Commit graph

31072 commits

Author SHA1 Message Date
Simon Glass
29ce737d6f mkimage: Build signing only if board has CONFIG_FIT_SIGNATURE
At present mkimage is set up to always build with image signing support.
This means that the SSL libraries (e.g. libssl-dev) are always required.

Adjust things so that mkimage can be built with and without image signing,
controlled by the presence of CONFIG_FIT_SIGNATURE in the board config file.

If CONFIG_FIT_SIGNATURE is not enabled, then mkimage will report a warning
that signing is not supported. If the option is enabled, but libraries are
not available, then a build error similar to this will be shown:

lib/rsa/rsa-sign.c:26:25: fatal error: openssl/rsa.h: No such file or directory

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-06-28 16:26:52 -04:00
Simon Glass
5ff0d0832e bootm: Disable interrupts before loading OS
This restores the ordering of interrupt disable to what it what before
commit 35fc84fa. It seems that on some archiectures (e.g. PowerPC) the
OS is loaded into an interrupt region, which can cause problems if
interrupts are still running.

Tested-by: Stefan Roese <sr@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
2013-06-28 16:26:50 -04:00
Tom Rini
d366438d8a cmd_bootm.c: Correct BOOTM_ERR_OVERLAP handling
With 35fc84fa1 [Refactor the bootm command to reduce code duplication]
we stopped checking the return value of bootm_load_os (unintentionally!)
and simply returned if we had a non-zero return value from the function.
This broke the valid case of a legacy image file of a single kernel
loaded into an overlapping memory area (the default way of booting
nearly all TI platforms).

The best way to fix this problem in the new code is to make
bootm_load_os be the one to see if we have a problem with this, and if
it's fatal return BOOTM_ERR_RESET and if it's not BOOTM_ERR_OVERLAP, so
that we can avoid calling lmb_reserve() but continue with booting.  We
however still need to handle the other BOOTM_ERR values so re-work
do_bootm_states so that we have an error handler at the bottom we can
goto for problems from bootm_load_os, or problems from the other callers
(as the code was before).  Add a comment to do_bootm_states noting the
existing restriction on negative return values.

Signed-off-by: Tom Rini <trini@ti.com>

---
Changes in v2:
- Rework so that only bootm_load_os and boot_selected_os head down into
  the err case code, and other errors simply return back to the caller.
  Fixes 'spl export'.
2013-06-28 16:24:13 -04:00
Albert ARIBAUD
e6c7f86f03 Merge branch 'u-boot-imx/master' into 'u-boot-arm/master' 2013-06-28 17:51:13 +02:00
Otavio Salvador
d6c6d127c5 vf610twr: Remove SoC name from U-Boot prompt
We've been dropping SoC name from U-Boot prompt as it increase
complexity for automatic testing and makes line longer for no good
reason.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Tested-by: Andy Voltz <andy.voltz@timesys.com>
2013-06-28 16:59:08 +02:00
Otavio Salvador
ca21f61e28 vf610twr: Add default environment in line with other Freescale boards
This adds a default environment which should be able to support both
3.0.15 from Timesys and upcoming 3.11.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Tested-by: Andy Voltz <andy.voltz@timesys.com>
2013-06-28 16:58:50 +02:00
Fabio Estevam
620ca1c174 video: mxsfb: Break the line in videomode message
Currently we have the following on boot:

CPU:   Freescale i.MX28 rev1.2 at 454 MHz
BOOT:  SSP SD/MMC #0, 3V3
DRAM:  128 MiB
MMC:   MXS MMC: 0
Video: MXSFB: 'videomode' variable not set!In:    serial

Break the line of the warning message in order to have a better reading format.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-28 16:54:47 +02:00
Fabio Estevam
fca42cd659 MAINTAINERS: Add an entry to the mx6q wandboard variant
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
2013-06-28 16:52:03 +02:00
Rajeshwari Shinde
493c073ff4 SMDK5250: Remove reduntant code
enum boot_mode is defined twice once in spl.h and also in
spl_boot.c, hence removing the same from spl_boot.c and including
the header file.

Signed-off-by: Rajeshwari Shinde <rajeshwari.s@samsung.com>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
2013-06-28 09:19:38 +09:00
Tom Rini
20cb5fbec6 am335x_evm: Add missing ';' in findfdt
In a714321 we add a check at the end of findfdt to make sure we have
updated it from undefined and if not, warn the user.  This however
forgot a ';' on the end of the previous last test.

Signed-off-by: Tom Rini <trini@ti.com>
2013-06-27 09:55:39 -04:00
Tom Rini
58a5c43c09 Merge branch 'master' of git://git.denx.de/u-boot-74xx-7xx 2013-06-27 08:23:27 -04:00
Wolfgang Denk
b8bfde7f01 PPC 74xx_7xx: Fix build warnings for ELPPC board
Fix:

misc.c: In function 'misc_init_r':
misc.c:210:3: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
misc.c:211:3: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
misc.c:212:3: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]

Signed-off-by: Wolfgang Denk <wd@denx.de>
2013-06-27 08:12:28 +02:00
Jason Jin
1b9591c237 ColdFire: Update the arch_global_date changes for mcf5441x
Update inp_clk, vco_clk and flb_clk for mcf5441x as those
items were moved to arch_global_data.

Signed-off-by: Jason Jin <Jason.jin@freescale.com>
2013-06-27 08:44:00 +08:00
Steve deRosier
08dbd6ccd5 Fix MCF5235 SDRAM base address macro
SDRAMC_DARCn_BA() macro worked fine when the BA is 0x00000000 even
though the macro is incorrect. It causes the BA to be set incorrctly
for other base addresses. This patch fixes the macro so that base
addresses other than zero can be used with the MCF5235.

Signed-off-by: Steve deRosier <derosier@gmail.com>
2013-06-27 08:31:17 +08:00
Jens Scharsig (BuS Elektronik)
aea5eee126 m68k: fix debug call befor serial init
There is a debug call in board.c befor serial interface was initialized.
This moves the debug code behind serial_initialize call.

Signed-off-by: Jens Scharsig (BuS Elektronik) <esw@bus-elektronik.de>
2013-06-27 08:31:16 +08:00
Mike Dunn
8b6b51a617 mtd/nand: docg4: fix compiler warnings
Newer gcc versions warn about unused variables.  This patch corrects a few of
those warnings that popped up in a build for the palmtreo680 board.

Signed-off-by: Mike Dunn <mikedunn@newsguy.com>
2013-06-26 16:19:58 -05:00
Fabio Estevam
5307188889 m28evk: Move README file inside board directory
Board specific READMEs should be located inside the respective board directory.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:41:06 +02:00
Fabio Estevam
17f3f36652 mx28evk: Move README file inside board directory
Board specific READMEs should be located inside the respective board directory.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:40:39 +02:00
Fabio Estevam
54965b6136 README: mxs: Introduce README.mxs
Create a README.mxs file that contains instructions on how to use U-boot for
both MX23 and MX28.

As boot from NAND has only been tested on mx28, make it clear that it only
applies to MX28.

While at it, do some small cleanups for the sake of consistency:
- Use "MX28" instead of "i.MX28"
- Use "section" instead of "chapter" when referring to specific parts of the
reference manual chapters.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:39:57 +02:00
Fabio Estevam
7333eca5f4 README: mx28_common: Fix structure of sentence
Re-structure the sentence a bit so that it can clearer.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:34:22 +02:00
Fabio Estevam
3f5e2e2a7d README: mx28_common: Do not hardcode the SSP port
MX28 can boot from SSP0 or SSP1, so it is better not to hardcode the SSP port
in the instructions.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:34:22 +02:00
Fabio Estevam
84286c22e6 README: mx28_common: Keep the text within 80 columns
In order to improve readability keep the text within 80 columns.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:34:22 +02:00
Robert Winkler
262326b4c3 imx: nitrogen6x: Enable filesystem generic commands
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
2013-06-26 17:34:22 +02:00
Robert Winkler
3655829511 imx: nitrogen6x: Enable raw initrd
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
2013-06-26 17:34:21 +02:00
Robert Winkler
9b9ba6f035 imx: nitrogen6x: Enable bootz
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
2013-06-26 17:34:21 +02:00
Robert Winkler
87de2d64db imx: nitrogen6x: Enabled data cache
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
2013-06-26 17:34:21 +02:00
trem
79713f0ad8 mx27: add i2c clock
Signed-off-by: Eric Jarrige <eric.jarrige@armadeus.org>
Signed-off-by: Philippe Reynes <tremyfr@yahoo.fr>
2013-06-26 17:34:21 +02:00
trem
6247c4653b mx27: add function enable_caches
Signed-off-by: Philippe Reynes <tremyfr@yahoo.fr>
2013-06-26 17:34:21 +02:00
Pierre Aubert
c174797061 imx: Add support for the SabreSD shipped with i.MX6DL
The SabreSD platform is available with i.MX6Q or i.MX6DL. This patch adds the
support of the i.MX6DL. The config file and the board directory are renamed
to remove the reference to the MX6Q.

Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
CC: Stefano Babic <sbabic@denx.de>
Reviewed-by: Fabio Estevam <fabio.estevam@freescale.com>
2013-06-26 17:34:11 +02:00
Pierre Aubert
87d720e0c2 imx: Complete the pin definitions for the i.MX6DL / i.MX6Solo
Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
CC: Stefano Babic <sbabic@denx.de>
2013-06-26 16:47:30 +02:00
Pierre Aubert
7aa1e8bb1b imx6: fix GPR2 wrong definition
Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
CC: Stefano Babic <sbabic@denx.de>
Acked-by: Dirk Behme <dirk.behme@gmail.com>
2013-06-26 16:28:54 +02:00
Eric Nelson
2dbe64ca24 dwc_ahsata: Allow use with dcache enabled
Signed-off-by: Eric Nelson <eric.nelson@boundarydevices.com>
2013-06-26 16:26:45 +02:00
Axel Lin
e31dc61e7d usb: musb: Use ARRAY_SIZE at appropriate places
Signed-off-by: Axel Lin <axel.lin@ingics.com>
2013-06-26 10:26:06 -04:00
Axel Lin
31bf0f57b2 mtd: cfi_flash: Use ARRAY_SIZE at appropriate places
Signed-off-by: Axel Lin <axel.lin@ingics.com>
2013-06-26 10:26:06 -04:00
Axel Lin
b98bfeb667 hwmon: lm63: Use ARRAY_SIZE at appropriate place
Signed-off-by: Axel Lin <axel.lin@ingics.com>
2013-06-26 10:26:06 -04:00
Axel Lin
9935175f50 serial: Use ARRAY_SIZE instead of reinventing it
Signed-off-by: Axel Lin <axel.lin@ingics.com>
2013-06-26 10:26:06 -04:00
Vincent Stehlé
4d98b5c8a5 README: align default commands with code
Align the list of default commands mentioned in the configuration options
paragraph of the README with the actual definitions found in
include/config_cmd_default.h

Signed-off-by: Vincent Stehlé <vincent.stehle@freescale.com>
2013-06-26 10:26:06 -04:00
Sascha Silbe
ff8fef5666 Fix block device accesses beyond 2TiB
With CONFIG_SYS_64BIT_LBA, lbaint_t gets defined as a 64-bit type,
which is required to represent block numbers for storage devices that
exceed 2TiB (the block size usually is 512B), e.g. recent hard drives.

For some obscure reason, the current U-Boot code uses lbaint_t for the
number of blocks to read (a rather optimistic estimation of how RAM
sizes will evolve), but not for the starting address. Trying to access
blocks beyond the 2TiB boundary will simply wrap around and read a
block within the 0..2TiB range.

We now use lbaint_t for block start addresses, too. This required
changes to all block drivers as the signature of block_read(),
block_write() and block_erase() in block_dev_desc_t changed.

Signed-off-by: Sascha Silbe <t-uboot@infra-silbe.de>
2013-06-26 10:26:06 -04:00
Steven Stallion
eeaef5e430 cmd_bootm: Add command line arguments to Plan 9
This patch introduces support for command line arguments to Plan 9.
Plan 9 generally dedicates a small region of kernel memory (known
as CONFADDR) for runtime configuration.  A new environment variable
named confaddr was introduced to indicate this location when copying
arguments.

Signed-off-by: Steven Stallion <sstallion@gmail.com>
[trini: Adapt for Simon's changes about correcting argc, no need to bump
by 2 now]
Signed-off-by: Tom Rini <trini@ti.com>
2013-06-26 10:25:22 -04:00
Dirk Behme
9a30903b44 spi: mxc_spi: Update pre and post divider algorithm
The spi clock divisor is of the form x * (2**y),  or  x  << y, where x is
1 to 16, and y is 0 to 15. Note the similarity with floating point numbers.
Convert the desired divisor to the smallest number which is >= desired divisor,
and can be represented in this form. The previous algorithm chose a divisor
which could be almost twice as large as needed.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: Dirk Behme <dirk.behme@gmail.com>
2013-06-26 16:23:30 +02:00
Dirk Behme
8d4c4ffb95 spi: mxc_spi: Fix pre and post divider calculation
Fix two issues with the calculation of pre_div and post_div:

1. pre_div: While the calculation of pre_div looks correct, to set the
CONREG[15-12] bits pre_div needs to be decremented by 1:

The i.MX 6Dual/6Quad Applications Processor Reference Manual (IMX6DQRM
Rev. 0, 11/2012) states:

CONREG[15-12]: PRE_DIVIDER
0000 Divide by 1
0001 Divide by 2
0010 Divide by 3
...
1101 Divide by 14
1110 Divide by 15
1111 Divide by 16

I.e. if we want to divide by 2, we have to write 1 to CONREG[15-12].

2. In case the post divider becomes necessary, pre_div will be divided by
16. So set pre_div to 16, too. And not 15.

Both issues above are tested using the following examples:

clk_src = 60000000 (60MHz, default i.MX6 ECSPI clock)

a) max_hz == 23000000 (23MHz, max i.MX6 ECSPI read clock)

-> pre_div =  3 (divide by 3 => CONREG[15-12] == 2)
-> post_div = 0 (divide by 1 => CONREG[11- 8] == 0)
               => 60MHz / 3 = 20MHz SPI clock

b) max_hz == 2000000 (2MHz)

-> pre_div =  16 (divide by 16 => CONREG[15-12] == 15)
-> post_div = 1  (divide by  2 => CONREG[11- 8] == 1)
               => 60MHz / 32 = 1.875MHz SPI clock

c) max_hz == 1000000 (1MHz)

-> pre_div =  16 (divide by 16 => CONREG[15-12] == 15)
-> post_div = 2  (divide by  4 => CONREG[11- 8] == 2)
               => 60MHz / 64 = 937.5kHz SPI clock

d) max_hz == 500000 (500kHz)

-> pre_div =  16 (divide by 16 => CONREG[15-12] == 15)
-> post_div = 3  (divide by  8 => CONREG[11- 8] == 3)
               => 60MHz / 128 = 468.75kHz SPI clock

Signed-off-by: Dirk Behme <dirk.behme@gmail.com>
2013-06-26 16:22:51 +02:00
Simon Glass
041bca5ba3 Add verified boot information and test
Add a description of how to implement verified boot using signed FIT images,
and a simple test which verifies operation on sandbox.

The test signs a FIT image and verifies it, then signs a FIT configuration
and verifies it. Then it corrupts the signature to check that this is
detected.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-06-26 10:18:57 -04:00
Simon Glass
74378cf8e7 sandbox: config: Enable FIT signatures with RSA
We want to sign and verify images using sandbox, so enable these options.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-06-26 10:18:57 -04:00
Simon Glass
4d0985295b image: Add support for signing of FIT configurations
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).

Add support for signing of FIT configurations using the libfdt's region
support.

Please see doc/uImage.FIT/signature.txt for more information.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-06-26 10:18:56 -04:00
Simon Glass
3e06cd1f97 libfdt: Add fdt_find_regions()
Add a function to find regions in device tree given a list of nodes to
include and properties to exclude.

See the header file for full documentation.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-06-26 10:18:56 -04:00
Simon Glass
399c744b22 mkimage: Add -r option to specify keys that must be verified
Normally, multiple public keys can be provided and U-Boot is not
required to use all of them for verification. This is because some
images may not be signed, or may be optionally signed.

But we still need a mechanism to determine when a key must be used.
This feature cannot be implemented in the FIT itself, since anyone
could change it to mark a key as optional. The requirement for
key verification must go in with the public keys, in a place that
is protected from modification.

Add a -r option which tells mkimage to mark all keys that it uses
for signing as 'required'.

If some keys are optional and some are required, run mkimage several
times (perhaps with different key directories if some keys are very
secret) using the -F flag to update an existing FIT.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
2013-06-26 10:18:56 -04:00
Simon Glass
4f61042701 mkimage: Add -c option to specify a comment for key signing
When signing an image, it is useful to add some details about which tool
or person is authorising the signing. Add a comment field which can take
care of miscellaneous requirements.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
2013-06-26 10:18:56 -04:00
Simon Glass
95d77b4479 mkimage: Add -F option to modify an existing .fit file
When signing images it is sometimes necessary to sign with different keys
at different times, or make the signer entirely separate from the FIT
creation to avoid needing the private keys to be publicly available in
the system.

Add a -F option so that key signing can be a separate step, and possibly
done multiple times as different keys are avaiable.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
2013-06-26 10:18:56 -04:00
Simon Glass
e29495d37f mkimage: Add -K to write public keys to an FDT blob
FIT image verification requires public keys. Add a convenient option to
mkimage to write the public keys to an FDT blob when it uses then for
signing an image. This allows us to use:

   mkimage -f test.its -K dest.dtb -k keys test.fit

and have the signatures written to test.fit and the corresponding public
keys written to dest.dtb. Then dest.dtb can be used as the control FDT
for U-Boot (CONFIG_OF_CONTROL), thus providing U-Boot with access to the
public keys it needs.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
2013-06-26 10:18:56 -04:00
Simon Glass
80e4df8ac6 mkimage: Add -k option to specify key directory
Keys required for signing images will be in a specific directory. Add a
-k option to specify that directory.

Also update the mkimage man page with this information and a clearer list
of available commands.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de> (v1)
2013-06-26 10:18:56 -04:00