Frédéric Danis authored 5 years ago and Tom Rini committed 4 years ago

This patch adds a new pstore command allowing to display or save ramoops
logs (oops, panic, console, ftrace and user) generated by a previous
kernel crash.
PStore parameters can be set in U-Boot configuration file, or at run-time
using "pstore set" command. Records size should be the same as the ones
used by kernel, and should be a power of 2.
This command allows:
- to display uncompressed logs
- to save compressed or uncompressed logs, compressed logs are saved as a
  compressed stream, it may need some work to be able to decompress it,
  e.g. adding a fake header:
  "printf "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x00" |
  cat - dmesg-ramoops-0.enc.z | gzip -dc"
- ECC part is not used to check memory corruption
- only 1st FTrace log is displayed or saved

Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
[trini: Minor updates for current design, correct spacing in rST]
Signed-off-by: Tom Rini <trini@konsulko.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Heiko Schocher <hs@denx.de>

- Fix verified boot on BE targets
- Add support for multiple required keys in verified boots
- Add support for Initialization Vectors in AES keys in FIT images
- Assorted fixes in the RSA code

Heinrich Schuchardt authored 4 years ago and Tom Rini committed 4 years ago

Remove initialization of ret with unused value.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>

Rasmus Villemoes authored 4 years ago and Tom Rini committed 4 years ago

Commit fdf0819a (rsa: fix alignment issue when getting public
exponent) changed the logic to avoid doing an 8-byte access to a
possibly-not-8-byte-aligned address.

However, using rsa_convert_big_endian is wrong: That function converts
an array of big-endian (32-bit) words with the most significant word
first (aka a BE byte array) to an array of cpu-endian words with the
least significant word first. While the exponent is indeed _stored_ as
a big-endian 64-bit word (two BE words with MSW first), we want to
extract it as a cpu-endian 64 bit word. On a little-endian host,
swapping the words and byte-swapping each 32-bit word works, because
that's the same as byte-swapping the whole 64 bit word. But on a
big-endian host, the fdt32_to_cpu are no-ops, but
rsa_convert_big_endian() still does the word-swapping, breaking
verified boot.

To fix that, while still ensuring we don't do unaligned accesses, add
a little helper that first memcpy's the bytes to a local fdt64_t, then
applies fdt64_to_cpu(). [The name is chosen based on the
[bl]eXX_to_cpup in linux/byteorder/generic.h].

Fixes: fdf0819a ("rsa: fix alignment issue when getting public exponent")
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>

Matthieu CASTET authored 4 years ago and Tom Rini committed 4 years ago

The algo name should match between the FIT's signature node and the
U-Boot's control FDT.

If we do not check it, U-Boot's control FDT can expect sha512 hash but
nothing will prevent to accept image with sha1 hash if the signature is correct.

Signed-off-by: Matthieu CASTET <castet.matthieu@free.fr>

Philippe Reynes authored 4 years ago and Tom Rini committed 4 years ago

This commit add the support in u-boot to read the IV
in the FIT image instead of u-boot device tree.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>

Philippe Reynes authored 4 years ago and Tom Rini committed 4 years ago

Binaries may be encrypted in a FIT image with AES. This
algo needs a key and an IV (Initialization Vector). The
IV is provided in a file (pointer by iv-name-hint in the
ITS file) when building the ITB file.

This commits adds provide an alternative way to manage
the IV. If the property iv-name-hint is not provided in
the ITS file, the tool mkimage will generate an random
IV and store it in the FIT image.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>

Heinrich Schuchardt authored 4 years ago and Tom Rini committed 4 years ago

We assign first_deleted = 0. There is no need to check its value without
any further assignment in between.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>

Thirupathaiah Annapureddy authored 4 years ago and Tom Rini committed 4 years ago

Add documentation about 'required-mode' property in /signature node
in U-Boot's control FDT.

Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Thirupathaiah Annapureddy authored 4 years ago and Tom Rini committed 4 years ago

This patch adds vboot tests to verify the support for multiple
required keys using new required-mode DTB policy.

This patch also fixes existing test where dev
key is assumed to be marked as not required, although
it is marked as required.

Note that this patch re-added sign_fit_norequire().
sign_fit_norequire() was removed as part of the following:
commit b008677d ("test: vboot: Fix pylint errors").
This patch leverages sign_fit_norequire() to fix the
existing bug.

Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Thirupathaiah Annapureddy authored 4 years ago and Tom Rini committed 4 years ago

Currently FIT image must be signed by all required conf keys. This means
Verified Boot fails if there is a signature verification failure
using any required key in U-Boot DTB.

This patch introduces a new policy in DTB that can be set to any required
conf key. This means if verified boot passes with one of the required
keys, U-Boot will continue the OS hand off.

There were prior attempts to address this:
https://lists.denx.de/pipermail/u-boot/2019-April/366047.html
The above patch was failing "make tests".
https://lists.denx.de/pipermail/u-boot/2020-January/396629.html



Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

- Minor cleanup on K3 env variables
- Fix OSPI compatible for J721e
- Drop unused property in omap-usb2-phy
- Update Maintainer for am335x-guardian board.

Vignesh Raghavendra authored 4 years ago and Lokesh Vutla committed 4 years ago

"ti,dis-chg-det-quirk" property is not part of Linux kernel DT binding
documentation.  Therefore drop this and instead use soc_device_match()
to distinguish b/w AM654 SR1.0 and SR2.0 devices similar to Linux kernel
driver.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>

Nishanth Menon authored 4 years ago and Lokesh Vutla committed 4 years ago

Use DEFAULT_LINUX_BOOT_ENV to define the standard addresses used in rest
of TI platforms as defined in ti_armv7_common.h

This avoids the standard pitfalls we've had with kernel images and fdt
addresses stomping on each other.

As part of this process, redefine overlayaddr to be dtboaddr (defined
in ti_armv7_common.h for this very purpose) and get rid of the
definition of overlayaddr..

Signed-off-by: Nishanth Menon <nm@ti.com>

Nishanth Menon authored 4 years ago and Lokesh Vutla committed 4 years ago

Now that we dont have any further users of overlayaddr, get rid of it.

Signed-off-by: Nishanth Menon <nm@ti.com>

Nishanth Menon authored 4 years ago and Lokesh Vutla committed 4 years ago

Use dtboaddr to define the overlay address common to all TI platforms
instead of creating a new overlayaddr for the purpose.

Signed-off-by: Nishanth Menon <nm@ti.com>

Nishanth Menon authored 4 years ago and Lokesh Vutla committed 4 years ago

Use DEFAULT_LINUX_BOOT_ENV to define the standard addresses used in rest
of TI platforms as defined in ti_armv7_common.h

This avoids the standard pitfalls we've had with kernel images and fdt
addresses stomping on each other.

As part of this process, redefine overlayaddr to be dtboaddr (defined
in ti_armv7_common.h for this very purpose).. we will get rid of
overlayaddr later in the series.

Signed-off-by: Nishanth Menon <nm@ti.com>

Vignesh Raghavendra authored 4 years ago and Lokesh Vutla committed 4 years ago

Reset the channel completely during channel release in order to clear
teardown bit before handing over to next user or jumping to Linux.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>

Vignesh Raghavendra authored 4 years ago and Lokesh Vutla committed 4 years ago

This enables applying DTBOs at U-Boot prompt before booting to kernel.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>

Vignesh Raghavendra authored 4 years ago and Lokesh Vutla committed 4 years ago

Update detect_enable_hyperflash() to look for "ti,am654-ospi" compatible
to match the upstream DT node.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>

Moses Christopher authored 4 years ago and Lokesh Vutla committed 4 years ago

I am leaving Bosch, so replacing myself with Gireesh

Signed-off-by: Moses Christopher <BollavarapuMoses.Christopher@in.bosch.com>

- Assorted improvements to our log functionality.

Heinrich Schuchardt authored 4 years ago and Tom Rini committed 4 years ago

doc/README.log was already moved to doc/develop/logging.rst but has been
recreated by an incorrect merge.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>

Sean Anderson authored 4 years ago and Tom Rini committed 4 years ago

Since the previous patch, net_init now exposes some errors, so check for
them.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Sean Anderson authored 4 years ago and Tom Rini committed 4 years ago

net_init does not always succeed, and there is no existing mechanism to
discover errors. This patch allows callers of net_init (such as net_init)
to handle errors. The root issue is that eth_get_dev can fail, but
net_init_loop doesn't expose that. The ideal way to fix eth_get_dev would
be to return an error with ERR_PTR, but there are a lot of callers, and all
of them just check if it's NULL. Another approach would be to change the
signature to something like

int eth_get_dev(struct udevice **pdev)

but that would require rewriting all of the many callers.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

This driver interferes with other sandbox tests since it causes log output
to be interspersed with "No ethernet found." messages. Disable this driver
by default.

Enable it for the syslog tests so that they still pass.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

At present all log devices are enabled by default. Add a function to allow
devices to be disabled or enabled at runtime.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

This is not needed as the Makefile only builds the file if CONFIG_LOG_TEST
is enabled. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

At present there is no way to disable a log driver. But the syslog driver
causes (attempted) network traffic in sandbox every time a log message
is printed, which is often.

Add a flag to enable a log driver. Adjust struct log_device to use a short
for next_filter_num so that no more memory is used for devices. Also fix
a missing line in the struct log_driver comment while here.

To maintain compatibility, enable it for all drivers for now.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

It is sometimes useful to output hex dumps in SPL. Add a config option to
allow this.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

At present if CONFIG_LOG enabled, putting LOG_DEBUG at the top of a file
(before log.h inclusion) causes _log() to be executed for every log()
call, regardless of the build- or run-time logging level.

However there is no guarantee that the log record will actually be
displayed. If the current log level is lower than LOGL_DEBUG then it will
not be.

Add a way to signal that the log record should always be displayed and
update log_passes_filters() to handle this.

With the new behaviour, log_debug() will always log if LOG_DEBUG is
enabled.

Move log_test_syslog_nodebug() into its own file since it cannot be made
to work where it is, with LOG_DEBUG defined.

Signed-off-by: Simon Glass <sjg@chromium.org>

- Re-organize a number of Kconfig related entries to be better organized
  for long term maintenance.

Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

At present MKIMAGE_DTC_PATH is in the devicetree menu but not within
'devicetree control' since it does not relate to that. As a result it
shows up in the top menu.

It actually relates to the mkimage tool, so create a new tools menu for it
and move it there.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

This actually relates to something displayed on start-up, so move it into
that menu.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

This option does not belong at the top level. Move it under generic
driver options.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

This relates to the environment so should not be at the top level. Move
it.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

These are start-up hooks so put them under that menu.

Signed-off-by: Simon Glass <sjg@chromium.org>

Simon Glass authored 4 years ago and Tom Rini committed 4 years ago

These hooks relate to U-Boot init so move them under that menu.

Signed-off-by: Simon Glass <sjg@chromium.org>