At present EFI_SECURE BOOT selects RSA but does not necessarily enable
FIT_SIGNATURE. Mostly this is fine, but a few boards do not enable it,
so U-Boot tries to do RSA verification when loading FIT images, but it
is not enabled.
This worked because the condition for checking the RSA signature is
wrong in the fit_image_verify_with_data() function. In order to fix it
we need to fix this dependency. Make sure that FIT_SIGNATURE is enabled
so that RSA can be used.
It might be better to avoid using 'select' in this situation.
Signed-off-by: Simon Glass <sjg@chromium.org>
We can use the new host_build() function for this, so drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
This is not needed with Kconfig, since we can use IS_ENABLED() easily
enough and the board code is now in a separate file. Update the only place
where this is used and drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a host Kconfig for CRC32. With this we can use CONFIG_IS_ENABLED(CRC32)
directly in the host build, so drop the unnecessary indirection.
Add a few more conditions to SPL_CRC32 to avoid build failures as well as
TPL_CRC32. Also update hash.c to make crc32 optional and to actually take
notice of SPL_CRC32.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a host Kconfig for FIT_RSASSA_PSS. With this we can use
CONFIG_IS_ENABLED(FIT_RSASSA_PSS) directly in the host build, so drop the
forcing of this in the image.h header.
Drop the #ifdef around padding_pss_verify() too since it is not needed.
Use the compiler to check the config where possible, instead of the
preprocessor.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a host Kconfig for FIT_VERBOSE. With this we can use
CONFIG_IS_ENABLED(FIT_VERBOSE) directly in the tools build, so drop the
forcing of this in the image.h header.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a host Kconfig for OF_LIBFDT. With this we can use
CONFIG_IS_ENABLED(OF_LIBFDT) directly in the tools build, so drop the
unnecessary indirection.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Make use of the host Kconfig for FIT. With this we can use
CONFIG_IS_ENABLED(FIT) directly in the host build, so drop the unnecessary
indirection.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
We can use the __maybe_unused attribute to avoid some of the #ifdefs in
this file. Update the functions accordingly.
Note: The actual hashing interface is still a mess, with four separate
combinations and lots of #ifdefs. This should really use a driver
approach, e.g. as is done with partition drivers.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.
For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.
Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.
Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.
This allows us to drop the image.h code and the I_WANT_MD5 hack.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Unfortunately these were removed by mistake. This means that adding hash
support to SPL brings in all software algorithms, with a substantial
increase in code size.
The origin of the problem was renaming them to SPL_FIT_xxx and then these
were removed altogether in a later commit.
Add them back. This aligns with CONFIG_MD5, for example, which has an SPL
variant.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: f5bc9c25f3 ("image: Rename SPL_SHAxxx_SUPPORT to SPL_FIT_SHAxxx")
Fixes: eb5171ddec ("common: Remove unused CONFIG_FIT_SHAxxx selectors")
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
In preparation for enabling CONFIG_IS_ENABLED() on the host build, add
some options to enable the various FIT options expected in these tools.
This will ensure that the code builds correctly when CONFIG_TOOLS_xxx
is distinct from CONFIG_xxx.
Drop some #ifdefs which are immediately unnecessary (many more are in
later patches).
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
At present we must separately test for the host build for many options,
since we force them to be enabled. For example, CONFIG_FIT is always
enabled in the host tools, even if CONFIG_FIT is not enabled by the
board itself.
It would be more convenient if we could use, for example,
CONFIG_IS_ENABLED(FIT) and get CONFIG_HOST_FIT, when building for the
host. Add support for this.
With this and the tools_build() function, we should be able to remove all
the #ifdefs currently needed in code that is build by tools and targets.
This will be even nicer when we move to using CONFIG(xxx) everywhere,
since all the #ifdef and IS_ENABLED/CONFIG_IS_ENABLED stuff will go away.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> # b4f73886
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
With the new TOOLS_LIBCRYPTO and some other changes, it seems that we are
heading towards calling this a tools build rather than a host build,
although of course it does happen on the host.
I cannot think of anything built by the host which cannot be described as
a tool, so rename this function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Add a macro to handle manually relocating a pointer. Update the iamge code
to use this to avoid needing #ifdefs.
This also fixes a bug where the 'done' flag was not set.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rather than adding an #ifdef and open-coding this calculation, add a
helper function to handle it. Use this in the image code.
Signed-off-by: Simon Glass <sjg@chromium.org>
To avoid having #ifdefs in a few functions which are completely different
in the board and host code, create a new image-host.c file.
Signed-off-by: Simon Glass <sjg@chromium.org>
To avoid a large #ifdef in the image.c file, move the affected code into
a separate file.
Avoid any style fix-ups for easier review. Those are in the next patch.
Signed-off-by: Simon Glass <sjg@chromium.org>
Adjust this function so that preprocessor macros are not needed. With
this, the host build uses more of the same header files as the target
build.
Rather than definining CONFIG_SYS_MALLOC_LEN, add a CONSERVE_MEMORY
define, since that is the purpose of the value.
This appears to have no impact on code size from a spot check of a few
boards (snow, firefly-rk3288, boston32r2el, m53menlo).
Signed-off-by: Simon Glass <sjg@chromium.org>
The gzip API uses the u64 type in it, which is not available in the host
build. This makes it impossible to include the header file.
We could make this type available, but it seems unnecessary. Limiting the
compression size to that of the 'unsigned long' type seems good enough. On
32-bit machines the limit then becomes 4GB, which likely exceeds available
RAM anyway, therefore it should be sufficient. On 64-bit machines this is
effectively u64 anyway.
Update the header file and implementation to use 'ulong' instead of 'u64'.
Add a definition of u32 for the cases that seem to need exactly that
length. This should be safe enough.
Signed-off-by: Simon Glass <sjg@chromium.org>
The zstd implementation prints the error in image_decomp() which is
incorrect and does not match other algorithms. Drop this and let the
caller report the error.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this function is full of preprocessor macros. Adjust it to
check for an unsupported algorithm after the switch(). This will allow
us to drop the macros.
Fix up the return-value path and an extra blank line while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
The existing zstd API requires the same sequence of calls to perform its
task. Create a helper for U-Boot, to avoid code duplication, as is done
with other compression algorithms. Make use of of this from the image
code.
Note that the zstd code lacks a test in test/compression.c and this should
be added by the maintainer.
Signed-off-by: Simon Glass <sjg@chromium.org>
When passing a data buffer back from a function, it is not always clear
who owns the buffer, i.e. who is responsible for freeing the memory used.
An example of this is where multiple files are decompressed from the
firmware image, using a temporary buffer for reading (since the
compressed data has to live somewhere) and producing a temporary or
permanent buffer with the resuilts.
Where the firmware image can be memory-mapped, as on x86, the compressed
data does not need to be buffered, but the complexity of having a buffer
which is either allocated or not, makes the code hard to understand.
Introduce a new 'abuf' which supports simple buffer operations:
- encapsulating a buffer and its size
- either allocated with malloc() or not
- able to be reliably freed if necessary
- able to be converted to an allocated buffer if needed
This simple API makes it easier to deal with allocated and memory-mapped
buffers.
Signed-off-by: Simon Glass <sjg@chromium.org>
DM_GPIO_HOG flag has been replaced by GPIO_HOG flag since a while in
commit 49b10cb492 ("gpio: fixes for gpio-hog support").
And furthermore, gpio_hog_probe_all() is already called in board_r.c.
So gpio_hog_probe() can be removed from stm32mp1.c.
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Marek Vasut <marex@denx.de>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
DM_GPIO_HOG flag has been replaced by GPIO_HOG flag since a while in
commit 49b10cb492 ("gpio: fixes for gpio-hog support").
And furthermore, gpio_hog_probe_all() is already called in board_r.c.
So gpio_hog_probe() can be removed from stm32mp1.c.
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Compute i2cclk only one time in stm32_i2c_compute_timing()
and remove setup parameter (accessible in i2c_priv).
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Add the support for the i2c-digital-filter binding, allowing to enable
the digital filter via the device-tree and indicate its value in the DT
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The digital filter related computation are present in the driver
however the programming of the filter within the IP is missing.
The maximum value for the DNF is wrong and should be 15 instead of 16.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Replace driver internally coded enabling/disabling of the
analog-filter with the DT binding "i2c-analog-filter".
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Today all the I2C instance point on the same global
variable stm32_i2c_setup according the compatible: i2c_priv->setup =
pointer to the same driver data.
This patch changes this driver data (stm32f7_setup and stm32mp15_setup)
to a const struct and move the timing struct 'setup' as element of i2c
privdata, initialized in stm32_ofdata_to_platdata() with the driver
configuration data.
This patch solves issues when several I2C instance have not the same
clock source or not the same configuration: each timing setup is saved
is the I2C privdata.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Commit ca1a4c8632 ("mvebu: select boot device at SoC level") made it
unnecessary for the A385 boards to have their own kwbimage.cfg but as
the x530 was in flight at the time it was added with it's own
kwbimage.cfg. Remove the custom kwbimage.cfg as the SoC level file is
suitable.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Since the CP1 pinctrl is not properly set in the DTS, there is no
need for setting the pinctrl by writing hardcoded values to the MPP
registers.
So, drop the code relating to that.
Fixes: 87c220d0 ("arm: mvebu: mvebu_armada-8k: Add support for initializing iEi Puzzle-M801 networking")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Reviewed-by: Stefan Roese <sr@denx.de>
Current CP1 pinctrl that is set on the Puzzle M801 is incorrect.
CP1 pins are only used for the SMI bus and the MSS I2C, all other
pins are just GPIO-s.
Due to this being set completely wrong, the pinctrl was actually
ended up being hardcoded in the board_early_init_f() step so that
SMI would work.
That is obviously not the right thing to do, so convert the register
hex values that were being written to individual pin modes and set it
in the DTS.
Add the SMI pins to the CP1 MDIO node as otherwise CP1 pinctrl does
not get probed without an consumer.
Fixes: 2ae2b8a2 ("arm: mvebu: Initial iEi Puzzle-M801 support")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Reviewed-by: Stefan Roese <sr@denx.de>
Select SPL_SKIP_LOWLEVEL_INIT on 32bit Armada platforms via Kconfig,
as this was removed from mach/config.h in a2ac2b96 ("Convert
CONFIG_SKIP_LOWLEVEL_INIT et al to Kconfig").
Signed-off-by: Stefan Roese <sr@denx.de>
Fixes: a2ac2b96 ("Convert CONFIG_SKIP_LOWLEVEL_INIT et al to Kconfig")
Cc: Tom Rini <trini@konsulko.com>
Cc: Marek Behún <kabel@kernel.org>
Cc: Pali Rohár <pali@kernel.org>
Tested-by: Pali Rohár <pali@kernel.org>
There were several changes for this structure but the documentation was
not changed at the time. Fix this.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Now that PCI Bridge (PCIe Root Port) for Aardvark is emulated in U-Boot,
add support for handling and propagation of CRSSVE bit.
When CRSSVE bit is unset (default), driver has to reissue config
read/write request on CRS response.
CRSSVE bit is supported only when CRSVIS bit is provided in read-only
Root Capabilities register. So manually inject this CRSVIS bit into read
response for that register.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Now that PCI Bridge is working for the PCIe Root Port, U-Boot's PCI_PNP
code automatically enables memory access and bus mastering when needed.
We do not need to enable it when setting the HW up.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>