aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--arch/arm/mach-mediatek/mt7622/init.c2
-rw-r--r--board/beagle/beagleplay/Kconfig1
-rw-r--r--board/google/veyron/veyron.c30
-rw-r--r--board/microchip/mpfs_icicle/MAINTAINERS2
-rw-r--r--board/ti/am335x/MAINTAINERS1
-rw-r--r--boot/Kconfig4
-rw-r--r--common/spl/spl_atf.c3
-rw-r--r--configs/am335x_boneblack_vboot_defconfig94
-rw-r--r--configs/am335x_evm_defconfig3
-rw-r--r--configs/chromebook_bob_defconfig1
-rw-r--r--configs/chromebook_kevin_defconfig1
-rw-r--r--configs/chromebook_link_defconfig2
-rw-r--r--configs/nyan-big_defconfig1
-rw-r--r--doc/usage/fit/beaglebone_vboot.rst21
-rw-r--r--drivers/power/regulator/regulator-uclass.c2
-rw-r--r--lib/Kconfig4
16 files changed, 38 insertions, 134 deletions
diff --git a/arch/arm/mach-mediatek/mt7622/init.c b/arch/arm/mach-mediatek/mt7622/init.c
index 00d3eb9..1f32ff9 100644
--- a/arch/arm/mach-mediatek/mt7622/init.c
+++ b/arch/arm/mach-mediatek/mt7622/init.c
@@ -28,7 +28,7 @@ int dram_init(void)
if (ret)
return ret;
- gd->ram_size = get_ram_size((void *)gd->ram_base, SZ_2G);
+ gd->ram_size = get_ram_size((void *)gd->ram_base, SZ_1G);
return 0;
}
diff --git a/board/beagle/beagleplay/Kconfig b/board/beagle/beagleplay/Kconfig
index 7dbd833..896a1c1 100644
--- a/board/beagle/beagleplay/Kconfig
+++ b/board/beagle/beagleplay/Kconfig
@@ -12,6 +12,7 @@ config TARGET_AM625_A53_BEAGLEPLAY
bool "BeagleBoard.org AM625 BeaglePlay running on A53"
select ARM64
select BINMAN
+ select OF_SYSTEM_SETUP
config TARGET_AM625_R5_BEAGLEPLAY
bool "BeagleBoard.org AM625 BeaglePlay running on R5"
diff --git a/board/google/veyron/veyron.c b/board/google/veyron/veyron.c
index 32dbcdc..6d4c9de 100644
--- a/board/google/veyron/veyron.c
+++ b/board/google/veyron/veyron.c
@@ -29,44 +29,38 @@ static int veyron_init(void)
int ret;
ret = regulator_get_by_platname("vdd_arm", &dev);
- if (ret) {
- debug("Cannot set regulator name\n");
- return ret;
- }
+ if (ret)
+ return log_msg_ret("vdd", ret);
/* Slowly raise to max CPU voltage to prevent overshoot */
ret = regulator_set_value(dev, 1200000);
if (ret)
- return ret;
+ return log_msg_ret("s12", ret);
udelay(175); /* Must wait for voltage to stabilize, 2mV/us */
ret = regulator_set_value(dev, 1400000);
if (ret)
- return ret;
+ return log_msg_ret("s14", ret);
udelay(100); /* Must wait for voltage to stabilize, 2mV/us */
ret = rockchip_get_clk(&clk.dev);
if (ret)
- return ret;
+ return log_msg_ret("clk", ret);
clk.id = PLL_APLL;
ret = clk_set_rate(&clk, 1800000000);
if (IS_ERR_VALUE(ret))
- return ret;
+ return log_msg_ret("s18", ret);
ret = regulator_get_by_platname("vcc33_sd", &dev);
- if (ret) {
- debug("Cannot get regulator name\n");
- return ret;
- }
+ if (ret)
+ return log_msg_ret("vcc", ret);
ret = regulator_set_value(dev, 3300000);
if (ret)
- return ret;
+ return log_msg_ret("s33", ret);
ret = regulators_enable_boot_on(false);
- if (ret) {
- debug("%s: Cannot enable boot on regulators\n", __func__);
- return ret;
- }
+ if (ret)
+ return log_msg_ret("boo", ret);
return 0;
}
@@ -81,7 +75,7 @@ int board_early_init_r(void)
if (!fdt_node_check_compatible(gd->fdt_blob, 0, "google,veyron")) {
ret = veyron_init();
if (ret)
- return ret;
+ return log_msg_ret("vey", ret);
}
#endif
/*
diff --git a/board/microchip/mpfs_icicle/MAINTAINERS b/board/microchip/mpfs_icicle/MAINTAINERS
index 22f3b97..d092b5a 100644
--- a/board/microchip/mpfs_icicle/MAINTAINERS
+++ b/board/microchip/mpfs_icicle/MAINTAINERS
@@ -1,5 +1,5 @@
Microchip MPFS icicle
-M: Padmarao Begari <padmarao.begari@microchip.com>
+M: Conor Dooley <conor.dooley@microchip.com>
M: Cyril Jean <cyril.jean@microchip.com>
S: Maintained
F: board/microchip/mpfs_icicle/
diff --git a/board/ti/am335x/MAINTAINERS b/board/ti/am335x/MAINTAINERS
index 219c871..ed8800a 100644
--- a/board/ti/am335x/MAINTAINERS
+++ b/board/ti/am335x/MAINTAINERS
@@ -3,6 +3,5 @@ M: Tom Rini <trini@konsulko.com>
S: Maintained
F: board/ti/am335x/
F: include/configs/am335x_evm.h
-F: configs/am335x_boneblack_vboot_defconfig
F: configs/am335x_evm_defconfig
F: configs/am335x_evm_spiboot_defconfig
diff --git a/boot/Kconfig b/boot/Kconfig
index 36bdc83..4c9d2c0 100644
--- a/boot/Kconfig
+++ b/boot/Kconfig
@@ -734,6 +734,10 @@ config LEGACY_IMAGE_FORMAT
config MEASURED_BOOT
bool "Measure boot images and configuration when booting without EFI"
depends on HASH && TPM_V2
+ select SHA1
+ select SHA256
+ select SHA384
+ select SHA512
help
This option enables measurement of the boot process when booting
without UEFI . Measurement involves creating cryptographic hashes
diff --git a/common/spl/spl_atf.c b/common/spl/spl_atf.c
index 3bdd013..9afe645 100644
--- a/common/spl/spl_atf.c
+++ b/common/spl/spl_atf.c
@@ -204,7 +204,8 @@ static void __noreturn bl31_entry(uintptr_t bl31_entry, uintptr_t bl32_entry,
fdt_addr);
raw_write_daif(SPSR_EXCEPTION_MASK);
- dcache_disable();
+ if (!CONFIG_IS_ENABLED(SYS_DCACHE_OFF))
+ dcache_disable();
atf_entry(bl31_params, (void *)fdt_addr);
}
diff --git a/configs/am335x_boneblack_vboot_defconfig b/configs/am335x_boneblack_vboot_defconfig
deleted file mode 100644
index d473a1a..0000000
--- a/configs/am335x_boneblack_vboot_defconfig
+++ /dev/null
@@ -1,94 +0,0 @@
-CONFIG_ARM=y
-CONFIG_ARCH_CPU_INIT=y
-# CONFIG_SPL_USE_ARCH_MEMCPY is not set
-# CONFIG_SPL_USE_ARCH_MEMSET is not set
-CONFIG_ARCH_OMAP2PLUS=y
-CONFIG_TI_COMMON_CMD_OPTIONS=y
-CONFIG_HAS_CUSTOM_SYS_INIT_SP_ADDR=y
-CONFIG_CUSTOM_SYS_INIT_SP_ADDR=0x4030ff00
-CONFIG_SF_DEFAULT_SPEED=24000000
-CONFIG_DEFAULT_DEVICE_TREE="am335x-boneblack"
-CONFIG_AM33XX=y
-CONFIG_CLOCK_SYNTHESIZER=y
-CONFIG_SPL=y
-CONFIG_ENV_OFFSET_REDUND=0x280000
-CONFIG_TIMESTAMP=y
-CONFIG_FIT_SIGNATURE=y
-CONFIG_FIT_VERBOSE=y
-CONFIG_SYS_BOOTM_LEN=0x1000000
-CONFIG_DISTRO_DEFAULTS=y
-CONFIG_AUTOBOOT_KEYED=y
-CONFIG_AUTOBOOT_PROMPT="Press SPACE to abort autoboot in %d seconds\n"
-CONFIG_AUTOBOOT_DELAY_STR="d"
-CONFIG_AUTOBOOT_STOP_STR=" "
-CONFIG_BOOTCOMMAND="run findfdt; run init_console; run finduuid; run distro_bootcmd"
-CONFIG_SYS_CONSOLE_INFO_QUIET=y
-CONFIG_ARCH_MISC_INIT=y
-CONFIG_SPL_SYS_MALLOC=y
-CONFIG_SPL_SYS_MALLOC_SIZE=0x800000
-CONFIG_SPL_MUSB_NEW=y
-# CONFIG_SPL_NAND_SUPPORT is not set
-CONFIG_SPL_NET=y
-CONFIG_SPL_NET_VCI_STRING="AM33xx U-Boot SPL"
-CONFIG_SPL_OS_BOOT=y
-CONFIG_SPL_FALCON_BOOT_MMCSD=y
-CONFIG_SYS_MMCSD_RAW_MODE_KERNEL_SECTOR=0x1700
-CONFIG_SYS_MMCSD_RAW_MODE_ARGS_SECTOR=0x1500
-CONFIG_SYS_MMCSD_RAW_MODE_ARGS_SECTORS=0x200
-CONFIG_CMD_SPL=y
-CONFIG_SYS_I2C_EEPROM_ADDR_LEN=2
-# CONFIG_CMD_SETEXPR is not set
-CONFIG_BOOTP_DNS2=y
-CONFIG_OF_CONTROL=y
-CONFIG_SPL_OF_CONTROL=y
-CONFIG_ENV_OVERWRITE=y
-CONFIG_ENV_IS_IN_MMC=y
-CONFIG_SYS_REDUNDAND_ENVIRONMENT=y
-CONFIG_SYS_RELOC_GD_ENV_ADDR=y
-CONFIG_SYS_MMC_ENV_DEV=1
-CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG=y
-CONFIG_VERSION_VARIABLE=y
-CONFIG_NET_RETRY_COUNT=10
-CONFIG_BOOTP_SEND_HOSTNAME=y
-# CONFIG_SPL_BLK is not set
-CONFIG_BOOTCOUNT_LIMIT=y
-CONFIG_SYS_BOOTCOUNT_BE=y
-CONFIG_DFU_MMC=y
-CONFIG_DFU_RAM=y
-CONFIG_USB_FUNCTION_FASTBOOT=y
-CONFIG_DM_I2C=y
-CONFIG_MISC=y
-CONFIG_SYS_I2C_EEPROM_ADDR=0x50
-# CONFIG_SPL_DM_MMC is not set
-CONFIG_MMC_OMAP_HS=y
-CONFIG_MTD=y
-CONFIG_DM_SPI_FLASH=y
-CONFIG_SPI_FLASH_WINBOND=y
-CONFIG_PHY_ATHEROS=y
-CONFIG_PHY_SMSC=y
-CONFIG_PHY_GIGE=y
-CONFIG_MII=y
-CONFIG_DRIVER_TI_CPSW=y
-CONFIG_DM_PMIC=y
-# CONFIG_SPL_DM_PMIC is not set
-CONFIG_PMIC_TPS65217=y
-CONFIG_SPL_POWER_TPS65910=y
-CONFIG_SPI=y
-CONFIG_DM_SPI=y
-CONFIG_OMAP3_SPI=y
-CONFIG_TIMER=y
-CONFIG_OMAP_TIMER=y
-CONFIG_USB=y
-CONFIG_DM_USB_GADGET=y
-CONFIG_SPL_DM_USB_GADGET=y
-CONFIG_USB_MUSB_HOST=y
-CONFIG_USB_MUSB_GADGET=y
-CONFIG_USB_MUSB_TI=y
-CONFIG_USB_GADGET=y
-CONFIG_SPL_USB_GADGET=y
-CONFIG_USB_GADGET_MANUFACTURER="Texas Instruments"
-CONFIG_USB_GADGET_VENDOR_NUM=0x0451
-CONFIG_USB_GADGET_PRODUCT_NUM=0xd022
-CONFIG_USB_ETHER=y
-CONFIG_SPL_USB_ETHER=y
-CONFIG_LZO=y
diff --git a/configs/am335x_evm_defconfig b/configs/am335x_evm_defconfig
index d243cb1..cabc181 100644
--- a/configs/am335x_evm_defconfig
+++ b/configs/am335x_evm_defconfig
@@ -13,6 +13,8 @@ CONFIG_AM335X_USB0_PERIPHERAL=y
CONFIG_AM335X_USB1=y
CONFIG_SPL=y
CONFIG_TIMESTAMP=y
+CONFIG_FIT_SIGNATURE=y
+CONFIG_FIT_VERBOSE=y
CONFIG_SPL_LOAD_FIT=y
CONFIG_SYS_BOOTM_LEN=0x1000000
CONFIG_DISTRO_DEFAULTS=y
@@ -119,5 +121,4 @@ CONFIG_SPL_USB_ETHER=y
CONFIG_WDT=y
# CONFIG_SPL_WDT is not set
CONFIG_DYNAMIC_CRC_TABLE=y
-CONFIG_RSA=y
CONFIG_LZO=y
diff --git a/configs/chromebook_bob_defconfig b/configs/chromebook_bob_defconfig
index acfe393..b2ecfa6 100644
--- a/configs/chromebook_bob_defconfig
+++ b/configs/chromebook_bob_defconfig
@@ -1,5 +1,6 @@
CONFIG_ARM=y
CONFIG_SKIP_LOWLEVEL_INIT=y
+CONFIG_SPL_SYS_DCACHE_OFF=y
CONFIG_COUNTER_FREQUENCY=24000000
CONFIG_ARCH_ROCKCHIP=y
CONFIG_TEXT_BASE=0x00200000
diff --git a/configs/chromebook_kevin_defconfig b/configs/chromebook_kevin_defconfig
index 95fdb41..da748e4 100644
--- a/configs/chromebook_kevin_defconfig
+++ b/configs/chromebook_kevin_defconfig
@@ -2,6 +2,7 @@ CONFIG_ARM=y
CONFIG_SKIP_LOWLEVEL_INIT=y
CONFIG_COUNTER_FREQUENCY=24000000
CONFIG_ARCH_ROCKCHIP=y
+CONFIG_SPL_SYS_DCACHE_OFF=y
CONFIG_TEXT_BASE=0x00200000
CONFIG_SPL_GPIO=y
CONFIG_NR_DRAM_BANKS=1
diff --git a/configs/chromebook_link_defconfig b/configs/chromebook_link_defconfig
index a9f91dd..1a72fd1 100644
--- a/configs/chromebook_link_defconfig
+++ b/configs/chromebook_link_defconfig
@@ -15,6 +15,8 @@ CONFIG_DEBUG_UART=y
CONFIG_HAVE_MRC=y
CONFIG_SMP=y
CONFIG_HAVE_VGA_BIOS=y
+CONFIG_HAS_BOARD_SIZE_LIMIT=y
+CONFIG_BOARD_SIZE_LIMIT=630000
CONFIG_FIT=y
CONFIG_BOOTSTAGE=y
CONFIG_BOOTSTAGE_REPORT=y
diff --git a/configs/nyan-big_defconfig b/configs/nyan-big_defconfig
index 1483d17..4dec710 100644
--- a/configs/nyan-big_defconfig
+++ b/configs/nyan-big_defconfig
@@ -17,7 +17,6 @@ CONFIG_TEGRA124=y
CONFIG_TARGET_NYAN_BIG=y
CONFIG_TEGRA_GPU=y
CONFIG_SYS_LOAD_ADDR=0x82408000
-CONFIG_DEBUG_UART=y
CONFIG_FIT=y
CONFIG_FIT_BEST_MATCH=y
CONFIG_BOOTSTAGE=y
diff --git a/doc/usage/fit/beaglebone_vboot.rst b/doc/usage/fit/beaglebone_vboot.rst
index cd6bb14..1298ba1 100644
--- a/doc/usage/fit/beaglebone_vboot.rst
+++ b/doc/usage/fit/beaglebone_vboot.rst
@@ -67,18 +67,20 @@ a. Set up the environment variable to point to your toolchain. You will need
export CROSS_COMPILE=arm-linux-gnueabi-
-b. Configure and build U-Boot with verified boot enabled::
+b. Configure and build U-Boot with verified boot enabled. Note that we use the
+am335x_evm target since it covers all boards based on the AM335x evaluation
+board::
export UBOOT=/path/to/u-boot
cd $UBOOT
# You can add -j10 if you have 10 CPUs to make it faster
- make O=b/am335x_boneblack_vboot am335x_boneblack_vboot_config all
- export UOUT=$UBOOT/b/am335x_boneblack_vboot
+ make O=b/am335x_evm am335x_evm_config all
+ export UOUT=$UBOOT/b/am335x_evm
c. You will now have a U-Boot image::
- file b/am335x_boneblack_vboot/u-boot-dtb.img
- b/am335x_boneblack_vboot/u-boot-dtb.img: u-boot legacy uImage,
+ file b/am335x_evm/u-boot-dtb.img
+ b/am335x_evm/u-boot-dtb.img: u-boot legacy uImage,
U-Boot 2014.07-rc2-00065-g2f69f8, Firmware/ARM, Firmware Image
(Not compressed), 395375 bytes, Sat May 31 16:19:04 2014,
Load Address: 0x80800000, Entry Point: 0x00000000,
@@ -466,7 +468,7 @@ the private key that you signed with so that it can verify any kernels that
you sign::
cd $UBOOT
- make O=b/am335x_boneblack_vboot EXT_DTB=${WORK}/am335x-boneblack-pubkey.dtb
+ make O=b/am335x_evm EXT_DTB=${WORK}/am335x-boneblack-pubkey.dtb
Here we are overriding the normal device tree file with our one, which
contains the public key.
@@ -597,14 +599,11 @@ Further Improvements
Several of the steps here can be easily automated. In particular it would be
capital if signing and packaging a kernel were easy, perhaps a simple make
-target in the kernel.
+target in the kernel. A starting point for this is the 'make image.fit' target
+for ARM64 in Linux from v6.9 onwards.
Some mention of how to use multiple .dtb files in a FIT might be useful.
-U-Boot's verified boot mechanism has not had a robust and independent security
-review. Such a review should look at the implementation and its resistance to
-attacks.
-
Perhaps the verified boot feature could be integrated into the Amstrom
distribution.
diff --git a/drivers/power/regulator/regulator-uclass.c b/drivers/power/regulator/regulator-uclass.c
index 77d101f..d9e1fb6 100644
--- a/drivers/power/regulator/regulator-uclass.c
+++ b/drivers/power/regulator/regulator-uclass.c
@@ -518,7 +518,7 @@ int regulators_enable_boot_on(bool verbose)
dev;
uclass_next_device(&dev)) {
ret = regulator_autoset(dev);
- if (ret == -EMEDIUMTYPE) {
+ if (ret == -EMEDIUMTYPE || ret == -EALREADY) {
ret = 0;
continue;
}
diff --git a/lib/Kconfig b/lib/Kconfig
index 189e6eb..568892f 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -438,10 +438,6 @@ config TPM
bool "Trusted Platform Module (TPM) Support"
depends on DM
imply DM_RNG
- select SHA1
- select SHA256
- select SHA384
- select SHA512
help
This enables support for TPMs which can be used to provide security
features for your board. The TPM can be connected via LPC or I2C
generated by cgit v1.1 at 2024-06-29 08:50:49 +0000