From 80af0fed237aca17e1d32625a77426dbd49cf47f Mon Sep 17 00:00:00 2001 From: Stefan Roese Date: Thu, 9 May 2019 10:16:20 +0200 Subject: [PATCH 01/16] dm: MIGRATION: Add migration plan for WDT (DM watchdog support) As much of the watchdog system has been migrated to DM now, formalize a deadline for migration. Please note that the old CONFIG_HW_WATCHDOG macro should be removed completely at some point. Signed-off-by: Stefan Roese Cc: Michal Simek Cc: Simon Glass Cc: Tom Rini --- Makefile | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/Makefile b/Makefile index 9fb90c0779..fa47b068ac 100644 --- a/Makefile +++ b/Makefile @@ -1014,6 +1014,17 @@ ifneq ($(CONFIG_DM_SPI_FLASH)$(CONFIG_OF_CONTROL),yy) @echo >&2 "See doc/driver-model/MIGRATION.txt for more info." @echo >&2 "====================================================" endif +endif +ifneq ($(CONFIG_WATCHDOG)$(CONFIG_HW_WATCHDOG),) +ifneq ($(CONFIG_WDT),y) + @echo >&2 "===================== WARNING ======================" + @echo >&2 "This board does not use CONFIG_WDT (DM watchdog support)." + @echo >&2 "Please update the board to use CONFIG_WDT before the" + @echo >&2 "v2019.10 release." + @echo >&2 "Failure to update by the deadline may result in board removal." + @echo >&2 "See doc/driver-model/MIGRATION.txt for more info." + @echo >&2 "====================================================" +endif endif @# Check that this build does not use CONFIG options that we do not @# know about unless they are in Kconfig. All the existing CONFIG From 3a90b50a32b6b8a2d66dc10c19e3c15d5bd1a092 Mon Sep 17 00:00:00 2001 From: Adam Ford Date: Tue, 7 May 2019 06:57:39 -0500 Subject: [PATCH 02/16] usb: ohci: ohci-da8xx: Cleanup Error handling and fix flags Per feedback from Marek, he suggested better handling and to enable DM_FLAG_OS_PREPARE, this patch re-orders some of the error checking, and errors returns the error code right away and also sets DM_FLAG_OS_PREPARE. Signed-off-by: Adam Ford --- drivers/usb/host/ohci-da8xx.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/usb/host/ohci-da8xx.c b/drivers/usb/host/ohci-da8xx.c index e8a495fde5..233df57b4d 100644 --- a/drivers/usb/host/ohci-da8xx.c +++ b/drivers/usb/host/ohci-da8xx.c @@ -93,6 +93,10 @@ static int ohci_da8xx_probe(struct udevice *dev) err = 0; priv->clock_count = 0; clock_nb = dev_count_phandle_with_args(dev, "clocks", "#clock-cells"); + + if (clock_nb < 0) + return clock_nb; + if (clock_nb > 0) { priv->clocks = devm_kcalloc(dev, clock_nb, sizeof(struct clk), GFP_KERNEL); @@ -112,9 +116,6 @@ static int ohci_da8xx_probe(struct udevice *dev) } priv->clock_count++; } - } else if (clock_nb != -ENOENT) { - dev_err(dev, "failed to get clock phandle(%d)\n", clock_nb); - return clock_nb; } err = usb_cpu_init(); @@ -170,6 +171,6 @@ U_BOOT_DRIVER(ohci_generic) = { .remove = ohci_da8xx_remove, .ops = &ohci_usb_ops, .priv_auto_alloc_size = sizeof(struct da8xx_ohci), - .flags = DM_FLAG_ALLOC_PRIV_DMA, + .flags = DM_FLAG_ALLOC_PRIV_DMA | DM_FLAG_OS_PREPARE, }; #endif From 28b4ba94811122d7a91924f62d63d8b25bfa979c Mon Sep 17 00:00:00 2001 From: Christian Gmeiner Date: Mon, 6 May 2019 15:18:54 +0200 Subject: [PATCH 03/16] ata: ahci: fix memory leak malloc(..) and memalign(..) are both allocating memory and as a result we leak the memory allocated with malloc(..). Signed-off-by: Christian Gmeiner Reviewed-by: Simon Glass --- drivers/ata/ahci.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/drivers/ata/ahci.c b/drivers/ata/ahci.c index 5fafb63aeb..188d843197 100644 --- a/drivers/ata/ahci.c +++ b/drivers/ata/ahci.c @@ -571,15 +571,12 @@ static int ahci_port_start(struct ahci_uc_priv *uc_priv, u8 port) return -1; } - mem = malloc(AHCI_PORT_PRIV_DMA_SZ + 2048); + mem = memalign(2048, AHCI_PORT_PRIV_DMA_SZ); if (!mem) { free(pp); printf("%s: No mem for table!\n", __func__); return -ENOMEM; } - - /* Aligned to 2048-bytes */ - mem = memalign(2048, AHCI_PORT_PRIV_DMA_SZ); memset(mem, 0, AHCI_PORT_PRIV_DMA_SZ); /* From 34501d6713d2ba9d6a8e8c7a1f2942cc16ef9043 Mon Sep 17 00:00:00 2001 From: Igor Opaniuk Date: Mon, 6 May 2019 12:07:31 +0300 Subject: [PATCH 04/16] test/py: avb: fix test_avb_persistent_values fail Fix test_avb_persistent_values() pytest, which was failing because of wrong size value provided from tee sandbox driver. Reported-by: Heinrich Schuchardt Signed-off-by: Igor Opaniuk --- drivers/tee/sandbox.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tee/sandbox.c b/drivers/tee/sandbox.c index a136bc9609..2f3355c7b7 100644 --- a/drivers/tee/sandbox.c +++ b/drivers/tee/sandbox.c @@ -178,7 +178,7 @@ static u32 ta_avb_invoke_func(struct udevice *dev, u32 func, uint num_params, if (!ep) return TEE_ERROR_ITEM_NOT_FOUND; - value_sz = strlen(ep->data); + value_sz = strlen(ep->data) + 1; memcpy(value, ep->data, value_sz); return TEE_SUCCESS; From dd30961ca10b6cec605881e6350253a80163440c Mon Sep 17 00:00:00 2001 From: Marek Vasut Date: Sat, 4 May 2019 19:10:05 +0200 Subject: [PATCH 05/16] env: spi: Fix incorrect entry description Fix the max frequency entry description, it's incorrect. Signed-off-by: Marek Vasut Cc: Chris Brandt Cc: Jagan Teki Cc: Tom Rini --- env/Kconfig | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/env/Kconfig b/env/Kconfig index 78300660c7..70858d3b40 100644 --- a/env/Kconfig +++ b/env/Kconfig @@ -351,14 +351,14 @@ config ENV_SPI_CS Value of the SPI chip select for environment. config USE_ENV_SPI_MAX_HZ - bool "SPI flash bus for environment" + bool "SPI flash max frequency for environment" depends on ENV_IS_IN_SPI_FLASH help Force the SPI max work clock for environment. If not defined, use CONFIG_SF_DEFAULT_SPEED. config ENV_SPI_MAX_HZ - int "Value of SPI flash max work for environment" + int "Value of SPI flash max frequency for environment" depends on USE_ENV_SPI_MAX_HZ help Value of the SPI max work clock for environment. From 048a92ea54355756292aa49a4cf88518a98ec37a Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Fri, 3 May 2019 14:28:37 -0800 Subject: [PATCH 06/16] Fix spelling of available. Signed-off-by: Vagrant Cascadian --- arch/x86/Kconfig | 2 +- arch/x86/cpu/i386/interrupt.c | 2 +- arch/x86/lib/fsp/fsp_common.c | 2 +- common/spl/Kconfig | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 45a533625a..70f939869a 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -421,7 +421,7 @@ config ENABLE_MRC_CACHE For platforms that use Intel FSP for the memory initialization, please check FSP output HOB via U-Boot command 'fsp hob' to see if there is FSP_NON_VOLATILE_STORAGE_HOB_GUID (asm/fsp/fsp_hob.h). - If such GUID does not exist, MRC cache is not avaiable on such + If such GUID does not exist, MRC cache is not available on such platform (eg: Intel Queensbay), which means selecting this option here does not make any difference. diff --git a/arch/x86/cpu/i386/interrupt.c b/arch/x86/cpu/i386/interrupt.c index 1ea415b876..47df3172b7 100644 --- a/arch/x86/cpu/i386/interrupt.c +++ b/arch/x86/cpu/i386/interrupt.c @@ -37,7 +37,7 @@ static char *exceptions[] = { "Overflow", "BOUND Range Exceeded", "Invalid Opcode (Undefined Opcode)", - "Device Not Avaiable (No Math Coprocessor)", + "Device Not Available (No Math Coprocessor)", "Double Fault", "Coprocessor Segment Overrun", "Invalid TSS", diff --git a/arch/x86/lib/fsp/fsp_common.c b/arch/x86/lib/fsp/fsp_common.c index d5ed1d5631..ed0827c6e9 100644 --- a/arch/x86/lib/fsp/fsp_common.c +++ b/arch/x86/lib/fsp/fsp_common.c @@ -138,7 +138,7 @@ int arch_fsp_init(void) } /* - * DM is not avaiable yet at this point, hence call + * DM is not available yet at this point, hence call * CMOS access library which does not depend on DM. */ stack = cmos_read32(CMOS_FSP_STACK_ADDR); diff --git a/common/spl/Kconfig b/common/spl/Kconfig index dd078fe79d..c7cd34449a 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -282,7 +282,7 @@ config SPL_SHA1_SUPPORT checksum is a 160-bit (20-byte) hash value used to check that the image contents have not been corrupted or maliciously altered. While SHA1 is fairly secure it is coming to the end of its life - due to the expanding computing power avaiable to brute-force + due to the expanding computing power available to brute-force attacks. For more security, consider SHA256. config SPL_SHA256_SUPPORT From 93e078807f2e31c25a6fbbb153f62652d75ffe0a Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Fri, 3 May 2019 22:37:05 +0200 Subject: [PATCH 07/16] Make FIT support really optional MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Due to some mistakes in the source code, it was not possible to really turn FIT support off. This commit fixes the problem by means of the following changes: - Enclose "bootm_host_load_image" and "bootm_host_load_images" between checks for CONFIG_FIT_SIGNATURE, in common/bootm.c. - Enclose the declaration of "bootm_host_load_images" between checks for CONFIG_FIT_SIGNATURE, in common/bootm.h. - Condition the compilation and linking of fit_common.o fit_image.o image-host.o common/image-fit.o to CONFIG_FIT=y, in tools/Makefile. Signed-off-by: Carlos Santos [fabio: adapt for 2016.07] Signed-off-by: Fabio Estevam [Ricardo: fix conditional compilation and linking of the files mentioned above for 2016.07] Signed-off-by: Ricardo Martincoski [Jörg: adapt for 2019.01] Signed-off-by: Jörg Krause [Retrieved from: https://git.buildroot.net/buildroot/tree/package/uboot-tools/0003-Make-FIT-support-really-optional.patch] Signed-off-by: Fabrice Fontaine --- common/bootm.c | 2 ++ include/bootm.h | 2 ++ tools/Makefile | 6 ++---- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/common/bootm.c b/common/bootm.c index b5d37d38db..d193751647 100644 --- a/common/bootm.c +++ b/common/bootm.c @@ -924,6 +924,7 @@ void memmove_wd(void *to, void *from, size_t len, ulong chunksz) memmove(to, from, len); } +#if defined(CONFIG_FIT_SIGNATURE) static int bootm_host_load_image(const void *fit, int req_image_type) { const char *fit_uname_config = NULL; @@ -988,5 +989,6 @@ int bootm_host_load_images(const void *fit, int cfg_noffset) /* Return the first error we found */ return err; } +#endif #endif /* ndef USE_HOSTCC */ diff --git a/include/bootm.h b/include/bootm.h index e2cc6d4b99..f771b733f5 100644 --- a/include/bootm.h +++ b/include/bootm.h @@ -42,7 +42,9 @@ void lynxkdi_boot(image_header_t *hdr); boot_os_fn *bootm_os_get_boot_func(int os); +#if defined(CONFIG_FIT_SIGNATURE) int bootm_host_load_images(const void *fit, int cfg_noffset); +#endif int boot_selected_os(int argc, char * const argv[], int state, bootm_headers_t *images, boot_os_fn *boot_fn); diff --git a/tools/Makefile b/tools/Makefile index eadeba417d..e2f572cae1 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -58,6 +58,7 @@ hostprogs-$(CONFIG_FIT_SIGNATURE) += fit_info fit_check_sign hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include +FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o # The following files are synced with upstream DTC. @@ -80,16 +81,13 @@ ROCKCHIP_OBS = lib/rc4.o rkcommon.o rkimage.o rksd.o rkspi.o # common objs for dumpimage and mkimage dumpimage-mkimage-objs := aisimage.o \ atmelimage.o \ + $(FIT_OBJS-y) \ $(FIT_SIG_OBJS-y) \ common/bootm.o \ lib/crc32.o \ default_image.o \ lib/fdtdec_common.o \ lib/fdtdec.o \ - fit_common.o \ - fit_image.o \ - common/image-fit.o \ - image-host.o \ common/image.o \ imagetool.o \ imximage.o \ From 59bd796801cf6bf3fb4c27d8c2309c9b603838e3 Mon Sep 17 00:00:00 2001 From: Simon Goldschmidt Date: Fri, 3 May 2019 21:19:03 +0200 Subject: [PATCH 08/16] fdt_shrink_to_minimum: do not mark fdt space reserved unconditionally This function merely relocates the fdt blob, so don't let it alter it by adding reservations that didn't exist before. Instead, if the memory used for the fdt blob has been reserved before calling this function, ensure the relocated memory is marked as reserved instead. Reported-by: Keerthy Reported-by: Lokesh Vutla Signed-off-by: Simon Goldschmidt Reviewed-by: Lokesh Vutla --- common/fdt_support.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/common/fdt_support.c b/common/fdt_support.c index ab08a0114f..4e7cf6ebe9 100644 --- a/common/fdt_support.c +++ b/common/fdt_support.c @@ -597,6 +597,7 @@ int fdt_shrink_to_minimum(void *blob, uint extrasize) uint64_t addr, size; int total, ret; uint actualsize; + int fdt_memrsv = 0; if (!blob) return 0; @@ -606,6 +607,7 @@ int fdt_shrink_to_minimum(void *blob, uint extrasize) fdt_get_mem_rsv(blob, i, &addr, &size); if (addr == (uintptr_t)blob) { fdt_del_mem_rsv(blob, i); + fdt_memrsv = 1; break; } } @@ -627,10 +629,12 @@ int fdt_shrink_to_minimum(void *blob, uint extrasize) /* Change the fdt header to reflect the correct size */ fdt_set_totalsize(blob, actualsize); - /* Add the new reservation */ - ret = fdt_add_mem_rsv(blob, map_to_sysmem(blob), actualsize); - if (ret < 0) - return ret; + if (fdt_memrsv) { + /* Add the new reservation */ + ret = fdt_add_mem_rsv(blob, map_to_sysmem(blob), actualsize); + if (ret < 0) + return ret; + } return actualsize; } From 89a5317ae274991507931cb08f5142584561ec41 Mon Sep 17 00:00:00 2001 From: Stephen Warren Date: Tue, 16 Apr 2019 16:04:49 -0600 Subject: [PATCH 09/16] test/py: don't use mmc_rd config for other mmc tests Fix test_mmc_dev(), test_mmc_rescan(), test_mmc_info() not to use the same configuration data that test_mmc_rd() does. Doing so causes the following issues: * The new code uncondtionally expects certain keys to exist in the configuration data. These keys do not exist in existing configuration data since they were not previously required, and there was no notification re: a requirement to add these new keys. This causes test failures due to thrown exceptions when accessing the non-existent keys. * The new tests logically operate on different objects. test_mmc_rd() operates on ranges of sectors on an MMC device (which may be the entire set of sectors of a device, or a part of a device), whereas all the new tests operate solely on entire devices. These are separate things, and it's entirely likely that the user will wish to runs the two types of tests on different sets of data; see the example configuration data that this commit adds. Ideally, the new tests would have been added to a separate Python file, since they aren' closely related to the existing tests. FIXME: Marek, can you please replace the "???" in this patch with some reasonable looking data? Thanks. Cc: Marek Vasut Fixes: 4ffec8cdf512 ("test/py: mmc: Add 'mmc info' test") Fixes: ce4b2cafa79c ("test/py: mmc: Add 'mmc rescan' test") Fixes: 86dfd152c917 ("test/py: mmc: Add 'mmc dev' test") Signed-off-by: Stephen Warren --- test/py/tests/test_mmc_rd.py | 85 ++++++++++++++++++++++++++++-------- 1 file changed, 66 insertions(+), 19 deletions(-) diff --git a/test/py/tests/test_mmc_rd.py b/test/py/tests/test_mmc_rd.py index 2dc715bb51..a25aa5f6f7 100644 --- a/test/py/tests/test_mmc_rd.py +++ b/test/py/tests/test_mmc_rd.py @@ -13,6 +13,53 @@ import u_boot_utils This test relies on boardenv_* to containing configuration values to define which MMC devices should be tested. For example: +# Configuration data for test_mmc_dev, test_mmc_rescan, test_mmc_info; defines +# whole MMC devices that mmc dev/rescan/info commands may operate upon. +env__mmc_dev_configs = ( + { + 'fixture_id': 'emmc-boot0', + 'is_emmc': True, + 'devid': 0, + 'partid': 1, + 'info_device': ???, + 'info_speed': ???, + 'info_mode': ???, + 'info_buswidth': ???. + }, + { + 'fixture_id': 'emmc-boot1', + 'is_emmc': True, + 'devid': 0, + 'partid': 2, + 'info_device': ???, + 'info_speed': ???, + 'info_mode': ???, + 'info_buswidth': ???. + }, + { + 'fixture_id': 'emmc-data', + 'is_emmc': True, + 'devid': 0, + 'partid': 0, + 'info_device': ???, + 'info_speed': ???, + 'info_mode': ???, + 'info_buswidth': ???. + }, + { + 'fixture_id': 'sd', + 'is_emmc': False, + 'devid': 1, + 'partid': None, + 'info_device': ???, + 'info_speed': ???, + 'info_mode': ???, + 'info_buswidth': ???. + }, +} + +# Configuration data for test_mmc_rd; defines regions of the MMC (entire +# devices, or ranges of sectors) which can be read: env__mmc_rd_configs = ( { 'fixture_id': 'emmc-boot0', @@ -85,12 +132,12 @@ def mmc_dev(u_boot_console, is_emmc, devid, partid): assert good_response in response @pytest.mark.buildconfigspec('cmd_mmc') -def test_mmc_dev(u_boot_console, env__mmc_rd_config): +def test_mmc_dev(u_boot_console, env__mmc_dev_config): """Test the "mmc dev" command. Args: u_boot_console: A U-Boot console connection. - env__mmc_rd_config: The single MMC configuration on which + env__mmc_dev_config: The single MMC configuration on which to run the test. See the file-level comment above for details of the format. @@ -98,20 +145,20 @@ def test_mmc_dev(u_boot_console, env__mmc_rd_config): Nothing. """ - is_emmc = env__mmc_rd_config['is_emmc'] - devid = env__mmc_rd_config['devid'] - partid = env__mmc_rd_config.get('partid', 0) + is_emmc = env__mmc_dev_config['is_emmc'] + devid = env__mmc_dev_config['devid'] + partid = env__mmc_dev_config.get('partid', 0) # Select MMC device mmc_dev(u_boot_console, is_emmc, devid, partid) @pytest.mark.buildconfigspec('cmd_mmc') -def test_mmc_rescan(u_boot_console, env__mmc_rd_config): +def test_mmc_rescan(u_boot_console, env__mmc_dev_config): """Test the "mmc rescan" command. Args: u_boot_console: A U-Boot console connection. - env__mmc_rd_config: The single MMC configuration on which + env__mmc_dev_config: The single MMC configuration on which to run the test. See the file-level comment above for details of the format. @@ -119,9 +166,9 @@ def test_mmc_rescan(u_boot_console, env__mmc_rd_config): Nothing. """ - is_emmc = env__mmc_rd_config['is_emmc'] - devid = env__mmc_rd_config['devid'] - partid = env__mmc_rd_config.get('partid', 0) + is_emmc = env__mmc_dev_config['is_emmc'] + devid = env__mmc_dev_config['devid'] + partid = env__mmc_dev_config.get('partid', 0) # Select MMC device mmc_dev(u_boot_console, is_emmc, devid, partid) @@ -132,12 +179,12 @@ def test_mmc_rescan(u_boot_console, env__mmc_rd_config): assert 'no card present' not in response @pytest.mark.buildconfigspec('cmd_mmc') -def test_mmc_info(u_boot_console, env__mmc_rd_config): +def test_mmc_info(u_boot_console, env__mmc_dev_config): """Test the "mmc info" command. Args: u_boot_console: A U-Boot console connection. - env__mmc_rd_config: The single MMC configuration on which + env__mmc_dev_config: The single MMC configuration on which to run the test. See the file-level comment above for details of the format. @@ -145,13 +192,13 @@ def test_mmc_info(u_boot_console, env__mmc_rd_config): Nothing. """ - is_emmc = env__mmc_rd_config['is_emmc'] - devid = env__mmc_rd_config['devid'] - partid = env__mmc_rd_config.get('partid', 0) - info_device = env__mmc_rd_config['info_device'] - info_speed = env__mmc_rd_config['info_speed'] - info_mode = env__mmc_rd_config['info_mode'] - info_buswidth = env__mmc_rd_config['info_buswidth'] + is_emmc = env__mmc_dev_config['is_emmc'] + devid = env__mmc_dev_config['devid'] + partid = env__mmc_dev_config.get('partid', 0) + info_device = env__mmc_dev_config['info_device'] + info_speed = env__mmc_dev_config['info_speed'] + info_mode = env__mmc_dev_config['info_mode'] + info_buswidth = env__mmc_dev_config['info_buswidth'] # Select MMC device mmc_dev(u_boot_console, is_emmc, devid, partid) From 02c038ddb30fa52bb3f9fc9c80ad0776398b70a7 Mon Sep 17 00:00:00 2001 From: Christoph Fritz Date: Fri, 3 May 2019 13:19:49 +0200 Subject: [PATCH 10/16] arm: zimage: add barebox image magic number For chainboot configurations or test environments, this patch allows booting barebox images by using command bootz. Signed-off-by: Christoph Fritz --- arch/arm/lib/zimage.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/arm/lib/zimage.c b/arch/arm/lib/zimage.c index 09ab331ee0..49305299b3 100644 --- a/arch/arm/lib/zimage.c +++ b/arch/arm/lib/zimage.c @@ -9,6 +9,7 @@ #include #define LINUX_ARM_ZIMAGE_MAGIC 0x016f2818 +#define BAREBOX_IMAGE_MAGIC 0x00786f62 struct arm_z_header { uint32_t code[9]; @@ -21,9 +22,10 @@ int bootz_setup(ulong image, ulong *start, ulong *end) { struct arm_z_header *zi = (struct arm_z_header *)image; - if (zi->zi_magic != LINUX_ARM_ZIMAGE_MAGIC) { + if (zi->zi_magic != LINUX_ARM_ZIMAGE_MAGIC && + zi->zi_magic != BAREBOX_IMAGE_MAGIC) { #ifndef CONFIG_SPL_FRAMEWORK - puts("Bad Linux ARM zImage magic!\n"); + puts("zimage: Bad magic!\n"); #endif return 1; } From c6833e762f682f45f4f05fea21d9a3e901b02d5a Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Thu, 2 May 2019 11:14:10 -0700 Subject: [PATCH 11/16] Add fit-dtb.blob* to .gitignore. Support for compressed fit-dtb.blob was added in: commit 95f4bbd581cf ("lib: fdt: Allow LZO and GZIP DT compression in U-Boot") Adjust .gitignore to also exclude compressed blobs. Signed-off-by: Vagrant Cascadian --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index c2afcfbca2..d8b7b77844 100644 --- a/.gitignore +++ b/.gitignore @@ -35,7 +35,7 @@ # # Top-level generic files # -fit-dtb.blob +fit-dtb.blob* /MLO* /SPL* /System.map From 3ee8d913283f724dbf9401088decee806246b6db Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Thu, 2 May 2019 11:14:11 -0700 Subject: [PATCH 12/16] Remove fit-dtb.blob* in clean target. Support for compressed fit-dtb.blob was added in: commit 95f4bbd581cf ("lib: fdt: Allow LZO and GZIP DT compression in U-Boot") Adjust Makefile to also clean compressed blobs. Signed-off-by: Vagrant Cascadian --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index fa47b068ac..d1224764ab 100644 --- a/Makefile +++ b/Makefile @@ -1791,7 +1791,7 @@ CLEAN_DIRS += $(MODVERDIR) \ $(filter-out include, $(shell ls -1 $d 2>/dev/null)))) CLEAN_FILES += include/bmp_logo.h include/bmp_logo_data.h \ - boot* u-boot* MLO* SPL System.map fit-dtb.blob + boot* u-boot* MLO* SPL System.map fit-dtb.blob* # Directories & files removed with 'make mrproper' MRPROPER_DIRS += include/config include/generated spl tpl \ From 878e2a50b50199cb06ee28df53151e396a29d838 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Thu, 2 May 2019 11:14:12 -0700 Subject: [PATCH 13/16] Set time and umask on fit-dtb.blob to ensure reproducibile builds. Support for compressed fit-dtb.blob was added in: commit 95f4bbd581cf ("lib: fdt: Allow LZO and GZIP DT compression in U-Boot") When building compressed (lzop, gzip) fit-dtb.blob images, the compression tool may embed the time or umask in the image. Work around this by manually setting the time of the source file using SOURCE_DATE_EPOCH and a hard-coded 0600 umask. With gzip, this could be accomplished by using -n/--no-name, but lzop has no current workaround: https://bugs.debian.org/896520 This is essentially the same fix applied to multi-dtb fit SPL images in: commit 8664ab7debab ("Set time and umask on multi-dtb fit images to ensure reproducibile builds.") Signed-off-by: Vagrant Cascadian --- Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Makefile b/Makefile index d1224764ab..afe3bbeaca 100644 --- a/Makefile +++ b/Makefile @@ -1058,6 +1058,10 @@ fit-dtb.blob.lzo: fit-dtb.blob fit-dtb.blob: dts/dt.dtb FORCE $(call if_changed,mkimage) +ifneq ($(SOURCE_DATE_EPOCH),) + touch -d @$(SOURCE_DATE_EPOCH) fit-dtb.blob + chmod 0600 fit-dtb.blob +endif MKIMAGEFLAGS_fit-dtb.blob = -f auto -A $(ARCH) -T firmware -C none -O u-boot \ -a 0 -e 0 -E \ From ca71186a76baafb0230e5f9c6fd5af92758abf8b Mon Sep 17 00:00:00 2001 From: Lokesh Vutla Date: Thu, 2 May 2019 15:35:50 +0530 Subject: [PATCH 14/16] tools: k3_get_x509 cert: Add a script to generate x509 certificate for K3 devices TI's K3 boot architecture mandates a x509 certificate for every boot image. While signing the image K3 ROM allows for two types of keys based on which the boot image gets loaded in different ways: - Degenerate RSA keys: This generates a signature which is equal to the digest. When ROM sees this, it does a DMA for copying the images, which significantly improves the boot time. - Any other key: Does a memcpy to load the image. This is introduced as a fallback for DMA copy. Add a script for generating boot images with the above options. Default generates image using rsa degenerate key in order to improve boot time. Signed-off-by: Lokesh Vutla Signed-off-by: Dave Gerlach Signed-off-by: Andreas Dannenberg --- tools/k3_gen_x509_cert.sh | 244 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 244 insertions(+) create mode 100755 tools/k3_gen_x509_cert.sh diff --git a/tools/k3_gen_x509_cert.sh b/tools/k3_gen_x509_cert.sh new file mode 100755 index 0000000000..b6d055f6f5 --- /dev/null +++ b/tools/k3_gen_x509_cert.sh @@ -0,0 +1,244 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause +# +# Script to add K3 specific x509 cetificate to a binary. +# + +# Variables +OUTPUT=tiboot3.bin +TEMP_X509=x509-temp.cert +CERT=certificate.bin +RAND_KEY=eckey.pem +LOADADDR=0x41c00000 +BOOTCORE_OPTS=0 +BOOTCORE=16 + +gen_degen_template() { +cat << 'EOF' > degen-template.txt + +asn1=SEQUENCE:rsa_key + +[rsa_key] +version=INTEGER:0 +modulus=INTEGER:0xDEGEN_MODULUS +pubExp=INTEGER:1 +privExp=INTEGER:1 +p=INTEGER:0xDEGEN_P +q=INTEGER:0xDEGEN_Q +e1=INTEGER:1 +e2=INTEGER:1 +coeff=INTEGER:0xDEGEN_COEFF +EOF +} + +# Generate x509 Template +gen_template() { +cat << 'EOF' > x509-template.txt + [ req ] + distinguished_name = req_distinguished_name + x509_extensions = v3_ca + prompt = no + dirstring_type = nobmp + + [ req_distinguished_name ] + C = US + ST = TX + L = Dallas + O = Texas Instruments Incorporated + OU = Processors + CN = TI support + emailAddress = support@ti.com + + [ v3_ca ] + basicConstraints = CA:true + 1.3.6.1.4.1.294.1.1 = ASN1:SEQUENCE:boot_seq + 1.3.6.1.4.1.294.1.2 = ASN1:SEQUENCE:image_integrity + 1.3.6.1.4.1.294.1.3 = ASN1:SEQUENCE:swrv +# 1.3.6.1.4.1.294.1.4 = ASN1:SEQUENCE:encryption + 1.3.6.1.4.1.294.1.8 = ASN1:SEQUENCE:debug + + [ boot_seq ] + certType = INTEGER:TEST_CERT_TYPE + bootCore = INTEGER:TEST_BOOT_CORE + bootCoreOpts = INTEGER:TEST_BOOT_CORE_OPTS + destAddr = FORMAT:HEX,OCT:TEST_BOOT_ADDR + imageSize = INTEGER:TEST_IMAGE_LENGTH + + [ image_integrity ] + shaType = OID:2.16.840.1.101.3.4.2.3 + shaValue = FORMAT:HEX,OCT:TEST_IMAGE_SHA_VAL + + [ swrv ] + swrv = INTEGER:0 + +# [ encryption ] +# initalVector = FORMAT:HEX,OCT:TEST_IMAGE_ENC_IV +# randomString = FORMAT:HEX,OCT:TEST_IMAGE_ENC_RS +# iterationCnt = INTEGER:TEST_IMAGE_KEY_DERIVE_INDEX +# salt = FORMAT:HEX,OCT:TEST_IMAGE_KEY_DERIVE_SALT + + [ debug ] + debugUID = FORMAT:HEX,OCT:0000000000000000000000000000000000000000000000000000000000000000 + debugType = INTEGER:4 + coreDbgEn = INTEGER:0 + coreDbgSecEn = INTEGER:0 +EOF +} + +parse_key() { + sed '/\ \ \ \ /s/://g' key.txt | awk '!/\ \ \ \ / {printf("\n%s\n", $0)}; /\ \ \ \ / {printf("%s", $0)}' | sed 's/\ \ \ \ //g' | awk "/$1:/{getline; print}" +} + +gen_degen_key() { +# Generate a 4096 bit RSA Key + openssl genrsa -out key.pem 1024 >>/dev/null 2>&1 + openssl rsa -in key.pem -text -out key.txt >>/dev/null 2>&1 + DEGEN_MODULUS=$( parse_key 'modulus' ) + DEGEN_P=$( parse_key 'prime1' ) + DEGEN_Q=$( parse_key 'prime2' ) + DEGEN_COEFF=$( parse_key 'coefficient' ) + gen_degen_template + + sed -e "s/DEGEN_MODULUS/$DEGEN_MODULUS/"\ + -e "s/DEGEN_P/$DEGEN_P/" \ + -e "s/DEGEN_Q/$DEGEN_Q/" \ + -e "s/DEGEN_COEFF/$DEGEN_COEFF/" \ + degen-template.txt > degenerateKey.txt + + openssl asn1parse -genconf degenerateKey.txt -out degenerateKey.der >>/dev/null 2>&1 + openssl rsa -in degenerateKey.der -inform DER -outform PEM -out $RAND_KEY >>/dev/null 2>&1 + KEY=$RAND_KEY + rm key.pem key.txt degen-template.txt degenerateKey.txt degenerateKey.der +} + +declare -A options_help +usage() { + if [ -n "$*" ]; then + echo "ERROR: $*" + fi + echo -n "Usage: $0 " + for option in "${!options_help[@]}" + do + arg=`echo ${options_help[$option]}|cut -d ':' -f1` + if [ -n "$arg" ]; then + arg=" $arg" + fi + echo -n "[-$option$arg] " + done + echo + echo -e "\nWhere:" + for option in "${!options_help[@]}" + do + arg=`echo ${options_help[$option]}|cut -d ':' -f1` + txt=`echo ${options_help[$option]}|cut -d ':' -f2` + tb="\t\t\t" + if [ -n "$arg" ]; then + arg=" $arg" + tb="\t" + fi + echo -e " -$option$arg:$tb$txt" + done + echo + echo "Examples of usage:-" + echo "# Example of signing the SYSFW binary with rsa degenerate key" + echo " $0 -c 0 -b ti-sci-firmware-am6x.bin -o sysfw.bin -l 0x40000" + echo "# Example of signing the SPL binary with rsa degenerate key" + echo " $0 -c 16 -b spl/u-boot-spl.bin -o tiboot3.bin -l 0x41c00000" +} + +options_help[b]="bin_file:Bin file that needs to be signed" +options_help[k]="key_file:file with key inside it. If not provided script generates a rsa degenerate key." +options_help[o]="output_file:Name of the final output file. default to $OUTPUT" +options_help[c]="core_id:target core id on which the image would be running. Default to $BOOTCORE" +options_help[l]="loadaddr: Target load address of the binary in hex. Default to $LOADADDR" + +while getopts "b:k:o:c:l:h" opt +do + case $opt in + b) + BIN=$OPTARG + ;; + k) + KEY=$OPTARG + ;; + o) + OUTPUT=$OPTARG + ;; + l) + LOADADDR=$OPTARG + ;; + c) + BOOTCORE=$OPTARG + ;; + h) + usage + exit 0 + ;; + \?) + usage "Invalid Option '-$OPTARG'" + exit 1 + ;; + :) + usage "Option '-$OPTARG' Needs an argument." + exit 1 + ;; + esac +done + +if [ "$#" -eq 0 ]; then + usage "Arguments missing" + exit 1 +fi + +if [ -z "$BIN" ]; then + usage "Bin file missing in arguments" + exit 1 +fi + +# Generate rsa degenerate key if user doesn't provide a key +if [ -z "$KEY" ]; then + gen_degen_key +fi + +if [ $BOOTCORE == 0 ]; then # BOOTCORE M3, loaded by ROM + CERTTYPE=2 +elif [ $BOOTCORE == 16 ]; then # BOOTCORE R5, loaded by ROM + CERTTYPE=1 +else # Non BOOTCORE, loaded by SYSFW + BOOTCORE_OPTS_VER=$(printf "%01x" 1) + # Add input args option for SET and CLR flags. + BOOTCORE_OPTS_SETFLAG=$(printf "%08x" 0) + BOOTCORE_OPTS_CLRFLAG=$(printf "%08x" 0x100) # Clear FLAG_ARMV8_AARCH32 + BOOTCORE_OPTS="0x$BOOTCORE_OPTS_VER$BOOTCORE_OPTS_SETFLAG$BOOTCORE_OPTS_CLRFLAG" + # Set the cert type to zero. + # We are not using public/private key store now + CERTTYPE=$(printf "0x%08x" 0) +fi + +SHA_VAL=`openssl dgst -sha512 -hex $BIN | sed -e "s/^.*= //g"` +BIN_SIZE=`cat $BIN | wc -c` +ADDR=`printf "%08x" $LOADADDR` + +gen_cert() { + #echo "Certificate being generated :" + #echo " LOADADDR = 0x$ADDR" + #echo " IMAGE_SIZE = $BIN_SIZE" + #echo " CERT_TYPE = $CERTTYPE" + sed -e "s/TEST_IMAGE_LENGTH/$BIN_SIZE/" \ + -e "s/TEST_IMAGE_SHA_VAL/$SHA_VAL/" \ + -e "s/TEST_CERT_TYPE/$CERTTYPE/" \ + -e "s/TEST_BOOT_CORE_OPTS/$BOOTCORE_OPTS/" \ + -e "s/TEST_BOOT_CORE/$BOOTCORE/" \ + -e "s/TEST_BOOT_ADDR/$ADDR/" x509-template.txt > $TEMP_X509 + openssl req -new -x509 -key $KEY -nodes -outform DER -out $CERT -config $TEMP_X509 -sha512 +} + +gen_template +gen_cert +cat $CERT $BIN > $OUTPUT + +# Remove all intermediate files +rm $TEMP_X509 $CERT x509-template.txt +if [ "$KEY" == "$RAND_KEY" ]; then + rm $RAND_KEY +fi From a325796da48c3623b9e572dc329f97b83ec2a01c Mon Sep 17 00:00:00 2001 From: Lokesh Vutla Date: Thu, 2 May 2019 15:35:51 +0530 Subject: [PATCH 15/16] arm: k3: config.mk: Use k3_gen_x509_cert.sh to generate boot images Instead of overlading makefile, use the k3_gen_x509_cert.sh script to generate boot images. Signed-off-by: Lokesh Vutla --- arch/arm/mach-k3/config.mk | 33 ++++---------------------- tools/k3_x509template.txt | 48 -------------------------------------- 2 files changed, 4 insertions(+), 77 deletions(-) delete mode 100644 tools/k3_x509template.txt diff --git a/arch/arm/mach-k3/config.mk b/arch/arm/mach-k3/config.mk index 2d8f61f9db..f6b63db349 100644 --- a/arch/arm/mach-k3/config.mk +++ b/arch/arm/mach-k3/config.mk @@ -11,31 +11,11 @@ ifeq ($(shell which openssl),) $(error "No openssl in $(PATH), consider installing openssl") endif -SHA_VALUE= $(shell openssl dgst -sha512 -hex $(obj)/u-boot-spl.bin | sed -e "s/^.*= //g") IMAGE_SIZE= $(shell cat $(obj)/u-boot-spl.bin | wc -c) -LOADADDR= $(shell echo $(CONFIG_SPL_TEXT_BASE) | sed -e "s/^0x//g") MAX_SIZE= $(shell printf "%d" $(CONFIG_SYS_K3_MAX_DOWNLODABLE_IMAGE_SIZE)) -# Parameters to get populated into the x509 template -SED_OPTS= -e s/TEST_IMAGE_LENGTH/$(IMAGE_SIZE)/ -SED_OPTS+= -e s/TEST_IMAGE_SHA_VAL/$(SHA_VALUE)/ -SED_OPTS+= -e s/TEST_CERT_TYPE/1/ # CERT_TYPE_PRIMARY_IMAGE_BIN -SED_OPTS+= -e s/TEST_BOOT_CORE/$(CONFIG_SYS_K3_BOOT_CORE_ID)/ -SED_OPTS+= -e s/TEST_BOOT_ARCH_WIDTH/32/ -SED_OPTS+= -e s/TEST_BOOT_ADDR/$(LOADADDR)/ - -# Command to generate ecparam key -quiet_cmd_genkey = OPENSSL $@ -cmd_genkey = openssl ecparam -out $@ -name prime256v1 -genkey - -# Command to generate x509 certificate -quiet_cmd_gencert = OPENSSL $@ -cmd_gencert = cat $(srctree)/tools/k3_x509template.txt | sed $(SED_OPTS) > u-boot-spl-x509.txt; \ - openssl req -new -x509 -key $(KEY) -nodes -outform DER -out $@ -config u-boot-spl-x509.txt -sha512 - -# If external key is not provided, generate key using openssl. ifeq ($(CONFIG_SYS_K3_KEY), "") -KEY=u-boot-spl-eckey.pem +KEY="" # On HS use real key or warn if not available ifeq ($(CONFIG_TI_SECURE_DEVICE),y) ifneq ($(wildcard $(TI_SECURE_DEV_PKG)/keys/custMpk.pem),) @@ -48,15 +28,9 @@ else KEY=$(patsubst "%",$(srctree)/%,$(CONFIG_SYS_K3_KEY)) endif -u-boot-spl-eckey.pem: FORCE - $(call if_changed,genkey) - # tiboot3.bin is mandated by ROM and ROM only supports R5 boot. # So restrict tiboot3.bin creation for CPU_V7R. ifdef CONFIG_CPU_V7R -u-boot-spl-cert.bin: $(KEY) $(obj)/u-boot-spl.bin image_check FORCE - $(call if_changed,gencert) - image_check: $(obj)/u-boot-spl.bin FORCE @if [ $(IMAGE_SIZE) -gt $(MAX_SIZE) ]; then \ echo "===============================================" >&2; \ @@ -66,8 +40,9 @@ image_check: $(obj)/u-boot-spl.bin FORCE exit 1; \ fi -tiboot3.bin: u-boot-spl-cert.bin $(obj)/u-boot-spl.bin FORCE - $(call if_changed,cat) +tiboot3.bin: image_check FORCE + $(srctree)/tools/k3_gen_x509_cert.sh -c 16 -b $(obj)/u-boot-spl.bin \ + -o $@ -l $(CONFIG_SPL_TEXT_BASE) -k $(KEY) ALL-y += tiboot3.bin endif diff --git a/tools/k3_x509template.txt b/tools/k3_x509template.txt deleted file mode 100644 index f176ff3ad2..0000000000 --- a/tools/k3_x509template.txt +++ /dev/null @@ -1,48 +0,0 @@ - [ req ] - distinguished_name = req_distinguished_name - x509_extensions = v3_ca - prompt = no - dirstring_type = nobmp - - [ req_distinguished_name ] - C = US - ST = TX - L = Dallas - O = Texas Instruments Incorporated - OU = Processors - CN = TI Support - emailAddress = support@ti.com - - [ v3_ca ] - basicConstraints = CA:true - 1.3.6.1.4.1.294.1.1 = ASN1:SEQUENCE:boot_seq - 1.3.6.1.4.1.294.1.2 = ASN1:SEQUENCE:image_integrity - 1.3.6.1.4.1.294.1.3 = ASN1:SEQUENCE:swrv -# 1.3.6.1.4.1.294.1.4 = ASN1:SEQUENCE:encryption - 1.3.6.1.4.1.294.1.8 = ASN1:SEQUENCE:debug - - [ boot_seq ] - certType = INTEGER:TEST_CERT_TYPE - bootCore = INTEGER:TEST_BOOT_CORE - bootCoreOpts = INTEGER:TEST_BOOT_ARCH_WIDTH - destAddr = FORMAT:HEX,OCT:TEST_BOOT_ADDR - imageSize = INTEGER:TEST_IMAGE_LENGTH - - [ image_integrity ] - shaType = OID:2.16.840.1.101.3.4.2.3 - shaValue = FORMAT:HEX,OCT:TEST_IMAGE_SHA_VAL - - [ swrv ] - swrv = INTEGER:0 - -# [ encryption ] -# initalVector = FORMAT:HEX,OCT:TEST_IMAGE_ENC_IV -# randomString = FORMAT:HEX,OCT:TEST_IMAGE_ENC_RS -# iterationCnt = INTEGER:TEST_IMAGE_KEY_DERIVE_INDEX -# salt = FORMAT:HEX,OCT:TEST_IMAGE_KEY_DERIVE_SALT - - [ debug ] - debugUID = FORMAT:HEX,OCT:0000000000000000000000000000000000000000000000000000000000000000 - debugType = INTEGER:4 - coreDbgEn = INTEGER:0 - coreDbgSecEn = INTEGER:0 From 0d7b6cffa532eecfdc7cb87c2c65cd311344981f Mon Sep 17 00:00:00 2001 From: Lokesh Vutla Date: Thu, 2 May 2019 15:35:52 +0530 Subject: [PATCH 16/16] remoteproc: k3_system_controller: Increase rx timeout There is one case where 400ms is not sufficient for loading the system firmware: - System firmware is not signed with rsa degenerate key. - ROM loading the sysfw directly from SPI flash which is in memory mapped mode. The above scenario is definitely not desired in production use cases as it effects boot time. But still keeping this support as this is a valid boot scenario. Signed-off-by: Lokesh Vutla --- drivers/remoteproc/k3_system_controller.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/remoteproc/k3_system_controller.c b/drivers/remoteproc/k3_system_controller.c index 214ea18d8a..44e56c759f 100644 --- a/drivers/remoteproc/k3_system_controller.c +++ b/drivers/remoteproc/k3_system_controller.c @@ -301,7 +301,7 @@ static int k3_sysctrler_probe(struct udevice *dev) static const struct k3_sysctrler_desc k3_sysctrler_am654_desc = { .host_id = 4, /* HOST_ID_R5_1 */ - .max_rx_timeout_us = 400000, + .max_rx_timeout_us = 800000, .max_msg_size = 60, };