Igor Opaniuk [Sun, 3 Jun 2018 18:56:43 +0000 (21:56 +0300)]
doc: avb2.0: add README about AVB2.0 integration
Contains:
1. Overview of Android Verified Boot 2.0
2. Description of avb subset of commands
3. Examples of errors when boot/vendor/system/vbmeta partitions
are tampered
4. Examples of enabling AVB2.0 on your setup
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Igor Opaniuk [Sun, 3 Jun 2018 18:56:42 +0000 (21:56 +0300)]
test/py: avb2.0: add tests for avb commands
1. Run AVB 2.0 full verification chain, avb verify
2. Check if 'avb get_uuid' works, compare results with
'part list mmc 1' output
3. Test `avb read` commands, which reads N bytes from a partition
identified by a name
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Igor Opaniuk [Sun, 3 Jun 2018 18:56:41 +0000 (21:56 +0300)]
am57xx_hs: avb2.0: add support of AVB 2.0
1. Add vbmeta partition info to android partition layout for TI
platforms.
2. Add support of AVB 2.0 (including avb subset of commands) for am57xx HS
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
[trini: Move to include/environment/ti/boot.h, reword commit slightly] Signed-off-by: Tom Rini <trini@konsulko.com>
Igor Opaniuk [Sun, 3 Jun 2018 18:56:39 +0000 (21:56 +0300)]
cmd: avb2.0: avb command for performing verification
Enable a "avb" command to execute Android Verified
Boot 2.0 operations. It includes such subcommands:
avb init - initialize avb2 subsystem
avb read_rb - read rollback index
avb write_rb - write rollback index
avb is_unlocked - check device lock state
avb get_uuid - read and print uuid of a partition
avb read_part - read data from partition
avb read_part_hex - read data from partition and output to stdout
avb write_part - write data to partition
avb verify - run full verification chain
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Igor Opaniuk [Sun, 3 Jun 2018 18:56:38 +0000 (21:56 +0300)]
avb2.0: implement AVB ops
Implement AVB ops on top of existing mmc subsystem API. Currently there
is a full implementation of such operations, defined by [1]
AVB2.0 specification:
.read_from_partition() - reads N bytes from a partition identified by
a name.
.write_to_partition() - Writes N bytes to a partition identified by a name.
.validate_vbmeta_public_key() - checks if the given public ‘vbmeta’
partition is trusted.
.get_unique_guid_for_partition() - Gets the GUID for a partition identified
by a string name.
As [1] specification recommends to use tamper-evident storage for storing
rollback indexes and device state (LOCKED/UNLOCKED),
currently are only stubs instead of full implementation for these ops:
.read_rollback_index() - Gets the rollback index for a given index location
.write_rollback_index() - Sets the rollback index to a given location
.read_is_device_unlocked() - Gets where the device is unlocked
Igor Opaniuk [Sun, 3 Jun 2018 18:56:36 +0000 (21:56 +0300)]
avb2.0: add Android Verified Boot 2.0 library
Add libavb lib (3rd party library from AOSP), that implements support of
AVB 2.0. This library is used for integrity checking of Android partitions
on eMMC.
libavb was added as it is and minimal changes were introduced to reduce
maintenance cost, because it will be deviated from AOSP upstream in the future.
Changes:
- license headers changed to conform SPDX-style
- avb_crc32.c dropped
- updates in avb_sysdeps_posix.c/avb_sysdeps.h
Jon Nettleton [Thu, 7 Jun 2018 13:17:37 +0000 (16:17 +0300)]
mx6cuboxi: fix 4GB ddr memory detection
The soms with 4GB ddr have a rowaddr of 16 not 15, this allows
the detection mechanism to properly identify them as 4GB.
However these soms can be populated with whatever amount of
memory the customer requests therefor we need a ram stride test.
We can not use the get_ram_size() function because not all 4GB's
of DDR is addressable on a 32-bit architecture. Therefore instead
we use a memory stride of 128MB's and look for the address that
the memory wraps. This function is used for all som types to
catch most memory configurations.
This is a revised version of Rabeeh Khoury's original code.
Jon Nettleton [Thu, 7 Jun 2018 13:17:36 +0000 (16:17 +0300)]
mx6cuboxi: consolidate board detection and add som revision checking
In order to properly detect the board the checks need to be done
in a specific order. Move these tests back into a single enum
function that will always return the proper the board it is checking.
This also adds the best test we have for detecting the rev 1.5 som,
and it simplifies the device-tree filename building.
Mans Rullgard [Fri, 27 Apr 2018 09:45:15 +0000 (10:45 +0100)]
ARM: mxs: let boards override entire dram parameter table
If many values differ from the defaults, overriding the full table
is simpler and more space efficient than tweaking it through
mxs_adjust_memory_params().
Ye Li [Mon, 14 May 2018 12:44:29 +0000 (09:44 -0300)]
imx: Enable ACTLR.SMP bit for all i.MX cortex-a7 platforms
According to the Cortex-A7 TRM, for ACTLR.SMP bit "You must ensure this bit
is set to 1 before the caches and MMU are enabled, or any cache and TLB
maintenance operations are performed".
ROM sets this bit in normal boot flow, but when in serial download mode,
it is not set.
Here we add it in u-boot as a common flow for all i.MX cortex-a7 platforms,
including mx7d, mx6ul/ull and mx7ulp.
Signed-off-by: Ye Li <ye.li@nxp.com>
[fabio: adapted to U-Boot mainline codebase and make checkpatch happy] Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Lukasz Majewski [Fri, 11 May 2018 14:51:04 +0000 (16:51 +0200)]
display5: config: Reset the board when bootm fails
Since display5 is now supporting boot counting, we can just reset the
board when bootm fails (i.e. it doesn't boot the fitImage kernel for
any reason).
Bin Meng [Tue, 12 Jun 2018 15:36:22 +0000 (08:36 -0700)]
dm: video: Add an EFI framebuffer driver
This adds a DM video driver for U-Boot as the EFI payload. The driver
makes use of all necessary information from the passed EFI GOP info
to create a linear framebuffer device, as if it were initialized by
U-Boot itself.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Anatolij Gustschin <agust@denx.de>
Bin Meng [Tue, 12 Jun 2018 15:36:21 +0000 (08:36 -0700)]
efi: stub: Pass EFI GOP information to U-Boot payload
If UEFI BIOS has the graphics output protocol (GOP), let's pass its
information to U-Boot payload so that U-Boot can utilize it (eg:
an EFI framebuffer driver).
Signed-off-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Bin Meng [Tue, 12 Jun 2018 15:36:18 +0000 (08:36 -0700)]
x86: Add generic EFI payload support
It is possible to create a generic EFI payload for all x86 boards.
The payload is configured to include as many generic drivers as
possible. All stuff that touches low-level initialization are not
allowed as such is the EFI BIOS's responsibility. Platform specific
drivers (like gpio, spi, etc) are not included.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Bin Meng [Tue, 12 Jun 2018 15:36:16 +0000 (08:36 -0700)]
x86: efi: Refactor the directory of EFI app and payload support
At present the EFI application and payload support codes in the x86
directory is distributed in a hybrid way. For example, the Kconfig
options for both app and payload are in arch/x86/lib/efi/Kconfig,
but the source codes in the same directory get built only for
CONFIG_EFI_STUB.
This refactors the codes by consolidating all the EFI support codes
into arch/x86/cpu/efi, just like other x86 targets.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Bin Meng [Tue, 12 Jun 2018 15:36:13 +0000 (08:36 -0700)]
x86: doc: Fix reference to EFI doc in U-Boot
Since commit f3b5056c4e72 ("efi_loader: split README.efi into two
separate documents"), the original README.efi was renamed to
README.u-boot_on_efi, but x86 doc still refers to the old one.
This updates the x86 doc to reference both README.u-boot_on_efi and
README.uefi.
Ivan Gorinov [Thu, 14 Jun 2018 00:27:39 +0000 (17:27 -0700)]
x86: use EFI calling convention for efi_main on x86_64
UEFI specifies the calling convention used in Microsoft compilers;
first arguments of a function are passed in (%rcx, %rdx, %r8, %r9).
All other compilers use System V ABI by default, passing first integer
arguments of a function in (%rdi, %rsi, %rdx, %rcx, %r8, %r9).
These ABI also specify different sets of registers that must be preserved
across function calls (callee-saved).
GCC allows using the Microsoft calling convention by adding the ms_abi
attribute to a function declaration.
Current EFI implementation in U-Boot specifies EFIAPI for efi_main()
in the test apps but uses default calling convention in lib/efi.
Save efi_main() arguments in the startup code on x86_64;
use EFI calling convention for _relocate() on x86_64;
consistently use EFI calling convention for efi_main() everywhere.
Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com> Reviewed-by: Alexander Graf <agraf@suse.de> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Hauke Mehrtens [Sat, 9 Jun 2018 16:33:37 +0000 (18:33 +0200)]
sun8i: h2: Add initial Orange Pi R1 support
Orange Pi R1 is an open-source single-board computer using the
Allwinner H2+ SOC.
H2+ Orange Pi R1 has
- Quad-core Cortex-A7
- 256MB DDR3
- micrSD slot
- 128MBit SPI Nor flash
- Debug TTL UART
- 100MBit/s Ethernet (H2+)
- 100MBit/s Ethernet (RTL8152B)
- Wifi (RTL8189ETV)
- USB 2.0 OTG + power supply
This board is very similar to the Orange Pi Zero.
The device tree file is copied from the Linux kernel 4.17.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Maxime Ripard <maxime.ripard@bootlin.com> Reviewed-by: Jagan Teki <jagan@openedev.com>
Michal Simek [Thu, 14 Jun 2018 08:41:35 +0000 (10:41 +0200)]
serial: zynq: Initialize uart only before relocation
This issue was found when OF_LIVE was enabled that there are scrambled
chars on the console like this:
Chip ID: zu3eg
Watchdog: Started��j� sdhci@ff160000: 0, sdhci@ff170000: 1
In: serial@ff010000
I found a solution for this problem exactly the same as I found later in
serial_msm fixed by:
"serial: serial_msm: initialize uart only before relocation"
(sha1: 7e5ad796bcd65772a87da236ae21cd536ae3a4d2)
What it is happening is that output TX fifo still contains chars to be
sent and _uart_zynq_serial_init() resets TX fifo even in the middle of
transfer.
Signed-off-by: Michal Simek <michal.simek@xilinx.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Michal Simek [Thu, 14 Jun 2018 07:43:34 +0000 (09:43 +0200)]
serial: zynq: Write chars till output fifo is full
Change logic and put char to fifo till there is a space in output fifo.
Origin logic was that output fifo needs to be empty. It means only one
char was in output queue.
Also remove unused ZYNQ_UART_SR_TXEMPTY macro.
Signed-off-by: Michal Simek <michal.simek@xilinx.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Luca Ceresoli [Mon, 4 Jun 2018 10:21:01 +0000 (12:21 +0200)]
arm64: zynqmp: accept an absolute path for PMUFW_INIT_FILE
The value of PMUFW_INIT_FILE is prefixed with "$(srctree)/", thus
forcing it to be a relative path inside the U-Boot source tree. Since
the PMUFW is a binary file generated outside of U-Boot, the PMUFW
binary must be copied inside the U-Boot source tree before the
build.
This generates a few problems:
* if the source tree is shared among different out-of-tree builds,
they will pollute (and potentially corrupt) each other
* the source tree cannot be read-only
* any buildsystem must add a command to copy the PMUFW binary
* putting an externally-generated binary in the source tree is ugly
as hell
Avoid these problems by accepting an absolute path for
PMUFW_INIT_FILE. This would be as simple as removing the "$(srctree)/"
prefix, but in order to keep backward compatibility we rather use the
shell and readlink to get the absolute path even when starting from a
relative path.
Since 'readlink -f' produces an empty string if the file does not
exist, we also add a check to ensure the file configured in
PMUFW_INIT_FILE exists. Otherwise the build would exit successfully,
but produce a boot.bin without PMUFW as if PMUFW_INIT_FILE were empty.
Tested in the 12 possible combinations of:
- PMUFW_INIT_FILE empty, relative, absolute, non-existing
- building in-tree, in subdir, in other directory
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net> Cc: Michal Simek <michal.simek@xilinx.com> Cc: Simon Glass <sjg@chromium.org> Cc: Emmanuel Vadot <manu@bidouilliste.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Michal Simek [Fri, 8 Jun 2018 07:36:12 +0000 (09:36 +0200)]
arm: zynq: Drop #address-cells and #size-cells from gpio-keys
dtc is showing some warnings and this change was also done in
the Linux kernel as "Input: gpio-keys - clean up device tree binding
example"
with this fragment in commit message
"Drop #address-cells and #size-cells, which are not required by the
gpio-keys binding documentation, as button sub-nodes are not devices."
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
arm64: zynqmp: Split emmc configuration into emmc0 and emmc1
This patch splits the current mini emmc configuration into emmc0
and emmc1 configurations because emmc is probed at boot time and on
systems which have only one interface mini configuration is failing on
unused interface. This patch also adds required clock node in dts and
enables CONFIG_MMC_SDHCI_ZYNQ through defconfig.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Marek Vasut [Thu, 31 May 2018 13:18:18 +0000 (15:18 +0200)]
ARM: rmobile: Point load address to more sane area on Gen3
Point the $loadaddr variable and default load address to a more sane
area, 384 MiB from the start of RAM. This is to avoid all the reserved
memory at the beginning of RAM. The old behavior could still be easily
retained by "setenv loadaddr 0x48080000" . The new setup allows us to
use for example modern fitImage with kernel_noload, so use this as a
new preferred default.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Marek Vasut [Thu, 31 May 2018 13:12:53 +0000 (15:12 +0200)]
ARM: rmobile: Point load address to more sane area on Gen2
Point the $loadaddr variable and default load address to a more sane
area, 256 MiB from the start of RAM. While it is convenient to use
uImage without copying, which is why the previous load address was
set the way it was, uImage is now legacy. This behavior could still
be easily retained by "setenv loadaddr 0x40007fc0" . The new setup
allows us to use for example modern fitImage with kernel_noload, so
use this as a new preferred default.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Marek Vasut [Tue, 5 Jun 2018 18:21:30 +0000 (20:21 +0200)]
ARM: rmobile: Zap CONFIG_SYS_CLK_FREQ where applicable
The CONFIG_SYS_CLK_FREQ is not used on some of the Gen3 boards,
remove it. Moreover, on Ebisu this actually didn't match the
comment in the config file at all, but since it was not used,
there was no real problem.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
projects / u-boot / log