Simon Glass [Tue, 16 Feb 2021 00:08:09 +0000 (17:08 -0700)]
image: Adjust the workings of fit_check_format()
At present this function does not accept a size for the FIT. This means
that it must be read from the FIT itself, introducing potential security
risk. Update the function to include a size parameter, which can be
invalid, in which case fit_check_format() calculates it.
For now no callers pass the size, but this can be updated later.
Also adjust the return value to an error code so that all the different
types of problems can be distinguished by the user.
Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Simon Glass [Tue, 16 Feb 2021 00:08:06 +0000 (17:08 -0700)]
fit: Don't allow verification of images with @ nodes
When searching for a node called 'fred', any unit address appended to the
name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This
means that we cannot be sure that the node originally intended is the one
that is used.
Disallow use of nodes with unit addresses.
Update the forge test also, since it uses @ addresses.
CVE-2021-27138
Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Simon Glass [Tue, 16 Feb 2021 00:08:05 +0000 (17:08 -0700)]
fdt_region: Check for a single root node of the correct name
At present fdt_find_regions() assumes that the FIT is a valid devicetree.
If the FIT has two root nodes this is currently not detected in this
function, nor does libfdt's fdt_check_full() notice. Also it is possible
for the root node to have a name even though it should not.
Add checks for these and return -FDT_ERR_BADSTRUCTURE if a problem is
detected.
CVE-2021-27097
Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Tom Rini [Wed, 10 Feb 2021 02:42:54 +0000 (21:42 -0500)]
ppc: Remove MPC8641HPCN board
This board relies on using CONFIG_LIBATA but does not enable CONFIG_AHCI. The
deadline for this conversion was the v2019.07 release. The use of CONFIG_AHCI
requires CONFIG_DM. The deadline for this conversion was v2020.01. Remove
this board.
Tom Rini [Wed, 10 Feb 2021 02:42:53 +0000 (21:42 -0500)]
ppc: Remove MPC8610HPCD board
This board relies on using CONFIG_LIBATA but does not enable CONFIG_AHCI. The
deadline for this conversion was the v2019.07 release. The use of CONFIG_AHCI
requires CONFIG_DM. The deadline for this conversion was v2020.01. Remove
this board.
Tom Rini [Wed, 10 Feb 2021 02:42:52 +0000 (21:42 -0500)]
ppc: Remove MPC8572DS board
This board relies on using CONFIG_LIBATA but does not enable CONFIG_AHCI. The
deadline for this conversion was the v2019.07 release. The use of CONFIG_AHCI
requires CONFIG_DM. The deadline for this conversion was v2020.01. Remove
this board.
Tom Rini [Wed, 10 Feb 2021 02:42:51 +0000 (21:42 -0500)]
ppc: Remove MPC8544DS board
This board relies on using CONFIG_LIBATA but does not enable CONFIG_AHCI. The
deadline for this conversion was the v2019.07 release. The use of CONFIG_AHCI
requires CONFIG_DM. The deadline for this conversion was v2020.01. Remove
this board.
This board has not been converted to CONFIG_DM_MMC by the deadline of
v2019.04, which is almost two years ago. In addition there are other DM
migrations it is also missing. Remove it.
Cc: Chris Packham <judge.packham@gmail.com> Signed-off-by: Tom Rini <trini@konsulko.com> Acked-by: Chris Packham <judge.packham@gmail.com>
Tom Rini [Tue, 9 Feb 2021 13:03:10 +0000 (08:03 -0500)]
arm: Remove ls2080a_simu board
This board has not been converted to CONFIG_DM_MMC by the deadline of
v2019.04, which is almost two years ago. In addition there are other DM
migrations it is also missing. Remove it.
Tom Rini [Tue, 9 Feb 2021 13:03:02 +0000 (08:03 -0500)]
arm: Remove mx35pdk board
This board has not been converted to CONFIG_DM_MMC by the deadline of
v2019.04, which is almost two years ago. In addition there are other DM
migrations it is also missing. Remove it.
Tom Rini [Tue, 9 Feb 2021 13:02:59 +0000 (08:02 -0500)]
arm: Remove apx4devkit board
This board has not been converted to CONFIG_DM_MMC by the deadline of
v2019.04, which is almost two years ago. In addition there are other DM
migrations it is also missing. Remove it.
Cc: Lauri Hintsala <lauri.hintsala@bluegiga.com> Signed-off-by: Tom Rini <trini@konsulko.com> Acked-by: Lauri Hintsala <lauri.hintsala@silabs.com<mailto:lauri.hintsala@silabs.com>> Signed-off-by: Tom Rini <trini@konsulko.com<mailto:trini@konsulko.com>>
Tom Rini [Sun, 14 Feb 2021 14:27:46 +0000 (09:27 -0500)]
Merge tag 'efi-2021-04-rc2-2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2021-04-rc2-2
Bug fixes:
* fix stack smashing in UEFI capsule updates
* correct loading of UEFI binaries where Virtual size is not a
multiple of FileAlignment
* simplify detection of capsule files.
* buildman: use threading.is_alive() instead of removed method IsAlive()
fix get_last_capsule() leads to writes beyond the stack allocated buffer.
This was indicated when enabling the stack protector.
utf16_utf8_strcpy() only stops copying when reaching '\0'. The current
invocation always writes beyond the end of value[].
The output length of utf16_utf8_strcpy() may be longer than the number of
UTF-16 tokens. E.g has "CapsuleКиев" has 11 UTF-16 tokens but 15 UTF-8
tokens. Hence, using utf16_utf8_strcpy() without checking the input may
lead to further writes beyond value[].
The current invocation of strict_strtoul() reads beyond the end of value[].
A non-hexadecimal value after "Capsule" (e.g. "CapsuleZZZZ") must result in
an error. We cat catch this by checking the return value of strict_strtoul().
A value that is too short after "Capsule" (e.g. "Capsule0") must result in
an error. We must check the string length of value[].
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
'.' and '..' are directories. So when looking for capsule files it is
sufficient to check that the attribute EFI_FILE_DIRECTORY is not set. We
don't have to check for these special names.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Asherah Connor [Tue, 9 Feb 2021 06:19:48 +0000 (06:19 +0000)]
efi_loader: don't load beyond VirtualSize
PE section table entries' SizeOfRawData must be a multiple of
FileAlignment, and thus may be rounded up and larger than their
VirtualSize.
We should not load beyond the VirtualSize, which is "the total size of
the section when loaded into memory" -- we may clobber real data at the
target in some other section, since we load sections in reverse order
and sections are usually laid out sequentially.
Signed-off-by: Asherah Connor <ashe@kivikakk.ee> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tom Rini [Fri, 12 Feb 2021 14:09:10 +0000 (09:09 -0500)]
Merge tag 'u-boot-atmel-fixes-2021.04-a' of https://gitlab.denx.de/u-boot/custodians/u-boot-atmel
First set of u-boot-atmel fixes for 2021.04 cycle:
This small PR includes just two fixes but very important: one revert in
the clk subsystem which fixes the boot on many old boards
(sama5d2_xplained, sama5d4_xplained), which currently crash at boot; and
one small fix related to debug serial on sama7g5ek board.
Eugen Hristev [Tue, 2 Feb 2021 08:47:58 +0000 (10:47 +0200)]
clk: at91: compat: partially revert "dm: Remove uses of device_bind_offset()"
Revert changes in at91 compat.c that cause u-boot to fail booting on
sama5d4_xplained and sama5d2_xplained
Log below:
<debug_uart>
No serial driver found
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Could not initialize timer (err -19)
Fixes: a2703ce10c ("dm: Remove uses of device_bind_offset()") Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Eugen Hristev [Thu, 28 Jan 2021 08:14:11 +0000 (10:14 +0200)]
ARM: dts: at91: sama7g5ek: enable pull-up for serial debug line
If the serial tx/rx are floating, it can happen that bogus characters
are detected on the line at boot time. This leads to U-boot accidentally
thinking someone pressed a key to stop autoboot, thus stopping booting process.
This can happen if the serial cable is not connected. There are hardware
pull-ups on the board connected to serial cable VBUS.
To solve this when the cable is not plugged, enable internal pull-ups as well
for the tx/rx lines.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
usb: dwc2: change compatible st,stm32mp1-hsotg to st,stm32mp15-hsotg
The Linux kernel v5.7-rc1 introduced the compatible "st,stm32mp15-hsotg".
See Linux kernel commit d49850110434 ("dt-bindings: usb: dwc2: add
support for STM32MP15 SoCs USB OTG HS and FS")
This patch updates the supported compatible in DWC2 driver,
removes the add-on done in U-Boot dtsi and keeps the compatible
defined in SOC dtsi arch/arm/dts/stm32mp151.dtsi:
Stefan Roese [Fri, 15 Jan 2021 07:52:56 +0000 (08:52 +0100)]
usb: xhci: Fix compare to use physical addresses in xhci_bulk_tx()
Testing with v2021.01 on MIPS Octeon has shown, that the latest patch
for the "short packet event trb handling" did introduce a bug on
platforms with virtual address != physical address. This patch fixes
this issue by using the correct address types in the compare (both
physical in this case).
Signed-off-by: Stefan Roese <sr@denx.de> Cc: Aaron Williams <awilliams@marvell.com> Cc: Chandrakala Chavva <cchavva@marvell.com> Cc: Ran Wang <ran.wang_1@nxp.com> Cc: Nicolas Saenz Julienne <nsaenzjulienne@suse.de> Cc: Marek Vasut <marex@denx.de> Cc: Bin Meng <bmeng.cn@gmail.com>
Chunfeng Yun [Wed, 23 Dec 2020 01:52:20 +0000 (09:52 +0800)]
usb: xhci-mtk: support option to disable ports
Add support to disable specific ports, it's useful for some
scenarios:
1. usb3 PHY is shared whith PCIe or SATA, the corresponding
usb3 port can be disabled;
2. some usb2 or usb3 ports are not used on special platforms,
they should be disabled to save power.
board: amlogic: odroid: add runtime detection of the N2/N2+/C4/HC4 variants
Use the ADC channel 1 to check the hardware revision of the board and
detect the N2 vs. N2+ and the C4 vs. HC4 variants. Each of them use
different dtb file, so adjust fdtfile environment variable to the
detected variant.
The ADC min/max values for each variant are taken from the vendor code,
adjusted to the 12-bit ADC driver operation mode (vendor code use 10-bit
mode).
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com> Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com> Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Neil Armstrong [Tue, 29 Dec 2020 13:59:01 +0000 (14:59 +0100)]
phy: Add Amlogic AXG MIPI PCIe Analog PHY driver
The Amlogic AXG MIPI + PCIe Analog PHY provides function for both PCIe and
MIPI DSI at the same time, and provides the Analog part of MIPI DSI transmission
and Analog part of the PCIe lines.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Neil Armstrong [Tue, 29 Dec 2020 13:58:58 +0000 (14:58 +0100)]
phy: dphy: Add configuration helpers
The MIPI D-PHY spec defines default values and boundaries for most of the
parameters it defines. Introduce helpers to help drivers get meaningful
values based on their current parameters, and validate the boundaries of
these parameters if needed.
These helpers and header are taken from Linux commit 9123e3a74ec7 ("Linux 5.9-rc1").
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Tom Rini [Tue, 9 Feb 2021 22:06:44 +0000 (17:06 -0500)]
Merge tag 'u-boot-stm32-20210209' of https://gitlab.denx.de/u-boot/custodians/u-boot-stm
- Enable the fastboot oem commands in stm32mp15 defconfig
- Fixes pinctrol for stmfx and stm32
- Add support of I2C6_K in stm32mp15 clock driver
- Alignment with Linux kernel device tree v5.11-rc2 for ST boards
Patrick Delaunay [Mon, 11 Jan 2021 11:33:36 +0000 (12:33 +0100)]
arm: dts: stm32mp15: alignment with v5.11-rc2
Device tree alignment with Linux kernel v5.11-rc2
- fix DCMI DMA features on stm32mp15 family
- Add alternate pinmux for FMC EBI bus
- Harmonize EHCI/OHCI DT nodes name on stm32mp15
- update sdmmc IP version for STM32MP15
- Add LP timer irqs on stm32mp151
- Add LP timer wakeup-source on stm32mp151
- enable HASH by default on stm32mp15
- enable CRC1 by default on stm32mp15
- enable CRYP by default on stm32mp15
- set bus-type in DCMI endpoint for stm32mp157c-ev1 board
- reorder spi4 within stm32mp15-pinctrl
- add STUSB1600 Type-C using I2C4 on stm32mp15xx-dkx
- fix mdma1 clients channel priority level on stm32mp151
- fix dmamux reg property on stm32mp151
- adjust USB OTG gadget fifo sizes in stm32mp151
- update stm32mp151 for remote proc synchronization support
- support child mfd cells for the stm32mp1 TAMP syscon
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Patrick Delaunay [Thu, 21 Jan 2021 16:39:08 +0000 (17:39 +0100)]
pinctrl: stm32: bind only the enabled GPIO subnode
Bind only the enabled GPIO subnode, to avoid to probe the node
"gpio-controller" present in SOC dtsi (disabled by default) but
not enabled in the included pincontrol dtsi file.
For example, in stm32mp15xxac-pinctrl.dtsi 2 gpio bank are absent:
gpioj: gpio@5000b000
gpiok: gpio@5000c000
Then these GPIO are absent in output of command "dm tree" and
"gpio status -a"
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com> Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Patrick Delaunay [Thu, 21 Jan 2021 16:39:07 +0000 (17:39 +0100)]
pinctrl: stm32: correct management pin display of OTYPE
OTYPE can be used for output or for alternate function to select
PP = push-pull or OP = open-drain mode, according reference manual
(Table 81. Port bit configuration table).
This patch removes this indication for input pins and adds it
for AF and output pins for pinmux command output.
Fixes: b305dbc08b08 ("pinctrl: stm32: display bias information for all pins") Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com> Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Whereas in stmfx pin-controller driver, pin's name are equal to
"stmfx_gpioxx" where xx is the pin number.
This lead to not configure stmfx's pins at probe because pins is
identified by its name (see pinctrl_pin_name_to_selector() in
pinctrl-generic.c) and stmfx pin "gpio14" can't be found.
To fix this issue, come back to the original stmfx pin's name.
configs: stm32mp1: enable the fastboot oem command bootbus
Enable the fastboot oem command bootbus, used to configure the eMMC
boot behavior, with same format than 'mmc bootbus'
and with parameter: boot_bus_width reset_boot_bus_width boot_mode
On stm32mp1 boards the expected command is
$> fastboot oem partconf:0 0 0
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
configs: stm32mp1: enable the fastboot oem command partconf
Enable the fastboot oem command partconf, used to select the correct
eMMC boot partition, with same format than 'mmc partconf'
with parameter: boot_ack boot_partition
On stm32mp1 family:
- boot_ack = 1 (Boot Acknowledge is needed by ROM code)
- boot_partition = 1 or 2 (Boot partition 1 / 2 enabled for boot)
So on EV1 board the expected commands to select boot partition 1 or 2
$> fastboot oem partconf:1 1
$> fastboot oem partconf:1 2
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Tom Rini [Mon, 8 Feb 2021 15:55:51 +0000 (10:55 -0500)]
Merge git://git.denx.de/u-boot-marvell
- Espressobin: Set default env values at runtime (Pali)
- Espressobin: Set the maximum slave SPI speed to 40MHz (Pali)
- theadorable: PCIe test code enhancement and early deemphasis
enabling (Stefan)
- pci_mvebu: Disable config access to PCI host bridge ports (Stefan)
- mv_sdhci: parse device-tree entry (Baruch)
Hou Zhiqiang [Fri, 5 Feb 2021 08:34:02 +0000 (16:34 +0800)]
configs: T1042: Drop the CONFIG_VIDEO
Drop the CONFIG_VIDEO to fix the following build warning.
===================== WARNING ======================
This board does not use CONFIG_DM_VIDEO Please update
the board to use CONFIG_DM_VIDEO before the v2019.07 release.
UPD include/generated/dt.h
Failure to update by the deadline may result in board removal.
See doc/driver-model/migration.rst for more info.
UPD include/generated/timestamp_autogenerated.h
====================================================
Hou Zhiqiang [Fri, 5 Feb 2021 07:45:12 +0000 (15:45 +0800)]
armv7: ls102xa: Enable I-Cache to speed up the boot time
Enable the I-Cache to speed up the boot time, especailly for the NOR
boot, currently it takes about 15 seconds from power up to the U-Boot
prompt, and with the I-Cache enabled it only takes around 2.5 seconds.
LX2162A is not like LX2160A which has different PCIe controller
in rev1 and rev2 silicon. It supports only one configuration of
PCIe controller, which is same as LS2088A. So update PCIe
compatible string same as LS2088A.
Mathew McBride [Mon, 25 Jan 2021 03:55:22 +0000 (03:55 +0000)]
spi: fsl_qspi: apply the same settings for LS1088 as LS208x
The LS1088 requires the same QUADSPI_QURIK_BASE_INTERNAL
workaround as the LS208x and also has a 64 byte TX buffer.
With the previous settings SPI-NAND reads over AHB were
corrupted.
Fixes: 91afd36f3802 ("spi: Transform the FSL QuadSPI driver to use the SPI MEM API") Signed-off-by: Mathew McBride <matt@traverse.com.au> Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Mathew McBride [Mon, 25 Jan 2021 03:55:21 +0000 (03:55 +0000)]
spi: fsl_qspi: Ensure width is respected in spi-mem operations
Adapted from kernel commit b0177aca7aea
From: Michael Walle <michael@walle.cc>
Make use of a core helper to ensure the desired width is respected
when calling spi-mem operators.
Otherwise only the SPI controller will be matched with the flash chip,
which might lead to wrong widths. Also consider the width specified by
the user in the device tree.
Fixes: 91afd36f38 ("spi: Add a driver for the Freescale/NXP QuadSPI controller") Signed-off-by: Michael Walle <michael@walle.cc> Link: https://lore.kernel.org/r/20200114154613.8195-1-michael@walle.cc Signed-off-by: Mark Brown <broonie@kernel.org> Signed-off-by: Mathew McBride <matt@traverse.com.au> [adapt for U-Boot] Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>