Age | Commit message (Collapse) | Author |
|
When SECURE_BOOT enabled, use HAB verify
Trusty OS image or check its IVT available.
If not available, bootloader consider the TOS
lost unexpected and wipe all data on disk.
Then enter limited fastboot mode. In this situation
only bootloader and tos is able to flash, gpt won't
be available for external.
Change-Id: I04f037f5bd5a51f53174b5b99b2c3053182a8fcf
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
|
|
The BCB_SUPPORT is not needed by fastboot to support uuu, change it to
disabled at default. Android header file explicitly enables this
config, so there is no impact to android.
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 36fd8fd0d5f34d69ef9a1a3833f3f052d64a25b3)
|
|
This fix a wrong trace error while executing caam genlob command.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
|
|
Fix build warning below:
cmd/fastboot.c: In function ‘do_fastboot’:
cmd/fastboot.c:19:8: warning: variable ‘usb_controller’ set but not used [-Wunused-but-set-variable]
char *usb_controller;
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit ea5057f74288407dfce2de3a7130f607e7006344)
|
|
Porting the FSL android fastboot features from imx u-boot v2017.03 to
support all SoCs: imx6/imx7/imx7ulp/imx8/imx8m
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
Add the fsl CAAM driver and new commands to implement DEK blob operations,
like "caam genblob" to generate encrypted blob and "caam decap" to output
orignal plain data.
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
New APIs are used for get the value of environment variable, the old will
get build error.
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
This patch enable blob command for mScale platforms.
Signed-off-by: Aymen Sghaier <aymen.sghaier@nxp.com>
(cherry picked from commit 895669394f6aae633abf6ea3f327d6093562edde)
|
|
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
(cherry picked from commit 03cb71cd22ff6ab1e2005a4bcb183c65f49b6e4e)
|
|
U-Boot can instantiate CAAM RNG if needed by crypto operations.
Call sec_init() prior running a blob operation to ensure
RNG is correctly instantiated.
Make sure CAAM clock is enabled and check if a job ring is
available for that operation.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit b2b745515d06f05ea288524e26cf2389d6924ff2)
|
|
In order to build CMD_BLOB on i.MX CAAM supported devices it's
necessary to select SECURE_BOOT. Add SECURE_BOOT and CAAM supported
SoCs as dependency.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 4afb519038d190687cac6d410e9ad65d0655f1c0)
|
|
When IMX_OPTEE is enabled for secure boot, update bootm to authenticate the optee
image and the kernel zImage before booting into optee.
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit d3bee08f12f1d41c83c47773aec6cfa28056694a)
|
|
When secure boot is enabled, add authenticate_image in booti to authenticate
kernel image.
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit f29a143cdb8c74566113737e9be7e1bcd8c625f4)
|
|
To support the trust boot chain, we integrate the authentication
into the kernel image loading process. The kernel image will be verified
at its load address. So when signing the kernel image, we need to
use this load address which may change on different platforms.
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 3c118b8d6bbe1a25ca8c8bafeb528309f16fc73d)
(cherry picked from commit fd9a9759ed9b3a9fc26b18aff00880382213b1ca)
|
|
When sata stop is executed, the sata_curr_device is not reset to -1, so
any following sata commands will not initialize the sata again and cause
problem.
Additional, in sata init implementation, the sata_curr_device should be updated,
otherwise sata will be initialized again when doing other sata commands like
read/write/info/part/device.
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.
This commit moves the header code:
include/libfdt.h -> include/linux/libfdt.h
include/libfdt_env.h -> include/linux/libfdt_env.h
and replaces include directives:
#include <libfdt.h> -> #include <linux/libfdt.h>
#include <libfdt_env.h> -> #include <linux/libfdt_env.h>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
|
|
Enable networking command only when NET is enabled.
And remove selecting NET for CMD_NET
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Fix some style violations in the MDIO command.
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Mario Six <mario.six@gdsys.cc>
|
|
This converts the following to Kconfig:
CONFIG_BOOTP_BOOTPATH
CONFIG_BOOTP_DNS
CONFIG_BOOTP_GATEWAY
CONFIG_BOOTP_HOSTNAME
CONFIG_BOOTP_PXE
CONFIG_BOOTP_SUBNETMASK
CONFIG_CMDLINE_EDITING
CONFIG_AUTO_COMPLETE
CONFIG_SYS_LONGHELP
CONFIG_SUPPORT_RAW_INITRD
CONFIG_ENV_VARS_UBOOT_CONFIG
Signed-off-by: Adam Ford <aford173@gmail.com>
[trini: Re-run the migration]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
When FASTBOOT is activated, only one the supported device is supported in
code at the same time
- CONFIG_FASTBOOT_FLASH_MMC_DEV
- CONFIG_FASTBOOT_FLASH_NAND_DEV
But Today the choice is not exclusive in Kconfig
and that cause Kconfig issue when :
- CONFIG_FASTBOOT, CONFIG_MMC, CONFIG_NAND are activated
- CONFIG_FASTBOOT_FLASH_MMC_DEV = 0
- CONFIG_FASTBOOT_FLASH_NAND_DEV is not activated
The patch add a choice in Kconfig to select the FLASH provider
- CONFIG_FASTBOOT_FLASH_MMC
- CONFIG_FASTBOOT_FLASH_NAND
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Acked-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
|
Do the following to make the symbol names less confusing.
sed -i "s/\([TU][^_]\+\)_FUNCTION_DFU/DFU_OVER_\1/g" \
`git grep _FUNCTION_DFU | cut -d ":" -f 1 | sort -u`
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Lukasz Majewski <lukma@denx.de>
|
|
Clean up the screaming mess of configuration options that DFU is.
It was impossible to configure DFU such that TFTP is enabled and
USB is not, this patch fixes that and assures that DFU TFTP and
DFU USB can be enabled separatelly and that the correct pieces
of code are compiled in.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Lukasz Majewski <lukma@denx.de>
|
|
Cosmetic change.
Signed-off-by: Andre Heider <a.heider@gmail.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Acked-by: Stefan Agner <stefan.agner@toradex.com>
|
|
To debug device tree issues involving 32- and 64-bit platforms, it is useful to
have a generic 64-bit platform available.
Add a version of the sandbox that uses 64-bit integers for its physical
addresses as well as a modified device tree.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Added CONFIG_SYS_TEXT_BASE to configs/sandbox64_defconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Configuration option CMD_SCSI should be placed in the same submenu as
CMD_SATA and CMD_MMC.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
With commit 6808ef9ac2a6 ("move booti_setup to arch/arm/lig/image.c"),
images->ep has not been set at this point.
Fixes: 6808ef9ac2a6 ("move booti_setup to arch/arm/lig/image.c")
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Bin Chen <bin.chen@linaro.org>
|
|
Convert the CONFIG_CMD_FITUPD symbol to Kconfig.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
|
|
The bootefi command is missing in the online help for
bootefi bootmgr.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
|
config_fallbacks.h has some logic that sets HAVE_BLOCK_DEVICE
based on a list of enabled options. Moving HAVE_BLOCK_DEVICE to
Kconfig allows us to drastically shrink the logic in
config_fallbacks.h
Signed-off-by: Adam Ford <aford173@gmail.com>
[trini: Rename HAVE_BLOCK_DEVICE to CONFIG_BLOCK_DEVICE]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
config_fallback.h has some logic that checks a variety of options
and selects LIB_UUID if it hasn't already been selected. This
will all LIB_UUID in Kconfig and select this option for the list
of options to allow us to remove the logic from fallbacks
Signed-off-by: Adam Ford <aford173@gmail.com>
|
|
Follow bootz's pattern by moving the booti_setup to arch/arm/lib.
This allows to use booti_setup in other paths, e.g booting
an Android image containing Image format.
Note that kernel relocation is move out of booti_setup and it is the
caller's responsibility to do it and allows them do it differently. say,
cmd/booti.c just do a manually, while in the bootm path, we can use
bootm_load_os(with some changes).
Signed-off-by: Bin Chen <bin.chen@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
cmd/Makefile has:
ifdef CONFIG_FPGA
obj-$(CONFIG_CMD_FPGA) += fpga.o
endif
which means that if CONFIG_FPGA is not set, CONFIG_CMD_FPGA silently
does nothing. Let's remove that Makefile conditional and instead express
this equivalent dependency in Kconfig, so a lot of redundant
# CONFIG_CMD_FPGA is not set
can be removed from board defconfigs that don't actually have an FPGA.
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
|
|
Add a 'log rec' command which allows a log record to be manually output.
This is useful for scripts which want full control over what is logged. It
also permits easy testing of the log system.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a 'log format' command which can display or change the log output
format. This is useful for changing how much information is displayed. The
ordering of the fields is fixed.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The CONFIG_USB_FUNCTION_MASS_STORAGE must be selected when one enables
support for ums command.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
|
|
env_get_f calls env_get_char to load single characters from the
environment. However, the return value of env_get_char was not
checked for errors. Now if the env driver does not support the
.get_char call, env_get_f did not notice this and looped over the
whole size of the environment, calling env_get_char over 8000
times with the default settings, just to return an error in the
end.
Fix this by checking if env_get_char returns < 0.
Signed-off-by: Simon Goldschmidt <sgoldschmidt@de.pepperl-fuchs.com>
Acked-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
|
For debugging U-Boot in qemu-x86 the relocation address is needed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
|
|
AES encryption in CBC mode, in most cases, must be used with random
initialization vector. Using the same key and initialization vector several
times is weak and must be avoided.
Added iv parameter to the aes_cbc_encrypt_blocks and aes_cbc_decrypt_blocks
functions for passing initialization vector.
Command 'aes' now also require the initialization vector parameter.
Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
|
|
If 'bootefi hello' or 'bootefi selftest' can be executed depends on the
configuration.
If an invalid non-numeric 1st argument is passed to bootefi, e.g.
'bootefi hola', this string is converted to 0 and U-Boot jumps to
this typically invalid address.
With the patch the online help is shown instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
|
|
EFI calls are usually defined as asmlinkage. That means we pass all parameters
to functions via the stack x86_32.
On x86_64 however, we need to also stick to the MS ABI calling conventions,
which the EFIAPI define conveniently handles for us. Most EFI functions were
also marked with EFIAPI, except for the entry call.
So this patch adjusts all entry calls to use EFIAPI instead of the manual
asmlinkage attribute.
While at it, we also change the prototype of the entry point to return
efi_status_t instead of ulong, as this is the correct prototype definition.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Use efi_status_t in all occurences
|
|
CONFIG_WALNUT was dropped in June 2017 in:
commit 98f705c9cefdfd ("powerpc: remove 4xx support")
While at it, the related CONFIG_MACH_SPECIFIC and the have_of
and _machine variables are unused as well, so drop them too.
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
|
|
The nvedit command is the only user of env_driver_lookup_default outside of
the environment code itself, and it uses it only to print the environment
it's about to save to during env save.
As we're about to rework the environment to be able to handle multiple
environment sources, we might not have an idea of what environment backend
is going to be used before trying (and possibly failing for some).
Therefore, it makes sense to remove that message and move it to the
env_save function itself. As a side effect, we also can get rid of the call
to env_driver_lookup_default that is also about to get refactored.
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
|
|
|
|
The sunXi arm64 build has overflown, leading to the main U-boot binary
overwriting the environment when flashing the new image, or even worse,
overwriting itself when we're calling saveenv.
Disable this command that is not critical until we can adress the issue
properly.
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
|
|
The sunXi arm64 build has overflown, leading to the main U-boot binary
overwriting the environment when flashing the new image, or even worse,
overwriting itself when we're calling saveenv.
Disable this command that is not critical until we can adress the issue
properly.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
|
|
The sunXi arm64 build has overflown, leading to the main U-boot binary
overwriting the environment when flashing the new image, or even worse,
overwriting itself when we're calling saveenv.
Disable this command that is not critical until we can adress the issue
properly.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
|
|
The sunXi arm64 build has overflown, leading to the main U-boot binary
overwriting the environment when flashing the new image, or even worse,
overwriting itself when we're calling saveenv.
Disable this command that is not critical until we can adress the issue
properly.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
|
|
The sunXi arm64 build has overflown, leading to the main U-boot binary
overwriting the environment when flashing the new image, or even worse,
overwriting itself when we're calling saveenv.
Disable this command that is not critical until we can adress the issue
properly.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
|
|
Patch queue for efi - 2018-01-23
This time around we have a lot of EFI patches from Heinrich.
Highlights are:
- Allow EFI applications to register as drivers
- Allow exposure of U-Boot block devices from an EFI payload
- Compatibility improvements
|