As discussed previously [1,2], the source command is not safe to use with
verified boot unless there is a key with required = "images" (which has its
own problems). This is because if such a key is absent, signatures are
verified but not required. It is assumed that configuration nodes will
provide the signature. Because the source command does not use
configurations to determine the image to source, effectively no
verification takes place.
To address this, allow specifying configuration nodes. We use the same
syntax as the bootm command (helpfully provided for us by fit_parse_conf).
By default, we first try the default config and then the default image. To
force using a config, # must be present in the command (e.g. `source
$loadaddr#my-conf`). For convenience, the config may be omitted, just like
the address may be (e.g. `source \#`). This also works for images
(`source :` behaves exactly like `source` currently does).
[1] https://lore.kernel.org/u-boot/7d711133-d513-5bcb-52f2-a9dbaa9eeded@prevas.dk/
[2] https://lore.kernel.org/u-boot/042dcb34-f85f-351e-1b0e-513f89005fdd@gmail.com/
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Two callers of image_source_script specify an image name. However, both
use the deprecated @ syntax, indicating that they have not been updated
in a while. If CONFIG_FIT_SIGNATURE is enabled, we will reject such
names outright. Back in commit 152576a598 ("stm32mp: stm32prog: handle
U-Boot script in flashlayout alternate"), we even renamed one of the
nodes. Instead of hard-coding a script image name, just use the default
image.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
A number of CONFIG symbols have crept in that are never referenced in
code, so drop them here. Further, we have two symbols being enabled
in headers while already enabled correctly in Kconfig, so these lines
can also be removed.
Signed-off-by: Tom Rini <trini@konsulko.com>
Perform simple renames of:
CONFIG_WATCHDOG_PRESC to CFG_WATCHDOG_PRESC
CONFIG_WATCHDOG_RC to CFG_WATCHDOG_RC
Signed-off-by: Tom Rini <trini@konsulko.com>
As of 2f41ade79e ("linker: Modify linker scripts to be more generic")
we can use the same linker script for SPL and TPL and not have to make
use of #undef tricks. Remove these last remnants.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The way that the timer support is currently done for exynos/nexell
platforms relies on the legacy PWM infrastructure, and that needs to be
updated. However, we really cannot safely undef CONFIG_DM_PWM to build
the timer.c file without warnings. For now, rename the relevant legacy
functions to be prefixed with s5p_ and add prototypes to the arch pwm.h
files.
Cc: Minkyu Kang <mk7.kang@samsung.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Dzmitry Sankouski <dsankouski@gmail.com>
Cc: Stefan Bosch <stefan_b@posteo.net>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At this point only the TARGET_T1042D4RDB variant of this is supported in
tree, so remove the remaining parts of the other platforms.
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_TEGRA_ENABLE_UARTA
CONFIG_TEGRA_ENABLE_UARTB
CONFIG_TEGRA_ENABLE_UARTC
CONFIG_TEGRA_ENABLE_UARTD
CONFIG_TEGRA_SPI
CONFIG_TEGRA_UARTA_GPU
CONFIG_TEGRA_UARTA_SDIO1
CONFIG_TEGRA_VDD_CORE_TPS62361B_SET3
CONFIG_TEGRA_VDD_CORE_TPS62366A_SET1
Signed-off-by: Tom Rini <trini@konsulko.com>
Stop using CONFIG_SANDBOX_ARCH and use CONFIG_SANDBOX instead. For the
SPI related defines, set them directly in Kconfig. This now empties
arch/sandbox/include/asm/config.h.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move this symbol to Kconfig, and preserve the current behavior. The
help text here comes from where the relevant code is implemented and it
is quite likely at this point in time we could either disable this
option or at least make it configurable.
Signed-off-by: Tom Rini <trini@konsulko.com>
When the ti814x_evm config was removed most, but not all, of the
relevant support code was remove. Get rid of what was missed.
Fixes: 50b5326868 ("ti814x: Remove platform")
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_MONITOR_IS_IN_RAM
As part of this, reword some of the documentation slightly to reflect
that this is in Kconfig and not a define now.
Signed-off-by: Tom Rini <trini@konsulko.com>
The way all of the memory init code here works is that we pass
0xDEADBEEF around for the initial value (as it's a well known 'poison'
value and so easily recognized in debuggers, etc). The only point of
this CONFIG symbol was to pass in a different value for that purpose.
Drop this symbol and cleanup the code slightly.
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_GATEWAYIP
CONFIG_HOSTNAME
CONFIG_IPADDR
CONFIG_NETMASK
CONFIG_ROOTPATH
CONFIG_SERVERIP
CONFIG_UBOOTPATH
To do this, we introduce a CONFIG_USE_ form of each of the above and
change include/env_default.h to test for that to be set before setting a
value. Further, we don't want to stringify the IP address related values
as they are now properly strings via Kconfig.
Signed-off-by: Tom Rini <trini@konsulko.com>
