The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].
This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX
The SHA implementation is adapted from the linux kernel implementation.
[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm
Heiko Stuebner [Fri, 5 Jun 2020 10:06:43 +0000 (12:06 +0200)]
rockchip: puma: enable new usb config options
With recently added changes we get support for usb3 including handling
of the phys (type-c and inno-usb2), so enable the necessary config
options on puma.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Heiko Stuebner [Fri, 5 Jun 2020 10:06:42 +0000 (12:06 +0200)]
rockchip: puma: drop special handling of usb host regulator
With the current usb stack in u-boot, all host ports on puma work
flawlessly without any additional special handling, so drop that
usb hub hacking from the puma board.
Tested with mass-storage and usb-ethernet on both usb3 and usb2 ports.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Heiko Stuebner [Fri, 5 Jun 2020 10:06:41 +0000 (12:06 +0200)]
rockchip: puma: remove separate fit generator
The introduction of the puma-specific generator was mainly a way
to split the pmu firmware from the ATF binary and not having to
distribute that 4GB (sparse) image that was created before moving
to the bl31.elf as base.
Looking at the publically available repository for that separate
pmu firmware
https://git.theobroma-systems.com/rk3399-cortex-m0.git/
there is also no activity for 3 years and apart from some build
customizations no other changes were done.
And even then, if changes need to be made, this can very well also
happen in the atf context itself, so there is no real need to
diverge from the established build procedure and we can just go
back to using the main make_fit_atf.py script.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Heiko Stuebner [Fri, 5 Jun 2020 10:06:40 +0000 (12:06 +0200)]
rockchip: puma: reorganize devicetrees to actually work and match upstream
So far the puma dts files only just included the main puma dtsi without
handling the actual baseboard and rk3399-puma.dtsi was very much
detached from the variant in the mainline Linux kernel.
Recent changes resulted in a strange situation with nonworking puma boards.
Commit ab800e5a6f28 ("arm: dts: rockchip: puma: move U-Boot specific bits to u-boot.dtsi")
moved the sdram include from rk3399-puma-ddrX.dts to new files
rk3399-puma-ddrx-u-boot.dtsi which were never included anywhere though.
Commit 167efc2c7a46 ("arm64: dts: rk3399: Sync v5.7-rc1 from Linux")
replaced the rk3399-puma.dtsi nearly completely, but in the kernel
it definitly depends on a baseboard dts to actually enable peripherals
like sd-slot, uarts, etc.
So to untagle this and bring the whole thing more in line with mainline
Linux, bring the rk3399-puma-haikou.dts over as well, drop the separate
DDR-option devicetrees and instead replace them with a puma Kconfig option
to select and include the needed DDR variant.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Heiko Stuebner [Fri, 5 Jun 2020 10:06:39 +0000 (12:06 +0200)]
rockchip: puma: fix indentation of misc_init_r
The commit moving puma to the generic cpuid/macaddr helpers used 7 spaces
as indentation, so correct that by moving to the required tabs.
Fixes: fa177ff0208b ("board: puma: Use rockchip_* helpers to setup cpuid and macaddr") Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Heiko Stuebner [Fri, 5 Jun 2020 10:06:36 +0000 (12:06 +0200)]
arm64: dts: rk3399-puma: fix gpio levels for gmac reset pin
The gmac reset has opposite values for the gpio declaration
and the separate reset-active, bring this in line to make
u-boot also find the ethernet-phy.
This mimics the upstream Linux commit found on
https://lore.kernel.org/r/20200603132836.362519-1-heiko@sntech.de
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Jagan Teki [Thu, 4 Jun 2020 14:51:38 +0000 (20:21 +0530)]
Makefile: Drop to handle rkspi image type
On rockchip platforms, SPI boot image creation is not
straightforward like MMC boot image creation where former
requires to specify tpl, spl in multimage format in mkimage,
and later simply do a concatenate mkimaged-tpl with spl.
On this note, let drop rkspi image type creation via kbuild
and let inform via rockchip.rst
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Kever Yang [Wed, 3 Jun 2020 07:25:28 +0000 (15:25 +0800)]
rockchip: rk3399-evb: add stdout-path for the board
The 'stdout-path' is missing after dts sync. Fixes: 167efc2c7a ("arm64: dts: rk3399: Sync v5.7-rc1 from Linux") Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Tom Rini [Sat, 6 Jun 2020 14:59:55 +0000 (10:59 -0400)]
Merge tag 'efi-2020-07-rc4-2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc4 (2)
The following problems are resolved:
* When booting via UEFI an SMBIOS table is presented to the operating
system. If U-Boot tries to add an empty string, this results in corrupted
SMBIOS information. We will now use "Unknown" as property value.
* The EFI_RNG_PROTOCOL uses the DM_RNG drivers. For the virtio RNG driver
the missing DM_RNG Kconfig dependency is added.
* Missing function descriptions for the EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL are
added.
smbios_add_string() cannot deal with empty strings. This leads to incorrect
property values and invalid tables. E.g. for the pine64-lts_defconfig
CONFIG_SMBIOS_MANUFACTURER="". Linux command dmidecode shows:
Tom Rini [Thu, 4 Jun 2020 22:12:57 +0000 (18:12 -0400)]
Merge branch '2020-06-04-misc-bugfixes'
- Resync checkpatch.pl (largely) with v5.7 and introduce U-Boot specific
checks in a localized area, so they aren't lost in the future.
- Complete / re-migrate some options from config headers to defconfigs
- Add dependencies to the various debug uart drivers
Simon Glass [Fri, 22 May 2020 22:32:35 +0000 (16:32 -0600)]
checkpatch.pl: Update to v5.7
Keep the U-Boot changes to $logFunctions
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Resync with v5.7 release which changed the default max line
length, update commit to reflect] Signed-off-by: Tom Rini <trini@konsulko.com>
The config header for this platform disables both CMD_SF and CMD_SPI and
the defconfig leaves them enabled. Disable them from the defconfig and
enable them in the header.
Cc: Marek Vasut <marek.vasut+renesas@gmail.com> Cc: Masakazu Mochizuki <masakazu.mochizuki.wd@hitachi.com> Signed-off-by: Tom Rini <trini@konsulko.com>
Tom Rini [Tue, 26 May 2020 19:06:14 +0000 (15:06 -0400)]
bcmstb: Migrate CONFIG_CMD_EXT[24]
The common config header for bcm7260 and bcm7445 enable
CONFIG_CMD_EXT2/EXT4 but the defconfigs do not. This results in the
commands being disabled. Enable them via the defconfig.
Cc: Thomas Fitzsimmons <fitzsim@fitzsim.org> Signed-off-by: Tom Rini <trini@konsulko.com>
Tom Rini [Tue, 26 May 2020 19:06:13 +0000 (15:06 -0400)]
mx6memcal: Finish migration to defconfig options
The config header for this platform uses '#undef' in a number of cases.
All of the MMC related ones were already handled correctly in the
defconfig file. In the case of CONFIG_CMD_FUSE, the command was being
built and enabled via defconfig. Disable it in the defconfig, cleanup
the header.
Reviewed-by: Eric Nelson <eric@nelint.com> Signed-off-by: Tom Rini <trini@konsulko.com>
Tom Rini [Tue, 26 May 2020 19:06:12 +0000 (15:06 -0400)]
pfla02: Rework excluding NAND from SPL
Rather than only enable CONFIG_CMD_NAND for non-SPL builds, move the CMD
options to defconfig and rework the guards to not try and call the
function in SPL builds.
Michal Simek [Thu, 28 May 2020 10:05:12 +0000 (12:05 +0200)]
serial: Add missing Kconfig dependencies for debug consoles
Debug console is the part of serial driver in the same file. It means to be
able to enable debug console you also need to enable driver itself.
That's why add all dependecies and list only debug consoles which are
enabled based on driver selection to avoid compilation error when user
asks for certain debug console but driver is not enable for it.
Error:
aarch64-linux-gnu-ld.bfd: common/built-in.o: in function `putc':
/home/monstr/data/disk/u-boot/common/console.c:513: undefined reference to `printch'
aarch64-linux-gnu-ld.bfd: common/built-in.o: in function `puts':
/home/monstr/data/disk/u-boot/common/console.c:563: undefined reference to `printch'
Signed-off-by: Michal Simek <michal.simek@xilinx.com> Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Fix ns16550 dependency, add ZYNQ_SERIAL, change S5P] Signed-off-by: Tom Rini <trini@konsulko.com>
- Fixes 7e249bc13aaf: ("riscv: Move all SMP related SBI calls to
SBI_v01") Move sbi_probe_extension() out of CONFIG_SBI_V01.
- SiFive FU540 support SPL.
Move errata A008109, A008378, 009942 workaround implementation from
compute_fsl_memctl_config_regs() to fsl_ddr_set_memctl_regs()
and add register write after each workaround implementation.
Hou Zhiqiang [Sun, 3 May 2020 14:48:43 +0000 (22:48 +0800)]
net: tsec: Access TBI PHY through the corresponding MII
When an eTSEC is configured to use TBI, configuration of the
TBI is done through the MIIM registers for that eTSEC.
For example, if a TBI interface is required on eTSEC2, then
the MIIM registers starting at offset 0x2_5520 are used to
configure it.
Fixes: 9a1d6af55ecd ("net: tsec: Add driver model ethernet support") Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com> Reviewed-by: Vladimir Oltean <vladimir.oltean@nxp.com> Tested-by: Vladimir Oltean <vladimir.oltean@nxp.com> Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Hou Zhiqiang [Sun, 3 May 2020 14:48:42 +0000 (22:48 +0800)]
net: tsec: Access eTSEC registers using virtual address
The current code accesses eTSEC registers using physical
address directly, it's not correct, though no problem on
current platforms. It won't work on platforms, which does
not support 1:1 virtual-physical address map.
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com> Reviewed-by: Vladimir Oltean <vladimir.oltean@nxp.com> Tested-by: Vladimir Oltean <vladimir.oltean@nxp.com> Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
powerpc: dts: add QorIQ DPAA 1 FMan v3 to T1024RDB
Introduce the QorIQ DPAA 1 Frame Manager nodes in the T1024RDB
device tree. The device tree fragments are copied over with little
modification from the Linux kernel source code.
Add the QorIQ DPAA 1 Frame Manager v3 device tree nodes for the
T102x SoCs. The device tree fragments are copied over with little
modification from the Linux kernel source code.
Introduce the QorIQ DPAA 1 Frame Manager nodes in the P5040DS
device tree. The device tree fragments are copied over with little
modification from the Linux kernel source code.
Introduce the QorIQ DPAA 1 Frame Manager nodes in the P3041DS
device tree. The device tree fragments are copied over with little
modification from the Linux kernel source code.
Introduce the QorIQ DPAA 1 Frame Manager nodes in the P2041RDB
device tree. The device tree fragments are copied over with little
modification from the Linux kernel source code.
Add the QorIQ DPAA Frame Manager version 3 device tree nodes
description. The device tree fragments are copied over with little
modification from the Linux kernel source code.
powerpc: dts: add QorIQ DPAA 1 FMan device tree nodes
Add the QorIQ DPAA Frame Manager device tree nodes description.
The device tree fragments are copied over with little modification
from the Linux kernel source code.
Add the QorIQ GPIO device tree nodes description. The device tree
fragments are copied over with little modification from the Linux
kernel source code.
Bin Meng [Wed, 27 May 2020 09:04:53 +0000 (02:04 -0700)]
riscv: sbi: Move sbi_probe_extension() out of CONFIG_SBI_V01
sbi_probe_extension() is an API defined in SBI v0.2, not v0.1.
Fixes 7e249bc13aaf: ("riscv: Move all SMP related SBI calls to SBI_v01") Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Rick Chen <rick@andestech.com>
Bin Meng [Wed, 27 May 2020 09:04:52 +0000 (02:04 -0700)]
riscv: sbi: Remove sbi_spec_version
U-Boot defaults to use SBI v0.2. Howerver there is a global variable
sbi_spec_version that stills refers to v0.1. Since it is not used
anywhere, let's remove it.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Rick Chen <rick@andestech.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:38 +0000 (11:33 +0530)]
configs: fu540: Add config options for U-Boot SPL
With sifive_fu540_defconfig:
User can use FSBL or u-boot-spl.bin anyone at a time.
For FSBL,
fsbl->fw_payload.bin (opensbi + U-Boot)
For u-boot-spl.bin,
u-boot-spl.bin->FIT image (opensbi + U-Boot proper + dtb)
U-Boot SPL will be loaded by ZSBL from SD card (replace fsbl.bin with
u-boot-spl.bin) and runs in L2 LIM in machine mode and then load FIT
image u-boot.itb from SD card into RAM.
U-Boot SPL expects u-boot.itb FIT image at the starting of SD card sector
number (0x822) of GUID type "2E54B353-1271-4842-806F-E436D6AF6985"
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Signed-off-by: Jagan Teki <jagan@amarulasolutions.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:35 +0000 (11:33 +0530)]
riscv: sifive: fu540: add SPL configuration
Add a support for SPL which will boot from L2 LIM (0x0800_0000) and
then SPL will boot U-Boot FIT image (OpenSBI FW_DYNAMIC + u-boot.bin)
from MMC boot devices.
SPL related code is leveraged from FSBL
(https://github.com/sifive/freedom-u540-c000-bootloader.git)
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:34 +0000 (11:33 +0530)]
riscv: cpu: fu540: Add support for cpu fu540
Add SiFive fu540 cpu to support RISC-V arch
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:32 +0000 (11:33 +0530)]
riscv: sifive: dts: fu540: set ethernet clock rate
Set ethernet clock rate to 125 Mhz so that it will work with 1000Mbps,
Earlier this is done by FSBL. With this change We can remove the
ethernet clock rate code from FSBL.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
U-Boot ethernet works with FSBL flow where releasing ethernet clock
reset is part of FSBL itself but with the SPL, We need to release
ethernet clock reset explicitly for U-Boot proper. With this change
Release ethernet clock reset code in FSBL might not be needed or
unaffected.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:29 +0000 (11:33 +0530)]
clk: sifive: fu540-prci: Add clock enable and disable ops
Added clock enable and disable functions in prci ops
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Acked-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:28 +0000 (11:33 +0530)]
riscv: sifive: dts: fu540: add U-Boot dmc node
Add dmc node to enable ddr driver. dmc is used to
initialize the memory controller.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Devicetree files in FU540 platform is synced from Linux, like other
platforms does. Apart from these U-Boot in FU540 would also require
some U-Boot specific node like clint.
So, create board specific -u-boot.dtsi files. This would help of
maintain U-Boot specific changes separately without touching Linux
dts(i) files which indeed easy for syncing from Linux between
releases.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Anup Patel <anup.patel@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:22 +0000 (11:33 +0530)]
riscv: sifive: fu540: Use OTP DM driver for serial environment variable
Use the OTP DM driver to set the serial environment variable.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Pragnesh Patel [Fri, 29 May 2020 06:03:21 +0000 (11:33 +0530)]
misc: add driver for the SiFive otp controller
Added a misc driver to handle OTP memory in SiFive SoCs.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Jagan Teki <jagan@amarulasolutions.com> Tested-by: Jagan Teki <jagan@amarulasolutions.com>
Tom Rini [Wed, 3 Jun 2020 18:10:03 +0000 (14:10 -0400)]
Merge tag 'efi-2020-07-rc4' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc4
This patch series addresses the following issues:
* allow compiling with clang
* add missing function descriptions to the HTML documentation
* simplify the validation of UEFI images
* validate load options in the UEFI boot manager
In a preparatory patch a structure definition is moved.
Tom Rini [Wed, 3 Jun 2020 15:44:12 +0000 (11:44 -0400)]
Merge branch '2020-06-03-misc-bugfixes'
- Update various docs to not have 'ARCH=' in them as that's not part of
how U-Boot builds.
- Add macOS tools-only build to Azure to help catch problems on BSD
hosts with tools.
- Bugfixes from the latest header cleanup around ARCH_DMA_MINALIGN
- Assorted small Kconfig logic/typo corrections
- Add a default hash to FIT images that have their its auto generated.
- Other assorted fixes
AKASHI Takahiro [Fri, 29 May 2020 06:41:18 +0000 (15:41 +0900)]
efi_loader: signature: move efi_guid_cert_type_pkcs7 to efi_signature.c
The global variable, efi_guid_cert_type_pkcs7, will also be used in
efi_image_loader.c in a succeeding patch so as to correctly handle
a signature type of authenticode in signed image.
Meanwhile, it is currently defined in efi_variable.c. Once some secure
storage solution for UEFI variables is introduced, efi_variable.c may
not always be compiled in.
So move the definition to efi_signature.c as a common place.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Knowing that at least one section header follows the optional header we
only need to check for the length of the 64bit header which is longer than
the 32bit header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>