Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The call to spl_mmc_get_uboot_raw_sector() completely ignores and
overwrites the raw_sect value passed from the caller of spl_mmc_load().
Fix this by passing raw_sect to the function and returning the same
value in the default case.
Signed-off-by: Faiz Abbas <faiz_abbas@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Enable pre console buffer for rk3288 platform.
This would help to capture the console messages prior to
the console being initialised. Enabling this would help
to capture all the console messages on video output source
like HDMI. So we can find the full console messages of
U-Boot proper on HDMI display when enabled it for RK3288
platform boards.
Buffer address used for pre console is 0x0f000000 which is
ram base plus 240MiB. right now the Allwinner SoC is using
similar computation.
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
clear_bss is already used by 3 arches (x86, arc, xtensa), so make it generic
and provide a weak nop stub for it. This also removes arch-specific ifdef
duplications around clear_bss.
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Avoid errors of like
common/console.c: In function ‘console_record_reset’:
common/console.c:615:16: error: passing argument 1 of ‘membuff_purge’
discards ‘volatile’ qualifier from pointer target type
[-Werror=discarded-qualifiers]
615 | membuff_purge(&gd->console_out);
| ^~~~~~~~~~~~~~~~
by casting to non-volatile.
The volatile property stems from declarations like
arch/arm/include/asm/global_data.h:114:
But there is no need to treat gd->console_out and gd->console_in as
volatile in the context of common/console.c.
Fixes: b612312816 ("console: Add a function to read a line of the output / eof")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
/X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
=KRoA
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
If CONFIG_CMDLINE=n, common/cli.c calls board_run_command. This fails to
link on most architectures. However, the sandbox architecture has an
implementation which we can use.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
boot_fdt_add_mem_rsv_regions() scans the subnodes of
"/reserved-memory" and adds them to reserved lmb regions.
Currently this scanning does not take into "status" property.
Even if the subnode is disabled, it gets added to the
reserved lmb regions.
This patch checks the "status" property before adding it
to reserved lmb regions.
Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
When recording the console output for testing it is useful to be able to
read the output a line at a time to check that the output is correct. Also
we need to check that we get to the end of the output.
Add a console function to return the next line and another to see how must
data is left.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is convenient for bloblist to zero out the contents of a records when
it is added. This saves the callers having to do it.
Update the API accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
A common check is to see if a blob is present, create it if not and make
sure that the size is large enough. Add a function to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Android Boot Image v1 adds "Recovery DTB" field in image header and
associate payload in boot image itself [1]. Payload should be in
Android DTB/DTBO format [2]. That "Recovery DTB" area should be only
populated for non-A/B devices, and only in recovery image.
Add function to get an address and size of that payload. That function
can be further used e.g. in 'abootimg' command to provide the user a way
to get the address of recovery dtbo from U-Boot shell, which can be
further parsed using 'adtimg' command.
[1] https://source.android.com/devices/bootloader/boot-image-header
[2] https://source.android.com/devices/architecture/dto/partitions
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Android Boot Image v2 adds "DTB" payload (and corresponding field in the
image header). Provide functions for its handling:
- android_image_get_dtb_by_index(): Obtain DTB blob from "DTB" part of
boot image, by blob's index
- android_image_print_dtb_contents(): Iterate over all DTB blobs in
"DTB" part of boot image and print those blobs info
"DTB" payload might be in one of the following formats:
1. concatenated DTB blobs
2. Android DTBO format
The latter requires "android-image-dt.c" functionality, so this commit
selects that file for building for CONFIG_ANDROID_BOOT_IMAGE option.
Right now this new functionality isn't used, but it can be used further.
As it's required to apply some specific dtbo blob(s) from "dtbo"
partition, we can't automate this process inside of "bootm" command. But
we can do next:
- come up with some new command like "abootimg" to extract dtb blob
from boot image (using functions from this patch)
- extract desired dtbo blobs from "dtbo" partition using "adtimg"
command
- merge dtbo blobs into dtb blob using "fdt apply" command
- pass resulting dtb blob into bootm command in order to boot the
Android kernel with Android ramdisk from boot image
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
This removes the arch-specific checks for "checkcpu" function from the init
sequence. Make "checkcpu" generic and provide a weak nop stub instead.
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
m68k needs block cache list initialized after relocation.
Other architectures must not be involved.
Fixing regression related to:
commit 1526bcce0f
("common: add blkcache init")
Signed-off-by: Angelo Durgehello <angelo.dureghello@timesys.com>
On m68k, block_cache list is relocated, but next and prev list
pointers are not adjusted to the relocated struct list_head address,
so the first iteration over the block_cache list hangs.
This patch initializes the block_cache list after relocation.
Signed-off-by: Angelo Durgehello <angelo.dureghello@timesys.com>
Reviewed-by: Eric Nelson <eric@nelint.com>
For Allwinner SoCs the CONFIG_SYS_SPI_U_BOOT_OFFS value is not really a
board choice: The boot ROM only loads the SPL from offset 0 of the SPI
NOR flash, and loads at most 32KB. This is a similar situation as on MMC,
so consequently we create our "joint" image (SPL + U-Boot proper) with
that 32KB offset during the build.
So define the value of this symbol to be 32KB by default for every
Allwinner SoC. This removes the definition of this symbol from the
_defconfig files, and avoids every board to define this over and over
again.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
This is not really a CONFIG since it is not intended to be set by boards.
Move it into the compiler header with other similar defines, and rename
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present panic() is in the vsprintf.h header file. That does not seem
like an obvious choice for hang(), even though it relates to panic(). So
let's put hang() in its own header.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Migrate a few more files]
Signed-off-by: Tom Rini <trini@konsulko.com>
These global variables are quite short and generic. In fact the same name
is more often used locally for struct members and function arguments.
Add a image_ prefix to make them easier to distinguish.
Signed-off-by: Simon Glass <sjg@chromium.org>
These three clock functions don't use driver model and should be migrated.
In the meantime, create a new file to hold them.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is defined in exports.c so move it to its header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This function belongs more in flash.h than common.h so move it.
Also remove the space before the bracket in some calls.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this function out of common.h and into a better place.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Allow reading compressed content from fit image, even if
CONFIG_SPL_OS_BOOT is not set.
This allow booting compressed 2nd stage u-boot from fit image.
Additionally, do not print warning message if compression node is not
found, since it simply implies the content is uncompressed.
Signed-off-by: Klaus H. Sorensen <khso@prevas.dk>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
This is not really a CONFIG since it is not intended to be set by boards.
Move it into the compiler header with other similar defines, and rename
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present panic() is in the vsprintf.h header file. That does not seem
like an obvious choice for hang(), even though it relates to panic(). So
let's put hang() in its own header.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Migrate a few more files]
Signed-off-by: Tom Rini <trini@konsulko.com>
These global variables are quite short and generic. In fact the same name
is more often used locally for struct members and function arguments.
Add a image_ prefix to make them easier to distinguish.
Signed-off-by: Simon Glass <sjg@chromium.org>
These three clock functions don't use driver model and should be migrated.
In the meantime, create a new file to hold them.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is defined in exports.c so move it to its header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This function belongs more in flash.h than common.h so move it.
Also remove the space before the bracket in some calls.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this function out of common.h and into a better place.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
- Clearfog: Fix SD booting (Baruch)
- Misc updates to MMC handling in SPL to support booting from
main data partition (vs hardware boot partition) on MVEBU (Baruch)
On Armada 38x platforms the ROM code loads SPL from offset 0 of eMMC
hardware boot partitions. When there are no boot partitions (i.e. SD
card) the ROM skips the first sector that usually contains the (logical)
partition table. Since the generated .kwb image contains the main U-Boot
image in a fixed location (0x140 sectors by default), we end up with the
main U-Boot image in offset of 1 sector. The current workaround is to
manually set CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR to 0x141 to
compensate for that.
This patch uses the run-time detected boot partition to determine the
right offset of the main U-Boot partition. The generated .kwb image is
now compatible with both eMMC boot partition, and SD card main data
partition.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
Rename CONFIG_SPL_DMA_SUPPORT to CONFIG_SPL_DMA. This allows to use
macros such as CONFIG_IS_ENABLED() that allow conditional compilation of
code for SPL and U-Boot.
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>