- Fix HiFive Unleashed the broken problem by call fix_fdt() before
reserve_fdt(). Please refer to
https://www.mail-archive.com/u-boot@lists.denx.de/msg379444.html for
master u-boot broken for HiFive Unleashed.
- Add unaligned exception cmd.
- Refine sifive/fu540 spl flow.
- Add additional crash information for efi.
- Update sipeed/maix doc.
- Two minor refine.
The test case 5 in test_signed (multiple signatures) must be modified
and aligned with the change introduced in the previous commit
("efi_loader: signature: correct a behavior against multiple signatures").
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Under the current implementation, all the signatures, if any, in
a signed image must be verified before loading it.
Meanwhile, UEFI specification v2.8b section 32.5.3.3 says,
Multiple signatures are allowed to exist in the binary’s certificate
table (as per PE/COFF Section “Attribute Certificate Table”). Only
one hash or signature is required to be present in db in order to pass
validation, so long as neither the SHA-256 hash of the binary nor any
present signature is reflected in dbx.
This patch makes the semantics of signature verification compliant with
the specification mentioned above.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
There may be a chance that board specific fix_fdt() will change the
size of FDT blob so it's safe to call reserve_fdt() after fix_fdt()
otherwise global data (gd) will overwrite with FDT blob values.
Fixes: a8492e25ac ("riscv: Expand the DT size before copy reserved memory node")
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
If an exception occurs, the relocated program counter and return address
are required for an analysis.
With this patch you get:
=> exception undefined
Unhandled exception: Illegal instruction
EPC: 0000000080595908 RA: 000000008059c0c6 TVAL: 000000008030c01e
EPC: 0000000080007908 RA: 000000008000e0c6 reloc adjusted
We can use the relocated addresses to find the involved functions in
u.boot.map:
.text.do_undefined
0x0000000080007908 0x8 cmd/built-in.o
.text.cmd_process
0x000000008000dfcc 0x11a common/built-in.o
0x000000008000dfcc cmd_process
If an exception occurs in an UEFI binary additionally the load addresses of
the UEFI binaries are needed. With this patch:
=> setenv efi_selftest exception
=> bootefi selftest
Unhandled exception: Illegal instruction
EPC: 000000008042e18a RA: 000000008042e18a TVAL: 000000008030c01e
EPC: 000000007fea018a RA: 000000007fea018a reloc adjusted
UEFI image [0x0000000000000000:0xffffffffffffffff] '/\selftest'
UEFI image [0x000000008042e000:0x000000008042e43f] pc=0x18a '/bug.efi'
The value pc=0x18a matches the position of the illegal instruction in
efi_selftest_miniapp_exception.efi (loaded as /bug.efi);
asm volatile (".word 0xffffffff\n");
00000180 93 85 C5 11 1C 64 22 85 82 97 FF FF FF FF 1C 64
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Tested-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
The command 'exception' can be used to test the handling of exceptions.
Currently the exception command only allows to create an illegal
instruction exception on RISC-V.
Provide a sub-command 'exception unaligned' to cause a misaligned load
address exception.
Adjust the online help for 'exception undefined'.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Rick Chen <rick@andestech.com>
Provide the required settings for the debug UART.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
The MAIXDUINO runs fine with the sipeed_maix_bitm_defconfig but a different
board id parameter should be passed to kflash.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
We should not initialize a variable if the value is overwritten before
being read.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Rick Chen <rick@andestech.com>
After
if (ret) return ret;
we know that ret is zero. Don't check it again.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
It's better to keep all SPL related functions in the same spl.c.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Leo Liang <ycliang@andestech.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
This option was enabled during the earlier U-Boot porting time. Now
we already have the OTP driver in place and the unique MAC address
is read from the OTP, there is no need to turn on this option.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Leo Liang <ycliang@andestech.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
All FU540 driver related options should be in the SoC level Kconfig.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
spl_soc_init() seems to be a better name, as all SPL functions
names start from the spl_ prefix.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Use the generic board_init_f() provided by the RISC-V library codes.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
The generic SPL version of board_init_f() should give a call to
board specific codes to initialize board in the SPL phase.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Tested-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Under the new file-based variable implementation, the secure state
is always and falsely set to 0 (hence, the secure boot gets disabled)
after the reboot even if PK (and other signature database) has already
been enrolled in the previous boot.
This is because the secure state is set up *before* loading non-volatile
variables' values from saved data.
This patch fixes the order of variable initialization and secure state
initialization.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: 5f7dcf079d ("efi_loader: UEFI variable persistence")
In this test case, an image may have a signature with additional
intermediate certificates. A chain of trust will be followed and all
the certificates in the middle of chain must be verified before loading.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
It won't be very useful to customize HELLO_PATH and EFI_SECBOOT_IMAGE_NAME
under the current code base. So just remove them.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In this commit, efi_signature_verify(with_sigdb) will be re-implemented
using pcks7_verify_one() in order to support certificates chain, where
the signer's certificate will be signed by an intermediate CA (certificate
authority) and the latter's certificate will also be signed by another CA
and so on.
What we need to do here is to search for certificates in a signature,
build up a chain of certificates and verify one by one. pkcs7_verify_one()
handles most of these steps except the last one.
pkcs7_verify_one() returns, if succeeded, the last certificate to verify,
which can be either a self-signed one or one that should be signed by one
of certificates in "db". Re-worked efi_signature_verify() will take care
of this step.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
This is a bug fix; Setting an authenticated variable may fail due to
a memory corruption in the authentication.
A temporary buffer will, if needed, be allocated to parse a variable's
authentication data, and some portion of buffer, specifically signer's
certificates, will be referenced by efi_signature_verify().
So the buffer should be kept valid until the authentication process
is finished.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Variable load_options must be initialized to NULL to avoid a segmentation
fault when freeing the memory this variable points to.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Add STM32 FMC2 EBI controller driver
- Fix dwc3-sti-glue which allows STiH410-B2260 to boot again
- Add fitImage its entry for 587-200 DHCOR SoM
- Add both PDK2 and DRC02 DT into DHCOM fitImage its
- Fix DHCOM KS8851 ethernet MAC address
- Remove stm32mp1 board.c file
- Use const for struct node_info in board stm32mp1.c file
-----BEGIN PGP SIGNATURE-----
iQJLBAABCgA1FiEEXyrViUccKBz9c35Jysd4L3sz/6YFAl81JrkXHHBhdHJpY2Uu
Y2hvdGFyZEBzdC5jb20ACgkQysd4L3sz/6ZZBw//TiEtosS/6NRuC3kzK9KrpVUY
hIvrZldrh5lr+RZn7GqmNHD9CUZeXFBweG6ah5oHImsyaUdUnWZSftXykEzdIyoL
+r2j27npjqviATH1dZNliZnb/QiMsPmmf7XmF2MO0U7NTkbc7GMvsPWHAllk7jue
cPfa+uiRWsfM2oiHki6zC+QvfYQ5x+yxsWjoaOXgyAqjC8oIFBTqXFCHEYPhhZPr
9yu7uIXkahpEZe0x2J/5B0rCfgwpaX/fkF9OU35ThhpSEJOLWneiNwMtODGS96CQ
VjJhpdP3T/8TL8cQF+DJVP3tBQn60zepb12LvYY4Lhm08EolBRS8E/reukthkhWP
9C8KBHNFZG/PTccuHhF2t75AsFOQm37xR5S6qf2vjTYddTojqKQ404/BB89+jkJP
2bYfi5VZc9kz5gD4faGObHqqhhaMeC64ihrtJouFR8APS8IMEzsb282LX6mpa+IM
Id9zKHEyLZ9vig/ybQ2G1lpucFYtDrEcl7HBLFGrPkzWXhhvh8Onm6BGda378lBM
JTTstUlDPrmc8OSUR8RSE15LXnoYP4QfJwUUy2/DOYt3GoHWCIHAY2V5Eo+ATl7q
2p2/5pi/mOblSk5LW3cnjAqlnFmH7IVp4rLNLPvunRSDC34lhjvOzTgEiBvwqA/Z
2YbPPXFM7nwU/OXbG7w=
=J4aq
-----END PGP SIGNATURE-----
Merge tag 'u-boot-stm32-20200813' of https://gitlab.denx.de/u-boot/custodians/u-boot-stm
- Use IS_ENABLED to prevent ifdef in board_key_check for STM32MP
- Add STM32 FMC2 EBI controller driver
- Fix dwc3-sti-glue which allows STiH410-B2260 to boot again
- Add fitImage its entry for 587-200 DHCOR SoM
- Add both PDK2 and DRC02 DT into DHCOM fitImage its
- Fix DHCOM KS8851 ethernet MAC address
- Remove stm32mp1 board.c file
- Use const for struct node_info in board stm32mp1.c file
Fix these dtc warnings:
Warning (reg_format)
Warning (avoid_default_addr_size)
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Use const for the variable nodes in ft_board_setup,
this patch follow fdt_fixup_mtdparts prototype and no more use stack.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Remove the file board/st/stm32mp1/board.c which is not more
compiled since commit 156732cc8939 ("board: stm32mp1: move the
function board_debug_uart_init in spl.c")
Fixes: 4fb46816c7 ("board: stm32mp1: move the function board_debug_uart_init in spl.c")
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
The STM32MP1 DHCOM has two ethernet interfaces, the on-SoM DWMAC and KS8851.
Set eth1addr for the KS8851 to a MAC address of the DWMAC incremented by 1.
The MAC of the DWMAC is set from on-SoM EEPROM already, but the MAC address
of KS8851 was left uninitialized, so fix this.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@st.com>
Cc: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
The new 587-200 DHCOR SoM is compatible with the 587-100 prototype,
hence just replicate the entries, as there is no pattern matching.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@st.com>
Cc: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Include both PDK2 and DRC02 DTs in the DHCOM fitImage .its and implement
support in SPL to select the correct configuration entry for U-Boot by
using the machine compatible string from SPL DT.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@st.com>
Cc: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
This patch adds FMC2 External Bus Interface support on stm32mp157c.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
This patch enables the support of FMC2 EBI.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
FMC2 EBI support has been added. Common resources (registers base
address and clock) can now be shared between the 2 drivers using
"st,stm32mp1-fmc2-nfc" compatible string. It means that the
common resources should now be found in the parent device when EBI
node is available.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
The driver adds the support for the STMicroelectronics FMC2 EBI controller
found on STM32MP SOCs.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
This patch renames functions and local variables.
This cleanup is done to get all functions starting by stm32_fmc2_nfc
in the FMC2 raw NAND driver when all functions will start by
stm32_fmc2_ebi in the FMC2 EBI driver.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
FMC2_TIMEOUT_5S will be used each time that we need to wait.
It was seen, during stress tests in an overloaded system,
that we could be close to 1 second, even if we never met this
value. To be safe, FMC2_TIMEOUT_MS is set to 5 seconds.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Remove inline comments that are useless since function label are
self explanatory.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
The chip select defined in the device tree could only be 0 or 1.
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Use IS_ENABLED to prevent ifdef in stm32prog command.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Use IS_ENABLED to prevent ifdef in bsec driver.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Use IS_ENABLED to prevent ifdef in ft_board_setup.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>