Adding support for clearing an existing
derived key.
Change-Id: I6e6c8718696aa7ae29cf9ec0429b9c90c074f62d
Signed-off-by: Hariharan K <quic_harihk@quicinc.com>
A new SCM has been added in TZ to support AES 128 byte context length.
Updated aes driver to add the same. Added new command as mentioned
below for 128 byte context length.
derive_aes_256_max_ctxt_key 0x2 0x20 0x41000000 0x80
Note: This new SCM call has been introduced since initial SCM call does not
derive keys the same way as Linux Fscrypt feature (128 byte context length)
Signed-off-by: Poovendhan Selvaraj <quic_poovendh@quicinc.com>
Change-Id: Ie71fc0e9b3c0b0d01995745bb61cd2d82f07eb85
Add support to increase context length if tz supports
128 bytes context length else fall back to old method.
Signed-off-by: Poovendhan Selvaraj <quic_poovendh@quicinc.com>
Change-Id: Ieded2c0139152e82011f792e91b875548fd29251
ipq5332 is a TME-L based platform in which before
encrypt/decrypt, we are required to derive a key
handle.
This patch adds support for the same.
Change-Id: I28b327611b62381542086d6d599c4a0195525aca
Signed-off-by: Poovendhan Selvaraj <quic_poovendh@quicinc.com>
(cherry picked from commit e15df34ac8)
In Kernel, we are seeing rare PCIe enumeration failure and suspecting
U-boot PCIe enumeration (Gen1) could impact. Hence skipping the PCIe
enumeration during the board_init and added it after autoboot is stopped.
Change-Id: I9c43b4da07ddd7e44f8c58a51dfd44701590f59b
Signed-off-by: Praveenkumar I <quic_ipkumar@quicinc.com>
Variable _load_end_ points to end address of uncompressed buffer
(*not* uncomress_buffer_end / sizeof(ulong)), so multipling uncompressed
size with sizeof(ulong) is grossly incorrect in flush_cache().
It might lead to access of address beyond valid memory range and hang the CPU.
Tested on MIPS architecture by using compressed(gzip, lzma)
and uncompressed uImage.
Signed-off-by: Purna Chandra Mandal <purna.mandal@microchip.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Signed-off-by: POOVENDHAN SELVARAJ <quic_poovendh@quicinc.com>
Change-Id: Ia93bfc549e348e655a748a24f59b38a0f80659ce
(cherry picked from commit 8d4f11c203)
Adding a new command 'flupdate' to change the flash type
to mmc/nand/nor. flupdate set will set the flash type to
the provided type. flupdate clear will reset the flash
type to default.
Command usage:
flupdate set mmc/nand/nor
flupdate clear
Change-Id: Ib328cc1fea0b37f27e6479d55fce08365fbfcf69
Signed-off-by: Hariharan K <quic_harihk@quicinc.com>
After mibib reload kernel and rootfs info have to be reloaded using
get_kernel_fs_part_details function otherwise partitions
will be marked as bad offset
Change-Id: I9a0ec847b65ff10ec7b54b65929efd034a25d278
Signed-off-by: Timple Raj M <quic_timple@quicinc.com>
This patch increases the filename size to avoid truncation while
running flash script in verbose mode
Change-Id: I245f4ee0ae83fc88de4833a178b1e1e96107f486
Signed-off-by: Timple Raj M <quic_timple@quicinc.com>
This patch adds SMEM_BOOT_NO_FLASH condition for emmc flash type to
flash 0:GPT and 0:GPTBACKUP while flashing single image
using jtag_recovery.cmm
Change-Id: I176760335d5e980b8493e9236e410b78040c5a06
Signed-off-by: Timple Raj M <quic_timple@quicinc.com>
These are used in multiple places so update them to use a shared #define.
Change-Id: I3cc304f04c56c9d1a22df46e68f601b5acd2b34e
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
Signed-off-by: Md Sadre Alam <quic_mdalam@quicinc.com>
At present bootm_host_load_images() is passed the configuration that has
been verified, but ignores it and just uses the default configuration.
This may not be the same.
Update this function to use the selected configuration.
Change-Id: I020baa9321a88348478f1acef8a89e28ec94f3e9
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Md Sadre Alam <quic_mdalam@quicinc.com>
It is currently possible to use a different configuration's signature and
thus bypass the configuration check. Make sure that the configuration node
that was hashed matches the one being checked, to catch this problem.
Also add a proper function comment to fit_config_check_sig() and make it
static.
Change-Id: Ida4ccc296c95ad2b32ff87cb4b98512fcad4bb54
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Md Sadre Alam <quic_mdalam@quicinc.com>
This function only returns an error message sometimes. Update it to always
return an error message if one is available. This makes it easier to see
what went wrong.
Change-Id: I3696b20cff57914ef6ff7cbca3861ba5080be15e
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Md Sadre Alam <quic_mdalam@quicinc.com>
It is useful to be a little more specific about what is being
checked. Update a few messages to help with this.
Change-Id: I1318a9da01646b5fedf1d22e3119efdbd3e7a99e
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Md Sadre Alam <quic_mdalam@quicinc.com>
added boot type based nand or emmc flash selection.
So machid based flash selection becomes obsolete.
Change-Id: I96fa43d31d23397fa249e02f62b905d6e4e67770
Signed-off-by: Rajkumar Ayyasamy <quic_arajkuma@quicinc.com>
xtract_n_flash $imgaddr $filename $part_name
can be used instead of the below set of cmds
imxtract $imgaddr $filename
flash $part_name
This patch also takes page_size, block_size
and chip_size as arguments of mibib_load cmd
Change-Id: Iaf1ed33a2281029ad151f00ce5416648e513de56
Signed-off-by: Rajkumar Ayyasamy <quic_arajkuma@quicinc.com>
Adding a new command mibib_reload to
populate the partition table info from
mibib binary
Change-Id: I3f08fc07ea55f1bbd90dc28d8f459d108f86bc0e
Signed-off-by: Timple Raj M <quic_timple@quicinc.com>
This patch adds the flash support
for gpt and gpt_backup in flash command
flash 0:GPT
flash 0:GPTBACKUP
Change-Id: I9101b27989acc84da25f010f6c73674d6717d54c
Signed-off-by: Timple Raj M <quic_timple@quicinc.com>
It was observed that on Intel MinnowMax board, when xHCI is enabled
in the BayTrail SoC, with a USB 3.0 device connected to the bottom
USB 3.0 port (mapped to xHCI root port #7), its PORTSC register is
always 0x201203 (CCS = 1, CSC = 0). The root cause of such behavior
is unknown yet. Connect status change bit is set on the same port
with a USB 2.0 device (mapped to xHCI port #1, which is a different
port on the root hub).
With current logic in usb_scan_port(), the enumeration process will
abort if it does not detect a connect status change on a hub port.
However since a device connection status is correctly reported, the
enumeration process can still continue.
With this change, USB device connected to the bottom blue port on
MinnowMax board can be enumerated under either SS or HS mode.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Tested-by: Dinh Nguyen <dinguyen@kernel.org>
(cherry picked from commit f7a9e5dd03)
Signed-off-by: Praveenkumar I <quic_ipkumar@quicinc.com>
Change-Id: Ib1acbebaabce8287afe83c658dcd472e2cfae1d5
This patch changes the USB port scanning procedure and timeout
handling in the following ways:
a)
The power-on delay in usb_hub_power_on() is now reduced to a value of
max(100ms, "hub->desc.bPwrOn2PwrGood * 2"). The code does not wait
using mdelay, instead usb_hub_power_on() will wait before querying
the device in the scanning loop later. The total timeout for this
hub, which is 1 second + "hub->desc.bPwrOn2PwrGood * 2" is calculated
and will be used in the following per-port scanning loop as the timeout
to detect active USB devices on this hub.
b)
Don't delay the minimum delay (for power to stabilize) in
usb_hub_power_on(). Instead skip querying these devices in the scannig
loop until the delay time is reached.
c)
The ports are now scanned in a quasi parallel way. The current code did
wait for each (unconnected) port to reach its timeout and only then
continue with the next port. This patch now changes this to scan all
ports of all USB hubs quasi simultaneously. For this, all ports are added
to a scanning list. This list is scanned until all ports are ready
by either a) reaching the connection timeout (calculated earlier), or
by b) detecting a USB device. This results in a faster USB scan time as
the recursive scanning of USB hubs connected to the hub that's currently
being scanned will start earlier.
One small functional change to the original code is, that ports with
overcurrent detection will now get rescanned multiple times
(PORT_OVERCURRENT_MAX_SCAN_COUNT).
Without this patch:
starting USB...
USB0: USB EHCI 1.00
scanning bus 0 for devices... 9 USB Device(s) found
time: 20.163 seconds
With this patch:
starting USB...
USB0: USB EHCI 1.00
scanning bus 0 for devices... 9 USB Device(s) found
time: 1.822 seconds
So ~18.3 seconds of USB scanning time reduction.
Signed-off-by: Stefan Roese <sr@denx.de>
Acked-by: Hans de Goede <hdegoede@redhat.com>
Tested-by: Stephen Warren <swarren@nvidia.com>
(cherry picked from commit c998da0d67)
Signed-off-by: Praveenkumar I <quic_ipkumar@quicinc.com>
Change-Id: I520082122370dda5b1de63c2ebee0f9a63fdef92
ipq9574 is a TME-L based platform in which before
encrypt/decrypt, we are required to derive a key
handle.
This patch adds support for the same.
Change-Id: I583cee87607af2ab6461b429830cb8ff43cc44d4
Signed-off-by: Selvam Sathappan Periakaruppan <quic_speriaka@quicinc.com>
Certain boards come in different variations by way of utilizing daughter
boards, for example. These boards might contain additional chips, which
are added to the main board's busses, e.g. I2C.
The device tree support for such boards would either, quite naturally,
employ the overlay mechanism to add such chips to the tree, or would use
one large default device tree, and delete the devices that are actually
not present.
Regardless of approach, even on the U-Boot level, a modification of the
device tree is a prerequisite to have such modular families of boards
supported properly.
Therefore, we add an option to make the U-Boot device tree (the actual
copy later used by the driver model) writeable, and add a callback
method that allows boards to modify the device tree at an early stage,
at which, hopefully, also the application of device tree overlays will
be possible.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
(cherry picked from commit 2a792753d6)
Signed-off-by: Ram Kumar D <quic_ramd@quicinc.com>
Change-Id: I9a5fe4c6d681aaa5c68edd8a2a39d36bf2340fdf
Add failsafe boot support to recover from system hang.
Signed-off-by: anusha <anusharao@codeaurora.org>
Change-Id: I49e28a4e88aa16e564065d06f8701dc4f6cb3555
qpic_nand sbl -> to switch to 2K layout
qpic_nand linux -> to switch back to 4K layout
Currently this switch is enabled for IPQ9574
Signed-off-by: Rajkumar Ayyasamy <arajkuma@codeaurora.org>
(cherry picked from commit c9a1c10b2e35ba8f14dafc1f4c07aa5a07a01541)
Signed-off-by: Praveenkumar I <quic_ipkumar@quicinc.com>
Change-Id: I3e429b8cd5e600b4214c01d7949c01536f988e47
In this case, the variable sram_end(Base + Size)
will hold (0x40000000 + 0xC0000000) and will overflow
32bits. Update the variable type to u64.
Change-Id: Iadf008c0ace552b793b9424e5c9ded0873599a64
Signed-off-by: anusha <anusharao@codeaurora.org>
This patch clears the ubi_initialized flag after doing ubi_exit since
there can be chance to ubi_int failure, but still ubi_initialized flag
will be set. This will result in doing ubi_exit again and uboot crash.
This patch also doing put_mtd_device after deleting mtd partition to
make the ref count to zero.
Signed-off-by: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
Change-Id: I5a875ec82266db6b09045602b5d1b3fe47d4bd58
- u-boot text region + pgtable requires
800KB. Hence adjusted text base address
to 0x4A92000, so that the text region + pgtable
fits at the last 800KB of 2MB memory space, leaving
200KB above them for other regions
- Size of Heap region is reduced to 1MB from 1.5MB
- Maple uses gmac controller for Ethernet DMA process,
which does not require non-cached memory, hence we
can avoid reserving 1MB for noncached memory and the
same can used for other components.
- Right now, 256KB of memory was used from stack
for env reloc/save functionalities which makes the
SP extend beyond 2MB. Hence, modified them to
allocate memory from Heap.
- With this patchset, the u-boot fits into 2MB space
and the rest 2MB can be used for other components
Change-Id: I962d86d81b1c52cbef575f974924d16ec6e3db89
Signed-off-by: Karthick Jeyaraman <kjeyaram@codeaurora.org>
This changes add CONFIG_CMD_NAND flags in flash command and smem
source file to eliminate nand specific source if CONFIG_CMD_NAND
is not defined.
This changes replace CONFIG_IPQ_MTD_NOR with CONFIG_MTD_DEVICE flag
Signed-off-by: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
Change-Id: I612ae89c3730dc86f2693088fb4cb5c10763165d
Encryptio/Decryption
- For encryption/decryption, plain data/
encrypted date has to be written to memory
directly using mw command along with
ivadata, type and mode
- Implemented new uboot command "aes_256"
to receive the memory address where the
above data is written to
- Perfom basic sanity check against the data
received and send them to secure world through
scm calls
- This is supported only for HK/CYP, hence not
implemented for TZ running in 32bit mode
Change-Id: I589a15025cd248cf5792f13ea435c5c5b64c6066
Signed-off-by: Karthick Jeyaraman <kjeyaram@codeaurora.org>
This changes update env_flash variable to currently updated memory location
by sf probe. So this will avoid accessing of outdated memory location.
Signed-off-by: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
Change-Id: Ib97c485f3c738d5501ee1cdb62c5ebbf421e8d14
This changes fixup the mtdparts without support of
MTD framework,This code read the partition details from env
variable and patch to kernel dts.
Change-Id: I829808620c35b57973dc0ae015131bc5019c4844
Signed-off-by: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
This changes remove nand command and Env support
Signed-off-by: Vandhiadevan Karunamoorthy <vkarunam@codeaurora.org>
Change-Id: I6c59f8259306ef79499420afe4da17a2674e98be
