Add HABv4 documentation extension for SPL targets covering the
following topics:
- How to sign an securely boot an flash.bin container image.
- How to extend the root of trust for additional boot images.
- Add SPL and fitImage CSF examples.
- Add signature generation script example.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Breno Lima <breno.lima@nxp.com>
Cc: Fabio Estevam <festevam@denx.de>
Cc: Heiko Schocher <hs@denx.de>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Cc: Ye Li <ye.li@nxp.com>
Documentation:
* man-page for tftpput
UEFI:
* fix driver binding protocol for block IO devices
* don't delete invalid handles
* add a unit test for the EFI Conformance Profile Table
Other:
* correct short text for tftpboot
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmMbeUEACgkQxIHbvCwF
GsSGsw//WJAuuzP5ufWGxJk2pR9v9LatIsV+w2W1fBTsTb/dbMZ4Sika2Z1izeer
vmakldnOTLoTXZxng/Ke9J7PEefS8NSUgHbXYLq6a5ckrsji58kGHhDvUjrU2eOf
D4SBh8eGW/wgmnzHgmsVU0vcXbtWUomWlV4v8SGjYWq5KOTOdFGYmMddqv8cnUVa
wXHktLaDi9TzzFdfeYPbAlKboQTdRkw0CbzY8z6jlxm2Yd/i7Iw9v7MWwFN5rv1N
Zlx9Kl0SV1Jz//yzUajyiXXVYK+kVcpjDcvOPhx4GL96mcvW4yyGlOKjpUkTR3H3
l7112u4lwNSUIJIeDMCazqKgdGMsl+RLuJymAIRCdaBs3c0FsuX4WHNAr0H1KT9X
oVnzeBKZKjFTT76Q39F80O0JrdDMxqMm1fGiy1ySlRCJNd+dlYZKoopt8PpWkk1E
IBHsE1m1OXe+n2PNrh6YR9egv9RmfdwBEl0wBftNb9DQ+gNAvR7wVRpmDRCqYuBR
l/k6GsznHK4hh1Wh+BhrrUeQ3YbboK3RvGA9toYp6BEk/5F2dDuy5pVM7OETjGEY
DaKjqPjMv41SCIzpcEkzPJEvQ0tEFuk+GEC168IXQmcV/gttvuLNLFfnlLE1amQr
g09ePeaXKzjiWYSi5wEz1GQs7W9WBnJ5+2zOL41ih125xra6/NE=
=1zZW
-----END PGP SIGNATURE-----
Merge tag 'efi-2022-10-rc5' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-10-rc5
Documentation:
* man-page for tftpput
UEFI:
* fix driver binding protocol for block IO devices
* don't delete invalid handles
* add a unit test for the EFI Conformance Profile Table
Other:
* correct short text for tftpboot
Provide a man-page for the tftpput command.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add bindings needed for accessing the FWU metadata regions.
These include the compatible string which point to the access
method, the actual device which stores the FWU metadata and
the offsets for both metadata regions.
The current patch adds basic bindings needed for accessing the
metadata structure on non-GPT mtd regions.
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
- Use gender-neutral language to refer to the user, consistently.
- Reference the checkpatch document.
- Move the section on commit message tags to the process document and
reference this in sending_patches.rst.
- Reword the custodian workflow process section to refer to this new
section, integrate some of the wording from there in this new section.
- Update the comment about GPLv2 applying to August 2022, to be clear
this still is correct.
- Reword the section about MAKEALL to talk about local build testing and
link to the CI document.
- Reference the system_configuration document for the note about
modifying existing code.
- Reword the patchwork flow section.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Import as-is much of the old "Patches" wiki page to the current
sending_patches.rst file. This means we need to move patman to being
included in the higher level ToC and add a reference for "Custodians" in
the process document. A very minimal amount of content changing and
rewording is done here as part of the import, in order to make the
conversion easier.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add gpio status output fields description and one output example.
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tweak the formatting.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
With the addition of the revision stats this now takes over a minute. Use
a parallel build to reduce it a bit (24 seconds for me).
Series-changes; 2
- Use '-j auto' instead
Signed-off-by: Simon Glass <sjg@chromium.org>
These boards have been orphaned for some time and are behind on various
DM migrations. Remove them.
Cc: Priyanka Jain <priyanka.jain@nxp.com>
Cc: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Explain when devices should get activated.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The ELF U-Boot image produced by qemu-riscv64_smode_defconfig can be
used to boot with QEMU and KVM.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This is an attempt to answer the comments provided by Xavier [1].
[1] https://lore.kernel.org/all/Yulcol7HpTHtjXTX@begut/
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Link to patman's documentation from the doc/ directory so that it appears
in the 'make htmldocs' output.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This was widely used by U-Boot for a long time, but is not used anymore,
with Gitlab and Azure taking over.
Drop the text.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We talk about importing code from other projects in two places. The
first place is in the coding style section, where we explain when to or
not to deviate in terms of white space, etc. In the process
documentation we now add a note about saying where the code was imported
from and to ensure that you do not copy Signed-off-by or other tags.
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Sudeep Holla <sudeep.holla@arm.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
* describe crashs in UEFI binaries
* provide architechture specific information for the sandbox and RISC-V
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
These typos were found while reading the docs.
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Remove alias 'efi' with invalid data.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add some documentation and a new flag so that we can safely enabled using
the ofnode interface to write to the device tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present ofnode only works with a single device tree, for the most part.
This is the control FDT used by U-Boot.
When booting an OS we may obtain a different device tree and want to
modify it. Add some initial support for this into the ofnode API.
Note that we don't permit aliases in this other device tree, since the
of_access implementation maintains a list of aliases collected at
start-up. Also, we don't need aliases to do fixups in the other FDT. So
make sure that flat tree and live tree processing are consistent in this
area.
Signed-off-by: Simon Glass <sjg@chromium.org>
The unflattening algorithm results in a single block of memory being
allocated for the whole tree. When writing new properties, these are
allocated new memory outside that block. When the block is freed, the
allocated properties remain.
Document how this works and the potential memory leak, as well as
mentioning that updating the livetree is actually supported now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a few links to documents about Verified Boot for Embedded (VBE).
These will be expanded as development proceeds.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not needed now that CONFIG_SYS_TARGET_NAME is correctly determined
when scanning Kconfig.
This reverts commit 25b8acee2e.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
There are a large number of options under CONFIG_SYS (but some of these
are elsewhere, spotted while cleaning CONFIG_SYS) that are never
referenced, or only used slightly later in the config file. Remove or
restructure these.
Signed-off-by: Tom Rini <trini@konsulko.com>
Start by describing in general the best practices for how to implement
configuration of some aspect of U-Boot. This generally means finding
the right choices for when something should be static or dynamically
configured and enabled. Then further document when to use CONFIG or CFG
namespaces for static configuration.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Describe exactly which bytes are hashed and in what order
when signing a configuration.
Signed-off-by: Martin Bonner <martingreybeard@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Start by elaborating on what some of our constraints tend to be with
image location values, and document where these external constraints
can come from. Provide a new subsection, an example based on the TI
ARMv7 OMAP2PLUS families of chips, that gives sample values and explains
why we use these particular values. This is based on what is in
include/configs/ti_armv7_common.h as of fb3ad9bd92 ("TI: Add, use a
DEFAULT_LINUX_BOOT_ENV environment string") as this contains just the
values referenced in this document now and not some of the further
additions that are less generic.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
start of test for fdt command
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmLgRtERHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYXFwgAlALOMj3bwwsIAXNa5j/hPb3j/ecIqXgn
ocyxN+U5eSb2Ju5Jc9QmSeUMnGrii9+PW9j0JApdHrbUgBI2Sx+zwqMTIfA+BS05
4xXZgk5jOT+we2489FjgFcplv+dIuVlsB/Zo6zTbZyjkobfilYsZEGYHJ/CYNaIH
n7EmZeby1cXL7DMCxT39d3hD43XSX8cqQ1IIiF9DgtHQYs2Ff8dFcbWArSdgLX3o
Eob2Qj/GjScg87zjZcsgZajWJMHUfMeD5ZiKN2fR0T/wOdO1WtzFoF2Mt8KZcW1j
BD1shgBCMSSl5EgRG1BQZw4Sa92W2IBlbJ9tfIh8qnWOzEBzOs/M6w==
=lsO4
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-26jul22' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm.git
minor dm- and fdt-related fixes
start of test for fdt command
When CONFIG_LOG is activated, if LOG_DEBUG is defined in a file and
DEBUG is not defined the trace with debug() macro are not displayed,
because the parameter cond : _DEBUG = 0 is checked in debug_cond().
With this patch the define DEBUG, used to force the trace generated by
debug() macro, is linked with the define LOG_DEBUG, used to force the
trace generated by other macros (log_debug, dev_dbg, pr_debug).
We only need to define LOG_DEBUG in a file to activate all the
traces generated by any U-Boot debug macro, as it is described in
/doc/develop/logging.rst
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Add supporting new compatible string "u-boot,zynqmp-fpga-enc" to
handle loading encrypted bitfiles.
This feature requires encrypted FSBL, as according to UG1085:
"The CSU automatically locks out the AES key, stored in either BBRAM
or eFUSEs, as a key source to the AES engine if the FSBL is not
encrypted. This prevents using the BBRAM or eFUSE as the key source
to the AES engine during run-time applications."
Signed-off-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Link: https://lore.kernel.org/r/20220722141614.297383-14-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
Add support for Qualcomm QCS404 SoC based evaluation board.
Features:
- Qualcomm Snapdragon QCS404 SoC
- 1GiB RAM
- 8GiB eMMC, uSD slot
U-boot is chain loaded by ABL in 64-bit mode as part of boot.img.
For detailed build and boot instructions, refer to
doc/board/qualcomm/qcs404.rst.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Add support for 96Boards Dragonboard 845C aka Robotics RB3 development
platform. This board complies with 96Boards Open Platform Specifications.
Features:
- Qualcomm Snapdragon SDA845 SoC
- 4GiB RAM
- 64GiB UFS drive
U-boot is chain loaded by ABL in 64-bit mode as part of boot.img.
For detailed build and boot instructions, refer to
doc/board/qualcomm/sdm845.rst, board: dragonboard845c.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Add instructions to build and boot from QSPI Flash
Signed-off-by: Mamta Shukla <mamta.shukla@leica-geosystems.com>
Signed-off-by: Thomas Haemmerle <thomas.haemmerle@leica-geosystems.com>
Tested-by: Adam Ford <aford173@gmail.com>
Reviewed-by: Fabio Estevam <festevam@denx.de>