Enable and provision the SCP03 keys on a TEE controlled secured elemt
from the U-Boot shell.
Executing this command will generate and program new SCP03 encryption
keys on the secure element NVM.
Depending on the TEE implementation, the keys would then be stored in
some persistent storage or better derived from some platform secret
(so they can't be lost).
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io>
We don't need to enable logging to run this command since the output will
still appear. Drop the 'select'.
Signed-off-by: Simon Glass <sjg@chromium.org>
The 'virtio' command calls blk_common_cmd() which is only available
when CONFIG_HAVE_BLOCK_DEVICE is on. Fix the Kconfig dependency.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
This adds a new command 'addrmap' to display the address map for
non-identity virtual-physical memory mappings.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Take over the plain 'tpm_...' functions for use by the new TPM API. Rename
all the TPMv1 functions so they are called from the API.
Update the TPMv1 functions so that they are called from the API. Change
existing users to use the tpm1_ prefix so they don't need to go through
the API, which might introduce uncertainty.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Historically, the reset_cpu() function had an `addr` parameter which was
meant to pass in an address of the reset vector location, where the CPU
should reset to. This feature is no longer used anywhere in U-Boot as
all reset_cpu() implementations now ignore the passed value. Generic
code has been added which always calls reset_cpu() with `0` which means
this feature can no longer be used easily anyway.
Over time, many implementations seem to have "misunderstood" the
existence of this parameter as a way to customize/parameterize the reset
(e.g. COLD vs WARM resets). As this is not properly supported, the
code will almost always not do what it is intended to (because all
call-sites just call reset_cpu() with 0).
To avoid confusion and to clean up the codebase from unused left-overs
of the past, remove the `addr` parameter entirely. Code which intends
to support different kinds of resets should be rewritten as a sysreset
driver instead.
This transformation was done with the following coccinelle patch:
@@
expression argvalue;
@@
- reset_cpu(argvalue)
+ reset_cpu()
@@
identifier argname;
type argtype;
@@
- reset_cpu(argtype argname)
+ reset_cpu(void)
{ ... }
Signed-off-by: Harald Seiler <hws@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
This adds an option to part_get_info_by_dev_and_name_or_num to allow
callers to specify whether whole-disk partitions are fine.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The sf test command is used to test spi flashes (and spi masters). Printing
the exact error code is very helpful to those debugging the spi stack.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Pratyush Yadav <p.yadav@ti.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
If there is an error while erasing SPI flash, no errno is displayed. This
makes it difficult to determine the cause of the error. This change mirrors
the logic for write errors above.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Pratyush Yadav <p.yadav@ti.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Let the sbi command detect the 'System Reset Extension'
(EID #0x53525354 "SRST").
Cf. https://github.com/riscv/riscv-sbi-doc
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Pragnesh Patel <pragnesh.patel@openfive.com>
Reviewed-by: Leo Liang <ycliang@andestech.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
The pinmux command uses functions pinctrl_get_pin_*(), which are missing
if PINCTRL config option is disabled.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently, we check argc in a number of places to make sure that we have
all of the required arguments for each of the pwm sub-commands.
However, there's at least one place where we've got dead code as we'll
never have argc == 0, due to checking that argc was at least 4 earlier
and having only subtracted 3. Rework things so that when we have
determined our subcommand make sure we have the right number of
arguments for it, or error out. This means we can stop checking against
argc again later.
Reported-by: Coverity (CID: 316601)
Cc: Pragnesh Patel <pragnesh.patel@sifive.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Use CONFIG_IS_ENABLED() macro, which provides more convenient
way to check $(SPL)DM_I2C/$(SPL)DM_I2C_GPIO configs
for both SPL and U-Boot proper.
CONFIG_IS_ENABLED(DM_I2C) expands to:
- 1 if CONFIG_SPL_BUILD is undefined and CONFIG_DM_I2C is set to 'y',
- 1 if CONFIG_SPL_BUILD is defined and CONFIG_SPL_DM_I2C is set to 'y',
- 0 otherwise.
All occurences were replaced automatically using these bash cmds:
$ find . -type f -exec sed -i
's/ifndef CONFIG_DM_I2C/if !CONFIG_IS_ENABLED(DM_I2C)/g' {} +
$ find . -type f -exec sed -i
's/ifdef CONFIG_DM_I2C/if CONFIG_IS_ENABLED(DM_I2C)/g' {} +
$ find . -type f -exec sed -i
's/defined(CONFIG_DM_I2C)/CONFIG_IS_ENABLED(DM_I2C)/g' {} +
$ find . -type f -exec sed -i
's/ifndef CONFIG_DM_I2C_GPIO/if !CONFIG_IS_ENABLED(DM_I2C_GPIO)/g' {} +
$ find . -type f -exec sed -i
's/ifdef CONFIG_DM_I2C_GPIO/if CONFIG_IS_ENABLED(DM_I2C_GPIO)/g' {} +
$ find . -type f -exec sed -i
's/defined(CONFIG_DM_I2C_GPIO)/CONFIG_IS_ENABLED(DM_I2C_GPIO)/g' {} +
Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
It's confusing whether arguments are optional or mandatory.
Update the command's usage to clarify how to use.
Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present this function does not accept a size for the FIT. This means
that it must be read from the FIT itself, introducing potential security
risk. Update the function to include a size parameter, which can be
invalid, in which case fit_check_format() calculates it.
For now no callers pass the size, but this can be updated later.
Also adjust the return value to an error code so that all the different
types of problems can be distinguished by the user.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Bug fixes:
* do not allow creating of files with filenames on FAT file system
* install UEFI System Partition GUID on ESP handle
* in dtbdump.efi test tool use GUID to find ESP handle
Documentation:
* man-page for load command
* describe end of life of plat_auto
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmAcTmoACgkQxIHbvCwF
GsT0ag/6AjtRtGd8ySYix9lytmDphyztvTTHrd/Bz+UWi64iEIOH6t/RIAPG0yb0
WJBvTe9eGxbNx5VOx426YtPUGFfzAakMyRaAL5Y4wkQsKgseq3q2sE55wzG4nTiR
nmweR7TPslSkGtqQQehGGtdMJn//M/alABtTQs5eyjOkJPEc4DzATeksfA64t2Dj
ijaU4dWbKVHy8spz3xH9cIdF1fvCJGxvSvXCVculN5bfgCf/MJYq6gb2VgXyLL1w
+6GNklzNKRY8Lk9C4hqq2ktK4dQ4R0qKgqxtihwuSdbZmhV6cScKvmNPCqdYx/1l
p5ywE067KRm16Hl/41QhKPMVleqn33Td3U4I+CWvO9DPnsH7pY9iRymM6zfRm9+j
nO4f8++OqG/YXL+oABLkSIZaoYWqGmZd5Nc1bq9sTXthUXHZeC6/V19n0TJYVIV5
HtIPFJbqn4S4uKjTFxyvudE6OfeW4+HpsY7bQHDRXWY1Kma0fgMYbhFZdUeNyr+6
N8EFXZ5nKVWqLH9zlAIPOn0AEXzOfvsWad+NU0bILY8f60SqW0AydjvzG8z9CU3e
vqxx+NxcG26SYscIcANvMI7HxtB6mblBYF2vSqBAkSrQ23Om+dnKkLhHO8pkkNtn
J4rLpAxEAA1yaqKK/1n67D6pSqvjdWQqOfgL/3E1sqgAGYYOBrc=
=rQaL
-----END PGP SIGNATURE-----
Merge tag 'efi-2021-04-rc2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2021-04-rc2
Bug fixes:
* do not allow creating of files with filenames on FAT file system
* install UEFI System Partition GUID on ESP handle
* in dtbdump.efi test tool use GUID to find ESP handle
Documentation:
* man-page for load command
* describe end of life of plat_auto
On the handle for the UEFI System Partition we must install the System
Partition GUID (with a NULL interface).
Let the efidebug command display the GUID.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Allow booting a 32-bit system with a top memory address beyond 4 GiB
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmAbVFARHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIrebn/Af9FoJksV/0G+z6AzjJ20+yoOVAOFFhUkFB
UTW5m0Sv3wMmlSNdg0+DPuB3o04U6RwlZTdIqK/shc0fEqr0YeJgWAEPSMjQH0xc
ou8S9LAnJNrvlqNu5aP2Wq5KFwOxp/ODx5RBNpiSaL+m26dmUi2eeU+Ym996rr06
+m0qycZP07BHLIfm0pWyZjAI2+VzR7Uuyd1pKEIerOTRkAvZzk6pQbs+vv6PLaHa
Wcl9grnoO3pDZt6CYpmgv8mbetXteRfrdYMsu2OiHx/2nU3pa7TbOoNcuA2ww2Ko
u9NL7s0E0Y1LY6/QNb1O7eGOxcR1H5y/19K6NGrK27BwMkrvb0GKRg==
=jMvm
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-3feb21' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
Support late device removal
Allow booting a 32-bit system with a top memory address beyond 4 GiB
Add "zboot" command to the list of supported boot in the
label_boot function.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
[bmeng: add component tags in the summary]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Replace all the macro ifdef by IS_ENABLED.
All of these configs are set in the defconfig files and not in the
include board headers files.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
[bmeng: keep the preprocessor case unchanged]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
There are some calls to bdinfo_print_num_l() with parameters that
could be a 64-bit value on a 32-bit system. Change those calls to
use bdinfo_print_num_ll() instead.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present we have bdinfo_print_num() to print unsigned long numbers.
We also have print_phys_addr() which accept numbers that might be
64-bit on a 32-bit platform.
Rename these 2 functions to be clearer:
bdinfo_print_num() => bdinfo_print_num_l()
print_phys_addr() => bdinfo_print_num_ll()
While we are here, make bdinfo_print_num_ll() public so that it can
be used outside cmd/bdinfo.c in the future.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Move this out of the common header and include it only where needed. In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly. Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Trying to compile qemu-x86_64_defconfig with CONFIG_CMD_ACPI=y and
CONFIG_ACPIGEN=n fails with
ld.bfd: cmd/built-in.o: in function `do_acpi_items':
cmd/acpi.c:162: undefined reference to `acpi_dump_items'
Add the missing configuration dependency.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
binman fixes support for symbols in sub-sections
support for additional cros_ec commands
various minor fixes / tweaks
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmAV6K8RHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYERgf/QbwOL87yPbf9SyXBQ0EMTmn1ve9HCiv9
yeXrijvA0/wtTVoM44d/z7THb+7Zqw6LbsVOXUSicdGqaogy10xIuz5we0CoGJm6
iwYWV6kaAqjCxDTlSToGnR/TCjiOVgXC6u5QPCZC0LGbAmDbAl4jyCuQxxq2eXYD
hrLSzZPHDe0s2BeWZKRQJ26qyPfWIribXNJXG78/FsvDrdWPPc5K+/ZEb2IWawWR
nEZ8GTEYZpik/niEJ3gFozwCwpJQi3PyukjZvzTGn6tBqg12YXE4dbSzcj48Uj4o
prwUFAGKRR97zFB6c4+NUvd3VBUgPtPdZrtzZ1nNCppiMq1E4BKiDg==
=kijh
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-30jan21' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
tpm fixes for coral
binman fixes support for symbols in sub-sections
support for additional cros_ec commands
various minor fixes / tweaks
Reinitialize dfu_env_entities after flashing the 'SCRIPT' entity to
ensure that the potential changes to the 'dfu_alt_info' environment
variable are applied.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reinitialize DFU USB gadget after flashing the 'SCRIPT' entity to ensure
that the potential changes to the 'dfu_alt_info' environment variable are
applied.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
[lukma - I've moved the bool retry to avoid build (CI) errors]
Show the interface name (i.e. 'mmc') in the information string to ease
user checking which device is exported via USB Mass Storage protocol.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
On request/suggestion from Simon Glass back in May 22 2019 [1], the
'strsep' mechanism implemented in bcb_set() was set to work directly
with user-provided argv strings, to avoid duplicating memory and for
the sake of simpler implementation.
However, since we recently exposed bcb_write_reboot_reason() API to be
called by U-Boot fastboot, the idea is to be able to pass const string
literals to this new BCB API, carrying the reboot reason.
Since 'strsep' (just like its older/superseded sibling 'strtok')
modifies the input string passed as parameter, BCB command in its
current state would attempt to perform in-place modifications in a
readonly string, which might lead to unexpected results.
Fix the above with the cost of one dynamic memory allocation ('strdup').
This will also ensure no compiler warnings when passing string literals
to bcb_write_reboot_reason().
[1] http://u-boot.10912.n7.nabble.com/PATCH-v2-0-2-Add-bcb-command-to-read-modify-write-Android-BCB-td369934i20.html#a370456
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Signed-off-by: Roman Kovalivskyi <roman.kovalivskyi@globallogic.com>
Fastboot is evolving and beginning with commit [1], the
upstream implementation expects bootloaders to offer support for:
- reboot-recovery
- reboot-fastboot
The most natural way to achieve the above is through a set of
pre-defined "reboot reason" strings, written into / read from
the BCB "command" field, e.g.:
- bootonce-bootloader [2]
- boot-fastboot [3]
- boot-recovery [4]
Expose the first 'bcb' API meant to be called by e.g. fastboot stack,
to allow updating the BCB reboot reason via the BCB 'command' field.
[1] https://android.googlesource.com/platform/system/core/+/dea91b4b5354af2
("Add fastbootd.")
[2] https://android.googlesource.com/platform/bootable/recovery/+/cba7fa88d8b9
("Add 'reboot bootloader' to bootloader_message.")
[3] https://android.googlesource.com/platform/bootable/recovery/+/eee4e260f9f6
("recovery: Add "boot-fastboot" command to BCB.")
[4] https://android.googlesource.com/platform/system/core/+/5e98b633a748695f
("init: Write the reason in BCB on "reboot recovery"")
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Signed-off-by: Roman Kovalivskyi <roman.kovalivskyi@globallogic.com>
[lukma - added missing #include <linux/errno.h> to avoid build breaks]
Enriching the functionality of U-Boot 'bcb' may assume using the
existing sub-commands as building blocks for the next ones.
A clean way to achive the above is to expose a number of static
routines, each mapped to an existing user command (e.g. load/set/store),
with a user/caller-friendly prototype (i.e. do not force the caller
to wrap an integer into a string).
This third patch makes '__bcb_store' available for internal needs.
No functional change intended.
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Signed-off-by: Roman Kovalivskyi <roman.kovalivskyi@globallogic.com>
Enriching the functionality of U-Boot 'bcb' may assume using the
existing sub-commands as building blocks for the next ones.
A clean way to achive the above is to expose a number of static
routines, each mapped to an existing user command (e.g. load/set/store),
with a user/caller-friendly prototype (i.e. do not force the caller
to wrap an integer into a string).
This second patch makes '__bcb_set' available for internal needs.
No functional change intended.
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Signed-off-by: Roman Kovalivskyi <roman.kovalivskyi@globallogic.com>
Enriching the functionality of U-Boot 'bcb' may assume using the
existing sub-commands as building blocks for the next ones.
A clean way to achive the above is to expose a number of static
routines, each mapped to an existing user command (e.g. load/set/store),
with a user/caller-friendly prototype (i.e. do not force the caller
to wrap an integer into a string).
This first patch makes '__bcb_load' available for internal needs.
No functional change, except for a tiny update in error handling.
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Signed-off-by: Roman Kovalivskyi <roman.kovalivskyi@globallogic.com>
On x86 platforms the EC provides a way to read 'switches', which are
on/off values determined by the EC.
Add a new driver method for this and implement it for LPC.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some ARMv7 boards using PSCI require to be in secure-mode when booted via
'bootz' or 'bootm'. During distro-boot 'bootefi bootmgr' is called to check
if booting via UEFI is possible.
With the change we change the switch from secure mode to non-secure mode is
moved from the UEFI subsystem setup to just before calling StartImage().
Cc: Jernej Škrabec <jernej.skrabec@gmail.com>
Reported by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If sleeping has been interrupted, return CMD_RET_FAILURE instead of -1
(CMD_RET_USAGE).
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
This adds support for specifying FDT overlays in an extlinux/pxelinux
configuration file.
Without this, there is no simple way to apply overlays when the kernel
and fdt is loaded by the pxe command.
This change adds the 'fdtoverlays' keyword for a label, supporting multiple
overlay files to be applied on top of the fdt specified in the 'fdt' or
'devicetree' keyword.
Example:
label linux
kernel /Image
fdt /soc-board.dtb
fdtoverlays /soc-board-function.dtbo
append console=ttyS0,115200 root=/dev/mmcblk0p2 rootwait
This code makes usage of a new variable called fdtoverlay_addr_r used to load
the overlay files without overwritting anything important.
Cc: Tom Rini <trini@konsulko.com>
Cc: Andre Heider <a.heider@gmail.com>
Cc: Jernej Škrabec <jernej.skrabec@siol.net>
Cc: Jonas Karlman <jonas@kwiboo.se>
Tested-by: Jernej Škrabec <jernej.skrabec@siol.net>
Reviewed-by: Jernej Škrabec <jernej.skrabec@siol.net>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>