Commit graph

90814 commits

Author SHA1 Message Date
Heinrich Schuchardt
b17e280bb2 riscv: allow usage of ACPI
Select CONFIG_SUPPORT_ACPI to allow usage of ACPI tables with RISC-V.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
91970e83ed riscv: add support for QEMU firmware tables
Enable the QEMU firmware interface if ACPI tables are to be supported on
the QEMU platform.

Enable the QFW MMIO interface if the QEMU firmware interface is enabled.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
638cc36348 acpi: enable writing ACPI tables on QEMU
Invoke write_acpi_tables() via EVT_LAST_STAGE_INIT on QEMU except on X86.
X86 calls write_acpi_tables() in write_tables().

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
b7d029bb8a riscv: add ACPI fields to global data
Add fields for the location of ACPI tables to the global data.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
22fcd1da55 arm: add ACPI fields to global data
Add fields for the location of ACPI tables to the global data.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
27a66fc3f3 acpi: carve out qfw_acpi.c
Move the code related to copying tables from QEMU to a separate code
module.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
b2f088c121 acpi: Kconfig symbol CONFIG_QFW_ACPI
We have two implementations of write_acpi_tables(). One for writing ACPI
tables based on ACPI_WRITER() entries another based on copying tables from
QEMU.

Create a symbol CONFIG_QFW_ACPI that signifies copying ACPI tables from
QEMU and use it consistently.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:49:15 -07:00
Heinrich Schuchardt
f47c86f6d3 acpi: support 64bit in acpi_find_table for DSDT and FACS
Use X_DSDT and X_FIRMWARE_CTRL if available.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rebased on -next to use nomap:
Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:49:08 -07:00
Heinrich Schuchardt
c95ade8dcd cmd: acpi: check HW reduced flag in acpi list
On non x86 platforms the hardware reduce flag must be set in the FADT
table. Write an error message if the flag is missing.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rebased on -next to use nomap, add hyphens:
Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:49:02 -07:00
Heinrich Schuchardt
c5924b1cd3 cmd: acpi: fix listing DSDT and FACS
If field X_FIRMWARE_CTRL is filled, field FIRMWARE must be ignored. If
field X_DSDT is filled, field DSDT must be ignored.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rebased on -next to use nomap:
Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:48:30 -07:00
Heinrich Schuchardt
a083ae71e0 acpi: use 64-bit addresses in FADT table
Fields X_FIRMWAE_CTRL and X_DSDT must be 64bit wide. Convert pointers to
to uintptr_t to fill these.

If field X_FIRMWARE_CTRL is filled, field FIRMWARE must be ignored. If
field X_DSDT is filled, field DSDT must be ignored. We should not fill
unused fields.

See the field definitions in chapter "5.2.9 Fixed ACPI Description Table
(FADT)" of the ACPI Specification 6.5.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:45:07 -07:00
Simon Glass
70fe238594 fdt: Allow the devicetree to come from a bloblist
Standard passage provides for a bloblist to be passed from one firmware
phase to the next. That can be used to pass the devicetree along as well.
Add an option to support this.

Tests for this will be added as part of the Universal Payload work.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:07 -07:00
Simon Glass
06ef8089f8 efi: Correct smbios-table installation
At present this code allocates memory when writing the tables and
then unnecessarily adds another memory map when installing it.

Adjust the code to allocate the tables using the normal U-Boot
mechanism. This avoids doing an EFI memory allocation early in
U-Boot, which may use memory that would be overwritten by a
'load' command, for example.

Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:45:07 -07:00
Simon Glass
a8efebe719 acpi: Write pointers to tables instead of addresses
Sandbox uses an API to map between addresses and pointers. This allows
it to have (emulated) memory at zero and avoid arch-specific addressing
details. It also allows memory-mapped peripherals to work.

As an example, on many machines sandbox maps address 100 to pointer
value 10000000.

However this is not correct for ACPI, if sandbox starts another program
(e.g EFI app) and passes it the tables. That app has no knowledge of
sandbox's address mapping. So to make this work we want to store
10000000 as the value in the table.

Add two new 'nomap' functions which clearly make this exeption to how
sandbox works.

This should allow EFI apps to access ACPI tables with sandbox, e.g. for
testing purposes.

Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:07 -07:00
Simon Glass
5e3adc44a4 acpi: Rename test dm_test_setup_ctx_and_base_tables()
Use the word 'acpi' in this test so that it runs along with all the
other ACPI tests.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:07 -07:00
Simon Glass
aa8499680c efi: smbios: Drop support for SMBIOS2 tables
Only the v3 table is supported now, so always use this when installing
the EFI table.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:07 -07:00
Simon Glass
1c5f6fa388 smbios: Drop support for SMBIOS2 tables
These tables are a pain since there is no way to handle memory above
4GB. Use SMBIOS3 always.

This should hopefully not create problems on x86 devices, since SMBIOS3
was released seven years ago (2015).

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Peter Robinson <pbrobinson@gmail.com>
2024-01-07 13:45:07 -07:00
Simon Glass
31f950a963 smbios: Require the caller to align the SMBIOS table
All callers handle this alignment, so drop the unnecessary code. This
simplifies things a little.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:07 -07:00
Simon Glass
138e69149b efi: Use the correct GUID for the SMBIOS table
EFI does not use the 'anchor string' to determine the SMBIOS table
version, instead preferring to have two separate GUIDs. Use the correct
one, depending on the table version.

Call unmap_system() to balance to the use of map_sysmem()

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:07 -07:00
Simon Glass
b2b58e1ef5 smbios: Correct gd_smbios_start()
This should access arch-specific properties. Fix it and update the
existing usage.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:06 -07:00
Simon Glass
70924294f3 smbios: Use SMBIOS 3.0 to support an address above 4GB
When the SMBIOS table is written to an address above 4GB a 32-bit table
address is not large enough.

Use an SMBIOS3 table in that case.

Note that we cannot use efi_allocate_pages() since this function has
nothing to do with EFI. There is no equivalent function to allocate
memory below 4GB in U-Boot. One solution would be to create a separate
malloc() pool, or just always put the malloc() pool below 4GB.

- Use log_debug() for warning
- Rebase on Heinrich's smbios.h patch
- Set the checksum for SMBIOS3

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2024-01-07 13:45:06 -07:00
Heinrich Schuchardt
de4b91ca68 smbios: SMBIOS 3.0 (64-bit) Entry Point structure
Add definition of the SMBIOS 3.0 (64-bit) Entry Point structure.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Signed-off-by: Simon Glass <sjg@chromium.org>
2024-01-07 13:45:06 -07:00
Simon Glass
f19cf8d43a smbios: Move the rest of the SMBIOS2 code
Move all of this logic into the else clause, since it will not be used
for SMBIOS3

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:06 -07:00
Simon Glass
58c638330a smbios: Refactor 32-bit code into an else statement
In preparation for adding support for SMBIOS3 move this code into an
else statement. There is no functional change.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-01-07 13:45:06 -07:00
Tom Rini
c2c598e87c Merge branch 'staging' of https://source.denx.de/u-boot/custodians/u-boot-tegra into next
Documentation updates for endeavoru, lg_x3, grouper and transformers,
addition of MIPI calibration clock name for T114 (inline with T124+),
conversion of TEGRA_SUPPORT_NON_SECURE into Kconfig and endeavoru
stability improvements.
2024-01-06 09:57:56 -05:00
Tom Rini
18fa946ab9 Merge branch '2024-01-05-fw_env-fixes' into next
- A few fw_env fixes
2024-01-06 09:57:30 -05:00
Anthony Loiseau
d73a664186 fw_env: autodetect NAND erase size and env sectors
As already done for NOR chips, if device ESIZE and ENVSECTORS static
configurations are both zero, then autodetect them at runtime.

Cc: Joe Hershberger <joe.hershberger@ni.com>
cc: Stefan Agner <stefan@agner.ch>
cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Anthony Loiseau <anthony.loiseau@allcircuits.com>
2024-01-05 15:41:47 -05:00
Rafał Miłecki
9e3003f79d fw_env: keep calling read() until whole flash block is read
It's totally valid for read() to provide less bytes than requested
maximum. It may happen if there is no more data available yet or source
pushes data in small chunks.

This actually happens when trying to read env data from NVMEM device.
Kernel may provide NVMEM content in page size parts (like 4096 B).

This fixes warnings like:
Warning on /sys/bus/nvmem/devices/u-boot-env0/nvmem: Attempted to read 16384 bytes but got 4096
Warning on /sys/bus/nvmem/devices/u-boot-env0/nvmem: Attempted to read 12288 bytes but got 4096
Warning on /sys/bus/nvmem/devices/u-boot-env0/nvmem: Attempted to read 8192 bytes but got 4096

Since the main loop in flash_read_buf() is used to read blocks this
patch adds a new nested one.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-05 15:41:47 -05:00
Rafał Miłecki
73b30800f5 fw_env: rename variables holding env data content
Rename "addr0" and "addr1" to "buf0" and "buf1" accordingly. Name "addr"
suggests that variable contains a numeric value being some kind of
address. Name "buf" is de facto a standard name for pointer to allocated
memory for reading data to.

While at it drop redundant checks for NULL before calling free().

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-05 15:41:47 -05:00
Rafał Miłecki
f29c5ca33d fw_env: fix reading NVMEM device's "compatible" value
Call to fread() was changed to check for return value. The problem is it
can't be checked for returning 1 (as it is) to determine success.

We call fread() with buffer size as "size" argument. Reading any
"compatible" value shorter than buffer size will result in returning 0
even on success.

Modify code to use fstat() to determine expected read length.

This fixes regression that broke using fw_env with NVMEM devices.

Fixes: c059a22b77 ("tools: env: fw_env: Fix unused-result warning")
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2024-01-05 15:41:47 -05:00
Svyatoslav Ryhel
86e581a560 board: htc: endeavoru: add an early SPL RCM hook
Unlike all other supported Tegra devices and most known Tegra devices, the
HTC One X has no hardware way to enter APX/RCM mode, which may lead to a
dangerous situation when, if BCT is set correctly and the bootloader is
faulty, the device will hang in a permanent brick state. Exiting from this
state can be done only by disassembling the device and shortening the
testpad to the ground.

To prevent this or to minimize the probability of such an accident, it was
proposed to add the RCM rebooting hook as early into SPL as possible since
SPL is much more robust and has minimal changes that can break bootflow.

gpio_early_init_uart() function was chosen as it is the earliest function
exposed for setup by the device. Hook performs a check for volume up button
state and triggers RCM if it is pressed.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-05 18:05:42 +02:00
Tom Rini
0d53be75c7 Merge patch series "ATF and OP-TEE Firewalling for K3 devices."
Manorit Chawdhry <m-chawdhry@ti.com> says:

K3 devices have firewalls that are used to prevent illegal accesses to
memory regions that are deemed secure. The series prevents the illegal
accesses to ATF and OP-TEE regions that are present in different K3
devices.

AM62X, AM62AX and AM64X are currently in hold due to some firewall
configurations that our System Controller (TIFS) needs to handle.
The devices that are not configured with the firewalling nodes will not
be affected and can continue to work fine until the firewall nodes are
added so will be a non-blocking merge.

Test Logs: https://gist.github.com/manorit2001/4cead2fb3a19eb5d19005b3f54682627
CICD Run: https://github.com/u-boot/u-boot/pull/442
2024-01-04 16:53:49 -05:00
Manorit Chawdhry
7ff09d484e docs: board: ti: k3: Add secure booting documentation
This commit adds a general flow to explain the usage of firewalls and
the chain of trust in K3 devices.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
4ebb8ae040 docs: board: ti: k3: Cleanup FIT signature documentation
The previous documentation had been very crude so refactor it to make it
cleaner and concise.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
8ae586e08c arm: dts: k3-j7200-binman: Add firewall configurations
The following commits adds the configuration of firewalls required to
protect ATF and OP-TEE memory region from non-secure reads and
writes using master and slave firewalls present in our K3 SOCs.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Tested-by: Thomas Richard <thomas.richard@bootlin.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
b8dea0c85e arm: dts: k3-j721s2-binman: Add firewall configurations
The following commits adds the configuration of firewalls required to
protect ATF and OP-TEE memory region from non-secure reads and
writes using master and slave firewalls present in our K3 SOCs.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
c485567ee6 arm: dts: k3-j721e-binman: Add firewall configurations
The following commits adds the configuration of firewalls required to
protect ATF and OP-TEE memory region from non-secure reads and
writes using master and slave firewalls present in our K3 SOCs.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
89caf6d6c5 arm: dts: k3-binman: Add k3-security.h and include it in k3-binman.dtsi
For readability during configuring firewalls, adding k3-security.h file
and including it in k3-binman.dtsi to be accessible across K3 SoCs

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Reviewed-by: Andrew Davis <afd@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
ba51299f60 binman: ftest: Add test for ti-secure firewall node
Add test for TI firewalling node in ti-secure.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
a3e407bef7 binman: ti-secure: Add support for firewalling entities
We can now firewall entities while loading them through our secure
entity TIFS, the required information should be present in the
certificate that is being parsed by TIFS.

The following commit adds the support to enable the certificates to be
generated if the firewall configurations are present in the binman dtsi
nodes.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
2024-01-04 16:48:00 -05:00
Manorit Chawdhry
b1839fcf75 dtoc: Change dst to self in debug message
Fix the error message to not use dst and use self as it is copying the
properties to self.

While using templating if there are no subnodes defined, we end up in
this situation where "dst" isn't defined and it tries to print the error
message and fails.

'UnboundLocalError: local variable 'dst' referenced before assignment'

Fixes: 55e1278d5e ("dtoc: Allow inserting a list of nodes into another")

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-01-04 16:48:00 -05:00
Svyatoslav Ryhel
5c39fbfa13 ARM: tegra114: support nonsecure state detection
Principle is exactly the same as on T124, testing of register
which behaves differently in secure and non-secure states.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-03 20:20:12 +02:00
Svyatoslav Ryhel
e692aded5e ARM: tegra114: expand MC register map
This expansion is required for nonsecure detection to work correctly.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-03 20:18:38 +02:00
Svyatoslav Ryhel
27e69fe99a ARM: tegra124: convert TEGRA_SUPPORT_NON_SECURE into Kconfig
Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
2024-01-03 20:18:24 +02:00
Tom Rini
42fb448a20 configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2024-01-03 09:26:16 -05:00
Tom Rini
93a0138acb Prepare v2024.01-rc6
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmWVa0gACgkQFHw5/5Y0
 tyyxaAv/XwG8mzltTwMHc65IHmeupJLhBPBJgrZyZPlHRWNThSKBcbtTKnJIxN/j
 ZAakyMFykkZCs+xfpckjzyY9CA2B5pkZ1RMKj5AgiWOH3+vbCPN92/wzs+NVpN78
 ek1Ht2McIM51pdLYe50hYuqIU/Y8rWsptpK9/t2rdGSa79G70uo3DTGNYVyGcLNF
 b63B42FLnu11+MkyfN7z2Q3y0OlKpT/oZHb6R4rWNWNQqDbpficpEvoJdA1LzeAg
 GouCZ7Ib1qffoydbj1wruYT7Pkg9AsPs1tNa2eENJldfthlx9PFrW4be1t8bRput
 WnpbSbxRBw1sS8dukjCi0st+lhUNyuapT2J7hmtuXSMVprxK0UzQMbdGo9suxSlT
 DwTuTsNvwGzIk5E4SRZZI+xSUqpeCKnnVC7OLcqGKSAsoZIv5s5Fq/VgIIQ7gzNY
 LA+kdSjVeiKfsPzXCXCvILMqffwS8J9zIYdoxmq4o9XsmksabDCDUZpEy9IQ3gbB
 6MPxZgnj
 =Sqkn
 -----END PGP SIGNATURE-----

Merge tag 'v2024.01-rc6' into next

Prepare v2024.01-rc6
2024-01-03 09:22:47 -05:00
Tom Rini
80cb22c58b Prepare v2024.01-rc6
Signed-off-by: Tom Rini <trini@konsulko.com>
2024-01-03 09:11:33 -05:00
Tom Rini
b2cbf968dd configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2024-01-03 09:09:56 -05:00
Nishanth Menon
e703bfcb38 arm: dts: k3-am62a*: Sync with kernel v6.7-rc1
Sync with kernel v6.7-rc1 and sync up the u-boot dts files accordingly.

Signed-off-by: Nishanth Menon <nm@ti.com>
2024-01-03 08:52:19 -05:00
Nishanth Menon
244c9fd1a5 arm: mach-k3: am62a: Add main_timer0 id to the dev list
main_timer0 is used by u-boot as the tick-timer. Add it to the soc
devices list so it an be enabled via the k3 power controller.

Signed-off-by: Nishanth Menon <nm@ti.com>
Reviewed-by: Neha Malcom Francis <n-francis@ti.com>
2024-01-03 08:52:19 -05:00