Previous patch has introduced MbedTLS porting layer for PKCS7 parser,
here to adjust the header and makefiles accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Previous patch has introduced MbedTLS porting layer for x509 cert parser,
here to adjust the header and makefiles accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Previous patch has introduced MbedTLS porting layer for public key,
here to adjust the header and makefiles accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Implement digest shim layer on top of MbedTLS crypto library.
Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
We don't need an API specially for non-watchdog since sha1_csum_wd
supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
Set 0x10000 as default chunk size for SHA1.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We don't need an API specially for non-watchdog since md5_wd supports
it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
Set 0x10000 as default chunk size for MD5.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Adapt digest header files to support both original libs and MbedTLS
by switching on/off MBEDTLS_LIB_CRYPTO.
Introduce <alg>_LEGACY kconfig for legacy hash implementations.
sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
`IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
including <linux/kconfig.h> causes undefined reference on schedule()
with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule()
are defined in sandbox build,
Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Port mbedtls with adapted libc header files.
Add mbedtls default config header file.
Optimize mbedtls default config by disabling unused features to
reduce the target size.
Add mbedtls kbuild makefile.
Add Kconfig skeleton and config submenu entry for selecting
crypto libraries between mbedtls and legacy ones.
Add the mbedtls include directories into the build system.
Port u-boot hash functions as MbedTLS crypto alternatives and set
it as default.
Subsequent patches will separate those Kconfigs into pairs of
_LEGACY and _MBEDTLS for controlling the implementations of legacy
crypto libraries and MbedTLS ones respectively.
The motivation of moving and adapting *INT* macros from kernel.h
to limits.h is to fulfill the MbedTLS building requirement.
The conditional compilation statements in MbedTLS expects the
*INT* macros as constant expressions, thus expressions like
`((int)(~0U >> 1))` will not work.
Prerequisite
------------
This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:
$ git subtree add --prefix lib/mbedtls/external/mbedtls \
https://github.com/Mbed-TLS/mbedtls.git \
v3.6.0 --squash
Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:
$ git add --renormalize .
$ git commit
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
When supporting partition reset for SoC such as i.MX95 , the Linux
Kernel may have configured the tuning, while after force reset by
wdog or else, uboot CMD0 will never pass unless config RSTT to reset
tuning logic.
Since RSTA and RSTT are independent, so need both to be reseted in the
controller.
Acked-by: Haibo Chen <haibo.chen@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
u-boot-dfu-next-20241003
CI: https://source.denx.de/u-boot/custodians/u-boot-dfu/-/pipelines/22516
DFU:
- Reinitialize only if dfu_alt_info changed
USB Gadget:
- New usb gadget driver for Renesas USBHS
- Simplify kconfig deps for CMD_USB_MASS_STORAGE
Android:
- Provide bootloader version to android via kernel commandline
Oliver Gaskell <Oliver.Gaskell@analog.com> says:
ADSP-SC5xx is a series of ARM-based DSPs.
This comprises the armv7 based SC57x, SC58x and SC594 series, and the
armv8 based SC598.
This patch series includes configurations, init code, and minimal DTs
to enable Analog Devices' evaluation boards for these SoCs to boot
through SPL and into U-Boot Proper, as well as devicetree schemas for
the added DTs.
This patch series depends on ("arm: Add Analog Devices SC5xx Machine
Type") (https://lists.denx.de/pipermail/u-boot/2024-April/552043.html)
Adds support for Analog Devices' SC589-EZKIT board. Includes:
- Board specific configs in mach-sc5xx/Kconfig
- Board-specific Kconfig and environment in board/adi/
- Memory configuration
Signed-off-by: Oliver Gaskell <Oliver.Gaskell@analog.com>
The primary upstream URL for tf-a has moved, in some cases
things like tags are not always pushed to the old URL so
update the URLs to the primary upstream project URL.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
Adds support for the secp521r1 ECDSA algorithm to mkimage.
Signed-off-by: Joakim Tjernlund <joakim.tjernlund@infinera.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add Android bootflow support for AM62X SK EVM board with
new android boot method.
To build for AM62x for Android, we use the
am62x_a53_android.config fragment when building A53 bootloaders:
$ make am62x_evm_a53_defconfig
$ make am62x_a53_android.config
$ make
Co-developed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Reviewed-by: Bryan Brattlof <bb@ti.com>
I'm trying to use dfu-util for bootstrapping an stm32mp board. It
mostly works fine, but something goes horribly wrong as soon as I make
use of the ability to run arbitrary u-boot shell commands. The shell
commands themselves work fine, but the heuristic "dfu_alt_info may
have changed, we have to reinit" seems to cause the board and/or my
host machine to go into some bad state, and further dfu-util commands
fail.
U-Boot already has a mechanism whereby C code can be told about
changes to specific environment variables. So instead of always doing
re-init, add a hook to the dfu_alt_info variable so that we only do
set dfu_reinit_needed if the commands actually did modify that
variable.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Link: https://lore.kernel.org/r/20240911133900.1444083-1-rasmus.villemoes@prevas.dk
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Both regulators_enable_boot_on/off() are unused and superseded by
regulator uclass regulator_post_probe(). Remove both functions.
Signed-off-by: Marek Vasut <marex@denx.de>
Jerome Forissier <jerome.forissier@linaro.org> says:
Miscellaneous fixes made when developing the lwIP series [1]. They are
posted separately since they make sense on their own. Subsequent
versions of the lwIP series will contain a squashed version of this one.
[1] http://patchwork.ozlabs.org/project/uboot/list/?series=420712&state=%2A&archive=both
Prefix the flash status codes (ERR_*) with FL_ in order to avoid clashes
with third-party libraries. Case in point: including the lwIP library
header file <lwip/err.h> which defines err_enum_t as an enum with values
being ERR_*.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Peter Robinson <pbrobinson@gmail.com>
In case the cyclic framework is enabled, poll the card detect of already
initialized cards and deinitialize them in case they are removed. Since
the card initialization is a longer process and card initialization is
done on first access to an uninitialized card anyway, avoid initializing
newly detected uninitialized cards in the cyclic callback.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The function name in the description must match the function.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Correct the description of the select.id member to fix a kernel-doc
warning.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
* Add missing function names.
* Align names used in descriptions with function names.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The name used in the function description must match the function.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The Sphinx documentation build process cannot handle the interspersed
'private:' and 'public:' comments. Remove them.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Added LMB API to prevent SF command from overwriting reserved
memory areas. The current SPI code does not use LMB APIs for
loading data into memory addresses. To resolve this, LMB APIs
were added to check the load address of an SF command and ensure it
does not overwrite reserved memory addresses. Similar checks are
used in TFTP, serial load, and boot code to prevent overwriting
reserved memory.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Suggested-by: Sughosh Ganu <sughosh.ganu@linaro.org>
CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/22363
- Several updates to i.MX9 SOC and i.MX93 EVK.
- Power domain fixes.
- TRDC cleanup and update.
- MAC address layout update.
- Add support for the i.MX9301/9302 variants.
- Add runtime detection of voltage mode.
- Generalize some code for i.MX8M and i.MX9.
- Add support for Comvetia imx6q-lxr board.
- Read both copies of metadata, in case one of the is corrupted
- Check the metadata version against the running firmware to make sure it's
allowed
- Limit the use of a revert capsule if the board is on a trial state and
make sure it's not applied if the max counter has expired
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEgWII69YpahbL5iK5gS8AYozs+qIFAmbr2bAACgkQgS8AYozs
+qKpPA/7BYSmVkUtdvMiSDVAzGz2Y4V9u8LXluUUkSOs5yDWuXszWPLlPYyNGTzd
5B+UIvvA7xFag0/+2Ywuxi3Xht08QWyv9803EathupScnwiUFd2H2M/+PEhBZCDs
2+JSp77J/cKBGjp8x0qY+IRDX/oVDqWjJo7B0SXM2HCvS8+z3eVBONCqwLJEPqfz
fVFyazBcSsVosWyJkbxU94Coh8LZX0fBH5nYCsNc7zTqeh8D1GNV3REMZTn6+C4Y
mJbmf3/toVvBFiLpi2fegqLgFgU4ngPlwuFEJJQZL/hUyeynXCjV4+BZ/P3n+hKC
lSPLcHeEkDh9iRxmXmVrhPEwnC00zvsYvuvlQ3ziEcUdIIVm6UJLkoyVsoBs/vUD
o+Iz6Kwu1/LW2rK+qpTGVupb4FUM00Xbs5LueHQhHS4QaIaHRwUx5qyPP/A/Ftcy
bS4Ljv5VW0fTK8H/B28c6H/HZcxzWTX8wkLEKEWgep7sWhSlcdoZ76FBM6hGeISO
62J9xyjsBtPqdR7rL6wQcvpjPK8mxconH7hsrRx3TkRpforjF5yfDLZsvLJqBEFo
ZP+nUzO2qC47Oy6lCvYQF31KWcfTKnrRw0YWf43A/zMsosEJ7O+iCaLpCNXQMIgJ
RCjEzPgQC/lqw8a7byjNvcDnWgThPf+LXM64uTln9D8kBcBEud0=
=wdyO
-----END PGP SIGNATURE-----
Merge tag 'fwu-next-19092024' of https://source.denx.de/u-boot/custodians/u-boot-tpm into next
This PR contains various improvements in the A/B update logic for EFI
- Read both copies of metadata, in case one of the is corrupted
- Check the metadata version against the running firmware to make sure it's
allowed
- Limit the use of a revert capsule if the board is on a trial state and
make sure it's not applied if the max counter has expired
The platform transitions out of Trial State into the Regular State
only when all the images in the update bank have been accepted. Check
for this condition before transitioning out of Trial State.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add support for the Comvetia i.MX6Q LXR2 board, which is
uses the Phytec PFLA02 SoM.
Based on the original work from Stefano Babic <sbabic@denx.de>.
The Phytec PFLA02 devicetrees are taken from kernel 6.11-rc7.
The imx6q-lxr.dts has been submitted upstream:
https://lore.kernel.org/linux-devicetree/20240913200906.1753458-3-festevam@gmail.com/
After it gets accepted in mainline (most likely in kernel 6.13),
the lxr2 board can then be switched to OF_UPSTREAM and these device trees
can be removed from U-Boot.
Signed-off-by: Fabio Estevam <festevam@denx.de>
1. Use runtime voltage selection for LD/OD/ND mode.
2. According to latest PE/TE report, the voltages of VDD_SOC for
LD and ND mode need add 50mv margin, so LD voltage is 0.75v->0.8v,
ND voltage is 0.8v->0.85v.
3. Use TOFF_DEB to differentiate new trimmed pmic and old pmic
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Simon Glass <sjg@chromium.org> says:
This series includes the patches needed to make make the EFI 'boot' test
work. That test has now been split off into a separate series along with
the EFI patches.
This series fixes these problems:
- sandbox memory-mapping conflict with PCI
- the fix for that causes the mbr test to crash as it sets up pointers
instead of addresses for its 'mmc' commands
- the mmc and read commands which cast addresses to pointers
- a tricky bug to do with USB keyboard and stdio
- a few other minor things
Clear any USB-keyboard devices before running a unit test, to avoid
using a stale udevice pointer in stdio. Add a long comment to explain
this situation and why this solution seems best, at least for now.
Signed-off-by: Simon Glass <sjg@chromium.org>
The driver model deadline for USB was in 2019, so drop the old USB
keyboard code, to avoid needing to deal with the extra code path.
Drop the unnecessary #ifdef around USB_KBD_BOOT_REPORT_SIZE while we
are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
UEFI:
* Use generated UUIDs in UEFI capsules:
- efi: define struct efi_guid
- lib: uuid: add UUID v5 support
- efi: add a helper to generate dynamic UUIDs
- doc: uefi: document dynamic UUID generation
- sandbox: switch to dynamic UUIDs
- lib: uuid: supporting building as part of host tools
- include: export uuid.h
- tools: mkeficapsule: use u-boot UUID library
- tools: mkeficapsule: support generating dynamic GUIDs
- test: lib/uuid: add unit tests for dynamic UUIDs
- test: lib/uuid: add tests for UUID version/variant bits
* Minor code clean-up
- shorten efi_bootmgr_release_uridp_resource()
- rename efi_bootmgr_image_return_notify
- return the correct error in efi_bootmgr_release_uridp()
- Kconfig: clean up the efi configuration status
- Use puts() in cout so that console recording works
- Put back copyright message in helloworld.c
-----BEGIN PGP SIGNATURE-----
iQJWBAABCABAFiEEK7wKXt3/btL6/yA+hO4vgnE3U0sFAmbkQbQiHGhlaW5yaWNo
LnNjaHVjaGFyZHRAY2Fub25pY2FsLmNvbQAKCRCE7i+CcTdTS78AD/438lZrXSvV
0aunMCDokTlg7Hxwme1oeLI6+r1SFwJa2EHEdsKbZ74ubh8H/UJkyFpsPr5mZeCI
BUkrxiI3bJnsw8HftZpkc4k1fRgzk/ufNcH1ywyFLV5gXfAHUpPzfx3C3eB2unr3
f0zlsOl7VTkdOqXSebWcbFGXIKRb/p6jUtWkCaM/Ip3i8wgEU9PlFTPXutdxHFi/
GsByD7I2exsnoEm+ODZ1P/FGEyhWMAN8c643DWRplc8vFHFyg8rqsnjOOekWN4WO
HMVvs9lUKtLpWK8HaoAZKFL1NFdwdEjbaRUqSeHSdKan/tJIRgTNGzrtlD/i7YHQ
b2nTrlhlDtrobfITvyicg7cIy/XcBksIFOQ3kHaZWD18DINiwuX1AEKESwqdFGpB
88gaE45XAqTYW8EpSYq61JlaPQZvR70nXISzLCIce25a1jFt6oO88rV5eEHm67gA
HufIiyR2aOTiFvrHe0ZNgjeOMGMaFFHEMTOx+exhAJ6NTuwgWi/aTQXGF2OkWzBX
LXCnb6huyAOqj+3PJCCIed9vf2AlvIm7a8hZDxmCmJMWmaHrRIObBjLZOmGu9vU4
cdaMNO1s4bptqGjhfETxmjbtnX9YI8hAhChNs0d/vs1k0hIMPaI170Q9zR2xN+2S
wBG3iMs9Q6ECNaoeVcfwS2HfpVovI7j4uQ==
=mncs
-----END PGP SIGNATURE-----
Merge tag 'efi-next-20241024' of https://source.denx.de/u-boot/custodians/u-boot-efi into next
Pull request efi-next-20241024
UEFI:
* Use generated UUIDs in UEFI capsules:
- efi: define struct efi_guid
- lib: uuid: add UUID v5 support
- efi: add a helper to generate dynamic UUIDs
- doc: uefi: document dynamic UUID generation
- sandbox: switch to dynamic UUIDs
- lib: uuid: supporting building as part of host tools
- include: export uuid.h
- tools: mkeficapsule: use u-boot UUID library
- tools: mkeficapsule: support generating dynamic GUIDs
- test: lib/uuid: add unit tests for dynamic UUIDs
- test: lib/uuid: add tests for UUID version/variant bits
* Minor code clean-up
- shorten efi_bootmgr_release_uridp_resource()
- rename efi_bootmgr_image_return_notify
- return the correct error in efi_bootmgr_release_uridp()
- Kconfig: clean up the efi configuration status
- Use puts() in cout so that console recording works
- Put back copyright message in helloworld.c
Move this header to include/u-boot/ so that it can be used by external
tools.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
