This pull request
* provides an implementation of UEFI secure booting
* fixes a problem with the rsa_mod_exp driver which stops some boards
from booting when CONFIG_RSA is enabled which is needed for UEFI
secure booting
* enables the EFI_RNG_PROTOCOL if DM_RNG is enabled
* fixes some function comments
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAl6YjlcACgkQxIHbvCwF
GsQ6Jg/+KVRQF0Dn2jiag8Me9ZhafZx4xGTI3LEzFD7V9kG3dmUzbO3m8a5dEevW
bcPNA6EmcKAjyP09AZY4C8ns4sU7wzPu/GQvApD4S5+vcuNbEqRHfW6zzReNXq09
t89DrFH+XLhGnh4uSh0hmfjrlIPVi86hs/f57vKRayrBu8W2yGPci3SNTO5Y0AY1
to7sxP3hGlDCUhqIABWp5ylpWWUSG1MsVNcMOnHpj+jl0iWWYP46EQrGr95egQor
gcGgUOLdOLLOHPYUIOBmo9INnS2MbvE9Mfgh5Bw7JW8DIu/Xp7r1qePQyMLsngc1
pO5yzwMq6EQy6OjuYnXdIBXtHOlZ8rnE9pbTgyUR8T/2CdL2hqr9ddpqa4ryDABX
iaQF8FG+KhY0XQ5EIJV7pEkvf9TMwGguJNlOkmJPeub2n9i0k1tPk0Rwq5ZWWBIn
rHcgZXwl0On3O3f0HvfL0Oas5u9KE1HhA12h/EVmu2Muy36x2WxAAzDnsH19HzqU
QnWBAo8VMyp3qTIZjb3y+qrxcU/joPGt9+hxmur03hzmKOJ9JNOv6vExb+yUIyXQ
4ML6jvTvSVZbvkP++0zMKOjT8ks3xv5q84oFD5Gp4cG8ZpHpA9dj3mXM92Waepo4
pAkko5IGQ4SqaGIBltEQzrG+cCiHHezdD/raCwAo6DgYSmfZUvc=
=+ZDZ
-----END PGP SIGNATURE-----
Merge tag 'efi-2020-07-rc1' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc1
This pull request
* provides an implementation of UEFI secure booting
* fixes a problem with the rsa_mod_exp driver which stops some boards
from booting when CONFIG_RSA is enabled which is needed for UEFI
secure booting
* enables the EFI_RNG_PROTOCOL if DM_RNG is enabled
* fixes some function comments
Enhancements to 'dm' command
Log test enhancements and syslog driver
DM change to read parent ofdata before children
Minor fixes
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl6YdaMRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYLRwf8C+vKmERVLLcrMZMMiLctbY2kVflJV8zG
RjFwBcazZDPYjtHqClFZtJyIDYzgkVQRo+QPcdLxjcA+gjSXdteeRa0XTsBTXOZQ
kbs7yBkL+rCIO2WyXtuyajsmDMQtqM5vYgeBdTeYnJu7NVxwRMYrUqqAKLolNpIN
SKNYz+a8OEOG2EetbTdwwrmSpNy/cZ3wDGYK25DFTte8/vCZMRBTPiiNSrLp/RsM
xIojRcLqzARwpvPfFZ8psASKei9+5oIICUrNvwwQGtjepvZwdFQEl90SKaHw8kMf
sP9rxuqlEN5ec6xnMTUgwfnyBZgNIMSeb4KVPP1rxN2eAa5+bK1OlQ==
=gyyY
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-10apr20-take2' of git://git.denx.de/u-boot-dm
Functions for reading indexed values from device tree
Enhancements to 'dm' command
Log test enhancements and syslog driver
DM change to read parent ofdata before children
Minor fixes
The content dm_ofnode_pre_reloc() is identical with ofnode_pre_reloc()
defined in drivers/core/ofnode.c and used only three times:
- drivers/core/lists.c:lists_bind_fdt()
- drivers/clk/at91/pmc.c::at91_clk_sub_device_bind
- drivers/clk/altera/clk-arria10.c::socfpga_a10_clk_bind
So this function dm_ofnode_pre_reloc can be removed and replaced
by these function calls by ofnode_pre_reloc().
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Acked-by: Simon Glass <sjg@chromium.org>
The patch adds helper functions to allow reading a single indexed u32
value from a device-tree property containing multiple u32 values, that
is an array of integers.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add test case to cover dev_read_u64 and dev_read_u64_default functions.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Reviewed-by: Simon Glass <sjg@chromium.org>
When removing a device the power domains it uses are generally powered
off. But when we are trying to unbind all devices (e.g. for running tests)
we don't want to probe a device in the 'remove' path.
Add a new flag to skip this power-down step.
Signed-off-by: Simon Glass <sjg@chromium.org>
If CONFIG_LOG=n, we still expect output for log_err(), log_warning(),
log_notice(), log_info() and in case of DEBUG=1 also for log_debug().
Provide unit tests verifying this.
The tests depend on:
CONFIG_CONSOLE_RECORD=y
CONFIG_LOG=n
CONFIG_UT_LOG=y
It may be necessary to increase the value of CONFIG_SYS_MALLOC_F_LEN to
accommodate CONFIG_CONSOLE_RECORD=y.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
If CONFIG_LOG=n, we should still output errors, warnings, notices, infos,
and for DEBUG=1 also debug messages.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Since ut_asserteq_mem() uses bin2hex() we should include this header in
ut.h to avoid errors. Add it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
The DMA Remapping Reporting (DMAR) table contains information about DMA
remapping.
Add a version simple version of this table with only the minimum fields
filled out. i.e. no entries.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Each ACPI table has its own version number. Add the version numbers in a
single function so we can keep them consistent and easily see what
versions are supported.
Start a new acpi_table file in a generic directory to house this function.
We can move things over to this file from x86 as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The ASL compiler cannot handle C structures and the like so needs some
sort of header guard around these.
We already have an __ASSEMBLY__ #define but it seems best to create a new
one for ACPI since the rules may be different.
Add the check to a few files that ACPI always includes.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
This file is potentially useful to other architectures saddled with ACPI
so move most of its contents to a common location.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
This header relates to ACPI and we are about to add some more ACPI
headers. Move this one into a new directory so they are together.
The header inclusion in pci_rom.c is not specific to x86 anymore, so drop
the #ifdef CONFIG_X86.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add a sandbox test for the basic ACPI functionality we have so far.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
ACPI (Advanced Configuration and Power Interface) is a standard for
specifying information about a platform. It is a little like device
tree but the bindings are part of the specification and it supports an
interpreted bytecode language.
Driver model does not use ACPI for U-Boot's configuration, but it is
convenient to have it support generation of ACPI tables for passing to
Linux, etc.
As a starting point, add an optional set of ACPI operations to each
device. Initially only a single operation is available, to obtain the
ACPI name for the device. More operations are added later.
Enable ACPI for sandbox to ensure build coverage and so that we can add
tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
With ACPI we need to describe the settings of the SPI bus. Add enums to
handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Different CPUs may support different address widths, meaning the amount of
memory they can address. Add a property for this to the cpu_info struct.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Some callers of serial_getinfo() would like to know the UART base
clock speed in order to make decision what to pass to OS in some
cases. In particular, ACPI SPCR table expects only certain base
clock speed and thus we have to act accordingly.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With this commit, image validation can be enforced, as UEFI specification
section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled.
Currently we support
* authentication based on db and dbx,
so dbx-validated image will always be rejected.
* following signature types:
EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images)
EFI_CERT_X509_GUID (x509 certificate for signed images)
Timestamp-based certificate revocation is not supported here.
Internally, authentication data is stored in one of certificates tables
of PE image (See efi_image_parse()) and will be verified by
efi_image_authenticate() before loading a given image.
It seems that UEFI specification defines the verification process
in a bit ambiguous way. I tried to implement it as closely to as
EDK2 does.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
is supported for authenticated variables and the system secure state
will transfer between setup mode and user mode as UEFI specification
section 32.3 describes.
Internally, authentication data is stored as part of authenticated
variable's value. It is nothing but a pkcs7 message (but we need some
wrapper, see efi_variable_parse_signature()) and will be validated by
efi_variable_authenticate(), hence efi_signature_verify_with_db().
Associated time value will be encoded in "{...,time=...}" along with
other UEFI variable's attributes.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_signature_parse_sigdb() is a helper function will be used to parse
signature database variable and instantiate a signature store structure
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In this commit, implemented are a couple of helper functions which will be
used to materialize variable authentication as well as image authentication
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
- Enable bootd, iminfo, imxtract on ST defconfig
- Rename LEDs to match silkscreen on AV96
- Add KS8851-16MLL ethernet on FMC2
- Define FMC2 base address
- net: dwc_eth_qos: implement reset-gpios for stm32
- net: dwc_eth_qos: implement phy reg and max-speed for stm32
-----BEGIN PGP SIGNATURE-----
iQJLBAABCgA1FiEEXyrViUccKBz9c35Jysd4L3sz/6YFAl6WzDIXHHBhdHJpY2Uu
Y2hvdGFyZEBzdC5jb20ACgkQysd4L3sz/6axxQ//eMrpWRXJN312XzPo9aj9Pxnn
GOdYtIiRrV3hFHi5vtzhJ66OwLA3KSuFCL13u2rCeQpeF1gswsbKSQTAIAMp9OTk
lG/4uSYpbjALI5dq3QdjQjCyx9TjRUtKjzd+amF6DSeTd2LJzbkh0JG70zfDgmh0
OO4I/m9sDJ3qa/rsirxUu+LrhoCUcDFdPjfvUnvLYlE3WqH2bu+GP41nkDAKwrFG
JEp0mVm8pmwU0e0OHmCDydUxz9WxOAybQjHl8JicWpqPfmkwdv2gPgWZQ5+h3NuR
CRLclp5fmgxj096bttMDts9g4rOh+9PyWQWbQ3W+jZohCsnlZRXOkmowCsEAafoJ
Anc2B4dODTiD5L1QNtRQID9LSMaAA3HGa1Yd2p72nYCAtZ0sBFgO8kfVKT7VhF7s
dp6JQBPry1C6EWBujHcEPlMSj4nKgrlQJPtPyTu6r2tYzIHvz1TnpJ42k24NM7Vl
ov2w16qSUsAKN8Hn69djF1VgUpVHDxlGAktfbhS5eXWUlZovBFk4UnhULt2w6pAW
0HUbIFXLh2TgurtL3N/f7fJQBTYFGmaCZ/G7HiHEATZdcita9BRBuy7ipPIieXXP
rbYn/5g+C6AOfUWLM2wMkN3eEVlgwF/cGB7TH1BZ052CBYL+TD7OINdbF3HBk3Lg
F+G5GaDcL+bkyHGJh/A=
=FNeD
-----END PGP SIGNATURE-----
Merge tag 'u-boot-stm32-20200415' of https://gitlab.denx.de/u-boot/custodians/u-boot-stm
- Replace STM32MP1_TRUSTED by TFABOOT flag
- Enable bootd, iminfo, imxtract on ST defconfig
- Rename LEDs to match silkscreen on AV96
- Add KS8851-16MLL ethernet on FMC2
- Define FMC2 base address
- net: dwc_eth_qos: implement reset-gpios for stm32
- net: dwc_eth_qos: implement phy reg and max-speed for stm32
Activate ARCH_SUPPORT_TFABOOT and replace the arch stm32mp
specific config CONFIG_STM32MP1_TRUSTED by the generic CONFIG_TFABOOT
introduced by the commit 535d76a121 ("armv8: layerscape: Add TFABOOT
support").
This config CONFIG_TFABOOT is activated for the trusted boot chain,
when U-Boot is loaded by TF-A.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
This function is a bit large for an inline function, and for U-Boot
proper, it is called via a function pointer anyway (in board_r.c), so
cannot be inlined.
It will shortly set a global variable to be used by the
watchdog_reset() function in wdt-uclass.c, so this also allows making
that variable local to wdt-uclass.c.
The WATCHDOG_TIMEOUT_SECS define is not used elsewhere.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Stefan Roese <sr@denx.de>
Since WATCHDOG_TIMEOUT_MSECS was converted to Kconfig (commit
ca51ef7c0c), CONFIG_WATCHDOG_TIMEOUT_MSECS has been guaranteed to be
defined. So remove the dead fallback ifdeffery.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Stefan Roese <sr@denx.de>
Unify the location of DT selection into board_late_init instead of
split between detection and static configuration paths.
Signed-off-by: Joel Johnson <mrjoel@lixil.net>
Reviewed-by: Stefan Roese <sr@denx.de>
Enable distro bootcmd support for additional SATA ports if enabled.
Signed-off-by: Joel Johnson <mrjoel@lixil.net>
Reviewed-by: Stefan Roese <sr@denx.de>
Include attempting to boot from SCSI (SATA) devices within generated
board distro bootcmd environment. The reasoning for boot ordering is
that MMC and USB are external and removable, while when a case is in
use, replacing M.2 or mSATA drives requires disassembly. Therefore,
to boot SCSI, [bootable] external media must be removed. If SCSI were
placed before MMC or USB, then removing a bootable SCSI drive to
enable MMC or USB booting would be more difficult.
Signed-off-by: Joel Johnson <mrjoel@lixil.net>
Reviewed-by: Stefan Roese <sr@denx.de>
Support for sata devices via the scsi command is available and already
enabled by default for the Clearfog Base and Pro. This change adds scsi
to the list of boot targets used by distro-boot.
Signed-off-by: Josua Mayer <josua@solid-run.com>
Cc: Stefan Roese <sr@denx.de>
Reviewed-by: Stefan Roese <sr@denx.de>
Pull in changes that have been pending in our 'next' branch. This
includes:
- A large number of CI improvements including moving to gcc-9.2 for all
platforms.
- amlogic, xilinx, stm32, TI SoC updates
- USB and i2c subsystem updtaes
- Re-sync Kbuild/etc logic with v4.19 of the Linux kernel.
- RSA key handling improvements
Rather than keeping the asynchronous schedule running always, keep it
running only across USB mass storage transfers for now, as it seems
that keeping it running all the time interferes with certain control
transfers during device enumeration.
Note that running the async schedule all the time should not be an
issue, especially on EHCI HCD, as that one implements most of the
transfers using async schedule.
Note that we have usb_disable_asynch(), which however is utterly broken.
The usb_disable_asynch() blocks the USB core from doing async transfers
by setting a global flag. The async schedule should however be disabled
per USB controller. Moreover, setting a global flag does not prevent the
controller from using the async schedule, which e.g. the EHCI HCD does.
This patch implements additional callback to the controller, which
permits it to lock the async schedule and keep it running across
multiple transfers. Once the schedule is unlocked, it must also be
disabled. This thus prevents the async schedule from running outside
of the USB mass storage transfers.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Lukasz Majewski <lukma@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Tested-by: Tom Rini <trini@konsulko.com> [omap3_beagle, previously failing]
This patch ajust CONFIG_SYS_MEMTEST_END for vcoreiii-based systems to
avoid overwriting the relocated u-boot. The former setting was too
agressive with networking etc. enabled on some platforms.
Reviewed-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Reviewed-by: Horatiu Vultur <horatiu.vultur@microchip.com>
Signed-off-by: Lars Povlsen <lars.povlsen@microchip.com>
- sync all Amlogic DT from Linux v5.6-rc2
- MMC clock fixups
- add support for Libre Computer AML-S905D-PC and AML-S912-PC
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPVPGJshWBf4d9CyLd9zb2sjISdEFAl6K4bQACgkQd9zb2sjI
SdFpIw//QZbwDYFJWb7m3OuutceTWwx6sB/vjYjUBzkRZLBKOWn1WdKmt3PHHcHB
Mj1CrUGaK29TVSyC654Sn7W75WMWJOQsvLwZVIc+TA6gOGU0P0khn/LitHgIyn9r
Fo8wCxD9ohVQLfDcgWn/KRkTdX++Sx1IxURvc1ebd82W507XyTjf8dLjgDA6rETF
3dVlnR/el/UojG0MhxaIce/GVldNukC4Y02Imuw9bV1DvhiXp1GnzVaXqmlChxkr
rqoKFBelh5c2I85xm8+FunUX9wCDPuMXE75pFOwVX5imAekExaVaZA+y78hWIUTg
bEFT6Ug0PWaLzZCJAkPKzE3+flJk4tXbG9oXsPIfgGWm7KoC3Lzd6mstpOMzq55V
NMxvPrFJo7bmPZNM7sIbB/KQYBB1r9dnV+UANXHiRS2G7acBDpueuPX6ki6wiG4v
OlwfcWGWTk+6ci0271a/05B4rclZqM33rbRUGlheEpHrFPINXksaArdaY1Pl5FIu
kuP6wg5lyF4G1QuFE68K8OidJticchzh116D6ccD9z3Z5s2KTg555Wp83lLLe+Zi
2YtNYtEr1yiCUDO9OBaYTHzDK/Tfj5Xz2q1Bny6YAyN48NTiOoeK6R9ZsAyXLDK1
Qn/rjHR31ZyrnZ7OZ7GQ/rqfyfZDD+/Fq9mDZ9+ScYe0QFpTwY4=
=PiOt
-----END PGP SIGNATURE-----
Merge tag 'u-boot-amlogic-20200406' of https://gitlab.denx.de/u-boot/custodians/u-boot-amlogic into next
- clk: meson-g12a: missing break
- sync all Amlogic DT from Linux v5.6-rc2
- MMC clock fixups
- add support for Libre Computer AML-S905D-PC and AML-S912-PC
With multi defconfig NOR flash information about NOR should be taken from
DT that's why there is no reason to specify address and sizes via fixed
config.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
With multi defconfig targeting several board configurations bug report like
below is so verbose.
Flash: ## Unknown flash on Bank 1 - Size = 0x00000000 = 0 MB
0 Bytes
Do not report that message and simply say "Flash: 0 Bytes" because most of
Zynq boards are using different type of flashes than NOR.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Sync the device tree and dt-bindings from Linux v5.6-rc2
11a48a5a18c6 ("Linux 5.6-rc2")
The only exception to this is the mmc pinctrl pin bias of gxl SoC family.
This is a fix which found its way to u-boot but not Linux yet.
Acked-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Jerome Brunet <jbrunet@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Import the common leds bindings definition from linux
d5226fa6dbae ("Linux 5.5")
Reviewed-by: Neil Armstrong <narmstrong@baylibre.com>
Signed-off-by: Jerome Brunet <jbrunet@baylibre.com>
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
The Jetson Nano Developer Kit is a Tegra X1-based development board. It
is similar to Jetson TX1 but it is not pin compatible. It features 4GB
of LPDDR4, a SPI NOR flash for early boot firmware and an SD card slot
used for storage.
HDMI 2.0 or DP 1.2 are available for display, four USB ports (3 USB 2.0
and 1 USB 3.0) can be used to attach a variety of peripherals and a PCI
Ethernet controller provides onboard network connectivity. NVMe support
has also been added. Env save is at the end of QSPI (4MB-8K).
A 40-pin header on the board can be used to extend the capabilities and
exposed interfaces of the Jetson Nano.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Tom Warren <twarren@nvidia.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
The L4T kernel is 32MB+, and can overwrite the ramdisk/fdt loaded
from extlinux.conf. Adjust the load addresses to fix this for now.
Using the calculated_env addresses table from T186 U-Boot is a
better fix, but it isn't working correctly on T210 U-Boot right now,
so this will do until I can fix it.
Signed-off-by: Tom Warren <twarren@nvidia.com>
