0 is used by u-boot as the tick-timer. Add it to the soc
devices list so it an be enabled via the k3 power controller.

Signed-off-by: Nishanth Menon <nm@ti.com>
Reviewed-by: Neha Malcom Francis <n-francis@ti.com>
2024-01-03 08:52:19 -05:00
Tom Rini
3f662af87d Merge patch series "sync am65x device tree with Linux v6.7-rc1"
Bryan Brattlof <bb@ti.com> says:

Hello Again Everyone!

This series gets the am65x booting again along with syncing the device
tree files with v6.7-rc1 Linux.

The bulk of these patches unify the WKUP SPL board file with the arm64
files to make future syncs from Linux much easier. In the end the DTBs
should look a lot like what the DTBs look like for the am64x which
is fairly similar to the am65x.

For those interested in what UART boot looks like:
   https://paste.sr.ht/~bryanb/7df8a645dc548912cd806abd5ecab967ef3287bc
2024-01-03 08:38:40 -05:00
Bryan Brattlof
37a1a4074b arm: dts: k3-am654: convert bootph-pre-ram to bootph-all
Many nodes are reused between WKUP SPL, MAIN SPL, and U-Boot. Using
bootph-pre-ram is causing these nodes to be present in SPL builds but
pruned away during the U-Boot build. Convert these nodes to bootph-all
so they will remain no matter which dtb build is happening.

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
4aea536754 arm: dts: k3-am654: remove duplicate mcu secure proxy node
With the Linux and U-Boot board dtb files unified, we now have a
duplicate mcu secure proxy node. Remove it

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
e055622bd7 arm: dts: k3-am654: move dummy_clock to root node
The dummy_clock node is used to help the drivers probe the IO needed to
setup consoles and boot media to load firmware into the SoC.

This dummy_clock isn't a device that exists nor does it exist in the
mcu domain. So move it from cbass_mcu to the root node to avoid any
confusion.

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
5baad5521d arm: dts: k3-am654: remove un-needed aliases
These aliases are not needed in U-Boot. Remove them

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
dabf30a2bf arm: dts: k3-am654: remove duplicate root properties
With the Linux and U-Boot board dtb files unified, we have duplicate
properties in the root node. Remove them

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
d23582d052 arm: dts: k3-am654: remove duplicate vtt pinmux
With the Linux and U-Boot board dtb files unified, we now have a
duplicate vtt_pinmux node. Remove it

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
c7b075074f arm: dts: k3-am654: remove duplicate mdio
With the Linux and U-Boot board dtb files unified, we now have a
duplicate mdio node. Remove it

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
9a6fab6d82 arm: dts: k3-am654: remove usb0
The pinmux for usb0 is missing from the Linux board dtb file. Remove it
until we can introduce it in Linux

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00
Bryan Brattlof
755db5fc7c arm: dts: k3-am654: remove duplicate ospi0 node
With the Linux and U-Boot board dtb files unified, we now have a
duplicate ospi0 node. Remove it

Tested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:36:37 -05:00