TCG PC Client PFP spec requires to measure the secure
boot policy before validating the UEFI image.
This commit adds the secure boot variable measurement
of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr".
Note that this implementation assumes that secure boot
variables are pre-configured and not be set/updated in runtime.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
iPXE used Uri() device path nodes. So we should support them in the
device path to text protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Convert GoFlex Home Ethernet and SATA to Driver Model (Tony)
- mvebu: Automatically detect CONFIG_SYS_TCLK (Pavel)
- mvebu: sata_mv: Fix HDD identication during cold start (Tony)
- a37xx: pci: Fix handling PIO config error responses (Pavel)
- Other minor misc changes and board maintainer updates
- sei610 & meson64_android cleanups to prepare android 11 boot support
- use Android BCB mechanism for reboot reason instead of HW reboot flag
- Switch meson64_android boot flow to use abootimg for A/B, AVB and DTBO support
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPVPGJshWBf4d9CyLd9zb2sjISdEFAmESPjcACgkQd9zb2sjI
SdFabg/+K/5kH01N6etPpPgNH3DTns3Z7Uv16rawGaFJVj4V2O/Ak2vmhvjJA4df
KvLJL3AVolMOfD4xTABRDyLKt3maCgIYkamdBWBV/xKCTKL7fvvqj8V1U5iUsGKm
Wl2KbbDj+dGNF+IYO9V4T1D/JaRjAUk4YeztFEDaNdP3P1N+01v2FyfkadBL5un3
dqwHb3DMNS2SyjnE3glTAs3g/+3nmrHhAHiVVZQlJHsijuup6f93e8huKQ4v1oFX
xsNzeI9j6jGBvVI6hRsHNLOZzhj8/ZcSntdlL+b4FbY++KzrKidMgVECc486cc8t
IEq/iJHggYhwRtw3EAYblmMVFiQeo07hgSbbSP8mIJWARtqh439tLUyKxW3y/5UT
UlGLHcsSSwv/5NhY8ugGAYeaGGXNpMMc5ISbssnn5FB6VHSox4nRZai5U9jKoyc2
iBNNdyLiLi/Fz9YMWj8SAibajT8bchWu1qW2n85nFb3xWQpXcbjzlglnLY6bX3TQ
1d5ehInNK8deptHNh2eGBsPKOUJ/gDTvEey+6J517hbJ59My96v+dvmbtG7kH9Z8
157KQzjvHH4X9MDW8wYb381TV8kcNi3b16QPP2RKxuK1Zrve0RLPhOAz/YeSkTDN
mavHlaY7JvUXjAct0K5VXHvA9U6DBrvc3eb7KoXL4b4+SHr/4UQ=
=RZ8+
-----END PGP SIGNATURE-----
Merge tag 'u-boot-amlogic-20210810' of https://source.denx.de/u-boot/custodians/u-boot-amlogic
- odroid-n2: fix fdtfile suffix for n2-plus
- sei610 & meson64_android cleanups to prepare android 11 boot support
- use Android BCB mechanism for reboot reason instead of HW reboot flag
- Switch meson64_android boot flow to use abootimg for A/B, AVB and DTBO support
In order to update the DT for rk3188
sync the power domain dt-binding header.
This is the state as of v5.12 in Linux.
Signed-off-by: Johan Jonker <jbx6244@gmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
In order to update the DT for rk3066 and rk3188
sync the clock dt-binding header.
This is the state as of v5.12 in Linux.
Signed-off-by: Johan Jonker <jbx6244@gmail.com>
Reviewed-by: Heiko Stuebner <heiko@sntech.de>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Basically all, i.e. rk3036.dtsi, rk3128.dtsi, rk3xxx.dtsi, rk322x.dtsi,
rk3288.dtsi, rk3308-u-boot.dtsi, rk3328-u-boot.dtsi, rk3399-u-boot.dtsi
and px30-u-boot.dtsi Rockchip SoC devicetrees which have mmc indexes
are defining eMMC as mmc0 and sdmmc as mmc1.
This means that the rule to try to boot from the SD card first is ignored,
which as per comment is what we want and is important for distros, which
rely on that.
Fix this by setting the correct mmc index, i.e. first from mmc1 (SD card),
second from mmc0 (eMMC).
Signed-off-by: Alex Bee <knaerzche@gmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Enable support to the 2 NOR flashes on the QEMU RISC-V virt machine.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Those embers wrapped with CONFIG_SYS_FLASH_CFI in struct flash_info_t
are unconditionally used in the cfi_flash.c driver.
Drop the #ifdefs in the definition of flash_info_t.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Config option CONFIG_SYS_TCLK is set by kw88f6281.h and kw88f6192.h files
to correct SOC/platform value. So do not overwrite it in board config
include files.
Kirkwood 88F6180 and 88F6192 uses 166 MHz TCLK and Kirkwood 88F6281 uses
200 MHz TCLK.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This mvebu axp platform always uses fixed 250 MHz TCLK. So specify this
CONFIG_SYS_TCLK option in msys section of global file soc.h file instead of
manual configuration in every board file.
Now every #if-#else case of soc.h file defines CONFIG_SYS_TCLK, so remove
useless default CONFIG_SYS_TCLK value from the end of soc.h file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This mvebu msys platform always uses fixed 200 MHz TCLK. So specify this
CONFIG_SYS_TCLK option in msys section of global file soc.h file instead of
manual configuration in every board file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Bit 20 in SAR register specifies if TCLK is running at 200 MHz or 166 MHz.
Use this information instead of manual configuration in every board file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Bit 15 in SAR register specifies if TCLK is running at 200 MHz or 250 MHz.
Use this information instead of manual configuration in every board file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Activate the following Kconfig options:
* AVB for Android Verified Boot support
* ADTIMG for merging DTBOs
* ABOOTIMG for extracting Android boot image
Also rework the partitioning tables:
- add a misc partition to handle BCB messages
- add a dtbo partition to store various DTBOs
- add a vbmeta partition for AVB hashes
- Merge vendor and system into the "super" partition
Note: avb support is disables by default. To activate it:
=> setenv force_avb 1;
=> saveenv;
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
doc/README.gpt states:
> The fields 'uuid' and 'uuid_disk' are optional if CONFIG_RANDOM_UUID is
> enabled. A random uuid will be used if omitted or they point to an empty/
> non-existent environment variable. The environment variable will be
> set to the generated UUID. The 'gpt guid' command reads the current
> value of the uuid_disk from the GPT.
Since we have CONFIG_RANDOM_UUID=y, remove the hard-coded uuids
and use meaningful variable names instead.
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
There is a mix of spaces and tabs at the leading \. This makes updating
theses lines harder.
Add a single space before each \ for some consistency.
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Since Android 10, we are required to use a "dtbo" partition which
includes the various device-tree overlays [1].
It's also possible to provide a "dtb" partition.
This is supported via the "abootimg" command.
On Yukawa, the assumption is that we have only a "dtbo" partition, which
includes all board dtbs and their dtbos [2]
[1] https://source.android.com/devices/architecture/dto/partitions
[2] https://android.googlesource.com/device/amlogic/yukawa/+/refs/heads/master/build/tasks/dtimages.mk#16
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
BOOT_CMD might be different based on CONFIG_CMD_ABOOTIMG.
To prepare for abootimg support, extract the boot command
to a dedicated macro.
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Implement A/B slot selection using the U-Boot ab_select command.
Keep support for non A/B.
Not: We need to redefine the recovery partition label, as RecoveryOS
is included in the boot image for A/B systems [1]
[1] https://source.android.com/devices/tech/ota/ab/ab_implement#recovery
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
AVB (Android Verified Boot) is well supported in U-Boot already.
Add support for it in meson64_android.
This is controlled by the "force_avb" environment variable and the
CONFIG_CMD_AVB option.
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
To prepare for AVB support, increase SYS_MALLOC_LEN to 128M.
This value has been found by testing the following on khadas vim3l:
=> avb init
=> avb verify
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Permit redefining SYS_MALLOC_LEN for board specific configs.
This is especially useful for Android with AVB, which requires a malloc
length of 128M.
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Various minor bug fixes
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmEQkwoRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZoZwgAxyaO+In1SDc7OlB8/ab/exhgSKxf2oHg
5FYmazygTde1oJNMyv6Xwzzj8AXLAiK5D9Drfom2jsI/gdRWSrMNIVkwR8oFhkO4
+30DEVNrVVrTEDnT1XQJh398fIa2h0uDF2n8KNyhaeacGtLAvNP+LSUdLSoPVHzO
Qc5uD9dDqRpPaVyU5DbzmZ+JS2YhvoWnd8g6zaJXKDexlHCxKr4dGNWlesVEym0q
z9OR6EEO2dZy3HIcLBFfsNLgKWJUoIzQztKuA2l1uEkpmEzOh3bSiLHMv3fOFHG4
aWPq4BTqVeCk4rkd9//krUi4UnN9gL0smKxdFYiWRQecy6jMG2WXjQ==
=IDJp
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-8aug21' of https://source.denx.de/u-boot/custodians/u-boot-dm
Use log subsystem for dm_warn()
Various minor bug fixes
Add i.MX8ULP EVK basic support, support SD/I2C/ENET/LPUART
Log as below: I would keep some debug info for now, and after we move
to be stable and production launch, we could drop that.
U-Boot SPL 2021.07-rc4-00164-gb800e19a6b (Jun 29 2021 - 10:23:30 +0800)
Normal Boot
upower_init: soc_id=48
upower_init: version:11.11.6
upower_init: start uPower RAM service
user_upwr_rdy_callb: soc=b
user_upwr_rdy_callb: RAM version:12.6
Turn on switches ok
Turn on memories ok
Clear DDR retention ok
Poll for freq_chg_req on SIM register and change to F1 frequency.
Poll for freq_chg_req on SIM register and change to F0 frequency.
Poll for freq_chg_req on SIM register and change to F1 frequency.
Poll for freq_chg_req on SIM register and change to F2 frequency.
Poll for freq_chg_req on SIM register and change to F1 frequency.
Poll for freq_chg_req on SIM register and change to F2 frequency.
complete
De-Skew PLL is locked and ready
WDT: Not found!
Trying to boot from BOOTROM
image offset 0x8000, pagesize 0x200, ivt offset 0x0
Load image from 0x3a800 by ROM_API
NOTICE: BL31: v2.4(release):imx_5.10.35_2.0.0_imx8ulp_er-10-gf37e59b94
NOTICE: BL31: Built : 01:56:58, Jun 29 2021
NOTICE: upower_init: start uPower RAM service
NOTICE: user_upwr_rdy_callb: soc=b
NOTICE: user_upwr_rdy_callb: RAM version:12.6
U-Boot 2021.07-rc4-00164-gb800e19a6b (Jun 29 2021 - 10:23:30 +0800)
CPU: Freescale i.MX8ULP rev1.0 at 744 MHz
Reset cause: POR
Boot mode: Single boot
Model: FSL i.MX8ULP EVK
DRAM: 2 GiB
MMC: FSL_SDHC: 0, FSL_SDHC: 2
Loading Environment from MMC... ***
Warning - bad CRC, using default environment
In: serial@293a0000
Out: serial@293a0000
Err: serial@293a0000
Net:
Warning: ethernet@29950000 (eth0) using random MAC address -
96:35:88:62:e0:44
eth0: ethernet@29950000
Hit any key to stop autoboot: 0
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Make the conversion to driver model as it is mandatory.
Successfully tested booting Linux from the SD card.
Dropped support for networking and splash screen as these need
to be properly converted to DM and tested.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Add PCIe reset gpio to the Bx50v3 devicetree and get get rid of
CONFIG_PCIE_IMX_PERST_GPIO.
Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>
Do not pass the console baudrate to the 'console' variable
to avoid the baudrate being passed twice when extlinux.conf
contains the standard: console=${console},${baudrate} format.
cat /proc/cmdline
root=PARTUUID=00000000-01 rootwait rw console=ttymxc0,115200,115200
Signed-off-by: Fabio Estevam <festevam@gmail.com>
At present it is possible to call uclass_get() before driver model is
inited. In fact this happens on x86 boards which use Intel FSPv1, since
mrccache_get_region() tries to get the SPI flash device very early
during init.
This has always been undefined behaviour. Previously it generally worked,
i.e. returned an error code without crashing, because gd->uclass_root_s
is zeroed and the uclass can be added despite driver model not being
ready, due to the way lists are implemented. With the change to use a
gd->uclass_root pointer, this no-longer works. For example, it causes a
hang on minnowmax.
Fix this by adding a check that driver model is ready when uclass_get() is
called. This function is called in the process of locating any device, so
it is a good place to add the check.
This fixes booting on minnowmax.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 8a715530bb ("dm: core: Allow the uclass list to move")
Migrate the dm_warn function to log macro with
LOGC_DM category and LOGL_WARNING level.
This macro allows filtering with log command and allows
output on all log backend.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The bootparams do not have to be at fixed location, they can be
dynamically mallocated instead. Make it so to get rid of another
fixed assignment.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Biju Das <biju.das.jz@bp.renesas.com>
Cc: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
Now that driver model is always used, check for PCI.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Update logic, reword]
Signed-off-by: Tom Rini <trini@konsulko.com>
This prevents use of IS_ENABLED() in other files. Functions should be
visible in headers even if they are not available at link time.
Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Symbol CONFIG_SYS_ID_EEPROM is defined in include/configs/MPC8548CDS.h
but never used. Remove it here and from the whitelist.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
U-Boot mostly uses hex for value input, largely because addresses are much
easier to understand in hex.
But in some cases a decimal value is requested, such as where the value is
small or hex does not make sense in the context. In these cases it is
sometimes useful to be able to provide a hex value in any case, if only to
resolve any ambiguity.
Add this functionality, for increased flexibility.
Signed-off-by: Simon Glass <sjg@chromium.org>
This parameter is not documented properly since it does not cover the
meaning when the base is 0. Update this in both functions.
Signed-off-by: Simon Glass <sjg@chromium.org>
