arm64: zynqmp: Add support for verifying secure images
This patch adds new command "zynqmp" to handle zynqmp
specific commands like "zynqmp secure". This secure command is
used for verifying zynqmp specific secure images. The secure
image can either be authenticated or encrypted or both encrypted
and authenticated. The secure image is prepared using bootgen
and will be in xilinx specific BOOT.BIN format. The optional
key can be used for decryption of encrypted image if user
key was specified while creation BOOT.BIN.
Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
The vcu disable bit in efuse ipdisable register is valid only
if PL powered up so, consider PL powerup status for determing
EG/EV part. If PL is not powered up, ignore EG/EV part of string.
The PL powerup status will be filled by pmufw based on PL PROGB
status in the 9th bit of version field.
Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Vipul Kumar [Mon, 5 Mar 2018 09:54:59 +0000 (15:24 +0530)]
arm64: zynqmp: nand: Fixed NAND erase issue for size 1GiB or more
NAND erase was not happening for size 1GiB or more. Erase
command was executing successfully but in actual, it was not
erasing.
This patch fixed erase issue for 1 GiB or more size nand.
Signed-off-by: Vipul Kumar <vipulk@xilinx.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Vipul Kumar [Thu, 15 Feb 2018 05:54:41 +0000 (11:24 +0530)]
arm64: zynqmp: Changed scratch address used by the alternate memory test
This patch changed CONFIG_SYS_MEMTEST_SCRATCH address to the
accessible DDR address used by alternate memory test.
Before this, 0xfffc0000 address was used, which is the OCM
address and not enabled in MMU table. So, whenever trying
to access 0xfffc0000 address, got Synchronous Abort exception.
After changing CONFIG_SYS_MEMTEST_SCRATCH address, alternate
memory test is working fine.
net: zynq_gem: Dont run any phy detection logic for GMII case
This patch bypasses phy detection logic for GMII interface
and just depend on phy address received from DT. This patch
is required as phy detection logic is different for some phys
like xilinx phy which can be connected over SGMII and GMII
interface.
This fixes the issue of ethernet failures when xilinx phy is
connected over GMII interface.
Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Michal Simek [Fri, 26 Jan 2018 12:17:04 +0000 (13:17 +0100)]
fpga: Simplify error path in fpga_add
Check !desc earlier to simplify code.
Signed-off-by: Michal Simek <michal.simek@xilinx.com> Acked-by: Simon Goldschmidt <sgoldschmidt@de.pepperl-fuchs.com> Reviewed-by: Simon Goldschmidt <sgoldschmidt@de.pepperl-fuchs.com>
Lokesh Vutla [Fri, 16 Mar 2018 08:52:12 +0000 (14:22 +0530)]
davinci: Enable DDR_INIT for DA8XX
Commit 6aa4ad8e3820 ("Convert CONFIG_SOC_DA8XX et al to Kconfig")
converted SOC_DA8XX to Kconfig but missed enabling DDR_INIT for
SOC_DA8XX, which broke OMAPL138 to boot.
Commit 2e87980580d0 ("davinci: Fix omapl138_lcdk builds") disabled
DDR_INIT for all DA850 SoCs. This failed all DA850 boards to boot
as ddr is not being initialized.
Enable SYS_DA850_DDR_INIT for DA8XX so that all DA850 and OMAPL138
will have ddr initialized
Fixes: 2e87980580d0 ("davinci: Fix omapl138_lcdk builds") Fixes: 6aa4ad8e3820 ("Convert CONFIG_SOC_DA8XX et al to Kconfig") Reported-by: Sekhar Nori <nsekhar@ti.com> Tested-by: Sekhar Nori <nsekhar@ti.com> Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com> Reviewed-by: David Lechner <david@lechnology.com> Reviewed-by: Tom Rini <trini@konsulko.com>
Luca Ceresoli [Thu, 15 Mar 2018 10:08:56 +0000 (11:08 +0100)]
scripts/check-config.sh: fix "command not found" error handling
scripts/check-config.sh exits successfully and silently without doing
any checks when the 'comm' command is not found.
The problem triggers from the command around line 39:
comm -23 ${suspects} ${ok} >${new_adhoc}
This statement fails when 'comm' is not in $PATH, creating an empty
${new_adhoc} file. But the script continues and the following line,
which is supposed to detect an error:
if [ -s ${new_adhoc} ]; then
will always be false since the file is empty, and the script will exit
successfully as if everything were OK.
The case where 'comm' in not in $PATH is not theoretical. It used to
happen on yocto until a recent fix [0], and still happens on the
current stable branch (rocko).
Fix by setting the errexit flag to exit with error when a statement
fails, so that at least the problem is noticed.
For additional safety also set the nounset flag to detect expansion
errors.
David Lechner [Thu, 15 Mar 2018 01:36:30 +0000 (20:36 -0500)]
davinci: omapl138_lcdk: fix PLL0 frequency
commit 1601dd97edc6 ("davinci: omapl138_lcdk: increase PLL0 frequency")
changed the PLL0 frequency to 456MHz, which is needed for the LCDC IP
block. However, in doing so, it caused the PLLOUT clock to be outside
of the allowable specifications given in the OMAP-L138 data sheet. (It
says PLLOUT must be 600MHz max). It also uses a PLLM value outside of
the range given in the TRM (it says PLLM must in the range 0 to 0x1f).
Alexander Graf [Thu, 15 Mar 2018 14:10:20 +0000 (15:10 +0100)]
lan7xxx: Require phylib
The lan75xx and lan78xx drivers need to drive their phy via the generic
phylib framework. Let's reflect that dependency in Kconfig, so that we
don't get build errors when phylib does not get selected.
Signed-off-by: Alexander Graf <agraf@suse.de> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Alexander Graf [Thu, 15 Mar 2018 14:07:09 +0000 (15:07 +0100)]
net: Only access network devices after init
In the efi_loader main loop we call eth_rx() occasionally. This rx function
might end up calling into devices that haven't been initialized yet,
potentially resulting in a lot of transfer timeouts.
Instead, let's make sure the ethernet device is actually initialized before
reading from or writing to it.
Signed-off-by: Alexander Graf <agraf@suse.de> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
The "net_try_count" counter starts from "1".
And the "retrycnt" contains requested amount of retries.
With current logic, that means that the actual retry amount
will be one time less then what we set in "netretry" env.
For example setting "netretry" to "once" will make "retrycnt"
equal "1", so no retries will be triggered at all.
Fix the logic by changing the statement of "if" condition.
Signed-off-by: Leonid Iziumtsev <leonid.iziumtsev@se.atlascopco.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Priyanka Jain [Tue, 30 Jan 2018 06:41:08 +0000 (12:11 +0530)]
net/phy/cortina: Add No firmware upload option
Current Cortina phy driver assumes that firmware upload
is required during initialization and is dependent
on presence of corresponding macros like CONFIG_CORTINA_FW_ADDR
for compilation.
But Cortina phy has provision to store phy firmware in
attached dedicated EEPROM. And boards designed with such
EEPROM does not require firmware upload.
Add CORTINA_NO_FW_UPLOAD option in cortina.c to support
such boards.
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Update get_phy_id() implementation in cortina.c to check
for Cortina_phy by comparing device phy_id with cortina phy_id
instead of relying on presence of CORTINA macros.
This will allow get_phy_id to work with non-cortina phy devices
which might have same phy address as Cortina device but on
different bus.
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Calvin Johnson [Thu, 8 Mar 2018 10:00:33 +0000 (15:30 +0530)]
armv8: fsl-lsch2: configure pfe's DDR and HDBUS interfaces and ECC
1. Set AWCACHE0 attribute of PFE DDR and HDBUS master interfaces
to bufferable.
2. Set RD/WR QoS for PFE DDR and HDBUS AXI master interfaces.
3. Disable ECC detection for PFE.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com> Signed-off-by: Anjaneyulu Jagarlmudi <anji.jagarlmudi@nxp.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Calvin Johnson [Thu, 8 Mar 2018 10:00:26 +0000 (15:30 +0530)]
drivers: net: pfe_eth: provide pfe commands
pfe_command provides command line support for several features that
support pfe, like starting or stopping the pfe, checking the health
of the processor engines and checking status of different units inside
pfe.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com> Signed-off-by: Anjaneyulu Jagarlmudi <anji.jagarlmudi@nxp.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Following are the main driver files:-
pfe_hw.c: provides low level helper functions to initialize PFE
internal processor engines and other hardware blocks
pfe_driver.c: provides initialization functions
and packet send and receive functions
pfe_eth.c: provides high level gemac initialization functions
pfe_firmware.c: provides functions to load firmware into PFE
internal processor engines.
pfe_mdio.c: provides functions to initialize phy and mdio.
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com> Signed-off-by: Anjaneyulu Jagarlmudi <anji.jagarlmudi@nxp.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Calvin Johnson [Thu, 8 Mar 2018 10:00:23 +0000 (15:30 +0530)]
drivers: net: phy: Fix aquantia compilation with DM
With CONFIG_DM_ETH enabled, aquantia driver compilation fails with
below error. This patch fixes the issue by including dm.h.
drivers/net/phy/aquantia.c: In function ‘aquantia_startup’:
drivers/net/phy/aquantia.c:73:21: error: dereferencing pointer to
incomplete
type ‘struct udevice’
phydev->dev->name);
^~
Signed-off-by: Calvin Johnson <calvin.johnson@nxp.com> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
net: phy: Add PHY_RTL8211E_PINE64_GIGABIT_FIX for realtek phys
Setting PHY_RTL8211E_PINE64_GIGABIT_FIX forces internal rx/tx delays off
on the PHY, as well as flipping some magical undocumented bits. The
magic number comes from the Pine64 engineering team, presumably as a
proxy from Realtek. This configuration fixes the throughput on some
Pine64 models. Packet loss of up to 60-70% has been observed without
this.
Signed-off-by: Kyle Evans <kevans@FreeBSD.org> Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Tuomas Tynkkynen [Tue, 13 Mar 2018 13:23:04 +0000 (15:23 +0200)]
tools: Make kwboot build if HOST_TOOLS_ALL=y
The kwboot tool for Marvell devices isn't currently being built even if
HOST_TOOLS_ALL is set. It doesn't appear to depend on any CONFIG_
options, so it seems appropriate to enable building it here.
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
Ashish Kumar [Mon, 19 Feb 2018 08:46:58 +0000 (14:16 +0530)]
armv8: ls1088aqds: Add IFC-NOR as boot source for LS1088
IFC-NOR and QSPI-NOR pins are multiplexed on SoC, so they cannot be
accessed simultaneously. IFC-NOR can be accessed along with SD-BOOT.
Ls1088aqds_sdcard_ifc_defconfig is default config for SD boot and
IFC-NOR to be used as flash. This allows writing to IFC-NOR flash.
QSPI and DSPI cannot be accessed in this defconfig.
IFC-NOR image is generated using ls1088aqds_defconfig.
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com> Reviewed-by: York Sun <york.sun@nxp.com>
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:36 +0000 (16:50 +0000)]
bootm: optee: Add a bootm command for type IH_OS_TEE
This patch makes it possible to verify the contents and location of an
OPTEE image in DRAM prior to handing off control to that image. If image
verification fails we won't try to boot any further.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Suggested-by: Andrew F. Davis <afd@ti.com> Cc: Harinarayan Bhatta <harinarayan@ti.com> Cc: Andrew F. Davis <afd@ti.com> Cc: Tom Rini <trini@konsulko.com> Cc: Kever Yang <kever.yang@rock-chips.com> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Peng Fan <peng.fan@nxp.com>
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:35 +0000 (16:50 +0000)]
image: Add IH_OS_TEE for TEE chain-load boot
This patch adds a new type IH_OS_TEE. This new OS type will be used for
chain-loading to Linux via a TEE.
With this patch in-place you can generate a bootable OPTEE image like this:
mkimage -A arm -T kernel -O tee -C none -d tee.bin uTee.optee
where "tee.bin" is the input binary prefixed with an OPTEE header and
uTee.optee is the output prefixed with a u-boot wrapper header.
This image type "-T kernel -O tee" is differentiated from the existing
IH_TYPE_TEE "-T tee" in that the IH_TYPE is installed by u-boot (flow
control returns to u-boot) whereas for the new IH_OS_TEE control passes to
the OPTEE firmware and the firmware chainloads onto Linux.
BootROM
|
-------------
|
v
SPL
|
v
U-Boot ------>
<----- OP-TEE
|
V
Linux
IH_TYPE_TEE: (mkimage -T tee)
Non-Secure Secure
BootROM
|
-------------
|
v
SPL ------->
<----- OP-TEE
|
v
U-Boot
|
V
Linux
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Suggested-by: Andrew F. Davis <afd@ti.com> Cc: Harinarayan Bhatta <harinarayan@ti.com> Cc: Andrew F. Davis <afd@ti.com> Cc: Tom Rini <trini@konsulko.com> Cc: Kever Yang <kever.yang@rock-chips.com> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Peng Fan <peng.fan@nxp.com> Link: http://mrvan.github.io/optee-imx6ul
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:34 +0000 (16:50 +0000)]
optee: Add error printout
When encountering an error in OPTEE verification print out various details
of the OPTEE header to aid in further debugging of encountered errors.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta <harinarayan@ti.com> Cc: Andrew F. Davis <afd@ti.com> Cc: Tom Rini <trini@konsulko.com> Cc: Kever Yang <kever.yang@rock-chips.com> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Peng Fan <peng.fan@nxp.com> Tested-by: Peng Fan <peng.fan@nxp.com>
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:33 +0000 (16:50 +0000)]
optee: Add optee_verify_bootm_image()
This patch adds optee_verify_bootm_image() which will be subsequently used
to verify the parameters encoded in the OPTEE header match the memory
allocated to the OPTEE region, OPTEE header magic and version prior to
handing off control to the OPTEE image.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta <harinarayan@ti.com> Cc: Andrew F. Davis <afd@ti.com> Cc: Tom Rini <trini@konsulko.com> Cc: Kever Yang <kever.yang@rock-chips.com> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Peng Fan <peng.fan@nxp.com>
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:32 +0000 (16:50 +0000)]
optee: Add optee_image_get_load_addr()
This patch adds optee_image_get_load_addr() a helper function used to
calculate the load-address of an OPTEE image based on the lower
entry-point address given in the OPTEE header.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta <harinarayan@ti.com> Cc: Andrew F. Davis <afd@ti.com> Cc: Tom Rini <trini@konsulko.com> Cc: Kever Yang <kever.yang@rock-chips.com> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Peng Fan <peng.fan@nxp.com> Tested-by: Peng Fan <peng.fan@nxp.com>
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:31 +0000 (16:50 +0000)]
optee: Add optee_image_get_entry_point()
Add a helper function for extracting the least significant 32 bits from the
OPTEE entry point address, which will be good enough to load OPTEE binaries
up to (2^32)-1 bytes.
We may need to extend this out later on but for now (2^32)-1 should be
fine.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Harinarayan Bhatta <harinarayan@ti.com> Cc: Andrew F. Davis <afd@ti.com> Cc: Tom Rini <trini@konsulko.com> Cc: Kever Yang <kever.yang@rock-chips.com> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Peng Fan <peng.fan@nxp.com> Tested-by: Peng Fan <peng.fan@nxp.com>
Bryan O'Donoghue [Tue, 13 Mar 2018 16:50:30 +0000 (16:50 +0000)]
optee: Add CONFIG_OPTEE_LOAD_ADDR
CONFIG_OPTEE_LOAD_ADDR is used to tell u-boot where to load the OPTEE
binary into memory prior to handing off control to OPTEE.
We need to pull this value out of u-boot in order to produce an IMX IVT/CSF
signed pair for the purposes of secure boot. The best way to do that is to
have CONFIG_OPTEE_LOAD_ADDR appear in u-boot.cfg.
Adding new CONFIG entires to u-boot should be kconfig driven so this patch
does just that.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Reviewed-by: Ryan Harkin <ryan.harkin@linaro.org>