Make the external devices the preferred ones when booting the system
(usb is already the first option). This allows users to easily boot
custom distributions without requiring them to reflash/customize u-boot.
Cc: Mateusz Kulikowski <mateusz.kulikowski@gmail.com>
Signed-off-by: Ricardo Salveti <rsalveti@rsalveti.net>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Tested-by: Andreas Färber <afaerber@suse.de>
Acked-by: Mateusz Kulikowski <mateusz.kulikowski@gmail.com>
Now that we have a suitable test framework we should move all tests into it.
The vboot test is a suitable candidate. Rewrite it in Python and move the
data files into an appropriate directory.
Signed-off-by: Simon Glass <sjg@chromium.org>
We should not be returning -1 as an error code. This can mask a situation
where we run out of space adding things to the FIT. By returning the correct
error in this case (-ENOSPC) it can be handled by the higher-level code.
This may fix the error reported by Tom Van Deun here:
https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html
although I am not sure as I cannot actually repeat it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Van Deun <tom.vandeun@wapice.com>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
The error code may provide useful information for debugging. Add it to the
error string.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
Some tests want to execute a sequence of commands. Add a helper for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
Sometimes we want to run a command and check that it fails. Add a function
to handle this. It can check the return code and also make sure that the
output contains a given error message.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is sometimes inconvenient to convert a string into a list for execution
with run_and_log(). Provide a helper function to do this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
It is useful to be able to obtain the output from a command. Return it from
this function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
Tests may want to look at the output from running a command, even if it
fails (e.g. with a non-zero return code). Provide a means to obtain this.
Another approach would be to return a class object containing both the
output and the exception, but I'm not sure if that would result in a lot
of refactoring.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
Tests may want to look at the output from running a command. Return it so
that this is possible.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
Normally tests will run with the test.dtb file designed for this purpose.
However, the verified boot tests need to run with their own device-tree
file, containing a public key.
Make the device-tree file a config option so that it can be adjusted by
tests. The default is to keep the current behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
At present sandbox exits when the 'bootm' command completes, since it is not
actually able to run the OS that is loaded. Normally 'bootm' failure is
considered a fatal error in U-Boot.
However this is annoying for tests, which may want to examine the state
after a test is complete. In any case there is a 'reset' command which can
be used to exit, if required.
Change the behaviour to return normally from the 'bootm' command on sandbox.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
A common check before sending patches is to run all available tests on
sandbox. But everytime I do this I have to look up the README. This presents
quite a barrier to actually doing this.
Add a shell script to help. To run the tests, type:
test/run
in the U-Boot directory, which should be easy to remember.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>
Sometimes it is useful to build tools with debugging information included so
that line-number information is available when run under gdb. Add a Kconfig
option to support this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Update the error-handling code for -A, -C and -O to show a list of valid
options when an invalid one is provided.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Vinoth Eswaran <evinoth1206@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The existing error code only displays image types which are claimed by a
particular U_BOOT_IMAGE_TYPE() driver. But this does not seem correct. The
mkimage tool should support all image types, so it makes sense to allow
creation of images of any type with the tool.
When an incorrect image type is provided, use generic code to display the
error.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a generic function which can display a list of items in any category.
This will allow displaying of images for the -A, -C, -O and -T flags. At
present only -T is supported.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add generic functions which can look up information about a category:
- the number of items in the category
- the category description
- an item long time
- an item short time
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
At present the name is NULL, which prevents qsort() fromp being used. Use
the name "invalid" instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a table that contains the category name, the number of items in each
category and a pointer to the table of items. This will allow us to use
generic code to deal with the categories.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
We need to know the number of values of each category (architecture,
compression, OS and image type). To make this value easier to maintain,
convert all values to enums. The count is then automatic.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The fit_write_images() function incorrectly uses the long name for the
architecture. This cannot be parsed with the FIT is read. Fix this by using
the short name instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There is no need to set params.fit_image_type while parsing the arguments.
It is set up later anyway.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
When auto-fit is used, it is not valid to create a FIT without an image
file. Add a check for this to avoid a very confusing error message later
("Can't open (null): Bad address").
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There is a special case in the code when auto-fit is used. Add a comment to
make it easier to understand why this is needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
The default image type is supposed to be IH_TYPE_KERNEL, as set in the
'params' variable. Honour this with auto-fit also.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
For most of architectures in U-Boot, virtual address is straight
mapped to physical address. So, it makes sense to have generic
defines of ioremap and friends in <linux/io.h>.
All of them are just empty and will disappear at compile time, but
they will be helpful to implement drivers which are counterparts of
Linux ones.
I notice MIPS already has its own implementation, so I added a
Kconfig symbol CONFIG_HAVE_ARCH_IOREMAP which MIPS (and maybe
Sandbox as well) can select.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
These defines are valid only when iomem_valid_addr is defined,
but I do not see such defines anywhere. Remove.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Currently, this is only defined in arch/arm/include/asm/types.h,
so move it to include/linux/types.h to make it available for all
architectures.
I defined it with phys_addr_t as Linux does. I needed to surround
the define with #ifdef __KERNEL__ ... #endif to avoid build errors
in tools building. (Host tools should not include <linux/types.h>
in the first place, but this is already messy in U-Boot...)
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Adds information regarding SPL handling the loading and processing of
secured u-boot images as part of the second stage boot the SPL does.
Introduces the description of a new interface script in the TI SECDEV
Package which handles the creation and prep of secured binary images.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Modify the SPL build procedure for AM437x high-security (HS) device
variants to create a secure u-boot_HS.img FIT blob that contains U-Boot
and DTB artifacts signed (and optionally encrypted) with a TI-specific
process based on the CONFIG_TI_SECURE_DEVICE config option and the
externally-provided image signing tool.
Also populate the corresponding FIT image post processing call to be
performed during SPL runtime.
Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Modify the SPL build procedure for AM57xx and DRA7xx high-security (HS)
device variants to create a secure u-boot_HS.img FIT blob that contains
U-Boot and DTB artifacts signed with a TI-specific process based on the
CONFIG_TI_SECURE_DEVICE config option and the externally-provided image
signing tool.
Also populate the corresponding FIT image post processing call to be
performed during SPL runtime.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The next stage boot loader image and the selected FDT can be post-
processed by board/platform/device-specific code, which can include
modifying the size and altering the starting source address before
copying these binary blobs to their final destination. This might be
desired to do things like strip headers or footers attached to the
images before they were packaged into the FIT, or to perform operations
such as decryption or authentication. Introduce new configuration
option CONFIG_SPL_FIT_IMAGE_POST_PROCESS to allow controlling this
feature. If enabled, a platform-specific post-process function must
be provided.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Adds commands so that when a secure device is in use and the SPL is
built to load a FIT image (with combined U-Boot binary and various
DTBs), these components that get fed into the FIT are all processed to
be signed/encrypted/etc. as per the operations performed by the
secure-binary-image.sh script of the TI SECDEV package. Furthermore,
perform minor comments cleanup to make better use of the available
space.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Adds an API that verifies a signature attached to an image (binary
blob). This API is basically a entry to a secure ROM service provided by
the device and accessed via an SMC call, using a particular calling
convention.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Adds a generic C-callable API for making secure ROM calls on OMAP and
OMAP-compatible devices. This API provides the important function of
flushing the ROM call arguments to memory from the cache, so that the
secure world will have a coherent view of those arguments. Then is
simply calls the omap_smc_sec routine.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add an interface for calling secure ROM APIs across a range of OMAP and
OMAP compatible high-security (HS) device variants. While at it, also
perform minor cleanup/alignment without any change in functionality.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Adds missing flush_dcache_range and invalidate_dcache_range dummy
(empty) placeholder functions to the #else portion of the #ifndef
CONFIG_SYS_DCACHE_OFF, where full implementations of these functions
are defined.
Signed-off-by: Daniel Allred <d-allred@ti.com>
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There are two enable methods supported by ARM64 Linux; psci and
spin-table. The latter is simpler and helpful for quick SoC bring
up. My main motivation for this patch is to improve the spin-table
support, which allows us to boot an ARMv8 system without the ARM
Trusted Firmware.
Currently, we have multi-entry code in arch/arm/cpu/armv8/start.S
and the spin-table is supported in a really ad-hoc way, and I see
some problems:
- We must hard-code CPU_RELEASE_ADDR so that it matches the
"cpu-release-addr" property in the DT that comes from the
kernel tree.
- The Documentation/arm64/booting.txt in Linux requires that
the release address must be zero-initialized, but it is not
cared by the common code in U-Boot. We must do it in a board
function.
- There is no systematic way to protect the spin-table code from
the kernel. We are supposed to do it in a board specific manner,
but it is difficult to predict where the spin-table code will be
located after the relocation. So, it also makes difficult to
hard-code /memreserve/ in the DT of the kernel.
So, here is a patch to solve those problems; the DT is run-time
modified to reserve the spin-table code (+ cpu-release-addr).
Also, the "cpu-release-addr" property is set to an appropriate
address after the relocation, which means we no longer need the
hard-coded CPU_RELEASE_ADDR.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Upon further review this breaks most other platforms as we need to check
what core we're running on before touching it at all.
This reverts commit d73718f323.
Signed-off-by: Tom Rini <trini@konsulko.com>
With the change to set up pinctrl after relocation, link fails to boot. Add
a special case in the link code to handle this.
Fixes: d8906c1f (x86: Probe pinctrl driver in cpu_init_r())
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add support for Advantech SOM-DB5800 with the SOM-6867 installed.
This is very similar to conga-qeval20-qa3-e3845 in that there is a
reference carrier board (SOM-DB5800) with a Baytrail based SoM (SOM-6867)
installed.
Currently supported:
- 2x UART (From ITE EC on SOM-6867) routed to COM3/4 connectors on
SOM-DB5800.
- 4x USB 2.0 (EHCI)
- Video
- SATA
- Ethernet
- PCIe
- Realtek ALC892 HD Audio
Pad configuration for HDA_RSTB, HDA_SYNC, HDA_CLK, HDA_SDO
HDA_SDI0 is set in DT to enable HD Audio codec.
Pin defaults for codec pin complexs are not changed.
Not supported:
- Winbond Super I/O (Must be disabled with jumpers on SOM-DB8500)
- USB 3.0 (XHCI)
- TPM
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
If global NVS says internal UART is not enabled, hide it in the ASL
code so that OS won't see it.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Now that platform-specific ACPI global NVS is added, pack it into
ACPI table and get its address fixed up.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This introduces quark-specific ACPI global NVS structure, defined in
both C header file and ASL file.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This introduces baytrail-specific ACPI global NVS structure, defined in
both C header file and ASL file.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>