| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
|
|
Signed-off-by: Robert Winkler <robert.winkler@boundarydevices.com>
|
|
Signed-off-by: Eric Jarrige <eric.jarrige@armadeus.org>
Signed-off-by: Philippe Reynes <tremyfr@yahoo.fr>
|
|
Signed-off-by: Philippe Reynes <tremyfr@yahoo.fr>
|
|
The SabreSD platform is available with i.MX6Q or i.MX6DL. This patch adds the
support of the i.MX6DL. The config file and the board directory are renamed
to remove the reference to the MX6Q.
Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
CC: Stefano Babic <sbabic@denx.de>
Reviewed-by: Fabio Estevam <fabio.estevam@freescale.com>
|
|
Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
CC: Stefano Babic <sbabic@denx.de>
|
|
Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
CC: Stefano Babic <sbabic@denx.de>
Acked-by: Dirk Behme <dirk.behme@gmail.com>
|
|
Signed-off-by: Eric Nelson <eric.nelson@boundarydevices.com>
|
|
Signed-off-by: Axel Lin <axel.lin@ingics.com>
|
|
Signed-off-by: Axel Lin <axel.lin@ingics.com>
|
|
Signed-off-by: Axel Lin <axel.lin@ingics.com>
|
|
Signed-off-by: Axel Lin <axel.lin@ingics.com>
|
|
Align the list of default commands mentioned in the configuration options
paragraph of the README with the actual definitions found in
include/config_cmd_default.h
Signed-off-by: Vincent Stehlé <vincent.stehle@freescale.com>
|
|
With CONFIG_SYS_64BIT_LBA, lbaint_t gets defined as a 64-bit type,
which is required to represent block numbers for storage devices that
exceed 2TiB (the block size usually is 512B), e.g. recent hard drives.
For some obscure reason, the current U-Boot code uses lbaint_t for the
number of blocks to read (a rather optimistic estimation of how RAM
sizes will evolve), but not for the starting address. Trying to access
blocks beyond the 2TiB boundary will simply wrap around and read a
block within the 0..2TiB range.
We now use lbaint_t for block start addresses, too. This required
changes to all block drivers as the signature of block_read(),
block_write() and block_erase() in block_dev_desc_t changed.
Signed-off-by: Sascha Silbe <t-uboot@infra-silbe.de>
|
|
This patch introduces support for command line arguments to Plan 9.
Plan 9 generally dedicates a small region of kernel memory (known
as CONFADDR) for runtime configuration. A new environment variable
named confaddr was introduced to indicate this location when copying
arguments.
Signed-off-by: Steven Stallion <sstallion@gmail.com>
[trini: Adapt for Simon's changes about correcting argc, no need to bump
by 2 now]
Signed-off-by: Tom Rini <trini@ti.com>
|
|
The spi clock divisor is of the form x * (2**y), or x << y, where x is
1 to 16, and y is 0 to 15. Note the similarity with floating point numbers.
Convert the desired divisor to the smallest number which is >= desired divisor,
and can be represented in this form. The previous algorithm chose a divisor
which could be almost twice as large as needed.
Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: Dirk Behme <dirk.behme@gmail.com>
|
|
Fix two issues with the calculation of pre_div and post_div:
1. pre_div: While the calculation of pre_div looks correct, to set the
CONREG[15-12] bits pre_div needs to be decremented by 1:
The i.MX 6Dual/6Quad Applications Processor Reference Manual (IMX6DQRM
Rev. 0, 11/2012) states:
CONREG[15-12]: PRE_DIVIDER
0000 Divide by 1
0001 Divide by 2
0010 Divide by 3
...
1101 Divide by 14
1110 Divide by 15
1111 Divide by 16
I.e. if we want to divide by 2, we have to write 1 to CONREG[15-12].
2. In case the post divider becomes necessary, pre_div will be divided by
16. So set pre_div to 16, too. And not 15.
Both issues above are tested using the following examples:
clk_src = 60000000 (60MHz, default i.MX6 ECSPI clock)
a) max_hz == 23000000 (23MHz, max i.MX6 ECSPI read clock)
-> pre_div = 3 (divide by 3 => CONREG[15-12] == 2)
-> post_div = 0 (divide by 1 => CONREG[11- 8] == 0)
=> 60MHz / 3 = 20MHz SPI clock
b) max_hz == 2000000 (2MHz)
-> pre_div = 16 (divide by 16 => CONREG[15-12] == 15)
-> post_div = 1 (divide by 2 => CONREG[11- 8] == 1)
=> 60MHz / 32 = 1.875MHz SPI clock
c) max_hz == 1000000 (1MHz)
-> pre_div = 16 (divide by 16 => CONREG[15-12] == 15)
-> post_div = 2 (divide by 4 => CONREG[11- 8] == 2)
=> 60MHz / 64 = 937.5kHz SPI clock
d) max_hz == 500000 (500kHz)
-> pre_div = 16 (divide by 16 => CONREG[15-12] == 15)
-> post_div = 3 (divide by 8 => CONREG[11- 8] == 3)
=> 60MHz / 128 = 468.75kHz SPI clock
Signed-off-by: Dirk Behme <dirk.behme@gmail.com>
|
|
Add a description of how to implement verified boot using signed FIT images,
and a simple test which verifies operation on sandbox.
The test signs a FIT image and verifies it, then signs a FIT configuration
and verifies it. Then it corrupts the signature to check that this is
detected.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We want to sign and verify images using sandbox, so enable these options.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).
Add support for signing of FIT configurations using the libfdt's region
support.
Please see doc/uImage.FIT/signature.txt for more information.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a function to find regions in device tree given a list of nodes to
include and properties to exclude.
See the header file for full documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Normally, multiple public keys can be provided and U-Boot is not
required to use all of them for verification. This is because some
images may not be signed, or may be optionally signed.
But we still need a mechanism to determine when a key must be used.
This feature cannot be implemented in the FIT itself, since anyone
could change it to mark a key as optional. The requirement for
key verification must go in with the public keys, in a place that
is protected from modification.
Add a -r option which tells mkimage to mark all keys that it uses
for signing as 'required'.
If some keys are optional and some are required, run mkimage several
times (perhaps with different key directories if some keys are very
secret) using the -F flag to update an existing FIT.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
|
|
When signing an image, it is useful to add some details about which tool
or person is authorising the signing. Add a comment field which can take
care of miscellaneous requirements.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
|
|
When signing images it is sometimes necessary to sign with different keys
at different times, or make the signer entirely separate from the FIT
creation to avoid needing the private keys to be publicly available in
the system.
Add a -F option so that key signing can be a separate step, and possibly
done multiple times as different keys are avaiable.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
|
|
FIT image verification requires public keys. Add a convenient option to
mkimage to write the public keys to an FDT blob when it uses then for
signing an image. This allows us to use:
mkimage -f test.its -K dest.dtb -k keys test.fit
and have the signatures written to test.fit and the corresponding public
keys written to dest.dtb. Then dest.dtb can be used as the control FDT
for U-Boot (CONFIG_OF_CONTROL), thus providing U-Boot with access to the
public keys it needs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
|
|
Keys required for signing images will be in a specific directory. Add a
-k option to specify that directory.
Also update the mkimage man page with this information and a clearer list
of available commands.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de> (v1)
|
|
RSA provides a public key encryption facility which is ideal for image
signing and verification.
Images are signed using a private key by mkimage. Then at run-time, the
images are verified using a private key.
This implementation uses openssl for the host part (mkimage). To avoid
bringing large libraries into the U-Boot binary, the RSA public key
is encoded using a simple numeric representation in the device tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a structure to describe an algorithm which can sign and (later) verify
images.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add configs to enable tracing when it is needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Some changes are needed to x86 timer functions to support tracing. Add
these so that the feature works correctly.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add tracing to Exynos5 boards, so that tracing can be enabled when building
with 'make FTRACE=1'. We use a 16MB trace buffer.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
For tracing to work it has to be able to access the microsecond timer
without causing a recursive call to the function entry/exit handlers.
Add attributes to the relevant functions to support this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Implement this feature on ARM for tracing.
It would be nice to have generic bootm support so that it is easily
implemented on any arch.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Albert ARIBAUD <albert.u.boot@aribaud.net>
|
|
For tracing it is useful to run as much of U-Boot as possible so as to get
a complete picture. Quite a bit of work happens in bootm, and we don't want
to have to stop tracing before bootm starts.
Add a way of doing a 'fake' boot of the OS - which does everything up to
the point where U-Boot is about to jump to the OS image. This allows
tracing to record right until the end.
This requires arch support to work.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present the bootm code is mostly duplicated for the plain 'bootm'
command and its sub-command variant. This makes the code harder to
maintain and means that changes must be made to several places.
Introduce do_bootm_states() which performs selected portions of the bootm
work, so that both plain 'bootm' and 'bootm <sub_command>' can use the
same code.
Additional duplication exists in bootz, so tidy that up as well. This
is not intended to change behaviour, apart from minor fixes where the
previously-duplicated code missed some chunks of code.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present the arguments to bootm are processed in a somewhat confusing
way. Sub-functions must know how many arguments their calling functions
have processed, and the OS boot function must also have this information.
Also it isn't obvious that 'bootm' and 'bootm start' provide arguments in
the same way.
Adjust the code so that arguments are removed from the list before calling
a sub-function. This means that all functions can know that argv[0] is the
first argument of which they need to take notice.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
It is difficult to automatically test tracing on most architectures, but
with sandbox it is easy enough to do a simple sanity check.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Support tracing on sandbox by adding suitable CONFIG options. To enable it,
compile U-Boot with FTRACE=1.
The timer functions are marked to skip tracing, since these are called from
the tracing code itself, and we want to avoid an infinite loop.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This tool provides the facility to decode U-Boot trace data and write out
a text file in Linux ftrace format for use with pytimechart.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add hooks for tracing to generic board, including:
- allow early tracing to start early as possible in U-Boot
- reserve memory for trace buffer
- copy early trace buffer to main trace buffer after relocation
- setup full tracing support after relocation
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Use -finstrument-functions when tracing is enabled (make FTRACE=1).
Tracing is not currently supported by SPL even if sufficient memory is
available.
When tracing is enabled, we #define FTRACE. This can be used by
board config files to conditionally enable the tracing options.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a trace command with sub-commands to start/stop tracing, print out
statistics and dump trace information to memory for later upload to a host.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a library which supports tracing of execution using built-in gcc
features and a microsecond timer. This can be used to record a list of
function which are executed, along with a timestamp for each. Later
this information can be sent to the host for processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move bootstage's numbering printing code into a generic place so that it can
be used by tracing also.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The unstash code is a bit loose with its printf() types, which gives
warnings on sandbox. Correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
When this test fails it is useful to see the output from U-Boot. Add
printing of this information on failure.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
For some reason this does not normally cause a compiler warning, but the code
seems to be incorrect. Add the missing return.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Enabling FIT produces a compile error. Fix this.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
I am not sure of the meaning of extern inline, but this gives errors
when building with function instrumenting enabled. Change these functions
to static inline.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
