Since the stderr is not used in uboot, use printf to print the
message.
Change-Id: Ib522609e783acf8f407e2f9fb3805b553c543cba
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Sometimes, framework or user would call fdt_increase_size() to update
fdt size, it's better reserve more space to avoid sysmem gives the fdt
region overflow report.
The CONFIG_SYS_FDT_PAD default value is sync with bootm framework
in: common/image-fdt.c
Change-Id: I363e9a4182e13b1628a76666acd8272d25db659d
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
1.switch to RPMB partition when call init rpmb
2.switch to original partition when call finish rpmb
3.it will not switch to original partition when error
occurred, we should recover original partition after error
Change-Id: I41927e82fb2db690058a809f008ca1f59d334011
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
1.mmc testsecurestorage to test secure storage
2.test secure storage in rpmb and test secure storage in
security partition when use emmc
3.test secure storage in security partition when use nand
Change-Id: Id6f72893c002c5040cb1790051c9685911878df7
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Extract keymaster CA module from OpteeClientInterface
refactoring code for keymaster reads and writes form caller module
Change-Id: I1069fce0d29d9d9815f71e7f3b4d231754382acd
Signed-off-by: Jian Qiu <qiujian@rock-chips.com>
Do not update the PIK version if it is equal to the value in the storage,
otherwise the error may occur in power failure test.
Change-Id: Ia478d9b404de3982b4de5b185e15d181b37f5fd9
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.
This commit moves the header code:
include/libfdt.h -> include/linux/libfdt.h
include/libfdt_env.h -> include/linux/libfdt_env.h
and replaces include directives:
#include <libfdt.h> -> #include <linux/libfdt.h>
#include <libfdt_env.h> -> #include <linux/libfdt_env.h>
Change-Id: I6c0f7e50e8b571106627f25ddac008a62bd2994e
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
There is tons of code duplication between lib/libfdt/libfdt.h and
scripts/dtc/libfdt/libfdt.h. Evacuate the U-Boot own code to
include/libfdt.h and remove lib/libfdt/libfdt.h.
For host tools, <libfdt.h> should include scripts/dtc/libfdt/libfdt.h,
which is already suitable for user-space.
For compiling U-Boot, <linux/libfdt.h> should be included because we
need a different libfdt_env.h .
Change-Id: I61a718a3fecb9f316cf3ddbac7c125394532a9c5
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
The only difference between scripts/dtc/libfdt/fdt_rw.c and
lib/libfdt/fdt_rw.c is fdt_remove_unused_strings().
It is only used by fdtgrep, so we do not need to compile it for U-Boot
image. Move it to tools/libfdt/fdw_rw.c so that lib/libfdt/fdt_rw.c
can be a wrapper of scripts/dtc/libfdt/fdt_rw.c.
Change-Id: I6e2578d4bfdf75438d3aa1cb51f270f34527d37d
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
We can use fdtdec_get_is_enabled() instead of fdt_device_is_available().
Change-Id: I7aa03ed82f83fc72206659889a4f7f095dc66b36
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
- only allow "boot_android" as bootcmd;
- enter rockusb or fastboot when boot failed;
- don't allow ctrl+c to enter hush;
Change-Id: I7a67f4b738ed78370f19fe2c8c920a5abc104b4b
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
This is more helpful than bootstage timing record since it
is quite possible for every developer to enable inicall
verbose for debug and find abnormal time cost as early as
possible.
It looks like:
initcall: 000000000061015c
# 183 us
initcall: 000000000ff3e614
# 0 us
initcall: 000000000ff3e408
# 0 us
initcall: 00000000006105fc (relocated to 000000000ff3e5fc)
# 6401 us
initcall: 0000000000610420 (relocated to 000000000ff3e420)
# 1 us
initcall: 0000000000604444 (relocated to 000000000ff32444)
# 5 us
Change-Id: Ib59f3e5052f921d0046a6fa73cbfb968000fd34e
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Split attestation key into AttestationKey.ec and AttestationKey.rsa,
then write to secure storage.
Change-Id: I8e00d602c4174a002e6ecad2e4cfa846f32a681f
Signed-off-by: Tony Xu <tony.xu@rock-chips.com>
keymaster ta is too large, so we change store data
to static ta and remove keymaster ta
Change-Id: Icdb694138caf005d2cb2821714a8526d0391b18b
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
bug make error R&W when security partition is not defined
Change-Id: Iddf840d3f9c090292e58f73492c20f84e4b3b4ea
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
use R&W multi blocks and cache used flag to
speed up secure store.
Change-Id: Ib534fa33e1bb03006ed3b85992d1d48b5fe36f39
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
If the item is not existent, trust will return TEE_ERROR_GENERIC
TEE_ERROR_NO_DATA and TEE_ERROR_ITEM_NOT_FOUND. We initialize
the item when return these value.
TEST: fastboot getvar at-vboot-state
ERROR: avb-perm-attr-set=0
avb-locked=
avb-unlock-disabled=
Change-Id: Ie1b4e1ce7d1dc419a0af11e5701b0130f2f7f553
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Bug: Run 'fastboot getvar at-vboot-state', then HANG
in the fastboot without any message.
Cause: The fastboot can not decide the vboot size when
the return information size of vboot state is larger
than the VBOOT_STATE_SIZE. This makes the device will not
response to console.
Solution: 1. Enlarge VBOOT_STATE_SIZE. The max size of
vboot state may be 862, so define VBOOT_STATE_SIZE
to 1000.
2. Use snprintf to get the info.
Change-Id: I2d0fda76ca9034c596993ab27a02cbf2fa550977
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
This patch add auto parse the compress format of kernel image.
Then decompress the compressed kernel image for arm64, as for
arm32 zImage, we only need to load it to a higher memory, then
the kernel will handle the decompress itself.
Test on RK3308 AARCH64 mode (Cortex A35 816 MHZ) boot with eMMC:
------------------------------------------------------------------
Format | Size(Byte) | Ratio | Decomp time(ms) | Boot time(ms) |
-------------------------------------------------------------------
Image | 7720968 | | | 488 |
-------------------------------------------------------------------
Image.lz4 | 4119448 | 53% | 59 | 455 |
-------------------------------------------------------------------
Image.lzo | 3858322 | 49% | 141 | 536 |
-------------------------------------------------------------------
Image.gz | 3529108 | 45% | 222 | 609 |
-------------------------------------------------------------------
Image.bz2 | 3295914 | 42% | 2940 | |
-------------------------------------------------------------------
Image.lzma| 2683750 | 34% | | |
-------------------------------------------------------------------
Note: the boot time is counted from first ddr init log to first Kernel log.
Change-Id: I73b12ec944fbc8238b0e061a37e2f31aa3093231
Signed-off-by: Andy Yan <andy.yan@rock-chips.com>
CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION is support
for OPTEE_V1
Change-Id: Ic83d06a08a1d409905dcc61e0f7346ab23261b0c
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Use the function get_timer to get the random
seed. Then the seed is used by function srand
to initialize the random data.
Change-Id: Iaae6a17d22b8e85fb4d4b6c6247cd11003b64eea
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
according to google lib avb
commit id: 44e07124afb1f46af0d745d83481f49c482900b1
Change-Id: Ie59a7265699e3e6b1673bb64da6d1c7a1e7b6201
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
compile form keymaster 8.0/develop commit:ddd71dca
Features:
ddd71dca ta: support emmc/nand storage for keymaster & gatekeeper
2692c551 Update export-user_ta/ to support dual filesystems
bc288722 keymaster: uboot write data overwrite
Change-Id: I51b84f62db15bd4825035089dbb6ee38d11d4cac
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
fix bug which make error when we try to create
a new file, old file should be delete, but old
file which fd equal to zero is exist!
Change-Id: I602e889ae12756c0c40e409d6439ac36cc1b5382
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
The bootloader include uboot and trust. The uboot slot index
number is 0. The trust slot number index is 1.
Change-Id: Ia62edbf60486fa4128756458c6312f682a83d0f7
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Acording to google, the avb-min-versions includes the slot number
rather than the image rollback-index stored in the image.
PIK/PSK: use AVB_ATX_PSK_VERSION_LOCATION and AVB_ATX_PIK_VERSION_LOCATION
as slot number.
Change-Id: I06b8d107e27f1e0f136b5e964c1287bc13f80b7c
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
uboot can secure store data to nand or emmc "security"
partition for optee v2
Change-Id: I85abbfb3970a2fa3f46f540d3f16dfc7ca605317
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot send data and data length to keymaster TA, keymaster
TA secure store the data, and read temp data from secure
store, compare data and temp data, but the compare length
use temp data length is wrong, fix the bug to use data length.
Change-Id: I900a7ab1b1e95ca844dfb7327c34c793cf635278
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
the lib avb use this function to set key version
Change-Id: Id0903b3326a0d6a0eadebd1ce23a19f92102908c
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
uboot read date return error when file not exit,
do not to create new file.
Change-Id: Ic4cbc631b9e75dc345759d6d0dbcc86250245511
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
move CONFIG_OPTEE_V1/V2 to lib/optee_clientApi/Kconfig
Change-Id: I446454547a186a27110aa95183264154fc538de9
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
The commit point is updated to google external/avb/
which commit point is cf8c56208d2d9643804a7f123b196c7ebc9af276.
Change-Id: I5a10a8a45d3e9e2c9d20d9b3d44946073c9a49ff
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
We are going to use a tiny dtb(with 'u-boot,dm-pre-reloc') in pre-relocate,
and then read kernel dtb and use it after relocate.
This feature only works with CONFIG_OF_LIVE enabled now.
Change-Id: I429ccd90ef562a96f2f7916255e7e427ce8f451d
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Building spl with CONFIG_OF_EMBED enabled results in an error message
on my board: "SPL image too big". This is because the fdtgrep build
step is only executed for CONFIG_OF_SEPARATE.
Fix this by moving the fdtgrep build step ('cmd_fdtgreo') from
scripts/Makefile.spl to dts/Makefile so that the reduced dtb is
available for all kinds of spl builds.
The resulting variable name for the embedded device tree blob changes,
too, which is why common.h and fdtdec.c have tiny changes.
Change-Id: I2bf2d9780a544ac602752527d17f14aa6b12c5a2
Signed-off-by: Simon Goldschmidt <sgoldschmidt@de.pepperl-fuchs.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Freescale (NXP) boards have lots of defconfig files per board.
I used "imply PANIC_HANG" for them.
Change-Id: I56347810ee33ccd8bb3553b0ee95b858e827ce9b
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 7e3caa81e0e9cc5e2beed4a3a1c334e2119f4498)
Now, lib/libfdt/fdt_wip.c is the same as scripts/dtc/libfdt/fdt_wip.c
Change the former to a wrapper of the latter.
Change-Id: Ifce4c63db38146297c14218ef94d226bf6e3bb27
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 26e961c8cfdff00c5c9389d301d9a2eb10eb844c)
All the other fdt_*_region() functions are located in fdt_region.c,
while only fdt_find_regions() was added to fdt_wip.c, strangely.
Move it to the suitable place.
Change-Id: I463419815b4132b6e39b5b02a857126201a854fb
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 87be1e9fb4dcc130e90d497cc5ce49c715efc6c2)
It is legal to have multiple /memory nodes in a device tree . Currently,
fdtdec_setup_memory_size() only supports parsing the first node . This
patch extends the function such that if a particular /memory node does
no longer have further "reg" entries and CONFIG_NR_DRAM_BANKS still
allows for more DRAM banks, the code moves on to the next memory node
and checks it's "reg"s. This makes it possible to handle both systems
with single memory node with multiple entries and systems with multiple
memory nodes with single entry.
Change-Id: Idc8b4bebc916b6a6bc0d2deb3c4008921d268d1e
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 942ee0933e881ff500aae7e42309bf6abbc495d4)
lib/libfdt/ and scripts/dtc/libfdt have the same copies for the
followings 6 files:
fdt.c fdt_addresses.c fdt_empty_tree.c fdt_overlay.c fdt_strerr.c
fdt_sw.c
Make them a wrapper of scripts/dtc/libfdt/*. This is exactly what
Linux does to sync libfdt. In order to make is possible, import
<linux/libfdt.h> and <linux/libfdt_env.h> from Linux 4.14-rc5.
Unfortunately, U-Boot locally modified the following 3 files:
fdt_ro.c fdt_wip.c fdt_rw.c
The fdt_region.c is U-Boot own file.
I did not touch them in order to avoid unpredictable impact.
Change-Id: I154855ba51291bf56775714c0066247431d66244
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 50a327ded68b7e675389ad284ea3f8c62e683bda)
Fortunately, U-Boot did not modify libfdt_internal.h locally.
Change it to a wrapper of scripts/dtc/libfdt/fdt.h, which will be
periodically synced with the upstream DTC (or kernel).
Change-Id: Ia9e6f3ca1f19a3cfe9f85b02ae792e85cf81798e
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 35a33baea59210924bceedabcfba794f0fed59dd)
Fortunately, U-Boot did not modify fdt.h locally.
Change it to a wrapper of scripts/dtc/libfdt/fdt.h, which will be
periodically synced with the upstream DTC (or kernel).
Change-Id: I3a40cb81ecacf189af3f04fe0b599628f70f81f9
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 9e65b01ac57f7be2bbc17c9f4c0ee43fab22221e)
The pylibfdt is used by dtoc (and, indirectly by binman), but there
is no reason why it must be generated in the tools/ directory.
Recently, U-Boot switched over to the bundled DTC, and the directory
structure under scripts/dtc/ now mirrors the upstream DTC project.
So, scripts/dtc/pylibfdt is the best location.
I also rewrote the Makefile in a cleaner Kbuild style.
The scripts from the upstream have been moved as follows:
lib/libfdt/pylibfdt/setup.py -> scripts/dtc/pylibfdt/setup.py
lib/libfdt/pylibfdt/libfdt.i -> scripts/dtc/pylibfdt/libfdt.i_shipped
The .i_shipped is coped to .i during building because the .i must be
located in the objtree when we build it out of tree.
Change-Id: I48233cbae93794809397b7160234469f66fa11dc
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 15b97f5c5e6d88e0560c6928f3acd01c999a494d)
The offset of the permanent flags structure is in a different
place in the response compared to what the code is doing,
which gives us a completely useless result.
Fix by replacing hand-crafted code with generic parser
infrastructure.
Change-Id: I29e8e1ec7c8ae04d2bf9815290064a54a68c2b88
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit e8155dfe33eb2b3e538e8717d6578c1d08651454)
the new GD address is calculated via board data BD currently
it require the new GD area locates below BD tightly, so a strict
constraint is imposed on memory layout which maybe make special
platform unpleasant.
fix it by getting new GD address from gd->new_gd directly.
Change-Id: I9fdfbbb13a7b0a572d7aa8394f754148c6285669
Signed-off-by: zijun_hu <zijun_hu@htc.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 01a835998935b78c31e80227358ac11212d60878)
u-boot can be embedded within a FIT image with multiple DTBs. It then
selects at run-time which one is best suited for the platform.
Use the same principle here for the SPL: put the DTBs in a FIT image,
compress it (LZO, GZIP, or no compression) and append it at the end of the
SPL.
Change-Id: Ifebdd14bdf1abc923d228f9f3947e719c8645356
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
[trini: Move default y of SPL_MULTI_DTB_FIT_DYN_ALLOC to it being the
default choice if SYS_MALLOC_F, drop spl.h include from lib/fdtdec.c
it's unused.]
Signed-off-by Tom Rini <trini@konsulko.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 2f57c95100f231de0f4e0301237cbe477e09084b)
Sort include files in accordance to U-Boot coding style.
Change-Id: I3c7992edd31468f4105a95b86a6f05108e751e92
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 035d64025c3e32a2f372981f86fc69255feeb2b2)
CONFIG_FIT_EMBED might be confused with CONFIG_OF_EMBED, rename it
MULTI_DTB_FIT as it is able to get a DTB from a FIT image containing
multiple DTBs. Also move the option to the Kconfig dedicated to the DTS
options and create a README for this feature.
Change-Id: Ide55c474339db3ccd5e20499c54c8bb41fe3a2c9
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 11955590a284ecb75892aad5f1174ca1b94a709b)
This is needed for BTRFS.
Change-Id: I7415e99a6f06aef89f3520ebe9a9ba92a9189059
Signed-off-by: Marek Behun <marek.behun@nic.cz>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 85d8bf57131a21424b50e50884372e813345f09a)
Report Coverity log:
The code uses a variable that has not
been initialized, leading to unpredictable
or unintended results.
Change-Id: I488a9d183590a2dc1ef049351d0c71a4eded2299
Reported-by: Coverity (CID: 60519)
Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 18c991ca2bd72c30b7fb578cee8b5c7c835d383d)
The strto functions should honor the specified base (if non-zero) rather
than permitting a hex or octal string when the user wanted (for example)
base 10.
This has been fixed somewhere along the way in the upstream linux kernel
src tree, at some point after these was copied in to u-boot. And also
in a way that duplicates less code. So port _parse_integer_fixup_radix()
to u-boot.
Change-Id: I4e2383c6d8ac4666e7e4e40b15f7577522bc9700
Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 2e794614838292499910060509d3c4a7aaed986a)
This works (roughly) the same way as linux's, but we currently always
print lower-case (ie. we just keep %pUB and %pUL for compat with linux),
mostly just because that is what uuid_bin_to_str() supports.
%pUb: 01020304-0506-0708-090a-0b0c0d0e0f10
%pUl: 04030201-0605-0807-090a-0b0c0d0e0f10
It will be used by a later efi_loader paths for efi variables and for
device-path-to-text protocol, and also quite useful for debug prints
of protocol GUIDs.
Change-Id: I6b0920ae6fe99ac0638c9c3c8eed6ea3f964d2b5
Signed-off-by: Rob Clark <robdclark@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 22ada0c8e6d50281af72176eecdfc356c794639c)
This is convenient for efi_loader which deals a lot with UTF-16. Only
enabled with CC_SHORT_WCHAR, leaving room to add a UTF-32 version when
CC_SHORT_WCHAR is not enabled.
Change-Id: I3c6cd45db5f29157760f99bc5956b482ff96fc6c
Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 274325c50951dd16ad2a6f45e79dc062ad47011b)
We'll eventually want these in a few places in efi_loader, and also
vsprintf.
Change-Id: I6c04463ad364e46730fcc84b86d38400f433e8de
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 78178bb0c9dfe2a91a636a411291d8bab50e8a7d)
Adjust this code so that it can work with Python 2 and 3.
Fixes: d73fcb1 (moveconfig: Support building a simple config database)
Change-Id: Ifad4813594adfaf6504cc85f2ee99afb9d1c0fd2
Reported-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit c79d18c4b40d10c0a95b56e51f4517aca4515364)
Add Kconfig option SPL_GZIP and SPL_ZLIB to enable gunzip support for
SPL boot, eg. falcon boot compressed kernel image.
Change-Id: I68f64aca8ecad26478f2ce25676253cee7e57d30
Signed-off-by: York Sun <york.sun@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
(cherry picked from commit 7264f2928b46c5f5685e39ed607652c8991e47b6)
this bug make compile error when we compile all code in android.
Change-Id: Id9b8673576bee13c4df0990bd068548fa11458bf
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
support attestation commands:
at-attest-dh,at-attest-uuid,at-get-ca-request,at-set-ca-request
Change-Id: I3fe94befa57a131e89dbe136c065a948b1631756
Signed-off-by: Andy Ye <andy.ye@rock-chips.com>
1.support the permanent attribute verify
2.support the PRK, PIK, PSK certificate verify
and then get the psk public_key, compare it with
public_key in vbmeta.
If the function is required, please open the macro
AVB_VBMETA_PUBLIC_KEY_VALIDATE.
Change-Id: Ifeab776c76f97fadd980671481ce27d203516673
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Load the boot image real size other than the
boot partition size. If not, the uboot can not
malloc a big buffer for the all boot partition.
Change-Id: Ifc8d7cc1f214b94f6018c68cb03e8e9ce89781de
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
The android things require the soc-v key hash to be flashed
using the fastboot. So these function can be used in fastboot
to flash the key hash.
Change-Id: I6e00f2e1e371793b6f0868356ac0a51090adfe5e
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Add a flag to indicate the permanent attributes
have been written or not.
Change-Id: Id0b22158772bdf18466205df5f08cb0ddb820fbf
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
updata keymaster ta and write attributes to keymaster
Change-Id: Iac3e64f7e4da1d6b5700d9f049d5fa8b1427b077
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot can read vboot key hash from efuse and write
vboot key hash to efuse, secure boot will be enable
after you write vboot key hash.
Change-Id: Ibe7b2a5778a3f38e13a241261617f1be8537c88e
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
trusty_notify_optee_uboot_end() function is used before uboot
jump into kernel, then optee will free memery and denied
call some tipc functions, denied call read write attribute hash.
Change-Id: I96b5687e1afd5bfdf1780ed1641f5fff2fc17eee
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
change OpteeClientTest.c to OpteeClientInterface.c
Change-Id: I68b32a2a4757af655bd4eaa723067f024ff112ef
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
There is no need to malloc a space if offset
and num_bytes is multiple of 512 in function
read_from_partition.
The blk_dwrite in write_to_partition do not
return 1 if execute success. So do not need
to judge the return value.
Change-Id: Icd5681815640e86166d05ab3fc74f95d669621c7
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
The new fastboot cmd need to store the flashing
lock state in order to prevent flash. And the state
is stored in rpmb. So the tipc provide the functions
to read/write the flash_lock_state.
Change-Id: Idf6eb7de7aff1b3257fcd70d0fc87ac7634de4d0
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
In the avb process, the pub_key must be verified
by some permanent attributes.The permanent attributes
is written by fastboot. So the write_permanent_attributes
function is provided to write permanent attributes.
the read_permanent_attributes functions is provided to
verified the data.
Change-Id: Ib448c31062e34ce7f15fc32ab141793755bacf8a
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Since the tipc is not used in tpl and
spl, we just compile tipc and generate
in u-boot.bin.
Change-Id: Id2845aef127d209c8243cb4cfee8dfbd04ba1305
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
In the avb_ops_user.c file, we use some
functions provided by tipc, so excute the
functions may depend on tipc. If the config
is not enable, it may compile fail.
Change-Id: I323f7e8d675407f2ec2f9f5358d1696b3b118880
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
The libavb_user provide some fuctions to get
a/b and avb information from misc or vbmeta
partitions, which can be use in libavb...
It also can use to enable or disable the verification
function by using avb_user_verity_set in the file
avb_user_verify.c.
Since we use fastboot to program our firmware,
some necessary function is provided to fastboot
to get useful information, like slot number, current
slot and so on.
Some functions in the avb_ops_user.c, like read_rollback_index,
depend on the OpteeClientTest.h.
Change-Id: I94f77db30d5c7896724b5da3d218041ebdc1f46a
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
tipc functions is used for uboot communicate
with TEE. uboot can request service for secure
store or secure algorithm.
Change-Id: Ie44095aff4c044feceb5f362abf6e3d24ceb8d4c
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Android Things requires specific public key
metadata and verification logic to correctly
verify vbmeta public keys.
This commit provide fuction avb_atx_validate_vbmeta_public_key
to verify the vbmeta.
Change-Id: I227e93b342671b4395cbaa7dea2121cbf0d7234b
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
This commit is based on google avb, and it
can be getted by https://android.googlesource.com/platform/external/avb.
This new rk_libavb_ab depend on rk_libavb.
This commit provide some useful functions.
The function of avb_ab_flow can be use to
chose a/b system and flow.The other functions
can be used to debug.
Change-Id: I768272286898b36e9a64749ff30bc6ff0cb019a1
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
The avb lib is provided by google, and it must be
used in the android things to boot and verify
android system. It can be getted in
https://android.googlesource.com/platform/external/avb.
Then we can use the functions suported by avb to program
the a/b and avb code.
Change-Id: I09371fe53cd50233a69533cfa09d5ebca5b10871
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
Just like linux, it supports cpu save and restore context
during enter and exit low power mode. With this patch, cpu
is able to suspend with core power off.
Workflow for trap into ATF for system suspend:
cpu_suspend
-> cpu_do_suspend
-> arch specific fn: int (*fn)(unsigned long)
-> psci_system_suspend(deliver 'cpu_resume()' address to ATF)
-> ATF system suspend
<- ATF system resume
<- cpu_resume
<- cpu_do_resume
next instruction
Notice: If needed, you should remember to save and restore GIC by yourself.
Change-Id: I5cb6fb6ac5b6a7f4ec4a975b0fc38250b000b28e
Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Add basic Rockchip nand driver.
Driver in current state has 16, 24, 40, 60 per 1024B BCH/ECC ability and 8 bit asynchronous flash interface support. Other features will come later.
Change-Id: I8e766afe7358a2357d75cfe094c4cd6fe92bd281
Signed-off-by: Paweł Jarosz <paweljarosz3691@gmail.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
TPL may need use libfdt for dt decode, add option for it.
Change-Id: I20a7e7510cb3e10fbad68bd489fe1c5d03b012c3
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Commit 4ecc988301 assumes fls is in libc
if __BSD_VISIBLE is defined. This appears to only be true on FreeBSD
and DragonFlyBSD. OpenBSD defines __BSD_VISIBLE and does not have fls
in strings.h/libc.
Switch the test for __BSD_VISIBLE to one for __DragonFly__ and
__FreeBSD__ to unbreak the build on OpenBSD.
Signed-off-by: Jonathan Gray <jsg@jsg.id.au>
We are now using an env_ prefix for environment functions. Rename these
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.
Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
With the changes to split SPL/TPL for the RK3368, I apparently missed
some needed adjustments to the RK3188 Kconfig and rock_defconfig.
This fixes build-issues for the rock board after applying the RK3368
enablement (and SPL/TPL) set that resulted from TPL_SERIAL_SUPPORT,
TPL_ROCKCHIP_BACK_TO_BROM and TPL_TINY_MEMSET being separate symbols
now.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This splits the compilation of code modules for TPL and SPL for
OF_CONTROL (and related) features between TPL and SPL. The typical
use-case of this is a TPL stage that uses OF_PLATDATA at TPL and
provides full OF_CONTROL at SPL (e.g. on the RK3368).
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
We should be consistent in the way we calculate page sizes.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
uclass_first_device() returns 0 if there is no device, but error if
there is a device that failed to probe.
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Spotted this debugging OpenBSD's bootloader in qemu. (Wouldn't really
fix anything, the problem was not having any disks, but we should
probably return the correct error code.)
Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_locate_handle is called internally so it should not be
marked as EFIAPI.
The external function is efi_locate_handle_ext.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Commit ca9193d2b1 ("efi_loader: gop: fixes for CONFIG_DM_VIDEO without
CONFIG_LCD") dropped the explicit (void*) cast for fb_base in efi gop support
for CONFIG_LCD without DM. This patch adds it back, eliminating the now occuring
warning again
Fixes: ca9193d2b1 ("efi_loader: gop: fixes for CONFIG_DM_VIDEO without CONFIG_LCD")
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Jason Zhu
Joseph Chen
Hisping Lin
Jian Qiu
Tony Xu
Masahiro Yamada
Kever Yang
Andy Yan
Goldschmidt Simon
Marek Vasut
André Draszik
zijun_hu
Jean-Jacques Hiblot
Marek Behún
Pantelis Antoniou
Tien Fong Chee
Rob Clark
Simon Glass
York Sun
Cody Xie
Andy Ye
Paweł Jarosz
Zhangbin Tong
cwz
yxj
Jonathan Gray
Adam Ford
Anatolij Gustschin
Tom Rini
xypron.glpk@gmx.de
Philipp Tomsich
Alexander Graf