- Jul 16, 2021
-
-
It is no longer necessary to implement ecdsa_() functions as no-ops depending on config options. It is merely sufficient to provide the prototypes, as the ecdsa code is no longer linked when unused. Signed-off-by:
Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by:
Simon Glass <sjg@chromium.org>
-
Crytographic algorithms (currently RSA), are stored in linker lists. The crypto_algos array is unused, so remove it, and any logic associated with it. Signed-off-by:
-
Move the RSA verification crytpo_algo structure out of the crypto_algos array, and into a linker list. Although it appears we are adding an #ifdef to rsa-verify.c, the gains outweigh this small inconvenience. This is because rsa_verify() is defined differently based on #ifdefs. This change allows us to have a single definition of rsa_verify(). Signed-off-by:
-
The purpose of this change is to enable crypto algorithms to be placed in linker lists, rather than be declared as a static array. The goal is to remove the crypto_algos array in a subsequent patch. Create a new linker list named "cryptos", and search it when image_get_crypto_algo() is invoked. NOTE that adding support for manual relocation of crypto_algos within linker lists is beyond the scope of this patch. Signed-off-by:
-
Remove any ifdefs in image-sig.c that were previously used to differentiate from the host code. Note that all code dedicated to relocating ->sign() and ->add_verify_data)_ can be safely removed, as signing is not supported target-side. NOTE that although it appears we are removing ecdsa256 support, this is intentional. ecdsa_verify() is a no-op on the target, and is currently only used by host code. Signed-off-by:
-
image-sig.c is used to map a hash or crypto algorithm name to a handler of that algorithm. There is some similarity between the host and target variants, with the differences worked out by #ifdefs. The purpose of this change is to remove those ifdefs. First, copy the file to a host-only version, and remove target specific code. Although it looks like we are duplicating code, subsequent patches will change the way target algorithms are searched. Besides we are only duplicating three string to struct mapping functions. This isn't something to fuss about. Signed-off-by:
-
This is not needed with Kconfig, since we can use IS_ENABLED() easily enough. Drop it. Signed-off-by:
-
We already have a host Kconfig for these SHA options. Use CONFIG_IS_ENABLED(SHAxxx) directly in the code shared with the host build, so we can drop the unnecessary indirections. Signed-off-by:
-
We already have a host Kconfig for SHA1. Use CONFIG_IS_ENABLED(SHA1) directly in the code shared with the host build, so we can drop the unnecessary indirection. Signed-off-by:
-
Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this option. Signed-off-by:
-
Drop the _SUPPORT suffix so we can use CONFIG_IS_ENABLED() with this option. Signed-off-by:
-
Drop the ENABLE and SUPPORT parts of this, which are redundant. Signed-off-by:
-
These option are named inconsistently with other SPL options, thus making them incompatible with the CONFIG_IS_ENABLED() macro. Rename them. Signed-off-by:
-
The ENABLE part of this name is redundant, since all boolean Kconfig options serve to enable something. The SUPPORT part is also redundant since Kconfigs can be assumed to enable support for something. Together they just serve to make these options overly long and inconsistent with other options. Rename FIT_ENABLE_SHAxxx_SUPPORT to FIT_SHAxxx Signed-off-by:
-
Tom Rini authored
- Large number of Coverity reported issues addressed - m41t62 bugfix - Support more Android image compression formats - FIT + DTO bugfix
-
https://source.denx.de/u-boot/custodians/u-boot-marvellTom Rini authored
- designware_wdt: reset watchdog in designware_wdt_stop() function (Meng) - socfpga_stratix10: enable wdt command (Meng) - wdt-uclass: Use IS_ENABLED for WATCHDOG_AUTOSTART (Teresa)
-
https://source.denx.de/u-boot/custodians/u-boot-stmTom Rini authored
- DTS: alignment with Linux kernel v5.13 for stm32mp15 boards - STM32MP1: update the stm32key command - STM32MP1: activate the rng command - STM32MP1: fix the stm32prog command (help, parttition size) - STM32MP1: add fdtoverlay_addr_r variable - STM32MP1: correctly managed SYSCON/SYSCFG clock - STM32MP1: remove mmc alias and directly use device instance in boot_instance variable
-
There is no separate SPL/TPL config for WATCHDOG_AUTOSTART. So use IS_ENABLED instead of CONFIG_IS_ENABLED to make watchdog working in SPL again. Fixes: 830d29ac ("watchdog: Allow to use CONFIG_WDT without starting watchdog") Signed-off-by:
Teresa Remmet <t.remmet@phytec.de> Reviewed-by:
Stefan Roese <sr@denx.de>
-
In latest u-boot code, watchdog feature is implemented, so enable wdt command by default. Signed-off-by:Meng Li <Meng.Li@windriver.com>
-
In uboot command line environment, watchdog is not able to be stopped with below commands: SOCFPGA_STRATIX10 # wdt dev watchdog@ffd00200 SOCFPGA_STRATIX10 # wdt stop Refer to watchdog driver in linux kernel, it is also need to reset watchdog after disable it so that the disable action takes effect. Signed-off-by:
Sean Anderson <sean.anderson@seco.com>
-
Patrick Delaunay authoredRemove the mmc alias no more required as the sequence number of mmc device is used for boot_instance. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
-
Patrick Delaunay authored
Use the device sequence number in boot_instance variable and no more the SDMMC instance provided by ROM code/TF-A. After this patch we don't need to define the mmc alias in device tree, for example: mmc0 = &sdmmc1; mmc1 = &sdmmc2; mmc2 = &sdmmc3; to have a correct mapping between the ROM code boot device = "${boot_device}${boot_instance}" and the MMC device in U-Boot. With this patch the 'mmc0' device (used in mmc commands) is always used when only one instance sdmmc is activated in device tree, even if it is only the sdmmc2 or sdmmc3. Signed-off-by:Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Use the existing defines PMIC_SIZE and OTP_SIZE and a new define CMD_SIZE for virtual partition size. This patch corrects the size for OTP partition in alternate name (1024 instead of 512) and avoids other alignment issues. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Activate the command rng with CONFIG_CMD_RNG, used to test the rng driver Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Enable the clocks during syscon probe when they are present in device tree. This patch avoids a freeze when the SYSCFG clock is not enabled by TF-A / OP-TEE. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Add the support of SYSCFG clock used by syscon driver to prepare the clock management of STM32MP_SYSCON_SYSCFG. This clock is already defined in kernel device tree, stm32mp151.dtsi but not yet supported in the syscon driver: syscfg: syscon@50020000 { compatible = "st,stm32mp157-syscfg", "syscon"; reg = <0x50020000 0x400>; clocks = <&rcc SYSCFG>; }; It is safe to support this clock in U-Boot driver with RCC_MC_APB3ENSETR, Bit 11 SYSCFGEN: SYSCFG peripheral clocks enable. Signed-off-by:Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Device tree alignment with Linux kernel v5.13 - ARM: dts: stm32: Add PTP clock to Ethernet controller - ARM: dts: stm32: enable the analog filter for all I2C nodes in stm32mp151 - ARM: dts: stm32: fix usart 2 & 3 pinconf to wake up with flow control - ARM: dts: stm32: Add wakeup management on stm32mp15x UART nodes - ARM: dts: stm32: add #clock-cells property to usbphyc node on stm32mp151 - ARM: dts: stm32: Add STM32MP1 I2C6 SDA/SCL pinmux - ARM: dts: stm32: Rename mmc controller nodes to mmc@ - ARM: dts: stm32: Add additional init state for SDMMC1 pins Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
The expected sequence to close the device 1/ Load key in DDR with any supported load command 2/ Update OTP with key: STM32MP> stm32key read <addr> At this point the device is able to perform image authentication but non-authenticated images can still be used and executed. So it is the last moment to test boot with signed binary and check that the ROM code accepts them. 3/ Close the device: only signed binary will be accepted !! STM32MP> stm32key close Warning: Programming these OTP is an irreversible operation! This may brick your system if the HASH of key is invalid This command should be deactivated by default in real product. Signed-off-by:Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Allow to read the OTP value and lock status with the command $> stm32key read. This patch also protects the stm32key fuse command. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Add a helper function to access to BSEC misc driver. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Lock the OTP value of key's hash after the command $> stm32key fuse <address> This operation forbids a second update of these OTP as they are ECC protected in BSEC: any update of these OTP with a different value causes a BSEC disturb error and the closed chip will be bricked. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Handle errors in fuse_hash_value function. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Simplify parsing the command argument by using the macro U_BOOT_CMD_WITH_SUBCMDS. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
This command is used to evaluate the secure boot on stm32mp SOC, it is deactivated by default in real products. We activate this command only in STMicroelectronics defconfig used with the evaluation boards. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: -
Patrick Delaunay authored
Reduce the content of short help message for stm32prog command and removed the carriage return to fix the display of 'help' command when this command is activated. Fixes: 954bd1a9 ("stm32mp: add the command stm32prog") Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com> -
Patrick Delaunay authored
Add the variable used by PXE command for fdtoverlays support since the commit 69076dff ("cmd: pxe: add support for FDT overlays"). Reused the unused "splashimage" address as CONFIG_SPLASH_SOURCE and CONFIG_VIDEO_LOGO are not activated and U-Boot display the "BACKGROUND" image found in extlinux.conf to manage splashscreen on stm32mp1 boards. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by:
-
- Jul 15, 2021
-
-
Fix wrong register use when set/reset ST bit. ST bit is in register M41T62_REG_SEC not in M41T62_REG_ALARM_HOUR. I have not actually tested this. But this seemed buggy from inspection. Fixes: 9bbe2105 ("rtc: m41t62: add oscillator fail bit reset support") Signed-off-by:
Max Yang <max.yang@deltaww.com>
-
At the moment android_image_get_kcomp() can automatically detect LZ4 compressed kernels and the compression specified in uImages. However, especially on ARM64 Linux is often compressed with GZIP. Attempting to boot an Android image with a GZIP compressed kernel image currently results in a very strange crash, e.g. Starting kernel ... "Synchronous Abort" handler, esr 0x02000000 ... Code: 5555d555 55555d55 555f5555 5d555d55 (00088b1f) Note the 1f8b, which are the "magic" bytes for GZIP images. U-Boot already has the image_decomp_type() function that checks for the magic bytes of bzip2, gzip, lzma and lzo. It's easy to make use of it here to increase the chance that we do the right thing and the user does not become confused with strange crashes. This allows booting Android boot images that contain GZIP-compressed kernel images. Signed-off-by:Stephan Gerhold <stephan@gerhold.net>
-
The current fitImage DTO implementation expects each fitImage image subnode containing DTO to have 'load' property, pointing somewhere into memory where the DTO will be loaded. The address in the 'load' property must be different then the base DT load address and there must be sufficient amount of space between those two addresses. Selecting and using such hard-coded addresses is fragile, error prone and difficult to port even across devices with the same SoC and different DRAM sizes. The DTO cannot be applied in-place because fdt_overlay_apply_verbose() modifies the DTO when applying it onto the base DT, so if the DTO was used in place within the fitImage, call to fdt_overlay_apply_verbose() would corrupt the fitImage. Instead of copying the DTO to a specific hard-coded load address, allocate a buffer, copy the DTO into that buffer, apply the DTO onto the base DT, and free the buffer. The upside of this approach is that it is no longer necessary to select and hard-code specific DTO load address into the DTO. The slight downside is the new malloc()/free() overhead for each DTO, but that is negligible (*). (*) on iMX8MM/MN and STM32MP1 Signed-off-by:
Marek Vasut <marex@denx.de> Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com> Cc: Simon Glass <sjg@chromium.org> Reviewed-by:
Tom Rini <trini@konsulko.com>
-
There's currently no user of %p[iI]6, so including ip6_addr_string() in the image is a waste of bytes. It's easy enough to have the compiler elide it without removing the code completely. The closest I can find to anybody "handling" ipv6 in U-Boot currently is in efi_net.c which does if (ipv6) { ret = EFI_UNSUPPORTED; As indicated in the comment, it can easily be put back, but preferably under a config knob. Reviewed-by:Rasmus Villemoes <rasmus.villemoes@prevas.dk>
-
