These USB defines do not change the build as there is no USB support
enabled currently.

Cc: Ian Ray <ian.ray@ge.com>
Cc: Sebastian Reichel <sebastian.reichel@collabora.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Sebastian Reichel <sebastian.reichel@collabora.com>

This board has not been converted to CONFIG_DM_MMC by the deadline.
Remove it.  As this is also the last in family remove the related
support as well.

Cc: Angelo Durgehello <angelo.dureghello@timesys.com>
Cc: TsiChung Liew <Tsi-Chung.Liew@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>

This board has not been converted to CONFIG_DM_MMC by the deadline.
Remove it.  As this is also the last in family remove the related
support as well.

Cc: Angelo Durgehello <angelo.dureghello@timesys.com>
Signed-off-by: Tom Rini <trini@konsulko.com>

This board has not been converted to CONFIG_DM_MMC by the deadline.
Remove it.

Cc: Angelo Durgehello <angelo.dureghello@timesys.com>
Signed-off-by: Tom Rini <trini@konsulko.com>

This board has not been converted to CONFIG_DM_MMC by the deadline.
Remove it.

Cc: Angelo Durgehello <angelo.dureghello@timesys.com>
Cc: TsiChung Liew <Tsi-Chung.Liew@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>

As this platform already enables CONFIG_DM and CONFIG_OF_CONTROL,
migrating to DM_USB and DM_SPI_FLASH is just a matter of enabling the
correct options.

Cc: Gregory CLEMENT <gregory.clement@bootlin.com>
u-boot@lists.denx.de (open list)
Reported-by: Marek Behun <marek.behun@nic.cz>
Signed-off-by: Tom Rini <trini@konsulko.com>

- mips: gardena-smart-gateway: adjust config to new production values
- mips: malta: convert to PCI DM and ETH DM

Enable DM_PCI and DM_ETH on MIPS Malta.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>

As almost all peripherals are connected via PCI dependent on the
used core card, PCI setup is always required. Thus run pci_init()
including PCI scanning and probing and core card specific setups
in board_early_init_r().

Also prepare support for dynamically managing the status of the
different PCI DT nodes dependent on used core card via option
CONFIG_OF_BOARD_FIXUP. Before this feature can be enabled,
the call order of the fix_fdt() init hook in board_init_f
needs to be changed. Otherwise rw_fdt_blob points to a read-only
NOR flash address. Thus this options needs to stay disabled
until the board_init_f problem could be solved. This breaks
running the default U-Boot image on real HW using the FPGA core
card but Qemu emulation still works. Currently Qemu is more
important as MIPS CI tests depend on Malta and the deadline
for PCI DM conversion will be enforced soon.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>

Add DT binding for GT64120 and MSC01 PCI controllers. Only
GT64120 is enabled by default to support Qemu. The MSC01 node
will be dynamically enabled by Malta board code dependent
on the plugged core card.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>

This driver is currently only used on MIPS Malta boards.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>

Reviewed-by: Simon Glass <sjg@chromium.org>

This driver is currently only used on MIPS Malta boards.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>

Reviewed-by: Simon Glass <sjg@chromium.org>

On MIPS the DRAM start address respectively CONFIG_SYS_SDRAM_BASE
is still used as a virtual, CPU-mapped address instead of being used
as physical address. Converting all MIPS boards and generic MIPS code
to fix that is not trivial. Due to the approaching deadline for
PCI DM conversion, this workaround is required for MIPS boards with
PCI support until the CONFIG_SYS_SDRAM_BASE issue could be solved.

Add a compile-time option to let the PCI uclass core optionally map
the DRAM address to a physical address when adding the PCI region
of type PCI_REGION_SYS_MEMORY.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>

Reviewed-by: Stefan Roese <sr@denx.de>

Reto Schneider authored 3 years ago and Daniel Schwierzeck committed 3 years ago

This commit updates the default config with the values that will
be used soon on the MediaTek MT7688 based GARDENA smart gateway.

CONFIG_SPL_SYS_MALLOC_F_LEN had to be increased due to the more
demanding new configuration.

Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
Reviewed-by: Stefan Roese <sr@denx.de>

Pull request for efi-2021-10-rc1-2

* Correct device path nodes for GUID partitions
* Embed keys to check update capsules instead of providing then in DTB
* Increase event log buffer size for measured boot.

Ilias Apalodimas authored 3 years ago and Heinrich Schuchardt committed 3 years ago

Since we removed embeddingg the capsule key into a .dtb and fixed
authenticated capsule updates for all boards, move the relevant
documentation in the efi file and update it accordingly

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Ilias Apalodimas authored 3 years ago and Heinrich Schuchardt committed 3 years ago

commit 322c813f ("mkeficapsule: Add support for embedding public key in a dtb")
added a bunch of options enabling the addition of the capsule public key
in a dtb.  Since now we embedded the key in U-Boot's .rodata we don't this
this functionality anymore

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Ilias Apalodimas authored 3 years ago and Heinrich Schuchardt committed 3 years ago

The capsule signature is now part of our DTB.  This is problematic when a
user is allowed to change/fixup that DTB from U-Boots command line since he
can overwrite the signature as well.
So Instead of adding the key on the DTB, embed it in the u-boot binary it
self as part of it's .rodata.  This assumes that the U-Boot binary we load
is authenticated by a previous boot stage loader.

Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Masahisa Kojima authored 3 years ago and Heinrich Schuchardt committed 3 years ago

TCG PC Client PFP spec says "The Log Area Minimum Length
for the TCG event log MUST be at least 64KB." in ACPI chapter.
This commit increase the buffer size to 64KB.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Masami Hiramatsu authored 3 years ago and Heinrich Schuchardt committed 3 years ago

Use %pD to log device-path instead of using efi_dp_str() and
efi_free_pool() locally in find_boot_device().
This is a cleanup patch, no feature update nor fix.

Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Alfonso Sánchez-Beato authored 3 years ago and Heinrich Schuchardt committed 3 years ago

Previously, the GPT device GUID was being used instead of the partition,
which was incorrect.

Signed-off-by: Alfonso Sánchez-Beato <alfonso.sanchez-beato@canonical.com>

Let EFI_LOADER select CONFIG_PARTITION_UUIDS.
Use log_warning() instead of printf() for warning.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>

- A large rework of the logic around supporting various image
  types/formats and sharing between the host and target.

i.MX
----

- mx7ulp : fix  WDOG
- imx8 : Phytec
- USB3 support for i.MX8

CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/8277

Breno Lima authored 3 years ago and Stefano Babic committed 3 years ago

According to i.MX7ULP Reference Manual we should wait for WDOG unlock
and reconfiguration to complete.

Section "59.5.3 Configure Watchdog" provides the following example:

DisableInterrupts; //disable global interrupt
WDOG_CNT = 0xD928C520; //unlock watchdog
while(WDOG_CS[ULK]==0); //wait until registers are unlocked
WDOG_TOVAL = 256; //set timeout value
WDOG_CS = WDOG_CS_EN(1) | WDOG_CS_CLK(1) | WDOG_CS_INT(1) |
	  WDOG_CS_WIN(0) | WDOG_CS_UPDATE(1);
while(WDOG_CS[RCS]==0); //wait until new configuration takes effect
EnableInterrupts; //enable global interrupt

Update U-Boot WDOG driver to align with i.MX7ULP reference manual.

Use 32 bits accessing to CS register. According to RM, the bits in
this register only can write once after unlock. So using 8 bits access
will cause problem.

Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>

Breno Lima authored 3 years ago and Stefano Babic committed 3 years ago

According to i.MX7ULP Reference Manual the second word write for both
UNLOCK and REFRESH operations must occur in maximum 16 bus clock.

The current code is using writel() function which has a DMB barrier to
order the memory access. The DMB between two words write may introduce
some delay in certain circumstance, causing a WDOG timeout due to 16 bus
clock window requirement.

Replace writel() function by __raw_writel() to achieve a faster memory
access and avoid such issue.

Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>

Ye Li authored 4 years ago and Stefano Babic committed 3 years ago

Setup USB clock in board codes, and enable the DWC3 XHCI and
PHY drivers to make USB3.0 host port working on i.MX8MQ EVK.

Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Patrick Wildt <patrick@blueri.se>

Ye Li authored 4 years ago and Stefano Babic committed 3 years ago

Add clock function to setup relevant clocks for USB3.0 controllers and
PHYs on i.MX8MQ

Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Patrick Wildt <patrick@blueri.se>
Tested-by: Patrick Wildt <patrick@blueri.se>

Ye Li authored 4 years ago and Stefano Babic committed 3 years ago

Add alias for two DWC3 usb controllers to fix the seq index.

Signed-off-by: Ye Li <ye.li@nxp.com>
Tested-by: Patrick Wildt <patrick@blueri.se>

Ye Li authored 4 years ago and Stefano Babic committed 3 years ago

Add the USB PHY driver for i.MX8MQ to work with DWC3 USB controller.

Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Patrick Wildt <patrick@blueri.se>
Tested-by: Patrick Wildt <patrick@blueri.se>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

Host tool features, such as mkimage's ability to sign FIT images were
enabled or disabled based on the target configuration. However, this
misses the point of a target-agnostic host tool.

A target's ability to verify FIT signatures is independent of
mkimage's ability to create those signatures. In fact, u-boot's build
system doesn't sign images. The target code can be successfully built
without relying on any ability to sign such code.

Conversely, mkimage's ability to sign images does not require that
those images will only work on targets which support FIT verification.
Linking mkimage cryptographic features to target support for FIT
verification is misguided.

Without loss of generality, we can say that host features are and
should be independent of target features.

While we prefer that a host tool always supports the same feature set,
we recognize the following
  - some users prefer to build u-boot without a dependency on OpenSSL.
  - some distros prefer to ship mkimage without linking to OpenSSL

To allow these use cases, introduce a host-only Kconfig which is used
to select or deselect libcrypto support. Some mkimage features or some
host tools might not be available, but this shouldn't affect the
u-boot build.

I also considered setting the default of this config based on
FIT_SIGNATURE. While it would preserve the old behaviour it's also
contrary to the goals of this change. I decided to enable it by
default, so that the default build yields the most feature-complete
mkimage.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

Function pointers from crypto_algos array are relocated, when
NEEDS_MANUAL_RELOC is set. This relocation doesn't happen if the algo
is placed in a linker list. Implement this relocation.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Michal Simek <michal.simek@xilinx.com>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

This macro is no longer needed for code flow or #ifdefs. Remove it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

This macro is no longer needed for code flow or #ifdefs. Remove it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

It is no longer necessary to implement rsa_() functions as no-ops
depending on config options. It is merely sufficient to provide the
prototypes, as the rsa code is no longer linked when unused.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

It is no longer necessary to implement ecdsa_() functions as no-ops
depending on config options. It is merely sufficient to provide the
prototypes, as the ecdsa code is no longer linked when unused.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

Crytographic algorithms (currently RSA), are stored in linker lists.
The crypto_algos array is unused, so remove it, and any logic
associated with it.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

Move the RSA verification crytpo_algo structure out of the
crypto_algos array, and into a linker list.

Although it appears we are adding an #ifdef to rsa-verify.c, the gains
outweigh this small inconvenience. This is because rsa_verify() is
defined differently based on #ifdefs. This change allows us to have
a single definition of rsa_verify().

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

The purpose of this change is to enable crypto algorithms to be placed
in linker lists, rather than be declared as a static array. The goal
is to remove the crypto_algos array in a subsequent patch.

Create a new linker list named "cryptos", and search it when
image_get_crypto_algo() is invoked.

NOTE that adding support for manual relocation of crypto_algos within
linker lists is beyond the scope of this patch.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

Remove any ifdefs in image-sig.c that were previously used to
differentiate from the host code. Note that all code dedicated to
relocating ->sign() and ->add_verify_data)_ can be safely removed,
as signing is not supported target-side.

NOTE that although it appears we are removing ecdsa256 support, this
is intentional. ecdsa_verify() is a no-op on the target, and is
currently only used by host code.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Alexandru Gagniuc authored 3 years ago and Tom Rini committed 3 years ago

image-sig.c is used to map a hash or crypto algorithm name to a
handler of that algorithm. There is some similarity between the host
and target variants, with the differences worked out by #ifdefs. The
purpose of this change is to remove those ifdefs.

First, copy the file to a host-only version, and remove target
specific code. Although it looks like we are duplicating code,
subsequent patches will change the way target algorithms are searched.
Besides we are only duplicating three string to struct mapping
functions. This isn't something to fuss about.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>