Andrew Davis [Fri, 15 Jul 2022 16:34:35 +0000 (11:34 -0500)]
arm: mach-k3: security: Remove certificate if detected on GP device
If the device is a GP and we detect a signing certificate then remove it.
It would fail to authenticate otherwise as the device is GP and has no
secure authentication services in SYSFW.
This shouldn't happen often as trying to boot signed images on GP devices
doesn't make much sense, but if we run into a signed image we should at
least try to ignore the certificate and boot the image anyway. This could
help with users of GP devices who only have HS images available.
If this does happen, print a nice big warning.
Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
Andrew Davis [Fri, 15 Jul 2022 16:34:34 +0000 (11:34 -0500)]
arm: mach-k3: security: Bypass image signing at runtime for GP devices
We can skip the image authentication check at runtime if the device is GP.
This reduces the delta between GP and HS U-Boot builds. End goal is
to re-unify the two build types into one build that can run on all
device types.
Andrew Davis [Fri, 15 Jul 2022 16:34:33 +0000 (11:34 -0500)]
arm: mach-k3: security: Allow signing bypass if type is HS-FS
On HS-FS devices signing boot images is optional. To ease use
we check if we are HS-FS and if no certificate is attached
to the image we skip the authentication step with a warning
that this will fail when the device is set to security enforcing.
Andrew Davis [Fri, 15 Jul 2022 16:34:32 +0000 (11:34 -0500)]
arm: mach-k3: Add support for device type detection
K3 SoCs are available in a number of device types such as
GP, HS-FS, EMU, etc. Like OMAP SoCs we can detect this at runtime
and should print this out as part of the SoC information line.
We add this as part of the common.c file as it will be used
to also modify our security state early in the device boot.
Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
vpl: fix reference in comment to non-existing SPL_SERIAL_SUPPORT
Since commit 2a7360666871 ("serial: Rename SERIAL_SUPPORT to SERIAL")
SPL_SERIAL_SUPPORT is named SPL_SERIAL. So let's update the comment to
point to the correct Kconfig option in the comment of VPL_SERIAL.
Fixes: 747093dd408 ("vpl: Add Kconfig options for VPL") Cc: Quentin Schulz <foss+uboot@0leil.net> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
SPL_GPIO_SUPPORT is named SPL_GPIO since commit 83061dbd1c89 ("Rename
GPIO_SUPPORT to GPIO"), SPL_MMC_SUPPORT is named SPL_MMC since commit 103c5f180694 ("mmc: Rename MMC_SUPPORT to MMC"), SPL_SERIAL_SUPPORT is
named SPL_SERIAL since commit 2a7360666871 ("serial: Rename
SERIAL_SUPPORT to SERIAL") so let's select the correct Kconfig options.
Fixes: 8b71576f3842 ("mx7ulp_com: add support for SPL") Cc: Quentin Schulz <foss+uboot@0leil.net> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Since commit 83061dbd1c89 ("Rename GPIO_SUPPORT to GPIO"),
SPL_GPIO_SUPPORT has been renamed to SPL_GPIO, meaning that SPL_GPIO_HOG
can never be enabled.
Let's fix this by using the proper name for the Kconfig option.
Fixes: 1d99e673c752 ("gpio: Enable hogging support in SPL") Cc: Quentin Schulz <foss+uboot@0leil.net> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> Reviewed-by: Simon Glass <sjg@chromium.org>
cmd: undefined return value of do_extension_apply()
If 'extension apply all' is executed and no extension is found, the return
value of do_extension_apply() is undefined. Return CMD_RET_FAILURE in this
case.
Fixes: 2f84e9cf06d3 ("cmd: add support for a new "extension" command") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Kory Maincent <kory.maincent@bootlin.com>
Harald Seiler [Mon, 11 Jul 2022 12:35:32 +0000 (14:35 +0200)]
spl: mmc: Use correct MMC device when loading image
When attempting to load images from multiple MMC devices in sequence,
spl_mmc_load() chooses the wrong device from the second attempt onwards.
The reason is that MMC initialization is only done on its first call and
spl_mmc_load() will then continue using this same device for all future
calls.
Fix this by checking the devnum of the "cached" device struct against
the one which is requested. If they match, use the cached one but if
they do not match, initialize the new device.
This fixes specifying multiple MMC devices in the SPL's boot order to
fall back when U-Boot Proper is corrupted or missing on the first
attempted MMC device.
Fixes: e1eb6ada4e38 ("spl: Make image loader infrastructure more universal") Signed-off-by: Harald Seiler <hws@denx.de>
drivers: xen: events: fix build issues with disabled Xen HVC
Some setups do not use Xen hypervisor console for logging, e.g. they
use emulated PL011 hardware or shared peripherals (real UART). In such
cases Xen HVC will be disabled on a build time and will cause issues in
current driver implementation.
This commit fixes build issues in Xen event channel driver, caused
by absense of console event channel, that is not available when console
config is disabled. Now console related code will be removed when
Xen HVC is turned off.
Marek Behún [Mon, 25 Jul 2022 15:06:15 +0000 (17:06 +0200)]
MAINTAINERS: Change POWERPC MPC85XX maintainer to Marek Behún
After a discussion with Tom Rini, we've agreed that I am going to take
over custodianship of the MPC85XX platform, since it seems other people
do not have necessary interest or time and getting things done over
there takes too long.
Since I am only working on one MPC85XX board, Turris 1.x, and do not
have time to do thorough reviews of patches for this entire platform
(other than those concerning Turris 1.x board), for other boards I will
only run patches through CI and checkpatch, and then send them via PR
upwards to Tom.
Signed-off-by: Marek Behún <kabel@kernel.org> Acked-by: Tom Rini <trini@konsulko.com>
Tom Rini [Fri, 29 Jul 2022 16:07:38 +0000 (12:07 -0400)]
doc: develop: Describe system configuration
Start by describing in general the best practices for how to implement
configuration of some aspect of U-Boot. This generally means finding
the right choices for when something should be static or dynamically
configured and enabled. Then further document when to use CONFIG or CFG
namespaces for static configuration.
Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tom Rini [Mon, 11 Jul 2022 18:32:13 +0000 (14:32 -0400)]
doc: environment: Further expand on Image locations and provide example
Start by elaborating on what some of our constraints tend to be with
image location values, and document where these external constraints
can come from. Provide a new subsection, an example based on the TI
ARMv7 OMAP2PLUS families of chips, that gives sample values and explains
why we use these particular values. This is based on what is in
include/configs/ti_armv7_common.h as of fb3ad9bd923d ("TI: Add, use a
DEFAULT_LINUX_BOOT_ENV environment string") as this contains just the
values referenced in this document now and not some of the further
additions that are less generic.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Marek Behún [Wed, 27 Jul 2022 13:00:27 +0000 (15:00 +0200)]
arm: mvebu: turris_omnia: Fix mpp26 pin name and comment
There is a bug in Turris Omnia's schematics, whereupon the MPP[26] pin,
which is routed to CN11 pin header, is documented as SPI CS1, but
MPP[26] pin does not support this function. Instead it controls chip
select 2 if in "spi0" mode.
Fix the name of the pin node in pinctrl node and fix the comment in SPI
node.
arm: mvebu: Fix compatible string for nand controller
Linux kernel uses compatible string "marvell,armada370-nand-controller" for
nand controllers on Armada 370/XP/38x. U-Boot currently uses mix of
"marvell,armada370-nand" and "marvell,mvebu-pxa3xx-nand".
So unify it and use just Linux kernel compatible string.
Signed-off-by: Pali Rohár <pali@kernel.org> Acked-by: Michael Trimarchi <michael@amarulasolutions.com> Reviewed-by: Stefan Roese <sr@denx.de>
Now when CONFIG_SYS_TEXT_BASE has sane value, use it for calculation of
other SPL offset values: CONFIG_SPL_MAX_SIZE, CONFIG_SYS_MMC_U_BOOT_* and
CONFIG_SYS_SPI_FLASH_U_BOOT_* macros.
No functional change.
Signed-off-by: Pali Rohár <pali@kernel.org> Signed-off-by: Peng Fan <peng.fan@nxp.com>
board: freescale: p1_p2_rdb_pc: Remove I-flag from second L2 SRAM mapping
U-Boot for initial L2 SRAM uses L2 memory-mapping mode and not L2 with
locked lines. P2020 reference manual about L2 memory-mapping mode says:
Accesses to memory-mapped SRAM are cacheable only in the corresponding
e500 L1 caches.
So there is no need to set Caching-Inhibit I-bit for second part of initial
L2 SRAM mapping in TLB entry. Remove it. First part of initial L2 SRAM
mapping already does not have I-bit set.
For more details see also:
https://lore.kernel.org/u-boot/20220508150844.qqxg452rs4wtf5bs@pali/
Pali Rohár [Wed, 11 May 2022 18:57:31 +0000 (20:57 +0200)]
powerpc: mpc85xx: Add support for generating QorIQ pre-PBL eSDHC boot sector
QorIQ U-Boot binary for SD card booting compiled during build process
(either u-boot.bin or u-boot-with-spl.bin) cannot be directly loaded by
QorIQ pre-PBL BootROM. Compiled U-Boot binary first needs to be processed
by Freescale boot_format tool as described in doc/README.mpc85xx-sd-spi-boot
BootROM requires that image on SD card must contain special boot sector.
Implement support for generating this special boot sector directly in
U-Boot start code. Boot sector needs to be at the beginning of the image,
so when compiling only proper U-Boot without SPL then it needs to be in
proper U-Boot. When compiling SPL with proper U-Boot then it needs to be
only in SPL.
Support can be enabled by a new config option FSL_PREPBL_ESDHC_BOOT_SECTOR.
Via other two additional options FSL_PREPBL_ESDHC_BOOT_SECTOR_START and
FSL_PREPBL_ESDHC_BOOT_SECTOR_DATA it is possible to tune how final U-Boot
image could be stored on the SD card.
cmd: mvebu/bubt: Add support for sha512 checksum validation for Armada 3700
Armada 3700 BootROM supports also images with sha512 checksums and
mox-imager tool [1] generates such bootable images. Without sha512 support
U-Boot bubt command just prints error message:
cmd: mvebu/bubt: Correctly propagate failure during tftp transport
net_loop() returns signed int type and negative value represents error.
tftp_read_file() returns unsigned size_t type and zero value represents
error. Casting signed negative value to unsigned size_t type cause losing
information about error and bubt thinks that no error happened, and
continue erasing SPI-NOR which cause malfunction device.
Fix this issue by correctly propagating failure during tftp transport.
With this change when there is no eth link, bubt does not erase SPI-NOR
anymore.
=> bubt
Burning U-Boot image "flash-image.bin" from "tftp" to "spi"
ethernet@30000 Waiting for PHY auto negotiation to complete......... TIMEOUT !
ethernet@30000: No link.
Error: Failed to read file flash-image.bin from tftp
Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Stefan Roese <sr@denx.de>
cmd: mvebu/bubt: Verify image type for all 32-bit Aramda SoCs and Armada 3700
Current image type verification code is specific to 32-bit Armada SoCs but
used only for Armada 38x. Implement image type verification for Armada 3700
and enable Armada 38x image verification for all 32-bit Armada SoCs.
Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Stefan Roese <sr@denx.de>
Current pin control driver applies SDHCI PHY MUX selection
when board DT calls for eMMC function on MPP wires.
However, for CP side eMMC, only the "armada-8k-cpm-pinctrl"
compatibility string is taken into account, which causes
CP-SDHCI on Armada-7K boards to fail.
This patch adds "armada-7k-pinctrl" compatibility string
handling for the CP-SDHCI PHY configuration case.
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com> Reviewed-by: Igal Liberman <igall@marvell.com> Reviewed-by: Stefan Roese <sr@denx.de>
arm64: a37xx: pinctrl: Implement gpio_request_enable for gpio functionality
To automatically enable GPIO functionality of some MPP pin, it is required
to implement .gpio_request_enable and .gpio_disable_free callbacks in
pinctrl driver and set .request and .rfree callbacks in GPIO driver to
pinctrl_gpio_request / pinctrl_gpio_free functions.
Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Stefan Roese <sr@denx.de>
This new Armada 38x driver is based on Linux kernel driver. It can set any
pin to any valid function specified in DT like Linux kernel, it provides
support for 'pinmux status -a' command and also for pinctrl_gpio_request().
Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Stefan Roese <sr@denx.de>
pinctrl: Add new function pinctrl_generic_set_state_prefix()
This new function pinctrl_generic_set_state_prefix() behaves like
pinctrl_generic_set_state() but it takes third string argument which is
used as the prefix for each device tree string property.
This is needed for Marvell pinctrl drivers, becase Linux device tree files
have pinmux properties prefixed by "marvell," string.
This change allows to use generic U-Boot pinctrl functions for Armada 38x
pinctrl driver without need to copy+paste of the majority U-Boot pinctrl
code.
Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Stefan Roese <sr@denx.de>
mmc: fsl_esdhc: Fix 'Internal clock never stabilised.' error
Only newer eSDHC controllers set PRSSTAT_SDSTB flag. So do not wait until
flag PRSSTAT_SDSTB is set on old pre-2.2 controllers. Instead sleep for
fixed amount of time like it was before commit 6f883e501b65 ("mmc:
fsl_esdhc: Add emmc hs200 support").
This change fixes error 'Internal clock never stabilised.' which is printed
on P2020 board at every access to SD card.
Heiko Thiery [Mon, 20 Jun 2022 03:49:49 +0000 (05:49 +0200)]
pmic: pca9450: permit config on all bucks and LDOs
In order to have the possibility to configure the regulators at system
startup through DM support, all LDOs and bucks must be able to be
changeable. Currently there is a limitation to change the values when
the output is enabled. Since the driver is based on the ROHM BD71837 and a
comment that describes a limitation about switching while the output is
enabled can also be found there, the limitation probably comes from this type.
Andre Przywara [Tue, 12 Jul 2022 11:00:23 +0000 (12:00 +0100)]
ARM: relocate: Fix Thumb code by using proper label type
The generic ARM relocate_code function was using its own function entry
point as a relocation base, and it was obtaining that address by using
the "adr" instruction on that entry point label.
However that label is not just an ordinary label, instead we explicitly
mark it as a function start address. Normally that doesn't change much
(other than for debugging), but when assembled in Thumb mode, newer
versions of the GNU assembler prepare everything for this address being
used as the argument to a "bx" call, so make sure bit 0 is set in there
to mark this function as Thumb code. Of course this doesn't end up very
well when we use this address for the ensuing memcpy operation.
To avoid this problem, and to solve it in a robust way, add an extra
label, which is not marked as a function entry, and use that for the adr
instruction. This lets all assemblers generate the right immediate offset
in the "adr" instruction.
This fixes in particular ARMv7-M ports when using GNU binutils v2.37 or
newer (commit d3e52e120b68 seems to trigger the change in behaviour).
Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reported-by: Jesse Taube <mr.bossman075@gmail.com>
Tom Rini [Tue, 26 Jul 2022 12:32:37 +0000 (08:32 -0400)]
Merge tag 'xilinx-for-v2022.10-rc2' of https://source.denx.de/u-boot/custodians/u-boot-microblaze
Xilinx changes for v2022.10-rc2
fpga:
- Convert SYS_FPGA_CHECK_CTRLC and SYS_FPGA_PROG_FEEDBACK to Kconfig
- Add support for secure bitstream loading
spi:
- xilinx_spi: Add support for memopers and supports_op
- zynq_qspi: Add support for supports_op/child_pre_probe
- zynq_qspi: Fix dummy cycle and qspi speed calculations
xilinx:
- Get rid of #stream-id-cells
- Use fixed partitions for SOM
- Add support for UUID reading from FRU
- Use strlcpy instead of strncpy
- Add reset driver support for ZynqMP and Versal
- Enable power domain driver in ZynqMP and Versal
zynqmp:
- Do no place BSS at 0 which have issue with NULL pointer
- Enable SLG gpio driver
- Disable LMB for mini configurations
- Remove duplicate PMIO_NODE_ID_BASE macro
versal:
- Add xlnx-versal-resets.h header
mmc:
- zynq_sdhci: Fix macro for MMC HS
relocate-rela:
- Fix support for BE hosts
- Define all macros for e_machine and reloc types
misc:
- Get rid of guard macros from ARM and RISC-V
lmb:
- Add support for disabling LMB
serial:
- zynq: Fix baudrate calculation
tests:
- Mark bind tests to run only on sandbox
- List also dm uclass and devres
Peng Fan [Tue, 26 Jul 2022 08:41:22 +0000 (16:41 +0800)]
arm: dts: imx8m: shrink ddr firmware size to actual file size
After we switch to use BINMAN_SYMBOLS, there is no need to pad
the file size to 0x8000 and 0x4000. After we use BINMAN_SYMBOLS,
the u-boot-spl-ddr.bin shrink about 36KB with i.MX8MP-EVK.
Tested-by: Tim Harvey <tharvey@gateworks.com> #imx8m[m,n,p]-venice Signed-off-by: Peng Fan <peng.fan@nxp.com> Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Ye Li [Tue, 26 Jul 2022 08:41:16 +0000 (16:41 +0800)]
net: eqos: add function to get phy node and address
Since new atheros PHY driver needs to access its PHY node through
phy device, we have to assign the phy node in ethernet controller
driver. Otherwise the PHY driver will fail to get some nodes
and properties.
Signed-off-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
Peng Fan [Tue, 26 Jul 2022 08:41:14 +0000 (16:41 +0800)]
net: dwc_eth_qos: public some functions
Move macros and structures to header file and make some functions
public, so that could used by other files, this is to
prepare split platform specific config to one file.
Ye Li [Tue, 26 Jul 2022 08:41:07 +0000 (16:41 +0800)]
ddr: imx: Add i.MX9 DDR controller driver
Since i.MX9 uses same DDR PHY with i.MX8M, split the DDRPHY to a common
directory under imx, then use dedicated ddr controller driver for each
iMX9 and iMX8M.
The DDRPHY registers are space compressed, so it needs conversion to
access the DDRPHY address. Introduce a common PHY address remap function
for both iMX8M and iMX9 for all PHY registers accessing.
Signed-off-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
Peng Fan [Tue, 26 Jul 2022 08:41:03 +0000 (16:41 +0800)]
imx: imx9: Add M33 release prepare function
To support on-demand booting M33 image from A core. SPL needs
to follow M33 kick up sequence to release M33 firstly,
then set M33 CPUWAIT signal. ATF will clear CPUWAIT to kick
M33 to run.
The prepare function also works around the M33 TCM ECC issue by
clean the TCM. Also enable sentinel handshake and WDOG1 clock
for M33 stop and reset.
Signed-off-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
Alice Guo [Tue, 26 Jul 2022 08:40:59 +0000 (16:40 +0800)]
misc: fuse: support to access fuse on i.MX93
i.MX93 fuse can be accessed through FSB and s400-api. Add mapping tables
for i.MX93. The offset address of FSB accessing OTP shadow registers is
different between i.MX8ULP and i.MX93, so use macro to define the offset
address instead of hardcode.
Signed-off-by: Alice Guo <alice.guo@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
Alice Guo [Tue, 26 Jul 2022 08:40:58 +0000 (16:40 +0800)]
misc: imx8ulp: move fuse.c from imx8ulp to sentinel
The i.MX93 platform wants to reuse drivers/misc/imx8ulp/fuse.c. Moving
fuse.c from the folder imx8ulp to sentinel makes it can be used by other
platforms.
Signed-off-by: Alice Guo <alice.guo@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
Ye Li [Tue, 26 Jul 2022 08:40:54 +0000 (16:40 +0800)]
imx: imx9: Add TRDC driver for TRDC init
Add TRDC driver to iMX9. The TRDC init splits to two phases:
1. Early init phase will release TRDC from Sentinel and open write
permission to the memory where SPL image runs. Sentinel will set
the memory to RX only after ROM authentication for the OEM
closed part.
2. Init phase will configure TRDC to allow non-secure master to
access DDR. So the peripherals can work in u-boot.
Signed-off-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>