boot_service_capability_min is constant, it should be capitalized.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
MD5 is being called directly in some places, but it is not available
via hash_lookup_algo("md5"). This is inconsistent with other hasing
routines. To resolve this, add an "md5" entry to hash_algos[].
The #ifdef clause looks funnier than those for other entries. This is
because both MD5 and SPL_MD5 configs exist, whereas the other hashes
do not have "SPL_" entries. The long term plan is to get rid of the
ifdefs, so those should not be expected to survive much longer.
The md5 entry does not have .hash_init/update/finish members. That's
okay because hash_progressive_lookup_algo() will catch that, and
return -EPROTONOSUPPORT, while hash_lookup_algo() will return the
correct pointer.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Use CONFIG_IS_ENABLED not IS_ENABLED for MD5 check]
Signed-off-by: Tom Rini <trini@konsulko.com>
All of these configs exist. Stick to using CONFIG_[ST]PL_HASH, and drop all
references to CONFIG_[ST]PL_HASH_SUPPORT. This means we need for
CHAIN_OF_TRUST to select SPL_HASH now.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add TPL case, fix CHAIN_OF_TRUST, other tweaks]
Signed-off-by: Tom Rini <trini@konsulko.com>
Originally CONFIG_FIT_SHAxxx enabled specific SHA algos for and only
for hash_calculate() in common/image-fit.c. However, since commit
14f061dcb1 ("image: Drop IMAGE_ENABLE_SHAxxx"),
the correct selector was changed to CONFIG_SHAxxx.
The extra "_FIT_" variants are neither used, nor needed. Remove them.
One defconfig disables FIT_SHA256, which is now changed to 'SHA256'.
CMD_MVEBU_BUBT needs to select select SHA256 to avoid undefined
references to "sha256_*()". bubt.c needs sha256, so this selection is
correct. It is not clear why this problem did not manifest before.
Note that SHA selection in SPL is broken for this exact reason. There
is no corresponding SPL_SHAxxx. Fixing this is is beyond the scope of
this change.
Also note that we make CONFIG_FIT now imply SHA256, to make up for
FIT_SHA256 previously being a default y option.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Add imply SHA256 to FIT]
Signed-off-by: Tom Rini <trini@konsulko.com>
On the HiFive Unmatched a PCI to SATA adapter may be used to install a SATA
drive. Enable booting from it.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
TCG EFI Protocol Specification defines that PCRIndex parameter
passed from caller must be 0 to 23.
TPM2_MAX_PCRS is currently used to check the range of PCRIndex,
but TPM2_MAX_PCRS is tpm2 device dependent and may have larger value.
This commit newly adds EFI_TCG2_MAX_PCR_INDEX macro, it is used to
check the range of PCRIndex parameter.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
TCG EFI Protocol Specification requires to the input
ProtocolCapability.Size < size of the EFI_TCG2_BOOT_SERVICE_CAPABILITY
up to and including the vendor ID field.
Current implementation does different calculation, let's fix it.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Writing variables AuditMode and DeployedMode serves to switch between
Secure Boot modes. Provide a separate value for these in efi_auth_var_type.
With this patch the variables will not be read from from file even if they
are marked as non-volatile by mistake.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The UEFI specification requires that the signature database may only be
stored in tamper-resistant storage. So these variable may not be read
from an unsigned file.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Define all standard baudrates plus 3 non-standard high speed:
3125000 4000000 5150000
3125000 matches divisor 5 with 250 MHz TCLK and divisor 4 with 200 MHz TCLK.
4000000 is the rounded value for divisor 4 with 250 MHz TCLK (3906250) and
divisor 3 with 200 MHz TCLK (4166666).
5150000 is the rounded value (5208333) for divisor 3 with 250 MHz TCLK.
Testing showed that rounded value is more stable then exactly calculated.
And it is the highest possible baudrate which is stable on A38x platform.
Any other baudrate values above 2500000 are unstable, which is reason why
e.g. standard value 3000000 is not defined, and it is needed to use
non-standard value 3125000.
Tested all defined UART baudrates on Turris Omnia (A38x with 250 MHz TCLK).
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
xilinx:
- Disable CONFIG_ARCH_FIXUP_FDT_MEMORY
- Print information about cpu via soc drivers and enable DISPLAY_CPUINFO
- Wire infrastructure for DTB_RESELECT and MULTI_DTB_FIT
zynq:
- Wire single QSPI
- Use power-source instead of io-standard properties
- Enable nor on zc770-xm012
zynqmp:
- Change handling around multi_boot()
- Setup offset for u-boot.itb in spi
- Generate run time dfu_alt_info for capsule update
- Use explicit values for enums (zynqmp_firmware.h)
- Enable RTC/SHA1/BUTTON/BUTTON_GPIO command
- Disable WDT driver by default
- Bind usb/scsi via preboot because of EFI
- DT updates/fixes
- Add soc driver
- Fix SPL SPI boot mode
versal:
- Add soc driver
sdhci:
- Update tap delay programming for zynq_sdhci driver
cmd:
- Fix RTC uclass handling in date command
- Update pwm help message
- Update reset help message
watchdog:
- Fix wwdt compilation
rtc:
- Deal with seq alias in rtc uclass
- Add zynqmp RTC driver
fdt:
- Add kernel-doc for fdt_fixup_memory_banks()
-----BEGIN PGP SIGNATURE-----
iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCYSilpgAKCRDKSWXLKUoM
Id2JAJ9jY19JiEpOd3vuRCT5CE/pzX4yDACeP8DiXDzSi5tLHwDWUCBobUTze2s=
=5lnj
-----END PGP SIGNATURE-----
Merge tag 'xilinx-for-v2021.10-rc3' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze
Xilinx changes for v2021.10-rc3
xilinx:
- Disable CONFIG_ARCH_FIXUP_FDT_MEMORY
- Print information about cpu via soc drivers and enable DISPLAY_CPUINFO
- Wire infrastructure for DTB_RESELECT and MULTI_DTB_FIT
zynq:
- Wire single QSPI
- Use power-source instead of io-standard properties
- Enable nor on zc770-xm012
zynqmp:
- Change handling around multi_boot()
- Setup offset for u-boot.itb in spi
- Generate run time dfu_alt_info for capsule update
- Use explicit values for enums (zynqmp_firmware.h)
- Enable RTC/SHA1/BUTTON/BUTTON_GPIO command
- Disable WDT driver by default
- Bind usb/scsi via preboot because of EFI
- DT updates/fixes
- Add soc driver
- Fix SPL SPI boot mode
versal:
- Add soc driver
sdhci:
- Update tap delay programming for zynq_sdhci driver
cmd:
- Fix RTC uclass handling in date command
- Update pwm help message
- Update reset help message
watchdog:
- Fix wwdt compilation
rtc:
- Deal with seq alias in rtc uclass
- Add zynqmp RTC driver
fdt:
- Add kernel-doc for fdt_fixup_memory_banks()
Move tapdelay function calls to zynq_sdhci.c and make them static
inline. zynqmp_tap_delay.h has function prototypes for the functions
defined in tap_delays.c, which will not be needed anymore.
Remove tap_delays.c and zynqmp_tap_delay.h files.
Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
Currently xilinx sdhci driver is using zynqmp_mmio_write() to set
tapdelay values and DLL resets. Continue to use this for SPL and mini
U-Boot where U-Boot will be executed at EL3 level.
Use firmware call xilinx_pm_request() using appropriate arguments to
set input/output tapdelays and also for DLL resets in regular flow(EL2).
Host driver should explicitly request DLL reset before ITAP (assert DLL)
and after OTAP (release DLL) to avoid issues in some cases. Also handle
error return where possible.
Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
Rename to common file name to used by all SOC64 devices and change
"_S10_" to "_SOC64_" in base_addr_soc64.h.
Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Documentation:
* Rename Freescale to NXP
* Document structures used for the UEFI TCG2 protocol
UEFI:
* Device paths must use EfiBootServicesData
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEK7wKXt3/btL6/yA+hO4vgnE3U0sFAmEf+AgACgkQhO4vgnE3
U0skxhAAjjv6yMYLYlj2YNTtYDS2zVsnsY8i/vmWNmGYvwfrlcUC/e3J00ftBIjI
DEwImrzefvQwr4NOZgIlyxR81NwboWULxvHSF5avwctxQVoTElkSfE2Ji+nFYa23
P/L7E/Zf+NwTHBlE1wfkNJPZ/zya73DTOe+MGWvLnvOX56JZqEJOgmTtcQntRUll
9zkB76j6sCk8B3ydFZmzGqhB4aslJBypG+bQB72XXGVBZoHb9pEPv90hBl616AN/
5H8WewxTE2s6z3IfexxPAc7ssMQuW3RWw0WsJvBVviw8tSPj4SZjg5HNHAM3mz/i
EXHUqAEySP1oT6P4hVef7Xc9gC67N+dVZGAA1QcZBkAnH+BQQ2GmIWX5+3mZJflq
3eHWhMUHWc4q76MbN9QqReAo3wJ3GsBqdA1oORR5FgIPwEVl0jwQMYv6frC/vB6/
6VX8WcbAWsixjf8QeQlibfMqBO9xZI1Iue5rN6DcwMey6dZrDnXGMdk7Woj6F4ga
tERYBt+UBawTf2ww24wMXc7Hw2dZ6kj44ls2doRFKqHOpaY9Mk2QPTaVPrFkj33J
3xlH2BYdB3ALriS1jN6Qcq6xEwyaMdkj5MzVyitunaCLiAKKORwGf0chkqiRiA+k
zEET0uDBtO7beraiUJU9jeMPcVj3mYpiFR/CZBD/HWOVB/KwhGU=
=gMKg
-----END PGP SIGNATURE-----
Merge tag 'efi-2021-10-rc3' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2021-10-rc3
Documentation:
* Rename Freescale to NXP
* Document structures used for the UEFI TCG2 protocol
UEFI:
* Device paths must use EfiBootServicesData
fsl-qoriq: Fixes related to env, spi, usb, crypto, configs, distro-boot
for Layerscape Boards like lx2, sl28, ls2088ardb.
powerpc: Fixes for t208xrdb revd board and cortina related configs
update for T208xRDB, T4240RDB.
Add function to apply a bitmask to an i2c register, so
that specific bits can be cleared and/or set.
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Update boot-commands to load device-tree from
boot-device at 'fdt_addr_r' address in DDR
during distro-boot.
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
Use moveconfig.py script to convert below defines to Kconfig and move
these entries to defconfigs.
CONFIG_CORTINA_FW_ADDR
CONFIG_CORTINA_FW_LENGTH
Signed-off-by: Kuldeep Singh <kuldeep.singh@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
This symbol was largely migrated, except for one case. Update it.
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Use enum efi_memory_type and enum_allocate_type in the definitions of the
efi_allocate_pages(), efi_allocate_pool().
In the external UEFI API leave the type as int as the UEFI specification
explicitely requires that enums use a 32bit type.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This commit adds the comment of the TCG Specification
efi_tcg2.h file refers, and comment for the structure.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Define a UCLASS API for verifying ECDSA signatures. Unlike
UCLASS_MOD_EXP, which focuses strictly on modular exponentiation,
the ECDSA class focuses on verification. This is done so that it
better aligns with mach-specific implementations, such as stm32mp.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
TCG PC Client PFP spec requires to measure
"Exit Boot Services Invocation" if ExitBootServices() is invoked.
Depending upon the return code from the ExitBootServices() call,
"Exit Boot Services Returned with Success" or "Exit Boot Services
Returned with Failure" is also measured.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Swap two ifs in efi_exit_boot_services().
efi_tcg2_notify_exit_boot_services must have EFIAPI signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
TCG PC Client PFP spec requires to measure "Boot####"
and "BootOrder" variables, EV_SEPARATOR event prior
to the Ready to Boot invocation.
Since u-boot does not implement Ready to Boot event,
these measurements are performed when efi_start_image() is called.
TCG spec also requires to measure "Calling EFI Application from
Boot Option" for each boot attempt, and "Returning from EFI
Application from Boot Option" if a boot device returns control
back to the Boot Manager.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
TCG PC Client PFP spec requires to measure the secure
boot policy before validating the UEFI image.
This commit adds the secure boot variable measurement
of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr".
Note that this implementation assumes that secure boot
variables are pre-configured and not be set/updated in runtime.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
iPXE used Uri() device path nodes. So we should support them in the
device path to text protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Convert GoFlex Home Ethernet and SATA to Driver Model (Tony)
- mvebu: Automatically detect CONFIG_SYS_TCLK (Pavel)
- mvebu: sata_mv: Fix HDD identication during cold start (Tony)
- a37xx: pci: Fix handling PIO config error responses (Pavel)
- Other minor misc changes and board maintainer updates
- sei610 & meson64_android cleanups to prepare android 11 boot support
- use Android BCB mechanism for reboot reason instead of HW reboot flag
- Switch meson64_android boot flow to use abootimg for A/B, AVB and DTBO support
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPVPGJshWBf4d9CyLd9zb2sjISdEFAmESPjcACgkQd9zb2sjI
SdFabg/+K/5kH01N6etPpPgNH3DTns3Z7Uv16rawGaFJVj4V2O/Ak2vmhvjJA4df
KvLJL3AVolMOfD4xTABRDyLKt3maCgIYkamdBWBV/xKCTKL7fvvqj8V1U5iUsGKm
Wl2KbbDj+dGNF+IYO9V4T1D/JaRjAUk4YeztFEDaNdP3P1N+01v2FyfkadBL5un3
dqwHb3DMNS2SyjnE3glTAs3g/+3nmrHhAHiVVZQlJHsijuup6f93e8huKQ4v1oFX
xsNzeI9j6jGBvVI6hRsHNLOZzhj8/ZcSntdlL+b4FbY++KzrKidMgVECc486cc8t
IEq/iJHggYhwRtw3EAYblmMVFiQeo07hgSbbSP8mIJWARtqh439tLUyKxW3y/5UT
UlGLHcsSSwv/5NhY8ugGAYeaGGXNpMMc5ISbssnn5FB6VHSox4nRZai5U9jKoyc2
iBNNdyLiLi/Fz9YMWj8SAibajT8bchWu1qW2n85nFb3xWQpXcbjzlglnLY6bX3TQ
1d5ehInNK8deptHNh2eGBsPKOUJ/gDTvEey+6J517hbJ59My96v+dvmbtG7kH9Z8
157KQzjvHH4X9MDW8wYb381TV8kcNi3b16QPP2RKxuK1Zrve0RLPhOAz/YeSkTDN
mavHlaY7JvUXjAct0K5VXHvA9U6DBrvc3eb7KoXL4b4+SHr/4UQ=
=RZ8+
-----END PGP SIGNATURE-----
Merge tag 'u-boot-amlogic-20210810' of https://source.denx.de/u-boot/custodians/u-boot-amlogic
- odroid-n2: fix fdtfile suffix for n2-plus
- sei610 & meson64_android cleanups to prepare android 11 boot support
- use Android BCB mechanism for reboot reason instead of HW reboot flag
- Switch meson64_android boot flow to use abootimg for A/B, AVB and DTBO support
In order to update the DT for rk3188
sync the power domain dt-binding header.
This is the state as of v5.12 in Linux.
Signed-off-by: Johan Jonker <jbx6244@gmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
In order to update the DT for rk3066 and rk3188
sync the clock dt-binding header.
This is the state as of v5.12 in Linux.
Signed-off-by: Johan Jonker <jbx6244@gmail.com>
Reviewed-by: Heiko Stuebner <heiko@sntech.de>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Basically all, i.e. rk3036.dtsi, rk3128.dtsi, rk3xxx.dtsi, rk322x.dtsi,
rk3288.dtsi, rk3308-u-boot.dtsi, rk3328-u-boot.dtsi, rk3399-u-boot.dtsi
and px30-u-boot.dtsi Rockchip SoC devicetrees which have mmc indexes
are defining eMMC as mmc0 and sdmmc as mmc1.
This means that the rule to try to boot from the SD card first is ignored,
which as per comment is what we want and is important for distros, which
rely on that.
Fix this by setting the correct mmc index, i.e. first from mmc1 (SD card),
second from mmc0 (eMMC).
Signed-off-by: Alex Bee <knaerzche@gmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Enable support to the 2 NOR flashes on the QEMU RISC-V virt machine.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Those embers wrapped with CONFIG_SYS_FLASH_CFI in struct flash_info_t
are unconditionally used in the cfi_flash.c driver.
Drop the #ifdefs in the definition of flash_info_t.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Config option CONFIG_SYS_TCLK is set by kw88f6281.h and kw88f6192.h files
to correct SOC/platform value. So do not overwrite it in board config
include files.
Kirkwood 88F6180 and 88F6192 uses 166 MHz TCLK and Kirkwood 88F6281 uses
200 MHz TCLK.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This mvebu axp platform always uses fixed 250 MHz TCLK. So specify this
CONFIG_SYS_TCLK option in msys section of global file soc.h file instead of
manual configuration in every board file.
Now every #if-#else case of soc.h file defines CONFIG_SYS_TCLK, so remove
useless default CONFIG_SYS_TCLK value from the end of soc.h file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This mvebu msys platform always uses fixed 200 MHz TCLK. So specify this
CONFIG_SYS_TCLK option in msys section of global file soc.h file instead of
manual configuration in every board file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Bit 20 in SAR register specifies if TCLK is running at 200 MHz or 166 MHz.
Use this information instead of manual configuration in every board file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Bit 15 in SAR register specifies if TCLK is running at 200 MHz or 250 MHz.
Use this information instead of manual configuration in every board file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Activate the following Kconfig options:
* AVB for Android Verified Boot support
* ADTIMG for merging DTBOs
* ABOOTIMG for extracting Android boot image
Also rework the partitioning tables:
- add a misc partition to handle BCB messages
- add a dtbo partition to store various DTBOs
- add a vbmeta partition for AVB hashes
- Merge vendor and system into the "super" partition
Note: avb support is disables by default. To activate it:
=> setenv force_avb 1;
=> saveenv;
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
doc/README.gpt states:
> The fields 'uuid' and 'uuid_disk' are optional if CONFIG_RANDOM_UUID is
> enabled. A random uuid will be used if omitted or they point to an empty/
> non-existent environment variable. The environment variable will be
> set to the generated UUID. The 'gpt guid' command reads the current
> value of the uuid_disk from the GPT.
Since we have CONFIG_RANDOM_UUID=y, remove the hard-coded uuids
and use meaningful variable names instead.
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
