To fill the exponent field of the rsa_public_key struct, rsa_mod_exp_sw
did a cast to uint64_t of the key_prop->public_exponent field.
But that alignment is not guaranteed in all cases.
This came to light when in my spl-fit-signature the key-name exceeded
a certain length and with it the verification then started failing.
(naming it "integrity" worked fine, "integrity-uboot" failed)
key_prop.public_exponent itself is actually a void-pointer, fdt_getprop()
also just returns such a void-pointer and inside the devicetree the 64bit
exponent is represented as 2 32bit numbers, so assuming a 64bit alignment
can lead to false reads.
So just use the already existing rsa_convert_big_endian() to do the actual
conversion from the dt's big-endian to the needed uint64 value.
Fixes: fc2f4246b4 ("rsa: Split the rsa-verify to separate the modular exponentiation")
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
If dcache is switched OFF to ON state and if non-cached memory is
used, this non-cached memory must be re-declared as uncached to mmu
each time dcache is set ON.
Introduce noncached_set_region() to set this non-cached region's mmu
settings. Let architecture override it by defining it as a weak
function.
For ARM architecture, noncached_set_region() defines all noncached
region as non-cacheable.
Issue found on STM32MP1 platform using dwc_eth_qos ethernet driver,
when going from dcache OFF to dcache ON state, ethernet driver issued
TX timeout errors when performing dhcp or ping.
It can be reproduced with the following sequence:
dhcp
while true ; do
ping 192.168.1.300 ;
dcache off ;
ping 192.168.1.300 ;
dcache on ;
done
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Cc: Marek Vasut <marex@denx.de>
Cc: Joe Hershberger <joe.hershberger@ni.com>
Cc: Ramon Fried <rfried.dev@gmail.com>
Cc: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Marek Vasut <marex@denx.de>
CONFIG_SEMIHOSTING is selected for the VFP target by the means of
Kconfig already, there is no need to check this in the header file.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The Juno board features a standard compliant EHCI/OHCI USB host
controller pair, which we can just enable.
The platform data is taken from the device tree.
This allows to use USB mass storage (the only storage on a Juno r0)
for loading.
At least on my board USB seems a bit flaky, I need two "usb reset"
sequences after the "usb start" to detect an USB hard drive.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Liviu Dudau <liviu.dudau@arm.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
So far the Juno board wasn't implementing reset. Let's just use the
already existing PSCI_RESET based method to avoid any extra code.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Liviu Dudau <liviu.dudau@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The Arm Juno board was still somewhat stuck in "hardcoded land", even
though there are stable DTs around, and one happens to actually be on
the memory mapped NOR flash.
Enable the configuration options to let the board use OF_CONTROL, and
add a routine to find the address of the DTB partition in NOR
flash, to use that for U-Boot's own purposes.
This can also passed on via $fdtcontroladdr to any kernel or EFI
application, removing the need to actually load a device tree.
Since the existing "afs" command and its flash routines require
flash_init() to be called before being usable, and this is done much
later in the boot process, we introduce a stripped-down partition finder
routine in vexpress64.c, to scan the NOR flash partitions for the
DT partition. This location is then used for U-Boot to find and probe
devices.
The name of the partition can be configured, if needed, but defaults
to "board.dtb", which is used by Linaro's firmware image provided.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The UART base clock rate was typo-ed in the header file, probably because
the reference (the Linux .dts) was also wrong[1].
Fix the number to make the baud rate more correct.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39a1a8941b2
Reviewed-by: Simon Glass <sjg@chromium.org>
Even though the PL011 UART driver claims to be DM compliant, it does not
really a good job with parsing DT nodes. U-Boot seems to adhere to a
non-standard binding, either requiring to have a "skip-init" property in
the node, or to have an extra "clock" property holding the base
*frequency* value for the baud rate generator.
DTs in the U-Boot tree seem to have been hacked to match this
requirement.
The official binding does not mention any of these properties, instead
recommends a standard "clocks" property to point to the baud base clock.
Some boards use simple "fixed-clock" providers, which U-Boot readily
supports, so let's add some simple DM clock code to the PL011 driver to
learn the rate of the first clock, as described by the official binding.
These clock nodes seem to be not ready very early in the boot process,
so provide a fallback value, by re-using the already existing
CONFIG_PL011_CLOCK variable.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
[trini: Add <clock_legacy.h> for get_bus_freq() for layerscape
platforms]
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The U-Boot documentation explains that variables ending with "_r" hold
addresses in DRAM, while those without that ending point to flash/ROM.
The default variables for the Juno board pointing to the kernel and DTB
load addresses were not complying with this scheme: they lack the
extension, but point to DRAM. This is particularly confusing since the
Juno board features parallel NOR flash, so there *is* a memory mapped
NOR address holding a DTB, for instance.
Fix the variables to use the proper names, changing initrd_addr to
ramdisk_addr_r on the way, which seems to be more prevelant and
documented. On the way adjust the FDT load address to be situated
*before* the kernel, since users happened to overwrite the DTB by the
kernel clearing its .BSS section during initialisation.
Also remove the fdt_high and initrd_high variables (which were set
to -1), to allow U-Boot moving those images around.
This should avoid many problems in the future, but breaks loading
Linux kernels < v4.2, since they expect the DTB to be loaded in the same
512MB region as the kernel. If you need to load such an old kernel,
please set fdt_high to either 0xffffffffffffffff or 0xa0000000 (if you
load the kernel to the beginning of DRAM).
That fixes loading debug kernels, which happened to overwrite the DTB on
certain setups.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
CMD_EEPROM and ENV_IS_IN_EEPROM can be selected independently, and
cmd/eeprom.o gets built in either case, so whether to declare the real
prototypes needs to follow the same logic as whether cmd/eeprom.c is
built. Otherwise a ENV_IS_IN_EEPROM=y, CMD_EEPROM=n build fails
cmd/eeprom.c:73:1: error: expected identifier or ‘(’ before ‘{’ token
{
While at it, fix the dummy replacements (at least assuming they are
meant to allow the code to compile) - they need to have the same type
as the expression they replace, or one gets errors such as
env/eeprom.c: In function ‘eeprom_bus_read’:
env/eeprom.c:37:8: error: void value not ignored as it ought to be
rcode = eeprom_read(dev_addr, offset, buffer, cnt);
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Tom Rini <trini@konsulko.com>
This has been reported to break booting of U-Boot from SPL on a number
of platforms due to a lack of alignment of the external data. The
issues this commit is addressing will need to be resolved another way.
Re-introduce a data leak in the padding for now.
This reverts commit 20a154f95b.
Reported-by: Alex Kiernan <alex.kiernan@gmail.com>
Reported-by: Michael Walle <michael@walle.cc>
Tested-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
In commit f62782fb29 ("cache: l2x0: Fix write to incorrect shared-override
bit") we removed writel to regs->pl310_aux_ctrl by accident. This
commit restores it back.
Fixes: f62782fb29 ("cache: l2x0: Fix write to incorrect shared-override bit")
Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
It's possible that the default_environment[] array contains multiple
entries for the same variable, e.g. a setting from env_default.h based
on some CONFIG_* variable, and another from
CONFIG_EXTRA_ENV_SETTINGS. In such a case, the last setting takes
effect.
Hence, in order to be able to use the output from this script as an
CONFIG_DEFAULT_ENV_FILE and get the same default environment as one
currently has, we need to preserve the order. So only sort by the
variable name, and disable the last-resort comparison.
We could pipe the result through uniq to remove duplicate lines, but I
think there's some value in seeing that certain variables are defined
multiple times.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
This patch contains error corrections and code simplifications for the UEFI
sub-system.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAl6wUYIACgkQxIHbvCwF
GsRVbBAAhYUjqjupFiAfBoqdWya1r1qc12QYkT/Udbq6hcPm7T+yKkPoMVXbzgV0
3tABnntyrUhswMkqs9G0qL5aGmlwv4Lk55r0ImVEK6aRyDtgHibNMlPQ6/SyJ6n4
WdiSf2zRs2XNK8XlUswStyNnbyRe+UEGYVrP6kD1ovYVymznP+RKEXK2NeqjV081
4Jyf/GSVAdtpdmrkBamOwANB4z5VvcFIdG/ae32PMCKtJHv+FK5n7eLzKrRlpiMp
UgRp5wJYPT2+eyqqCMzG7p2sS5MlFbQguAhp+8+HPZqTqVTR4e27eb0UWB5f/wWb
p+GQIbtLOhsuWMsR5J1LvcZRs1OnVcGb8kPI+sZi1dHeKGHZ8rS364aH27bng1d6
4DHUBxwydhF1GJIYsRu0s1jKiKdaKXh6CfErKvjdVEc/i4rWkMBbtMYxmSYDANdb
rJ7ppCDcFg1uk2wyDw2F4eiRJlFF0CTSaYy9IVRxKRcQN6HIT7HEE/9yNG5H/xQ0
zTohlvPJKtEIWP0T/mBKnqX7j4sU4oR7fSSPSOnARvsUVyXvI4XEHl1wbEmnK7qS
OeT11FdGoKoP/DTQ4VIvSkddn7aIvYij/U0hTefJSksHEzwvLgq4Q5Y7ibvO2u9o
PG3rlaKAwvJcVAEJO95c7iqh6lKyyaKwj//RtBsEaRXPQCYquYQ=
=+u1X
-----END PGP SIGNATURE-----
Merge tag 'efi-2020-07-rc2-2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc2-2
This patch contains error corrections and code simplifications for the UEFI
sub-system.
- Add DM model for P1010RDB
- Add I2C DM Model support for P1010RDB, T1042RDB, T2080, T4240RDB,
MPC8548CDS, T1024RDB, P4080, P3041DS, P2041RDB, P2020RDB, P1020RDB,
P5040DS
- Fix reference to READM.qe_firmware
Commit 69529c9120 ("net: pcnet: Switch to PCI memory access")
switched from PCI IO access to PCI memory access without updating
the I/O primitives. Contrary to SH, the primitives for memory
access and IO access are implemented differently. Thus doing
memory access with IO port primitives breaks the driver on
MIPS Malta board.
Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
- dts clean up to use -u-boot for px30, rk3399 boards
- dts sycn from upstream kernel for rk3328, rk3399
- add rockchip rng driver
- new board support: rk3328-roc-cc, rk3399-roc-pc,Nanopi M4 2GB
This is part 1 of big network cleanup / DM conversion.
The dc2114x/rtl8139/pcnet/tulip PCI adapter drivers received checkpatch
cleanups in preparation for DM conversion. The smc911x is converted to
DM completely. The dwc_eth_qos cache fixes are applied.
There is no reason to tail-pad fitImage with external data to 4-bytes,
while fitImage without external data does not have any such padding and
is often unaligned. DT spec also does not mandate any such padding.
Moreover, the tail-pad fills the last few bytes with uninitialized data,
which could lead to a potential information leak.
$ echo -n xy > /tmp/data ; \
./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; \
hexdump -vC /tmp/fitImage | tail -n 3
before:
00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si|
00000270 7a 65 00 00 78 79 64 64 |ze..xydd|
^^ ^^ ^^
after:
00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si|
00000270 7a 65 00 78 79 |ze.xy|
Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Tom Rini <trini@konsulko.com>
If we want to restore variables from disk, we need to initialize block
devices before variables.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When setting up the console via function efi_console_register() we call
query_console_serial(). This functions sends an escape sequence to the
terminal to query the display size. The response is another escape
sequence.
console.run_command_list() is looking for a regular expression '^==>'.
If the escape sequence for the screen size precedes the prompt without a
line break, no match is found.
When efi_disk_register() is called before efi_console_register() this leads
to a test failuere of the UEFI secure boot tests.
We can avoid the problem if the first UEFI command passed to
u_boot_console.run_command_list() produces output. This patch achieves this
by appending '; echo' to the first UEFI related command of the problematic
tests.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Eliminate superfluous functions efi_set_volatile_variable() and
efi_set_nonvolatile_variable().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Eliminate superfluous functions efi_get_volatile_variable() and
efi_get_nonvolatile_variable().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We should not to refer to a function via the run-time or boot services
tables if the function is exported.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This function will check if a given handle to device is an EFI system
partition. It will be utilised in implementing capsule-on-disk feature.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Add function description. Return bool.
Reviewed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_set_secure_stat() provides the common code for each stat transition
caused by efi_transfer_secure_state().
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Correct description of return value.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
"if (left < esl->signature_size)" is not reachable in a while loop.
But it is still valuable in case that a given signature database is
somehow corrupted. So fix the while loop condition.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Pkcs7_parse.h and x509_parser.h are used in UEFI subsystem, in particular,
secure boot. So move them to include/crypto to avoid relative paths.
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Don't include include x509_parser.h twice.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
By adding extra symbols, we can now avoid including x509_parser and
pkcs7_parser.h files multiple times.
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Don't include include x509_parser.h twice.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Coreboot is a first-stage bootloader mostly used on x86 devices as an
alternative to UEFI. Coreboot runs in 32-bit mode.
U-Boot currently supports booting from coreboot as a second-stage
bootloader, also in 32-bit mode. However it is useful to be able to run
U-Boot in 64-bit mode. To do this we can have a 32-bit SPL which switches
over the CPU and jumps to a 64-bit U-Boot proper.
Add a new 'coreboot64' board for running 64-bit U-Boot from coreboot. This
uses binman to create an image with a 32-bit SPL and a 64-bit U-Boot.
This allows running 64-bit EFI images on x86, for example, without needing
a native U-Boot port for a board.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
It is useful to know what mode U-Boot is running in. Add a message at the
end of the 'bdinfo' output.
Suggested-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
[bmeng: change commit tag to 'cmd' as this is not x86 specific]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Make a few adjustments to allow us to build an SPL image for coreboot.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
At present SPL only works on bare-metal builds. With a few tweaks it can
be used for coreboot also.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
At present this function copies U-Boot from the last 1MB of ROM. This is
not the right way to do it. Instead, the binman symbol should provide the
location.
But in any case the code should live in the caller,
spl_board_load_image(), so that the 64-bit jump function can be used
elsewhere. Move it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Coreboot runs in 32-bit mode and cannot run a 64-bit U-Boot. To get around
this we can build a combined image with 32-bit SPL and 64-bit U-Boot. Add
a build rule and binman definition for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
At present this function is only available in 32-bit code. Move it to the
common cpu file so it can be used by 64-bit U-Boot too.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Update quoted string alignment to address checkpatch.pl warning
originally introduced in
commit f60a66ef5d ("cmd: mvebu: bubt: show image boot device").
Signed-off-by: Joel Johnson <mrjoel@lixil.net>
Reviewed-by: Simon Glass <sjg@chromium.org>
This resolves issues with certain SFP modules.
Signed-off-by: Jakov Petrina <jakov.petrina@sartura.hr>
Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
Reviewed-by: Stefan Roese <sr@denx.de>
In two files README.qe_firmware is referenced which never made it into the
U-Boot tree. The README is available in the Linux kernel tree.
Update the references.
Cc: Timur Tabi <timur@kernel.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Compile the legacy PCIe initialization reoutines for P1010RDB
boards only when DM_PCI is not enabled.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Add device tree for P1010RDB boards and enable CONFIG_OF_CONTROL
so that device tree can be compiled.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
This enables DM_I2C and DM_RTC in T1042D4RDB defconfigs,
except T1042D4RDB SECURE_BOOT defconfig
Signed-off-by: Biwen Li <biwen.li@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>