| Age | Commit message (Collapse) | Author |
|---|
|
Replace numeric literal with SZ_8G consistent with other uses of types
from linux/types.h
Signed-off-by: E Shattow <[email protected]>
Acked-by: Hal Feng <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
16GB memory size is not addressable on StarFive JH-7110 SoC because the
DRAM uncached alias begins at +8GB offset from start of DRAM. The logic
for 16GB memory size is a fall-through to the default for an unknown size.
Let's drop this unnecessary 16GB memory size and rely on the case default.
Signed-off-by: E Shattow <[email protected]>
|
|
To support booting Linux from MMC, the file name should be
set up correctly. To support booting Linux from Parallel Flash,
the SPL_LOAD_FIT_ADDRESS should point to the Parallel Flash.
Signed-off-by: Randolph <[email protected]>
|
|
Updated DTS and configuration files to set the default baud rate from 38400 to 115200.
Signed-off-by: Che-Wei Chuang <[email protected]>
|
|
Add '\n' to the end of the warning message.
Besides, if we enable console record utility,
missing the '\n' causes the console_record_readline
fail to recognize the end of string.
Signed-off-by: Leo Yu-Chi Liang <[email protected]>
|
|
This series from Tom Rini <[email protected]> makes some of our Azure
jobs easier to follow by removing the abstraction of calling docker from
the job we're running and instead following normal Azure Pipelines
conventions.
Link: https://lore.kernel.org/r/[email protected]
|
|
Similar to the changes made for the world build job, rework the binman
testsuite job as well. There's no functional changes, but makes our CI
clearer to others familiar with Azure pipelines.
Signed-off-by: Tom Rini <[email protected]>
|
|
While we had problems historically using buildman inside of a container
when invoked directly via Azure, rather than calling docker in our
script, that is no longer the case. We can make the job a bit easier to
understand by running it more normally. The challenge here is that our
container normally runs with an unprivileged user that we have populated
tools for and Azure creates and uses a new unprivileged user. Copy what
we need over to the new user.
Signed-off-by: Tom Rini <[email protected]>
|
|
This series from Daniel Schultz <[email protected]> lays the
groundwork for the phyFLEX SOMs from phytec.
Link: https://lore.kernel.org/r/[email protected]
|
|
phyFLEX are SoMs based on the FPSC standard.
Add additional "SOM types" for the phyFLEX modules base on the
FPSC Gamma specification. These modules come in four different
variants; prototypes (PT), standard product (SP), KSP (KP) and
KSM (KM).
Signed-off-by: Daniel Schultz <[email protected]>
Reviewed-by: Teresa Remmet <[email protected]>
Tested-by: Dominik Haller <[email protected]>
|
|
Assign the return value of snprintf (total length) to a variable to
properly check if the string has the correct length.
Currently, this variable is always zero and the length check after
snprintf will always fail.
Signed-off-by: Daniel Schultz <[email protected]>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-imx into next
CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/28658
- Fix the i.MX9 USB instance number for revision B0.
- Add nxp-imx9image etype for binman node.
- Use default for SYS_MALLOC_F_LEN for apalis-imx8 and colibri-imx8x.
- Switch phycore-imx93 to standard boot.
- Update the nitrogen6x maintainer.
|
|
Add variable 'emmc_dev' and 'sd_dev' required for NXP uuu flash scripts.
Signed-off-by: Primoz Fiser <[email protected]>
|
|
Set boot_targets environment variable dynamically, so that when booting
from SD-card, boot binaries are also preferably fetched from the SD-card
by default. If the user decides to set their own boot_targets, we should
not overwrite them.
Signed-off-by: Primoz Fiser <[email protected]>
Reviewed-by: Wadim Egorov <[email protected]>
|
|
Enable standard boot for the phyCORE-i.MX93 board and use it as a new
default. Add required standard boot variables to the environment, while
removing old boot scripts and now unnecessary environment variables.
Adjust variables according to the requirements of PHYTEC ampliphy-boot
distro-boot. Last but not least, order environment vars by alphabet and
run 'make savedefconfig' to resync defconfig.
Signed-off-by: Primoz Fiser <[email protected]>
Reviewed-by: Wadim Egorov <[email protected]>
|
|
Simon Gaynor shall be the new maintainer
Signed-off-by: Simon Gaynor <[email protected]>
Reviewed-by: Quentin Schulz <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
|
|
Drop setting an explicit value for SYS_MALLOC_F_LEN. This increases
the available space to 0x10000.
Signed-off-by: Max Krummenacher <[email protected]>
|
|
Drop setting an explicit value for SYS_MALLOC_F_LEN. This increases
the available space to 0x10000.
Signed-off-by: Max Krummenacher <[email protected]>
|
|
For silicon revision A1, the USB instance number for USB1 is 3 and for
USB2 it is 4. This changed for revision B0 where the USB instance number
for USB1 is 0 and for USB2 it is 1, which is the intended instance
number. Select the correct numbering according to the selected SoC
(IMX95) and its revision.
This patch is based on the information provided by:
"AN14750 Migration Guide from i.MX 95 A1 to B0; Rev. 1.0" .
Reviewed-by: Alice Guo <[email protected]>
Signed-off-by: Fedor Ross <[email protected]>
Reviewed-by: Marek Vasut <[email protected]>
|
|
Similar to the imx95, use the nxp-imx9image etype for the binman node to
facilitate further modifications.
Signed-off-by: Jérémie Dautheribes (Schneider Electric) <[email protected]>
|
|
No functional changes, only cosmetic adjustments to prepare for the next
commit.
Signed-off-by: Jérémie Dautheribes (Schneider Electric) <[email protected]>
|
|
This series from Marek Vasut <[email protected]> cleans up some of
the FIT pytests we have and then extends mkimage to support including
the TEE in FIT images when using "-f auto" to create the resulting FIT.
Link: https://lore.kernel.org/r/[email protected]
|
|
Introduce two new parameters to be used with mkimage -f auto to bundle
TEE image into fitImage, using auto-generated fitImage. Add -z to specify
TEE file name and -Z to specify TEE load and entry point address. This is
meant to be used with systems which boot all of TEE, Linux and its DT from
a single fitImage, all booted by U-Boot.
Example invocation:
"
$ mkimage -E -A arm -C none -e 0xc0008000 -a 0xc0008000 -f auto \
-d arch/arm/boot/zImage \
-b arch/arm/boot/dts/st/stm32mp135f-dhcor-dhsbc.dtb \
-z ../optee_os/out/arm-plat-stm32mp1/core/tee-raw.bin \
-Z 0xde000000 \
/path/to/output/fitImage
"
Documentation update and test are also included, the test validates
both positive and negative test cases, where fitImage does not include
TEE and does include TEE blobs.
Acked-by: Quentin Schulz <[email protected]>
Signed-off-by: Marek Vasut <[email protected]>
|
|
Introduce generate_and_check_fit_image() and call it with various
parameters to test various configurations of the fitImage. This is
identical to the existing test, expect for the code duplication.
Reviewed-by: Quentin Schulz <[email protected]>
Signed-off-by: Marek Vasut <[email protected]>
|
|
Quentin Schulz <[email protected]> says:
I have a couple of products whose U-Boot FIT is signed via a proprietary
OpenSSL engine which only expects the name of a "slot" to select the key
to sign data with.
Currently mkimage fit support expects either a key-dir (-k) or a
key-file (-G) as a toggle for signing, however this doesn't apply to our
usecase because we use an OpenSSL engine (so no key-file to provide)
which doesn't mimic a directory layout like key-dir implies. Moreover,
binman really expects private keys (.key extension) to be available in
this key-dir directory, which we of course cannot provide.
This series allows to sign a FIT image with mkimage (and binman) with
an OpenSSL engine, including PKCS11 and custom engines. If a key-dir
needs to be passed (which is typical for PKCS11), one can do so by using
fit,engine-keydir.
Note that the public key (.crt extension) still needs to be available if
one wants to embed it for signature verification (which is probably what
one wants to do :) ). It is probably possible to use the engine for
getting the public key instead of storing it on disk, but this needs to
be added to fdt_add_pubkey and then binman, through a mechanism
different from fit,engine*.
One issue though is that since binman resolves key paths absolutely and
that I don't believe an OpenSSL engine would happen to have the exact
same key_id value than a local absolute path, fit,encrypt and
fit,engine cannot cohabit. An issue for the next person who wants
an OpenSSL engine AND encrypt the same FIT image, I don't.
Note that LibreSSL supports neither engines nor providers as far as I
could tell (engine support has been explicitly removed).
Note that OpenSSL engines have been deprecated since 3.0 (Q3-2021),
however note that OpenSSL 3.5 still seems to support engines (git grep)
and is EOL end of Q1 2030.
If anyone has an idea on how to test PKCS11 with SOftHSMv2 with id=
passed in fit,engine-keydir, I'm all ears.
I'm also wondering if the explanation around fit,engine-keydir aren't
too much. After all, they are passed verbatim to mkimage as -k argument
and the special cases are all specific to mkimage and not binman.
Link: https://lore.kernel.org/r/[email protected]
|
|
This adds a test that signs a FIT and verifies the signature with
fit_check_sign.
OpenSSL engines are typically for signing with external HW so it's not
that straight-forward to simulate.
For a simple RSA OpenSSL engine, a dummy engine with a hardcoded RSA
4096 private key is made available. It can be selected by setting the
OpenSSL engine argument to dummy-rsa-engine. This can only be done if
the engine is detected by OpenSSL, which works by setting the
OPENSSL_ENGINES environment variable. I have no clue if dummy-rsa-engine
is properly implementing what is expected from an RSA engine, but it
seems to be enough for testing.
For a simple PKCS11 engine, SoftHSMv2 is used, which allows to do PKCS11
without specific hardware. The keypairs and tokens are generated on the
fly. The "prod" token is generated with a different PIN (1234 instead of
1111) to also test MKIMAGE_SIGN_PIN env variable while we're at it.
Binman will not mess with the local SoftHSMv2 setup as it will only use
tokens from a per-test temporary directory enforced via the temporary
configuration file set via SOFTHSM2_CONF env variable in the tests. The
files created in the input dir should NOT be named the same as it is
shared between all tests in the same process (which is all tests when
running binman with -P 1 or with -T).
Once signed, it's checked with fit_check_sign with the associated
certificate.
Finally, a new softhsm2_util bintool is added so that we can initialize
the token and import keypairs. On Debian, the package also brings
libsofthsm2 which is required for OpenSSL to interact with SoftHSMv2. It
is not the only package required though, as it also needs p11-kit and
libengine-pkcs11-openssl (the latter bringing the former). We can detect
if it's properly installed by running openssl engine dynamic -c pkcs11.
If that fails, we simply skip the test.
The package is installed in the CI container by default.
Signed-off-by: Quentin Schulz <[email protected]>
|
|
This adds support for using an OpenSSL engine for signing a FIT image.
To use it, one should set the fit,engine property at the FIT node level
with the engine to use. This will in turn call mkimage with the -N
option.
The -k argument to mkimage can be specified via fit,engine-keydir. If
not specified, -k is not passed to mkimage. This property is especially
useful for pkcs11 engine to specify slots, token label, etc...
As far as I could tell, mkimage encrypts and signs a FIT in one go, thus
the -k argument applies to both signing and encrypting. Considering we
reuse the -k argument for two different meanings (info to pass to the
engine when using an engine otherwise the directory where keys are
stored), we cannot reasonably encrypt using local keys and signing with
an engine, hence the enforced check. I believe it should be possible to
support encrypting and signing with the same engine (using different
key pairs of course, via different key-name-hint likely), but this is
left for the next person to implement.
This is why the property is named fit,engine and not fit,sign-engine.
Ditto for fit,engine-keydir.
The public key (with .crt extension) is still required if it needs to be
embedded in the SPL DTB for example. We could probably support
retrieving the public key from an engine, but this is a change to make
to fdt_add_pubkey.c.
Signed-off-by: Quentin Schulz <[email protected]>
|
|
mkimage has support for OpenSSL engines but binman currently doesn't for
direct callers of mkimage (e.g. the fit etype). This prepares for adding
support for OpenSSL engines for signing elements of a FIT image, which
will done in the next commit.
Reviewed-by: Wolfgang Wallner <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Quentin Schulz <[email protected]>
|
|
Currently, when one wants to use an OpenSSL engine to sign a FIT image,
one needs to pass a keydir (via -k) to mkimage which will then be
prepended to the value of the key-name-hint before being passed as
key_id argument to the OpenSSL Engine API, or pass a keyfile (via -G) to
mkimage.
My OpenSSL engine only has "slots" which are not mapped like
directories, so using keydir is not proper, though I could simply have
-k '' I guess but this won't work currently with binman anyway.
Additionally, passing a keyfile (-G) when using an engine doesn't make
sense as the key is stored in the engine.
Let simply allow FIT images be signed if both keydir and keyfile are
missing but an engine is to be used.
The keyname member is already filled by looking at key-name-hint
property in the FIT and passed to the engine, which is exactly what is
needed here.
Reviewed-by: Wolfgang Wallner <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Quentin Schulz <[email protected]>
|
|
Remove the unsupported MMC_HS400 mode and select MMC_HS200 instead to avoid
confusion.
Signed-off-by: Dominik Haller <[email protected]>
|
|
While adding CPSW device support to enable Ethernet boot for J722S,
dev-data and clk-data for eMMC was removed by mistake, which leads to eMMC
boot failure. Update the dev-data and clk-data to fix that.
Fixes: a02009f3a816 ("arm: mach-k3: j722s: Update SoC autogenerated data to enable Ethernet boot")
Reported-by: Michael Walle <[email protected]>
Signed-off-by: Chintan Vankar <[email protected]>
Tested-by: Michael Walle <[email protected]>
Reviewed-by: Udit Kumar <[email protected]>
|
|
ARM GCC tool check is not up to date,
while issues are reported such as file truncated linker errors.
Using ARM official cross tools shows that 10.0.1 is a safe
version to support latest kbuild bump properly.
Signed-off-by: Brian Sune <[email protected]>
|
|
I am moving over to using my email address at kernel.org.
Change this in all the affected MAINTAINERS files.
Reviewed-by: Quentin Schulz <[email protected]>
Signed-off-by: Linus Walleij <[email protected]>
Reviewed-by: Neil Armstrong <[email protected]>
|
|
https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request efi-2026-01-rc4
CI: https://source.denx.de/u-boot/custodians/u-boot-efi/-/pipelines/28652
Documentation:
* Correct and add missing pytest hook script environment variable names
* board: verdin-am62p: Fix boot log output
* Add a page for downloading the U-Boot logo with and without text
UEFI:
* Fix a memory leak when retrieving device paths from boot vars
|
|
Fix boot log output not being rendered correctly, fix
it doing the same as done in verdin-am62.rst.
Fixes: b8c43968b801 ("board: toradex: add verdin am62p support")
Signed-off-by: Francesco Dolcini <[email protected]>
|
|
get_dp_device() is used to derive the device path from a boot variable.
However, if the last efi_get_variable_int() call fails, we return an
error without freeing 'buf'.
There's no need to call efi_get_variable_int() for variables we don't
know the size since we have the efi_get_var() wrapper.
Replace that in the two instances we use it. The first one will also
fix the memory leak.
A nice sideeffect is that the code size is also reduced, since we are
re-using functions instead of open coding them
$~ bloat-o-meter u-boot u-boot.new
add/remove: 0/0 grow/shrink: 1/2 up/down: 6/-196 (-190)
Function old new delta
version_string 70 76 +6
efi_launch_capsules 2288 2196 -92
get_dp_device 244 140 -104
Total: Before=1222331, After=1222141, chg -0.02%
Fixes: c74cd8bd08d1 ("efi_loader: capsule: add capsule_on_disk support")
Signed-off-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
|
|
Add the _EXTRA variants of U_BOOT_BUILD_DIR and U_BOOT_RESULT_DIR to the
list of environment variables set for hook scripts.
These were added in commit 8f2a9fa7d6e7 ("test: Support testing with two
board-builds") but were not documented.
Signed-off-by: David Lechner <[email protected]>
|
|
Fix the names of environment variables set for hook scripts. These
have a U_BOOT_ prefix, not UBOOT_.
Signed-off-by: David Lechner <[email protected]>
|
|
Add a page showing the logo with and without text.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The logo with the text 'U-Boot' has been used in multiple presentations.
Up to now it was only available from my upload to wikimedia.org.
Make it available in our repository.
Link: https://upload.wikimedia.org/wikipedia/commons/9/9e/U-Boot_Logo.svg
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Andrew Goodbody <[email protected]> says:
Smatch reported an error where a value calculated by ERR_PTR was not
used. Fixing this to return the generated value led to a test failure
which meant updating the sandbox clock code so that it would still cause
the tests to pass with the above correction.
Debugging this problem led to a SIGSEGV which is addressed in 1/3.
Possible memory leaks noticed are addressed in 3/3.
Link: https://lore.kernel.org/r/[email protected]
|
|
In clk_set_default_rates() memory is allocated to store the clock rates
that are read. Direct returns fail to free this memory leading to a
memory leak so instead use 'goto fail;' which will then perform the free
before exiting the function.
Signed-off-by: Andrew Goodbody <[email protected]>
|
|
In clk_set_default_get_by_id ret is passed to ERR_PTR but nothing is
done with the value that this calculates which is obviously not the
intention of the code. This is confirmed by the code around where this
function is called.
Instead return the value from ERR_PTR.
Then fixup the sandbox code so that the test dm_test_clk does not fail
as it relied on the broken behaviour.
Finally disable part of the test that does not work correctly with
CLK_AUTO_ID
This issue found by Smatch.
Signed-off-by: Andrew Goodbody <[email protected]>
|
|
If LOG_DEBUG is defined and a NULL clk is passed to clk_enable or
clk_disable then an attempt is made to dereference NULL in the debug
statement. Guard against this.
Signed-off-by: Andrew Goodbody <[email protected]>
Reviewed-by: Patrick Delaunay <[email protected]>
|
|
The macro U_BOOT_DEVICE has been renamed to U_BOOT_DRVINFO.
This patch updates the reference in reboot-mode-gpio.h.
Signed-off-by: Cibil Pankiras <[email protected]>
|
|
If noffset is negative, do not pass it to fit_get_name() and then further to
libfdt, this will crash sandbox with SIGSEGV because libfdt can not handle
negative node offsets without full tree check, which U-Boot inhibits to keep
size lower.
Instead, always check noffset before use, and if the return value indicates
failure, exit right away.
Signed-off-by: Marek Vasut <[email protected]>
Acked-by: Heinrich Schuchardt <[email protected]>
|
|
The DA8xx GPIO driver was not being built as part of the A53 U-Boot
image on AM64x and AM65x. This meant only i2c GPIO expanders were
accessible to the users from the U-Boot prompt.
This patch fixes it by setting CONFIG_DA8XX_GPIO.
Signed-off-by: Anshul Dalal <[email protected]>
|
|
Otherwise the custom-cape eeprom (at address 57) reports NACK which
results into "i2c_write: error waiting for data ACK (status=0x116)" and
terminates further scanning.
Signed-off-by: Marian Cingel <[email protected]>
|
|
Commit 5f70be08b015 ("Fix autoboot countdown printing wrong") introduces
inconsistency in how the countdown is displayed. For example, in case
when BOOTDELAY=5, the next output is observed during the boot:
Hit any key to stop autoboot: 5
Hit any key to stop autoboot: 4
Hit any key to stop autoboot: 3
That happens due to different printf format (%2d vs %1d). Moreover, the
mentioned commit fails to handle the case when the user is holding some
key before the countdown is shown. E.g. if BOOTDELAY=101, the next
malformed output is being produced:
Hit any key to stop autoboot: 1 0
That's because the fast path code wasn't modified accordingly, and still
tries to erase the number using '\b\b\b' format.
Fix both issues by introducing a dedicated routine for printing the
whole countdown line.
Fixes: 5f70be08b015 ("Fix autoboot countdown printing wrong")
Signed-off-by: Sam Protsenko <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
Acked-by: David Zang <[email protected]>
|
|
lthreads is of size MAX_THREADS, hence id must be lower than
MAX_THREADS to avoid any potential buffer overflow in
thread_start function.
Signed-off-by: Francois Berder <[email protected]>
|
