u-boot.git/include/linux, branch v2025.04-rc1 Unnamed repository; edit this file 'description' to name the repository. mtd: Drop superfluous const qualifier 2024-11-25T19:12:19+00:00 Andy Shevchenko andriy.shevchenko@linux.intel.com 2024-10-21T14:20:40+00:00 c0e978b4b7527dc1fe75d0d9c98f7427c19d439c The compiler will ignore it anyway: include/linux/mtd/mtd.h:342:15: warning: type qualifiers ignored on function return type [-Wignored-qualifiers] Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
The compiler will ignore it anyway:

  include/linux/mtd/mtd.h:342:15: warning: type qualifiers ignored on function return type [-Wignored-qualifiers]

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
mtd: spi-nor: Rename SPI_ADVANCE to SPI_STACKED_PARALLEL 2024-10-31T16:49:47+00:00 Marek Vasut marek.vasut+renesas@mailbox.org 2024-10-26T20:16:25+00:00 f896aa656774821fee44f0da3fdd7e52068130da The SPI_ADVANCE description does not explain what the switch does. It does not have anything to do with any advanced functionality, it only gates off support for stacked and parallel SPI NORs. Rename the Kconfig symbol, update description, and move it right next to Xilinx hardware as it seems to be specific to this hardware. Make sure the symbol is also protected by if DM_SPI in Kconfig. Fixes: 5d40b3d384dc ("mtd: spi-nor: Add parallel and stacked memories support") Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> 
The SPI_ADVANCE description does not explain what the switch does.
It does not have anything to do with any advanced functionality, it
only gates off support for stacked and parallel SPI NORs. Rename the
Kconfig symbol, update description, and move it right next to Xilinx
hardware as it seems to be specific to this hardware. Make sure the
symbol is also protected by if DM_SPI in Kconfig.

Fixes: 5d40b3d384dc ("mtd: spi-nor: Add parallel and stacked memories support")
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
mtd: spi-nor: Move SR3 WPS bit definition in the correct location 2024-10-18T20:18:33+00:00 Marek Vasut marex@denx.de 2024-10-15T20:14:53+00:00 f83e36fd83c74b4e28a45a9d56abc4ad9b7848b9 Move the SR3 bit definition in the right place. Fix what is likely a rebase artifact. No functional change. Fixes: 215f1d5794c6 ("mtd: spi-nor: Clear Winbond SR3 WPS bit on boot") Signed-off-by: Marek Vasut <marex@denx.de> 
Move the SR3 bit definition in the right place. Fix
what is likely a rebase artifact. No functional change.

Fixes: 215f1d5794c6 ("mtd: spi-nor: Clear Winbond SR3 WPS bit on boot")
Signed-off-by: Marek Vasut <marex@denx.de>
mtd: spi-nor: Allow flashes to specify MTD writesize 2024-10-15T14:57:49+00:00 Takahiro Kuwano Takahiro.Kuwano@infineon.com 2024-10-15T04:08:32+00:00 88057dab2cde8710ccc95d12fb312184e0b023ca Some flashes like the Infineon SEMPER NOR flash family use ECC. Under this ECC scheme, multi-pass writes to an ECC block is not allowed. In other words, once data is programmed to an ECC block, it can't be programmed again without erasing it first. Upper layers like file systems need to be given this information so they do not cause error conditions on the flash by attempting multi-pass programming. This can be done by setting 'writesize' in 'struct mtd_info'. Set the default to 1 but allow flashes to modify it in fixup hooks. If more flashes show up with this constraint in the future it might be worth it to add it to 'struct flash_info', but for now increasing its size is not worth it. This patch replicates the following upstream linux commit: afd473e85827 ("mtd: spi-nor: core: Allow flashes to specify MTD writesize") Acked-by: Tudor Ambarus <tudor.ambarus@linaro.org> Signed-off-by: Takahiro Kuwano <Takahiro.Kuwano@infineon.com> 
Some flashes like the Infineon SEMPER NOR flash family use ECC. Under
this ECC scheme, multi-pass writes to an ECC block is not allowed.
In other words, once data is programmed to an ECC block, it can't be
programmed again without erasing it first.

Upper layers like file systems need to be given this information so they
do not cause error conditions on the flash by attempting multi-pass
programming. This can be done by setting 'writesize' in 'struct
mtd_info'.

Set the default to 1 but allow flashes to modify it in fixup hooks. If
more flashes show up with this constraint in the future it might be
worth it to add it to 'struct flash_info', but for now increasing its
size is not worth it.

This patch replicates the following upstream linux commit:
afd473e85827 ("mtd: spi-nor: core: Allow flashes to specify MTD writesize")

Acked-by: Tudor Ambarus <tudor.ambarus@linaro.org>
Signed-off-by: Takahiro Kuwano <Takahiro.Kuwano@infineon.com>
Merge patch series "Integrate MbedTLS v3.6 LTS with U-Boot" 2024-10-14T23:59:04+00:00 Tom Rini trini@konsulko.com 2024-10-14T19:34:06+00:00 d467f359c4c875a96857ced2b660b4d185b4714f Raymond Mao <raymond.mao@linaro.org> says: Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot. Motivations: ------------ 1. MbedTLS is well maintained with LTS versions. 2. LWIP is integrated with MbedTLS and easily to enable HTTPS. 3. MbedTLS recently switched license back to GPLv2. Prerequisite: ------------- This patch series requires mbedtls git repo to be added as a subtree to the main U-Boot repo via: $ git subtree add --prefix lib/mbedtls/external/mbedtls \ https://github.com/Mbed-TLS/mbedtls.git \ v3.6.0 --squash Moreover, due to the Windows-style files from mbedtls git repo, we need to convert the CRLF endings to LF and do a commit manually: $ git add --renormalize . $ git commit New Kconfig options: -------------------- `MBEDTLS_LIB` is for MbedTLS general switch. `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with MbedTLS. `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as MbedTLS crypto alternatives. `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1, and Pubkey parser with MbedTLS. By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected when `MBEDTLS_LIB` is enabled. `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library. `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and `LEGACY_CRYPTO_CERT` is for the certificate related functionalities. For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS` Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are introduced. In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509 are by default enabled in qemu_arm64_defconfig and sandbox_defconfig for testing purpose. Patches for external MbedTLS project: ------------------------------------- Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs executables which is not supported by MbedTLS at the moment, addtional patches for MbedTLS are created to adapt with the EFI loader: 1. Decoding of Microsoft Authentication Code. 2. Decoding of PKCS#9 Authenticate Attributes. 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates. 4. MbedTLS native test suites for PKCS#7 signer's info. All above 4 patches (tagged with `mbedtls/external`) are submitted to MbedTLS project and being reviewed, eventually they should be part of MbedTLS LTS release. But before that, please merge them into U-Boot, otherwise the building will be broken when MBEDTLS_LIB_X509 is enabled. See below PR link for the reference: https://github.com/Mbed-TLS/mbedtls/pull/9001 Miscellaneous: -------------- Optimized MbedTLS library size by tailoring the config file and disabling all unnecessary features for EFI loader. From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, sha512) are completely replaced when MbedTLS is enabled. From v3, the size-growth is slightly reduced by refactoring Hash functions. From v6, smaller implementations for SHA256 and SHA512 are enabled and target size reduce significantly. Target(QEMU arm64) size-growth when enabling MbedTLS: v1: 6.03% v2: 4.66% v3 - v5: 4.55% v6: 2.90% Tests done: ----------- EFI Secure Boot test (EFI variables loading and verifying, EFI signed image verifying and booting) via U-Boot console. EFI Secure Boot and Capsule sandbox test passed. Known issues: ------------- None. Link: https://lore.kernel.org/u-boot/20241003215112.3103601-1-raymond.mao@linaro.org/ 
Raymond Mao <raymond.mao@linaro.org> says:
Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.

Motivations:
------------

1. MbedTLS is well maintained with LTS versions.
2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
3. MbedTLS recently switched license back to GPLv2.

Prerequisite:
-------------

This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:
    $ git subtree add --prefix lib/mbedtls/external/mbedtls \
          https://github.com/Mbed-TLS/mbedtls.git \
          v3.6.0 --squash
Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:
    $ git add --renormalize .
    $ git commit

New Kconfig options:
--------------------

`MBEDTLS_LIB` is for MbedTLS general switch.
`MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
MbedTLS.
`MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
MbedTLS crypto alternatives.
`MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
and Pubkey parser with MbedTLS.
By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
when `MBEDTLS_LIB` is enabled.
`LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
`LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
`LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
introduced.

In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
for testing purpose.

Patches for external MbedTLS project:
-------------------------------------

Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
executables which is not supported by MbedTLS at the moment,
addtional patches for MbedTLS are created to adapt with the EFI loader:
1. Decoding of Microsoft Authentication Code.
2. Decoding of PKCS#9 Authenticate Attributes.
3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
4. MbedTLS native test suites for PKCS#7 signer's info.

All above 4 patches (tagged with `mbedtls/external`) are submitted to
MbedTLS project and being reviewed, eventually they should be part of
MbedTLS LTS release.
But before that, please merge them into U-Boot, otherwise the building
will be broken when MBEDTLS_LIB_X509 is enabled.

See below PR link for the reference:
https://github.com/Mbed-TLS/mbedtls/pull/9001

Miscellaneous:
--------------

Optimized MbedTLS library size by tailoring the config file
and disabling all unnecessary features for EFI loader.
From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
sha512) are completely replaced when MbedTLS is enabled.
From v3, the size-growth is slightly reduced by refactoring Hash functions.
From v6, smaller implementations for SHA256 and SHA512 are enabled and
target size reduce significantly.
Target(QEMU arm64) size-growth when enabling MbedTLS:
v1: 6.03%
v2: 4.66%
v3 - v5: 4.55%
v6: 2.90%

Tests done:
-----------

EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
verifying and booting) via U-Boot console.
EFI Secure Boot and Capsule sandbox test passed.

Known issues:
-------------

None.

Link: https://lore.kernel.org/u-boot/20241003215112.3103601-1-raymond.mao@linaro.org/
mbedtls: add mbedtls into the build system 2024-10-14T23:58:12+00:00 Raymond Mao raymond.mao@linaro.org 2024-10-03T21:50:15+00:00 13de8483388c8ca2feed74de229540b0b3822025 Port mbedtls with adapted libc header files. Add mbedtls default config header file. Optimize mbedtls default config by disabling unused features to reduce the target size. Add mbedtls kbuild makefile. Add Kconfig skeleton and config submenu entry for selecting crypto libraries between mbedtls and legacy ones. Add the mbedtls include directories into the build system. Port u-boot hash functions as MbedTLS crypto alternatives and set it as default. Subsequent patches will separate those Kconfigs into pairs of _LEGACY and _MBEDTLS for controlling the implementations of legacy crypto libraries and MbedTLS ones respectively. The motivation of moving and adapting *INT* macros from kernel.h to limits.h is to fulfill the MbedTLS building requirement. The conditional compilation statements in MbedTLS expects the *INT* macros as constant expressions, thus expressions like `((int)(~0U >> 1))` will not work. Prerequisite ------------ This patch series requires mbedtls git repo to be added as a subtree to the main U-Boot repo via: $ git subtree add --prefix lib/mbedtls/external/mbedtls \ https://github.com/Mbed-TLS/mbedtls.git \ v3.6.0 --squash Moreover, due to the Windows-style files from mbedtls git repo, we need to convert the CRLF endings to LF and do a commit manually: $ git add --renormalize . $ git commit Signed-off-by: Raymond Mao <raymond.mao@linaro.org> 
Port mbedtls with adapted libc header files.
Add mbedtls default config header file.
Optimize mbedtls default config by disabling unused features to
reduce the target size.
Add mbedtls kbuild makefile.
Add Kconfig skeleton and config submenu entry for selecting
crypto libraries between mbedtls and legacy ones.
Add the mbedtls include directories into the build system.
Port u-boot hash functions as MbedTLS crypto alternatives and set
it as default.

Subsequent patches will separate those Kconfigs into pairs of
_LEGACY and _MBEDTLS for controlling the implementations of legacy
crypto libraries and MbedTLS ones respectively.

The motivation of moving and adapting *INT* macros from kernel.h
to limits.h is to fulfill the MbedTLS building requirement.
The conditional compilation statements in MbedTLS expects the
*INT* macros as constant expressions, thus expressions like
`((int)(~0U >> 1))` will not work.

Prerequisite
------------

This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:

$ git subtree add --prefix lib/mbedtls/external/mbedtls \
      https://github.com/Mbed-TLS/mbedtls.git \
      v3.6.0 --squash

Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:

$ git add --renormalize .
$ git commit

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Merge patch series "Tidy up use of 'SPL' and CONFIG_SPL_BUILD" 2024-10-11T18:23:25+00:00 Tom Rini trini@konsulko.com 2024-10-11T18:23:25+00:00 47e544f576699ca4630e20448db6a05178960697 Simon Glass <sjg@chromium.org> says: When the SPL build-phase was first created it was designed to solve a particular problem (the need to init SDRAM so that U-Boot proper could be loaded). It has since expanded to become an important part of U-Boot, with three phases now present: TPL, VPL and SPL Due to this history, the term 'SPL' is used to mean both a particular phase (the one before U-Boot proper) and all the non-proper phases. This has become confusing. For a similar reason CONFIG_SPL_BUILD is set to 'y' for all 'SPL' phases, not just SPL. So code which can only be compiled for actual SPL, for example, must use something like this: #if defined(CONFIG_SPL_BUILD) && !defined(CONFIG_TPL_BUILD) In Makefiles we have similar issues. SPL_ has been used as a variable which expands to either SPL_ or nothing, to chose between options like CONFIG_BLK and CONFIG_SPL_BLK. When TPL appeared, a new SPL_TPL variable was created which expanded to 'SPL_', 'TPL_' or nothing. Later it was updated to support 'VPL_' as well. This series starts a change in terminology and usage to resolve the above issues: - The word 'xPL' is used instead of 'SPL' to mean a non-proper build - A new CONFIG_XPL_BUILD define indicates that the current build is an 'xPL' build - The existing CONFIG_SPL_BUILD is changed to mean SPL; it is not now defined for TPL and VPL phases - The existing SPL_ Makefile variable is renamed to SPL_ - The existing SPL_TPL Makefile variable is renamed to PHASE_ It should be noted that xpl_phase() can generally be used instead of the above CONFIGs without a code-space or run-time penalty. This series does not attempt to convert all of U-Boot to use this new terminology but it makes a start. In particular, renaming spl.h and common/spl seems like a bridge too far at this point. The series is fully bisectable. It has also been checked to ensure there are no code-size changes on any commit. 
Simon Glass <sjg@chromium.org> says:

When the SPL build-phase was first created it was designed to solve a
particular problem (the need to init SDRAM so that U-Boot proper could
be loaded). It has since expanded to become an important part of U-Boot,
with three phases now present: TPL, VPL and SPL

Due to this history, the term 'SPL' is used to mean both a particular
phase (the one before U-Boot proper) and all the non-proper phases.
This has become confusing.

For a similar reason CONFIG_SPL_BUILD is set to 'y' for all 'SPL'
phases, not just SPL. So code which can only be compiled for actual SPL,
for example, must use something like this:

   #if defined(CONFIG_SPL_BUILD) && !defined(CONFIG_TPL_BUILD)

In Makefiles we have similar issues. SPL_ has been used as a variable
which expands to either SPL_ or nothing, to chose between options like
CONFIG_BLK and CONFIG_SPL_BLK. When TPL appeared, a new SPL_TPL variable
was created which expanded to 'SPL_', 'TPL_' or nothing. Later it was
updated to support 'VPL_' as well.

This series starts a change in terminology and usage to resolve the
above issues:

- The word 'xPL' is used instead of 'SPL' to mean a non-proper build
- A new CONFIG_XPL_BUILD define indicates that the current build is an
  'xPL' build
- The existing CONFIG_SPL_BUILD is changed to mean SPL; it is not now
  defined for TPL and VPL phases
- The existing SPL_ Makefile variable is renamed to SPL_
- The existing SPL_TPL Makefile variable is renamed to PHASE_

It should be noted that xpl_phase() can generally be used instead of
the above CONFIGs without a code-space or run-time penalty.

This series does not attempt to convert all of U-Boot to use this new
terminology but it makes a start. In particular, renaming spl.h and
common/spl seems like a bridge too far at this point.

The series is fully bisectable. It has also been checked to ensure there
are no code-size changes on any commit.
kconfig: binman: Check for SPL instead of XPL 2024-10-11T17:44:48+00:00 Simon Glass sjg@chromium.org 2024-09-30T01:49:52+00:00 53abdda2f69a44c3273deebcf2b25587b8623a65 Now that SPL means SPL (only) and is not defined for other phases, update kconfig rules. This is done in one patch since otherwise many Binman tests fail. Signed-off-by: Simon Glass <sjg@chromium.org> 
Now that SPL means SPL (only) and is not defined for other phases,
update kconfig rules.

This is done in one patch since otherwise many Binman tests fail.

Signed-off-by: Simon Glass <sjg@chromium.org>
include: Use CONFIG_XPL_BUILD instead of CONFIG_SPL_BUILD 2024-10-11T17:44:48+00:00 Simon Glass sjg@chromium.org 2024-09-30T01:49:49+00:00 f38956a687c42db8d9736e09df2d68705369950e Use the new symbol to refer to any 'SPL' build, including TPL and VPL Signed-off-by: Simon Glass <sjg@chromium.org> 
Use the new symbol to refer to any 'SPL' build, including TPL and VPL

Signed-off-by: Simon Glass <sjg@chromium.org>
mtd: spi-nor: Clear Winbond SR3 WPS bit on boot 2024-10-10T14:10:12+00:00 Marek Vasut marex@denx.de 2024-03-04T16:16:05+00:00 215f1d5794c6174ec0413eb6ff7f322ed284cc5b Some Winbond SPI NORs have special SR3 register which is used among other things to control whether non-standard "Individual Block/Sector Write Protection" (WPS bit) locking scheme is activated. This non-standard locking scheme is not supported by either U-Boot or Linux SPI NOR stack so make sure it is disabled, otherwise the SPI NOR may appear locked for no obvious reason. This SR3 WPS appears e.g. on W25Q16FW which has the same ID as W25Q16DW, but the W25Q16DW does not implement the SR3 WPS bit. Signed-off-by: Marek Vasut <marex@denx.de> 
Some Winbond SPI NORs have special SR3 register which is
used among other things to control whether non-standard
"Individual Block/Sector Write Protection" (WPS bit)
locking scheme is activated. This non-standard locking
scheme is not supported by either U-Boot or Linux SPI
NOR stack so make sure it is disabled, otherwise the
SPI NOR may appear locked for no obvious reason.

This SR3 WPS appears e.g. on W25Q16FW which has the same ID as
W25Q16DW, but the W25Q16DW does not implement the SR3 WPS bit.

Signed-off-by: Marek Vasut <marex@denx.de>