Rob Clark [Wed, 10 Jan 2018 10:34:39 +0000 (11:34 +0100)]
db410c: add reserved-memory node to dts
If lk lights up display and populates simple-framebuffer node, it will
also setup a reserved-memory node (needed by simplefb on linux). But
it isn't clever enough to cope when the reserved-memory node is not
present.
Rob Clark [Wed, 10 Jan 2018 10:34:37 +0000 (11:34 +0100)]
fdtdec: allow board to provide fdt for CONFIG_OF_SEPARATE
Similar to CONFIG_OF_BOARD, but in this case the fdt is still built by
u-boot build. This allows the board to patch the fdt, etc.
In the specific case of dragonboard 410c, we pass the u-boot generated
fdt to the previous stage of bootloader (by embedding it in the
u-boot.img that is loaded by lk/aboot), which patches the fdt and passes
it back to u-boot.
Signed-off-by: Rob Clark <robdclark@gmail.com>
[trini: Update board_fdt_blob_setup #if check] Signed-off-by: Tom Rini <trini@konsulko.com>
db410c: update wlan and bt mac addresses from firmware
The firmware that runs before u-boot modifies u-boot's device tree
adding the local-mac-address and local-bd-address properties for the
compatibles "qcom,wcnss-bt" and "qcom,wcnss-wlan".
This commit reads that firmware, retrieves the properties and fixups
the device tree that is passed to the kernel before booting.
env: enable accessing the environment in an EXT4 partition
For example to store the environment in a file named "/uboot.env" in MMC
"0", where partition "1" contains the EXT4 filesystem, the following
configs should be added to the board's default config:
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@linaro.org>
[trini: Fix some line over 80 chars issues] Signed-off-by: Tom Rini <trini@konsulko.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:19 +0000 (12:40 +0000)]
arm: imx: hab: Add hab_failsafe console command
hab_failsafe when called puts the part into BootROM recovery mode.
This will allow u-boot scripts to script the dropping down into recovery
mode.
=> hab_failsafe
Shows the i.MX7 appear as "hiddev0,hidraw5: USB HID v1.10 Device [Freescale
SemiConductor Inc SP Blank ULT1] " in a Linux dmesg thus allowing download
of a new image via the BootROM USB download protocol routine.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:18 +0000 (12:40 +0000)]
arm: imx: hab: Implement hab_rvt_failsafe
This patch implements the basic callback hooks for
hab_rvt_check_failsafe for BootROM code using the older BootROM address
layout - in my test case the i.MX7. Code based on new BootROM callbacks
will just do nothing and there's definitely a TODO to implement that extra
functionality on the alternative BootROM API.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:17 +0000 (12:40 +0000)]
arm: imx: hab: Define rvt_failsafe()
The hab_rvt_failsafe() callback according to the HABv4 documentation:
"This function provides a safe path when image authentication has failed
and all possible boot paths have been exhausted. It is intended for use by
post-ROM boot stage components, via the ROM Vector Table."
Once invoked the part will drop down to its BootROM USB recovery mode.
Should it be the case that the part is in secure boot mode - only an
appropriately signed binary will be accepted by the ROM and subsequently
executed.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:16 +0000 (12:40 +0000)]
arm: imx: hab: Make imx_hab_is_enabled global
It will be helpful to boot commands to know if the HAB is enabled. Export
imx_hab_is_enabled() now to facilitate further work with this data-point in
a secure-boot context.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:15 +0000 (12:40 +0000)]
arm: imx: hab: Make authenticate_image() return zero on open boards
The BootROM will not successfully process a HAB image passed by u-boot
unless the board has been set into locked mode. Some of the existing usages
of authenticate_image() expect and rely on unlocked boards doing the
following
1. Not calling into the BootROM authenticate_image() callback
2. Returning a pass status for authenticate_image() calls anyway
A previous patch removed the necessity to call into imx_hab_is_enabled()
twice. This patch ensures the reliance on authenticate_image() returning
zero is maintained.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Suggested-by: Breno Matheus Lima <brenomatheus@gmail.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com>
Understanding if the HAB is enabled is something that we want to
interrogate and report on outside of the HAB layer. First step to that is
renaming the relevant function to match the previously introduced external
naming convention imx_hab_function()
The name imx_hab_is_hab_enabled() is a tautology. A more logical name is
imx_hab_is_enabled().
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:13 +0000 (12:40 +0000)]
arm: imx: hab: Prefix authenticate_image with imx_hab
Tidy up the HAB namespace a bit by prefixing external functions with
imx_hab. All external facing functions past this point will be prefixed in
the same way to make the fact we are doing IMX HAB activities clear from
reading the code. authenticate_image() could mean anything
imx_hab_authenticate_image() is on the other hand very explicit.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:11 +0000 (12:40 +0000)]
arm: imx: hab: Print HAB event log only after calling ROM
The current flow of authenticate_image() will print the HAB event log even
if we reject an element of the IVT header before ever calling into the ROM.
This can be confusing.
This patch changes the flow of the code so that the HAB event log is only
printed out if we have called into the ROM and received some sort of status
code.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Suggested-by: Cc: Breno Matheus Lima <brenomatheus@gmail.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:10 +0000 (12:40 +0000)]
arm: imx: hab: Add a hab_rvt_check_target to image auth
Add a hab_rvt_check_target() step to authenticate_image() as a sanity
check for the target memory region authenticate_image() will run over,
prior to making the BootROM authentication callback itself.
This check is recommended by the HAB documentation so it makes sense to
adhere to the guidance and perform that check as directed.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:09 +0000 (12:40 +0000)]
arm: imx: hab: Implement hab_rvt_check_target
This patch implements the basic callback hooks for hab_rvt_check_target()
for BootROM code using the older BootROM address layout - in my test case
the i.MX7. Code based on new BootROM callbacks will just have HAB_SUCCESS
as a result code. Adding support for the new BootROM callbacks is a TODO.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:08 +0000 (12:40 +0000)]
arm: imx: hab: Define rvt_check_target()
The hab_rvt_check_target() callback according to the HABv4 documentation:
"This function reports whether or not a given target region is allowed for
either peripheral configuration or image loading in memory. It is intended
for use by post-ROM boot stage components, via the ROM Vector Table, in
order to avoid configuring security-sensitive peripherals, or loading
images over sensitive memory regions or outside recognized memory devices
in the address map."
It is a useful function to support as a precursor to calling into
authenticate_image() to validate the target memory region is good.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:06 +0000 (12:40 +0000)]
arm: imx: hab: Print CSF based on IVT descriptor
The IVT gives the absolute address of the CSF. There is no requirement for
the CSF to be located adjacent to the IVT so lets use the address provided
in the IVT header instead of the hard-coded fixed CSF offset currently in
place.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
The IVT is a self-describing structure which contains a self field. The
self field is the absolute physical base address the IVT ought to be at in
memory. Use the IVT self field to validate the calculated ivt_addr bugging
out if the two values differ.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:03 +0000 (12:40 +0000)]
arm: imx: hab: Add IVT header verification
The IVT header contains a magic number, fixed length and one of two version
identifiers. Validate these settings before doing anything with a putative
IVT binary.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:40:02 +0000 (12:40 +0000)]
arm: imx: hab: Add IVT header definitions
The various i.MX BootROMs containing the High Assurance Boot (HAB) block
rely on a data structure called the Image Vector Table (IVT) to describe to
the BootROM where to locate various data-structures used by HAB during
authentication.
This patch adds a definition of the IVT header for use in later patches,
where we will break the current incorrect dependence on fixed offsets in
favour of an IVT described parsing of incoming binaries.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
u-boot command "hab_auth_img" tells a user that it takes
- addr - image hex address
- offset - hex offset of IVT in the image
but in fact the callback hab_auth_img makes to authenticate_image treats
the second 'offset' parameter as an image length.
Furthermore existing code requires the IVT header to be appended to the end
of the image which is not actually a requirement of HABv4.
This patch fixes this situation by
1: Adding a new parameter to hab_auth_img
- addr : image hex address
- length : total length of the image
- offset : offset of IVT from addr
2: Updates the existing call into authenticate_image() in
arch/arm/mach-imx/spl.c:jump_to_image_no_args() to pass
addr, length and IVT offset respectively.
This allows then hab_auth_img to actually operate the way it was specified
in the help text and should still allow existing code to work.
It has the added advantage that the IVT header doesn't have to be appended
to an image given to HAB - it can be prepended for example.
Note prepending the IVT is what u-boot will do when making an IVT for the
BootROM. It should be possible for u-boot properly authenticate images
made by mkimage via HAB.
This patch is the first step in making that happen subsequent patches will
focus on removing hard-coded offsets to the IVT, which again is not
mandated to live at the end of a .imx image.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:39:56 +0000 (12:39 +0000)]
arm: imx: hab: Fix authenticate_image result code
authenticate_image returns 1 for success and 0 for failure. That result
code is mapped directly to the result code for the command line function
hab_auth_img - which means when hab_auth_img succeeds it is returning
CMD_RET_FAILURE (1) instead of CMD_RET_SUCCESS (0).
This patch fixes this behaviour by making authenticate_image() return 0 for
success and 1 for failure. Both users of authenticate_image() as a result
have some minimal churn. The upshot is once done when hab_auth_img is
called from the command line we set $? in the standard way for scripting
functions to act on.
Fixes: 36c1ca4d46ef ("imx: Support i.MX6 High Assurance Boot
authentication")
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Bryan O'Donoghue [Fri, 12 Jan 2018 12:39:55 +0000 (12:39 +0000)]
arm: imx: hab: Make authenticate_image return int
Both usages of authenticate_image treat the result code as a simple binary.
The command line usage of authenticate_image directly returns the result
code of authenticate_image as a success/failure code.
Right now when calling hab_auth_img and test the result code in a shell a
passing hab_auth_img will appear to the shell as a fail.
The first step in fixing this behaviour is to fix-up the result code return
by authenticate_image() itself, subsequent patches fix the interpretation
of authenticate_image so that zero will return CMD_RET_SUCCESS and non-zero
will return CMD_RET_FAILURE.
The first step is fixing the return type in authenticate_image() so do that
now.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Stephen Warren [Tue, 9 Jan 2018 19:52:14 +0000 (12:52 -0700)]
Makefile: ensure DTB doesn't overflow into initial stack
With CONFIG_SYS_INIT_SP_BSS_OFFSET enabled, the initial (pre-relocation)
stack is placed some distance after bss_start. The control DTB is appended
to the U-Boot binary at bss_start. If the DTB is too large, or the SP BSS
offset too small, then the initial stack could corrupt the DTB. Enhance
the Makefile to check whether this is likely to occur.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Tue, 9 Jan 2018 00:41:24 +0000 (17:41 -0700)]
ARM: Tegra186: calculate load addresses at boot
In the presence of potentially fragemented memory, we cannot hard-code
addresses into environment variables such as kernel_addr_r. Instead, we
must calculate those addresses at run-time based on available memory
locations. Implement the code to perform such runtime calculation, based
on requirements described in environment variables, to allow the user
full control over the allocation.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Thu, 4 Jan 2018 18:07:14 +0000 (11:07 -0700)]
ARM: Tegra186: don't map memory not in RAM banks
Tegra186 currently restricts its DRAM usage to entries in the /memory node
in the DTB passed to it. However, the MMU configuration always maps the
entire first 2GB of RAM. This could allow the CPU to speculatively access
RAM that isn't part of the in-use banks. This patch switches to runtime
construction of the table that's used to construct the MMU translation
tables, and thus prevents access to RAM that's not part of a valid bank.
Note: This patch is intended to prevent access to RAM regions which U-Boot
does not need to access, with the primary purpose of avoiding theoretical
speculative access to physical regions for which the HW will throw errors
(e.g. carve-outs that the CPU has no permission to access at a bus level,
bad ECC pages, etc.). In particular, this patch is not deliberately
related to the speculation-related security issues that were recently
announced. The apparent similarity is a coincidence.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Wed, 3 Jan 2018 21:32:35 +0000 (14:32 -0700)]
ARM: tegra: p2771-000: increase max DRAM bank count
On this platform, there may be up to 1024 unusable chunks of memory.
Increase CONFIG_NR_DRAM_BANKS so that U-Boot can remember all the banks
required to represent such fragmented memory.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Wed, 3 Jan 2018 21:32:34 +0000 (14:32 -0700)]
ARM: Tegra186: search for best RAM bank
In the future, the list of DRAM regions passed to U-Boot in the DTB may
be quite long and fragmented. Due to this, U-Boot must search through the
regions to find the best region to relocate into, rather than relying on
the current assumption that the top of bank 0 is a reasonable relocation
target. This change implements such searching.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Fri, 5 Jan 2018 20:04:54 +0000 (13:04 -0700)]
ARM: bootm: don't assume sp is in DRAM bank 0
arch_lmb_reserve() currently assumes that the stack pointer is within DRAM
bank 0. This is not necessarily true. Enhance the code to search through
DRAM banks until the bank that does contain SP is found, and then reserve
the tail of that bank.
Fixes: 2d1916e48bd8 ("ARM: add flat device tree support") Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Wed, 3 Jan 2018 21:31:51 +0000 (14:31 -0700)]
ARMv8: add optional Linux kernel image header
Allow placing a Linux kernel image header at the start of the U-Boot
binary. This is useful since the image header reports the amount of memory
(BSS and similar) that U-Boot needs to use, but that isn't part of the
binary size. This can be used by the code that loads U-Boot into memory to
determine where to load U-Boot, based on other users of memory.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Wed, 20 Dec 2017 01:30:37 +0000 (18:30 -0700)]
ARM: tegra: use CONFIG_SYS_INIT_SP_BSS_OFFSET
Enable CONFIG_SYS_INIT_SP_BSS_OFFSET for all 64-bit Tegra boards. Place
the stack/... 512KiB from the end of the U-Boot binary. This should be
plenty to accommodate the current DTBs (max 64 KiB), early malloc region
(6KiB), stack usage, and plenty of slack, while still not placing it too
far away from the U-Boot binary.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Wed, 20 Dec 2017 01:30:36 +0000 (18:30 -0700)]
ARMv8: Allow dynamic early stack pointer
U-Boot typically uses a hard-coded value for the stack pointer before
relocation. Implement option SYS_INIT_SP_BSS_OFFSET to instead calculate
the initial SP at run-time. This is useful to avoid hard-coding addresses
into U-Boot, so that can be loaded and executed at arbitrary addresses and
thus avoid using arbitrary addresses at runtime. This option's value is
the offset added to &_bss_start in order to calculate the stack pointer.
This offset should be large enough so that the early malloc region, global
data (gd), and early stack usage do not overlap any appended DTB.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Signed-off-by: Tom Warren <twarren@nvidia.com>
Stephen Warren [Wed, 20 Dec 2017 01:30:34 +0000 (18:30 -0700)]
ARM: tegra: don't use CONFIG_SPL_TEXT_BASE when no SPL
64-bit Tegra don't use SPL, and soon won't define CONFIG_SPL_TEXT_BASE
when building. Fix the binman .dts file so that it doesn't use undefined
values.
Signed-off-by: Stephen Warren <swarren@nvidia.com> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Warren <twarren@nvidia.com>
Peng Fan [Tue, 2 Jan 2018 08:51:22 +0000 (16:51 +0800)]
mmc: fsl_esdhc: Fix eMMC 1.8v setting issue
Current USDHC driver will reset VSELECT to 0 (3.3v) during mmc init,
then set to 1 for 1.8v eMMC I/O. When booting from eMMC, since ROM has
already set VSELECT to 1.8v before running the u-boot. This reset in
USDHC driver causes a short 2.2v pulse on CMD pin.
Fix this issue by not reset VSELECT to 0 when 1.8v flag is set.
Signed-off-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
Tom Rini [Fri, 22 Dec 2017 17:27:14 +0000 (12:27 -0500)]
power: Rearrange code to guard power command with CONFIG_SPL_BUILD guard
In order to discard this code when unused in SPL we need to guard the
command with a check for CONFIG_SPL_BUILD and we rearrange the code
slightly to make this cleaner.
Cc: Jaehoon Chung <jh80.chung@samsung.com> Signed-off-by: Tom Rini <trini@konsulko.com>
ARM: imx: cm_fx6: env: try to determine dtb to use
Some distributions like Fedora expect U-Boot to select a proper
devicetree. Since there are several variants of the cm-fx6 module
featuring different SoC variants and the module can be paired with
several baseboards, it is not viable to hardcode a filename.
Instead, follow the lead of other i.MX6 based devices and try to
determine the devicetree to use with the help of the board name
and the SoC variant exported by the board code, before calling the
distro bootcommand.
For now, only for the Utilite Pro a proper devicetree filename is
known but further variants of the Utilite Computer or other devices
based on the cm-fx6 module may be added in the future.
Signed-off-by: Christopher Spinrath <christopher.spinrath@rwth-aachen.de>
ARM: imx: cm_fx6: export board and soc info to env
Like many other i.MX6 based boards, there are multiple variants of
the cm-fx6 module featuring different SoC variants. Furthermore, the
module can be paired with multiple baseboards.
At the same time modern distribution like Fedora require U-Boot to
select a proper devicetree which depends on the SoC variant and the
baseboard.
Thus, export the SoC variant and the actual board to the environment
following the conventions of other i.MX6 devices (e.g. the NXP boards)
such that the environment can select a devicetree file to load.
For now, we only know for sure that the cm-fx6 module and the SB-fx6m
baseboard amount to a Utilite Computer variant (depending on the SoC).
Further combinations may be added in the future; e.g. CompuLab's
evaluation board once someone can verify the identification string
stored in its eeprom.
Signed-off-by: Christopher Spinrath <christopher.spinrath@rwth-aachen.de> Reviewed-by: Stefano Babic <sbabic@denx.de>
Koen Vandeputte [Thu, 4 Jan 2018 13:54:34 +0000 (14:54 +0100)]
drivers: pci: imx: fix enumeration logic error
By default, the subordinate is set equally to the secondary bus (1) when
the RC boots, and does not alter afterwards.
This means that theoretically, the highest bus reachable downstream is
bus 1.
Force the PCIe RC subordinate to 0xff, otherwise no downstream
devices will be detected behind bus 1 if the booting OS does not allow
enumerating a higher busnr than the subordinate value of the primary
bus.
Tom Rini [Wed, 3 Jan 2018 13:52:39 +0000 (08:52 -0500)]
arm: imx: Rework i.MX specific commands to be excluded from SPL
The "clocks" and "bootaux" commands are only usable in full U-Boot, not
SPL, so do not link them inside of SPL. Rework a little of the bootaux
related code to make use of __weak and declare parts of it static as
it's local to the file.
Peng Fan [Wed, 3 Jan 2018 00:52:03 +0000 (08:52 +0800)]
imx: mx6ull-14x14-evk: enable DM QSPI driver
To support QSPI DM driver
- Add spi0 alias for qspi node. Which is used for bus number 0.
- Modify the n25q256a@0 compatible property to "spi-flash".
- Modify spi4 (gpio_spi) node to spi5
- Define DM SPI/QSPI related config to enable QSPI
Peng Fan [Wed, 3 Jan 2018 00:52:02 +0000 (08:52 +0800)]
spi: fsl_qspi: support i.MX6UL/6ULLL/7D
The QSPI module on i.MX7D is modified from i.MX6SX. The module used on
i.MX6UL/6ULL is reused from i.MX7D. They share same tx buffer size.
The endianness is not set at qspi driver initialization. So if we don't
boot from QSPI, we will get wrong endianness when accessing from AHB
address directly.
Peng Fan [Tue, 2 Jan 2018 01:32:09 +0000 (09:32 +0800)]
imx: mx6sxsabresd: config wdog pinmux
Because kernel set WDOG_B mux before pad with the common pinctrl
framwork now and wdog reset will be triggered once set WDOG_B mux
with default pad setting, we set pad setting here to workaround this.
Since imx_iomux_v3_setup_pad also set mux before pad setting, we set
as GPIO mux firstly here to workaround it.
Peng Fan [Tue, 2 Jan 2018 01:32:08 +0000 (09:32 +0800)]
imx: mx6sxsabresd: Enable DM driver
Enable I2C/MMC/GPIO/REGUALTOR/PMIC/USB DM drivers.
There are some dependency, such as when DM MMC enabled, USB compile error.
Also the i.MX I2C MMC DM driver does not support legacy GPIO interface.
So enable them all together.
Peng Fan [Tue, 2 Jan 2018 07:51:20 +0000 (15:51 +0800)]
misc: mxc_ocotp: check fuse word before programming on i.MX7ULP
On i.MX7ULP, the fuse words (except bank 0 and 1) only supports to
write once, because they use ECC mode. Multiple writes may damage
the ECC value and cause a wrong fuse value decoded when reading.
This patch adds a checking before the fuse word programming, only
can write when the word value is 0.
Signed-off-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com>
CPU: Freescale i.MX6DL rev1.2 996 MHz (running at 792 MHz)
CPU: Commercial temperature grade (0C to 95C) at 40C
Reset cause: POR
I2C: ready
DRAM: 1 GiB
MMC: FSL_SDHC: 0
In: serial
Out: serial
Err: serial
Net: FEC [PRIME]
Rick Chen [Tue, 26 Dec 2017 05:55:58 +0000 (13:55 +0800)]
riscv: Modify generic codes to support RISC-V
Support common commands bdinfo and image format,
also modify common generic flow for RISC-V.
Signed-off-by: Rick Chen <rick@andestech.com> Signed-off-by: Rick Chen <rickchen36@gmail.com> Signed-off-by: Greentime Hu <green.hu@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com>
RISC-V # fatload mmc 0:1 0x600000 hello_world_ae250_32.bin
reading hello_world_ae250_32.bin
1252 bytes read in 23 ms (52.7 KiB/s)
RISC-V # go 0x600000
Example expects ABI version 9
Actual U-Boot ABI version 9
Hello World
argc = 1
argv[0] = "0x600000"
argv[1] = "$B@"
Hit any key to exit ...
RISC-V #
Signed-off-by: Rick Chen <rick@andestech.com> Signed-off-by: Rick Chen <rickchen36@gmail.com> Signed-off-by: Greentime Hu <green.hu@gmail.com>
Rick Chen [Tue, 26 Dec 2017 05:55:48 +0000 (13:55 +0800)]
riscv: cpu: Add nx25 to support RISC-V
Add Andes nx25 cpu core (called AndesStar V5) to support RISC-V arch
Verifications:
1. startup and relocation ok.
2. boot from rom or ram both ok.
2. timer driver ok.
3. uart driver ok
4. mmc driver ok
5. spi driver ok.
6. 32/64 bit both ok.
Detail verification message please see doc/README.ae250.
Signed-off-by: Rick Chen <rick@andestech.com> Signed-off-by: Rick Chen <rickchen36@gmail.com> Signed-off-by: Greentime Hu <green.hu@gmail.com> Cc: Padmarao Begari <Padmarao.Begari@microsemi.com>
mmc: compile out erase and write mmc commands if write operations are not enabled
Also remove erase_grp_size and write_bl_len from struct mmc as they are
not used anymore. On ARM, removing them saves about 100 bytes of code
space in SPL.