There is no separate SPL/TPL config for WATCHDOG_AUTOSTART.
So use IS_ENABLED instead of CONFIG_IS_ENABLED to make watchdog
working in SPL again.
Fixes: 830d29ac37 ("watchdog: Allow to use CONFIG_WDT without starting watchdog")
Signed-off-by: Teresa Remmet <t.remmet@phytec.de>
Reviewed-by: Stefan Roese <sr@denx.de>
In uboot command line environment, watchdog is not able to be
stopped with below commands:
SOCFPGA_STRATIX10 # wdt dev watchdog@ffd00200
SOCFPGA_STRATIX10 # wdt stop
Refer to watchdog driver in linux kernel, it is also need to reset
watchdog after disable it so that the disable action takes effect.
Signed-off-by: Meng Li <Meng.Li@windriver.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
Remove the mmc alias no more required as the sequence number
of mmc device is used for boot_instance.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Use the device sequence number in boot_instance variable
and no more the SDMMC instance provided by ROM code/TF-A.
After this patch we don't need to define the mmc alias in
device tree, for example:
mmc0 = &sdmmc1;
mmc1 = &sdmmc2;
mmc2 = &sdmmc3;
to have a correct mapping between the ROM code boot device =
"${boot_device}${boot_instance}" and the MMC device in U-Boot.
With this patch the 'mmc0' device (used in mmc commands) is
always used when only one instance sdmmc is activated in device
tree, even if it is only the sdmmc2 or sdmmc3.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Use the existing defines PMIC_SIZE and OTP_SIZE and a new define
CMD_SIZE for virtual partition size.
This patch corrects the size for OTP partition in alternate name
(1024 instead of 512) and avoids other alignment issues.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Activate the command rng with CONFIG_CMD_RNG, used to test
the rng driver
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Enable the clocks during syscon probe when they are present in device tree.
This patch avoids a freeze when the SYSCFG clock is not enabled by
TF-A / OP-TEE.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add the support of SYSCFG clock used by syscon driver
to prepare the clock management of STM32MP_SYSCON_SYSCFG.
This clock is already defined in kernel device tree,
stm32mp151.dtsi but not yet supported in the syscon driver:
syscfg: syscon@50020000 {
compatible = "st,stm32mp157-syscfg", "syscon";
reg = <0x50020000 0x400>;
clocks = <&rcc SYSCFG>;
};
It is safe to support this clock in U-Boot driver with
RCC_MC_APB3ENSETR, Bit 11 SYSCFGEN: SYSCFG peripheral clocks
enable.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The expected sequence to close the device
1/ Load key in DDR with any supported load command
2/ Update OTP with key: STM32MP> stm32key read <addr>
At this point the device is able to perform image authentication but
non-authenticated images can still be used and executed.
So it is the last moment to test boot with signed binary and
check that the ROM code accepts them.
3/ Close the device: only signed binary will be accepted !!
STM32MP> stm32key close
Warning: Programming these OTP is an irreversible operation!
This may brick your system if the HASH of key is invalid
This command should be deactivated by default in real product.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Allow to read the OTP value and lock status with the command
$> stm32key read.
This patch also protects the stm32key fuse command.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add a helper function to access to BSEC misc driver.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Lock the OTP value of key's hash after the command
$> stm32key fuse <address>
This operation forbids a second update of these OTP as they are
ECC protected in BSEC: any update of these OTP with a different value
causes a BSEC disturb error and the closed chip will be bricked.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Simplify parsing the command argument by using
the macro U_BOOT_CMD_WITH_SUBCMDS.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
This command is used to evaluate the secure boot on stm32mp SOC,
it is deactivated by default in real products.
We activate this command only in STMicroelectronics defconfig
used with the evaluation boards.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reduce the content of short help message for stm32prog command and
removed the carriage return to fix the display of 'help' command when
this command is activated.
Fixes: 954bd1a923 ("stm32mp: add the command stm32prog")
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Add the variable used by PXE command for fdtoverlays support
since the commit 69076dff22 ("cmd: pxe: add support for FDT overlays").
Reused the unused "splashimage" address as CONFIG_SPLASH_SOURCE and
CONFIG_VIDEO_LOGO are not activated and U-Boot display the "BACKGROUND"
image found in extlinux.conf to manage splashscreen on stm32mp1 boards.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Fix wrong register use when set/reset ST bit.
ST bit is in register M41T62_REG_SEC not in M41T62_REG_ALARM_HOUR.
I have not actually tested this. But this seemed buggy from inspection.
Fixes: 9bbe210512 ("rtc: m41t62: add oscillator fail bit reset support")
Signed-off-by: Max Yang <max.yang@deltaww.com>
At the moment android_image_get_kcomp() can automatically detect
LZ4 compressed kernels and the compression specified in uImages.
However, especially on ARM64 Linux is often compressed with GZIP.
Attempting to boot an Android image with a GZIP compressed kernel
image currently results in a very strange crash, e.g.
Starting kernel ...
"Synchronous Abort" handler, esr 0x02000000
...
Code: 5555d555 55555d55 555f5555 5d555d55 (00088b1f)
Note the 1f8b, which are the "magic" bytes for GZIP images.
U-Boot already has the image_decomp_type() function that checks for
the magic bytes of bzip2, gzip, lzma and lzo. It's easy to make use
of it here to increase the chance that we do the right thing and the
user does not become confused with strange crashes.
This allows booting Android boot images that contain GZIP-compressed
kernel images.
Signed-off-by: Stephan Gerhold <stephan@gerhold.net>
The current fitImage DTO implementation expects each fitImage image
subnode containing DTO to have 'load' property, pointing somewhere
into memory where the DTO will be loaded. The address in the 'load'
property must be different then the base DT load address and there
must be sufficient amount of space between those two addresses.
Selecting and using such hard-coded addresses is fragile, error
prone and difficult to port even across devices with the same SoC
and different DRAM sizes.
The DTO cannot be applied in-place because fdt_overlay_apply_verbose()
modifies the DTO when applying it onto the base DT, so if the DTO was
used in place within the fitImage, call to fdt_overlay_apply_verbose()
would corrupt the fitImage.
Instead of copying the DTO to a specific hard-coded load address,
allocate a buffer, copy the DTO into that buffer, apply the DTO onto
the base DT, and free the buffer.
The upside of this approach is that it is no longer necessary to
select and hard-code specific DTO load address into the DTO. The
slight downside is the new malloc()/free() overhead for each DTO,
but that is negligible (*).
(*) on iMX8MM/MN and STM32MP1
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Add <linux/sizes.h>]
Signed-off-by: Tom Rini <trini@konsulko.com>
There's currently no user of %p[iI]6, so including ip6_addr_string()
in the image is a waste of bytes. It's easy enough to have the
compiler elide it without removing the code completely.
The closest I can find to anybody "handling" ipv6 in U-Boot currently
is in efi_net.c which does
if (ipv6) {
ret = EFI_UNSUPPORTED;
As indicated in the comment, it can easily be put back, but preferably
under a config knob.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
U-Boot doesn't support %pS/%pF or any other kind of kallsyms-like
lookups. Remove the comment.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
This saves some code, both in terms of #LOC and .text size, and it is
also the normal convention that foo(...) is implemented in terms of
vfoo().
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
When the default clocks cannot be set, the clock is silently probed and
the error is ignored. This is incorrect, since having the clocks at the
correct speed may be important for operation of the system.
Fix it by checking the return code.
Signed-off-by: Simon Glass <sjg@chromium.org>
In this case the value seems save to pass to os_free(). Add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 165109)
In tpm_sendrecv_command() the command buffer is passed in. If a mistake is
somehow made in setting this up, the size could be out of range. Add a
sanity check for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 331152)
The width is set up in single_of_to_plat() and can only have three values,
all of which result in a non-zero divisor. Add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 331154)
At present the return value of ofnode_get_property() is not checked, which
causes a coverity warning. While we are here, use logging for the errors.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 331157)
Update dm_dump_drivers() to use the return value from uclass_get() to
check the validity of uc. This is equivalent and should be more attractive
to Coverity.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 316601)
The devres_alloc() function is intended to avoid the need for freeing
memory, although in practice it may not be enabled, thus leading to a true
leak.
Nevertheless this is intended. Add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 312951)
The devres_alloc() function is intended to avoid the need for freeing
memory, although in practice it may not be enabled, thus leading to a true
leak.
Nevertheless this is intended. Add a comment to explain this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 312952)
This value is either 0 for success or -1 for error. Coverity reports that
"ret" is passed to a parameter that cannot be negative, pointing to the
condition 'if (ret < 0)'.
Adjust it to just check for non-zero and avoid showing -1 in the error
message, which is pointless. Perhaps these changes will molify Coverity.
Reported-by: Coverity (CID: 312956)
Signed-off-by: Simon Glass <sjg@chromium.org>
This cannot actually fail, but check the value anyway to keep coverity
happy.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 316351)
At present if ifname is exactly IFNAMSIZ characters then it will result
in an unterminated string. Fix this by using strlcpy() instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 316358)
Acked-by: Ramon Fried <rfried.dev@gmail.com>
This is a revert of a recent logic change in setup_zimage(). We do
actually need to install this information always. Change it to install
from the Coreboot tables if available, else the normal source.
Fixes: e7bae8283f ("x86: Allow installing an e820 when booting from coreboot")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With the new 2021.04 we have a new version of Chromium OS boot, which
supports sandbox, coral and coral-on-coreboot. Add documentation for
this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With of-platdata-inst we want to set up a reference to each devices'
parent device, if there is one. If we find that the device has a parent
(i.e. is not a root node) but it is not in the list of devices being
written, then we cannot create the reference.
Report an error in this case, since it indicates that the parent node
is either missing a compatible string, is disabled, or perhaps does not
have any properties because it was not tagged for SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
All the x86 devicetree files are built at once, whichever board is
actually being built. If coreboot is the target build, CONFIG_ROM_SIZE
is not defined and samus cannot build Chromium OS verified boot. Add
this condition to avoid errors about CONFIG_ROM_SIZE being missing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
Add information about memory usage when U-Boot is started from coreboot.
This is useful when debugging. Also, since coreboot takes a chunk of
memory in the middle of SDRAM for use by PCI devices, it can help avoid
overwriting this with a loaded kernel by accident.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Use VENDOR_COREBOOT instead of TARGET_COREBOOT so we can have multiple
coreboot boards, sharing options. Only SYS_CONFIG_NAME needs to be
defined TARGET_COREBOOT.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add a function comment for get_coreboot_info() and a declaration for
cb_get_sysinfo(), since this may be called from elsewhere.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Set up coral so that it can boot from coreboot, even though it is a
bare-metal build. This helps with testing since the same image can be used
in both cases.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The BIOS version may not be present, e.g. on a Chrome OS build. Add the
BIOS date as well, so we get some sort of indication of coreboot's
vintage.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
A recent change to disable cache setup when booting from coreboot
assumed that this has been done by SPL. The result is that for the
coreboot board, the cache is disabled (in start.S) and never
re-enabled.
If the cache was turned off, as it is on boards without SPL, we should
turn it back on. Add this new condition.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>