Similar to the Milk-V Mars, The Star64 board contains few differences to the
VisionFive 2 boards, so can be part of the same U-boot build.
Signed-off-by: Henry Bell <dmoo_dv@protonmail.com>
Cc: ycliang@andestech.com
Cc: heinrich.schuchardt@canonical.com
Reviewed-by: E Shattow <lucent@gmail.com>
A given AMP configuration for a board may make either one, or neither
of, the ethernet ports available to U-Boot. The Icicle's init code will
fail if mac1 is not present, so move it to the optional approach taken
for mac0.
Signed-off-by: Conor Dooley <conor.dooley@microchip.com>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
Node offsets returned by libfdt can contain negative error numbers, so
the variable type should be "int". As things stand, if the ethernet
nodes are not found in the early init callback, the if (node < 0) tests
pass and the code errors out while trying to set the local-mac-address
for a non-existent node.
Fixes: 64413e1b7c ("riscv: Add Microchip MPFS Icicle Kit support")
Signed-off-by: Conor Dooley <conor.dooley@microchip.com>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
Most of the current URLs should be redirected but some aren't already,
so let's anticipate more IT hiccups by migrating to new URLs.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
See
https://embedded.cherry.de/theobroma-systems-is-now-officially-part-of-cherry-se/
While the mail addresses on the theobroma-systems.com domain should be
redirect to cherry.de, let's anticipate IT hiccups and avoid important
mails not reaching us by swapping the domain name wherever appropriate
for the newer one.
Christoph Mueller isn't working at ~Theobroma~ CHERRY Embedded Solutions
anymore, but I don't know his new mail address so mails destined to him
will keep bouncing.
Cc: Heiko Stuebner <heiko.stuebner@cherry.de> <heiko.stuebner@theobroma-systems.com>
Cc: Jakob Unterwurzacher <jakob.unterwurzacher@cherry.de>
Cc: Klaus Goger <klaus.goger@cherry.de>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
The Theobroma address bounces as Philipp is not working there anymore,
so let's update with the one that seems to be working right now.
Cc: Philipp Tomsich <philipp.tomsich@vrull.eu>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
The address we load TFA and OPTEE is configurable by the
CONFIG_K3_{ATF,OPTEE)_LOAD_ADDR, but the DT node reservations remain
static which can cause some confusion about where exactly these firmware
are exactly. Fix this by updating the reserved-memory{} nodes when the
loaded address does not match the address in DT.
Reported-by: Andrew Davis <afd@ti.com>
Signed-off-by: Bryan Brattlof <bb@ti.com>
Marcel is leaving Toradex and the email will start bouncing in a few
weeks, move maintainership to myself.
Cc: Marcel Ziswiler <marcel@ziswiler.com>
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Acked-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
This iRAM APM area is needed for I3C access to PMIC via APM block.
Without this mapping any access to APM iRAM leads to "Synchronous Abort"
exception.
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Most of the nodes in e850-96 appended device tree that add bootph-all
flags are not necessary. All those nodes are instantiated as
dependencies of other nodes anyway. Remove those nodes to avoid
cluttering the appended dts. 'bdinfo' reports 768 bytes reduction for
"Early malloc usage", and 'dm tree' output doesn't change. Keep only
pmu_system_controller changes, which are actually needed for serial to
work properly.
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Use upstream device tree files and bindings. To do so:
- imply (enable) OF_UPSTREAM option for E850-96 target
- point DEFAULT_DEVICE_TREE in E850-96 config to upstream dts
- remove now not needed local dts files, binding docs and headers
- update MAINTAINERS and board/samsung/e850-96/MAINTAINERS
correspondingly
Upstream device tree files for Exynos850 SoC and E850-96 board are
pretty much the same as local (removed) ones, so the conversion is
rather straightforward and painless in this case. The appended dts file
(arch/arm/dts/exynos850-e850-96-u-boot.dtsi) stays unchanged.
The only remaining local dt-bindings doc for E850-96 board is
exynos-pmu.yaml. It wasn't removed as it's quite different from Linux
kernel version. Particularly U-Boot local version of exynos-pmu.yaml
describes "samsung,uart-debug-1" property, which is not present in Linux
kernel binding. Later it might be upstreamed to Linux kernel, and once
it's done the U-Boot exynos-pmu.yaml binding can be removed.
No functional change.
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
For pcr_read and pcr_extend commands allow the digest algorithm to be
specified by an additional argument. If not specified it will default to
SHA256 for backwards compatibility.
Additionally update test_tpm2.py for the changes in output in pcr_read
which now shows the algo and algo length in the output.
A follow-on to this could be to extend all PCR banks with the detected
algo when the <digest_algo> argument is 'auto'.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
replace tpm2_supported_algorithms with an array of structures
relating algorithm names, to TCG id's, digest length and mask values.
While at it fix the tpm2_algorithm_to_mask to return the proper value.
Cc: Eddie James <eajames@linux.ibm.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Fixes: 97707f12fdab ("tpm: Support boot measurements")
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Instead of displaying what looks like an error message if a
gpio-reset dt prop is missing for a TPM display a warning that
having a gpio reset on a TPM should not be used for a secure production
device.
TCG TIS spec [1] says:
"The TPM_Init (LRESET#/SPI_RST#) signal MUST be connected to the
platform CPU Reset signal such that it complies with the requirements
specified in section 1.2.7 HOST Platform Reset in the PC Client
Implementation Specification for Conventional BIOS."
The reasoning is that you should not be able to toggle a GPIO and reset
the TPM without resetting the CPU as well because if an attacker can
break into your OS via an OS level security flaw they can then reset the
TPM via GPIO and replay the measurements required to unseal keys
that you have otherwise protected.
Additionally restructure the code for improved readability allowing for
removal of the init label.
Before:
- board with no reset gpio
u-boot=> tpm init && tpm info
tpm_tis_spi_probe: missing reset GPIO
tpm@1 v2.0: VendorID 0x1114, DeviceID 0x3205, RevisionID 0x01 [open]
- board with a reset gpio
u-boot=> tpm init && tpm info
tpm@1 v2.0: VendorID 0x1114, DeviceID 0x3205, RevisionID 0x01 [open]
After:
- board with no reset gpio
u-boot=> tpm init && tpm info
tpm@1 v2.0: VendorID 0x1114, DeviceID 0x3205, RevisionID 0x01 [open]
- board with a reset gpio
u-boot=> tpm init && tpm info
tpm@1: TPM gpio reset should not be used on secure production devices
tpm@1 v2.0: VendorID 0x1114, DeviceID 0x3205, RevisionID 0x01 [open]
[1] https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClientTPMInterfaceSpecification_TIS__1-3_27_03212013.pdf
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The Indiedroid Nova is a Rockchip RK3588S based SBC from Indiedroid.
Specifications:
Rockchip RK3588S SoC
4x ARM Cortex-A76, 4x ARM Cortex-A55
4/8/16GB memory LPDDR4x
Mali G610MC4 GPU
Optional eMMC
2x USB 2.0, 2x USB 3.0, 1x USB 3.0 C port with DP Alt
1x MIPI-CSI Port (4-lane or 2x 2-lane)
1x MIPI-DSI 4-lane connector
1x Micro HDMI 2.1 output, 1x DP 1.4 output
Gigabit Ethernet
Realtek RTL8821CS WiFi
4 pin debug UART connector
40 pin GPIO header
Size: 85mm x 56mm (Raspberry Pi Form Factor)
Kernel commit:
3900160e164b ("arm64: dts: rockchip: Add Indiedroid Nova board")
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
The Powkiddy X55 is a Rockchip RK3566 based handheld gaming device.
UART, ADC, eMMC, and SDMMC are tested to work in U-Boot and this
successfully boots mainline Linux.
Kernel commit:
e99adc97e21a ("arm64: dts: rockchip: Add Powkiddy X55")
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Sughosh Ganu <sughosh.ganu@linaro.org> says:
The following patch series adds support for version 2 of the FWU
metadata. The version 2 metadata structure is defined in the latest
revision of the FWU specification [1].
The earlier versions of these patches were migrating to a version 2
only support in U-Boot, similar to TF-A. However, based on feedback
from ST [2], this series has been updated to support both versions. A
platform would still be needed to enable one of the two versions of
metadata through a config symbol.
TF-A has code which reads the FWU metadata and boots the platform from
the active partition. TF-A has decided to migrate the FWU code to a
version 2 only support. These changes have been merged in upstream
TF-A.
These changes have been tested on the ST DK2 board, which uses the GPT
based partitioning scheme. Both V1 and V2 metadata versions have been
tested on the DK2 board.
These changes need to be tested on platforms with MTD partitioned
storage devices.
Now that support for FWU metadata version 2 has been added, the
feature can be enabled on platforms which had enabled it. A new config
symbol for selecting the metadata version for the platform is also
being added.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Add an entry for the FWU Multi Bank Update feature.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The FWU Update Agent in U-Boot supports both versions of the FWU
metadata. Make changes in the documentation to reflect this.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Make changes to the FWU metadata access tests corresponding to the
changes in the FWU metadata access code.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The version 2 of the FWU metadata allows for appending opaque vendor
specific data to the metadata structure. Add support for appending
this data to the metadata. The vendor specific data needs to be
provided through a file, passed through a command-line parameter. Make
corresponding changes to the tool's manpage.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Add support for generating the FWU metadata version 2. The tool now
requires the version to be provided as a command-line option. Make
corresponding changes to the tool's manpage.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Add support for displaying data specific to FWU metadata version
2. Because the size of the v2 metadata structure is read from the
structure itself, allocate memory for the metadata structure by first
getting the size of the structure.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Make changes to the functions used for generating the DFU's alt
variable so that the FWU image information is obtained from the common
version agnostic structure instead of reading the metadata.
While here, also update the name of the field used for storing the
image GUID in the FWU metadata.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Information about FWU images on MTD partitions is now stored with the
corresponding driver instead of a global variable. Get this
information from the driver.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The third argument passed to the function gen_image_alt_info() is not
used and is superfluous. Remove this unused argument from the function
call.
Fixes: 4898679e190 (FWU: Add FWU metadata access driver for MTD storage regions)
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Support has been added for version 2 of the FWU metadata
structure. Add config symbols to enable either of the two versions.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Transition the platform to either Trial State or Regular State on a
successful update. Do this by calling the fwu_state_machine_updates()
API function.
For version 1 of the FWU metadata, the transition to Trial State is
done by starting the Trial State counter, while for version 2, in
addition to the counter, the bank_state field of the FWU metadata is
also updated to Valid.
For transitioning the platform to Regular State, no action is needed
with version 1 of the FWU metadata structure, while for version 2, the
bank_state field is set to Accepted.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
With addition of support for version 2 of the FWU metadata structure,
the metadata information is collected into a version agnostic
structure. Make changes to the FWU functions so that the information
that was earlier obtained by reading the metadata structure is now
obtained through this version agnostic structure.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Support is being added in U-Boot for version 2 of the FWU
metadata. Support for this version is to co-exist with version 1
support. To achieve this, a common, version agnostic structure has
been added to keep information provided by the FWU metadata
structure.
Add API's to handle the version specific FWU metadata fields. The
version agnostic structure gets initialized at boot by reading the FWU
metadata. Updates to the FWU metadata result in the API's getting
called to populate the version specific fields of the strucure, before
the metadata gets written to the storage media.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The FWU specification now has two versions of the FWU metadata
structure, and both are to be supported. Introduce a version agnostic
structure for storing information about the FWU updatable images. This
allows for a split of common version agnostic FWU code and version
specific code.
The version specific code is then responsible for arranging the data
as per the corresponding metadata structure before it gets written to
the metadata partitions.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Add support for version 2 of the FWU metadata structure. The top level
structure is kept separate through a config symbol. Most of the
fields, primarily used for providing information on updatable images
are common across the two versions.
Also change a few existing structure members used for image
identification to reflect the fact that these are GUIDs, and not
UUIDs.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The FWU metadata access driver for MTD partitioned devices currently
uses a statically allocated array for storing the updatable image
information. This array depends on the number of banks and images per
bank. With migration of the FWU metadata to version 2, these
parameters are now obtained at runtime from the metadata.
Make changes to the FWU metadata access driver for MTD devices to
allocate memory for the image information dynamically in the driver's
probe function, after having obtained the number of banks and images
per bank by reading the metadata. Move the image information as part
of the driver's private structure, instead of using a global variable.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
In version 2 of the metadata structure, the size of the structure
cannot be determined statically at build time. The structure is now
broken into the top level structure which contains a field indicating
the total size of the structure.
Add a size parameter to the metadata access API functions to indicate
the number of bytes to be accessed. This is then used to either read
the entire structure, or only the top level structure.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
The fwrite call returns the number of bytes transferred as part of the
write only when the size parameter is 1. Pass the size parameter to
the library call as 1 so that the correct number of bytes transferred
are returned.
Fixes: fdd56bfd3ad ("tools: Add mkfwumdata tool for FWU metadata image")
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Support is to be added in the following commits for the FWU metadata
version 2. Disable the FWU feature on platforms that enable it for the
V2 addition work.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/20834
- Allow signing i.MX8M flash.bin via binman, which is a much more
elegant solution that using scripts.
- Improve i.MX8M HAB documentation.
- Increase PHY auto-negotiation timeout to 20s on MX8Menlo
- Add bmode support for the MX53 Menlo board.
- Update Update iMX8MM Menlo board configuration
For CST to find the certificates and keys for signing, some keys and
certs need to be copied into the u-boot build directory.
Signed-off-by: Claudius Heine <ch@denx.de>
By removing the "boot" directory in the "m53menlo/boot/fitImage" path,
we simplify the TFTP server directory layout a bit. This also requires a
change to the mmcload command as it (mis-)uses the same variable as the
TFTP boot.
Signed-off-by: Olaf Mandel <o.mandel@menlosystems.com>
Signed-off-by: Marek Vasut <marex@denx.de>
The board can do primary/secondary boot switching, enable the bmode command.
Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Synchronize Toradex Verdin iMX8MM based MX8Menlo board configuration
with Toradex Verdin iMX8MM and enable convenience commands like cat,
hexdump, xxd.
Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
The ethernet PHY on MX8Menlo board takes a while to come out of
reset, increase the auto-negotiation timeout to prevent it from
timing out in case the ethernet is used right after the board was
reset.
Signed-off-by: Marek Vasut <marex@denx.de>
Update documentation and use nxp_imx8mcst binman etype for signing
of flash.bin instead of previous horrible shell scripting.
Reviewed-by: Tim Harvey <tharvey@gateworks.com>
Signed-off-by: Marek Vasut <marex@denx.de>
In case CONFIG_IMX_HAB is enabled, extend the binman image description for
all of i.MX8M{Q,M,N,P} with CST wrapper node. This way, if CONFIG_IMX_HAB
is enabled, binman will be automatically used to sign SPL and fitImage.
Reviewed-by: Tim Harvey <tharvey@gateworks.com>
Signed-off-by: Marek Vasut <marex@denx.de>
