Eric Lee / smarc-uboot

27 May, 2020

1 commit

  • 7b3604d96   MLK-18577-3 armv8: xen: add console write hypercall ... Browse Code »

    Introduce console write hypercall to let Uboot could directly
    output with xen console, this needs CONFIG_VERBOSE_DEBUG
    enabled in xen.

    Because input is not a must requirement in android VM,
    and develop pvconsole needs more efforts, so let's use
    this hypercall first.

    Signed-off-by: Peng Fan
    (cherry picked from commit 8836c3104a1edfe542e0c1cef6690bc9d3d842a0)
    (cherry picked from commit aea71150857d4617009730683c95d858acb43392)
    (cherry picked from commit 3173d3ac39bed27a3197829ea13ffce5a89b07ac)
    (cherry picked from commit 8ece41f15c8d9c407ab0946fa28ba7365419c030)

    Peng Fan
     

20 May, 2020

1 commit

19 May, 2020

4 commits

  • b92ddc44e   MLK-24069: dts: arm: imx8mm: ab2 fix enet phy addr ... Browse Code »

    Fix fec phy addr for network support on imx8mn/imx8mn
    audio board 2 targets

    Reviewed-by: Ye Li
    Signed-off-by: Adrian Alonso
    (cherry picked from commit cef3045bd7cc620051c8dd8e9248157d19b4514f)

    Adrian Alonso
     
  • 9511d413e   MLK-24057: configs: imx8mm ab2 increase enet phy timeout ... Browse Code »

    Increase timeout to allow phy net negotiation for
    imx8mm/imx8mn audio board 2.0 targets

    Reviewed-by: Ye Li
    Signed-off-by: Adrian Alonso
    (cherry picked from commit 4624ee792fc3e46bc40c63b7675e73cd87f9c01c)

    Adrian Alonso
     
  • 071f1bdea   MA-17046-1 Show orange warning for unlocked device ... Browse Code »

    According to the google boot flow, an orange warning should
    be displayed on UNLOCKED device to reminder the users of the
    potential risks.

    This commit will show an orange warning logo and warning text
    on the screen, it shall be dismissed after 3 seconds, users
    can also skip it by pressing the ON-OFF button.

    Config 'CONFIG_AVB_WARNING_LOGO_COLS' and 'CONFIG_AVB_WARNING_LOGO_ROWS'
    define the (x, y) position of the warning logo, its default
    value is for 1080*720 resolution display and can be overridden.

    Test: Orange warning logo show on all imx8m/imx8q platfroms.

    Change-Id: I607edb3da039b47ddfac681f855834d8da187af8
    Signed-off-by: Ji Luo

    Ji Luo
     
  • 36a06d13e   MA-17154 Enable splash screen for Android ... Browse Code »

    Open configs to enable splash screen feature for standard
    android.

    Test: Splash screen show on all imx7ulp/imx8/imx8m platfroms.

    Change-Id: Ie54aa6b1fa2ff0d9a14f9b28a7bec4de5a98d422
    Signed-off-by: Ji Luo

    Ji Luo
     

18 May, 2020

16 commits

  • e0f8c7f6f   MA-17129 Android: Add imx7ulp/imx8/imx8m reference boards support ... Browse Code »

    Add board level support and configs for standard android and android automotive,
    each board has android/android auto specific header files include.

    Test: boot/fastboot/avb/AB switch/trusty test.

    Change-Id: I3beb84f251451d0003f0ef44d0cba51d0d773ca3
    Signed-off-by: Ji Luo

    Ji Luo
     
  • 8cb9cd7e4   MA-16457-2 support reboot-fastboot command in u-boot ... Browse Code »

    Android implement the userspace fastboot in Android Recovery.
    Follow Google's spec, added below 2 fastboot command support:
    * fastboot getvar is-userspace
    * fastboot reboot fastboot

    TEST: fastboot commands.

    Change-Id: Ib6047413be0a45b3c00626cdb8594809eb8a2b6b
    Signed-off-by: Haoran.Wang
    (cherry picked from commit 314bded076dfc3e544cc7094ce3f6c4c330be4dd)

    Haoran.Wang
     
  • cbbddffaf   MA-15715-1 Refine trusty logs ... Browse Code »

    Refine trusty logs output to make it more
    simple.

    Test: boots.

    Change-Id: Id94fc245206c5f78e0dbcb0baf5db6475c9f744d
    Signed-off-by: Ji Luo
    (cherry picked from commit a50b4fca22111fe7b85b5584ff317db55d664c50)

    Ji Luo
     
  • 2380630c9   MA-15575-3 Add support for oemlock 1.0 hal ... Browse Code »

    Add commands to read oem device unlock state from
    trusty avb app. Use the oem device unlock state to
    determine if the device can be unlocked instead of
    the state in persistdata part.

    Test: Read oem device unlock state from avb app.

    Change-Id: Ifccaa788ba0f681c2b3a47151c8474e8da5a2559
    Signed-off-by: Ji Luo
    (cherry picked from commit c6eaf8e32987f120c0c5441ea39aa0f39a65b50d)

    Ji Luo
     
  • 4bab52fe8   MA-15321-3 Support secure unlock feature ... Browse Code »

    Decrypt and verify the secure credential in keymaster TA, unlock
    operation can only be allowed after secure credential verify pass.

    Since the mppubk can only be generated on hab closed imx8q, so secure
    unlock feature can only supported when hab is closed.

    Test: secure unlock credential verify on hab closed imx8mm_evk.

    Change-Id: I1ab5e24df28d1e75ff853de3adf29f34da1d0a71
    Signed-off-by: Ji Luo
    (cherry picked from commit 631149fc0fc8ce035311949db643c2708e41435a)

    Ji Luo
     
  • 9ad629beb   MA-15321-2 Add command to get serial number ... Browse Code »

    Add commands to support extract serial number from device.
    Commands:
    $ fastboot oem get-serial-number
    $ fastboot get_staged

    Test: serial number upload on imx8mm.

    Change-Id: I5c905ab797d4fd28d76c8403914f191eaf2ef687
    Signed-off-by: Ji Luo
    (cherry picked from commit 250ef119c1dc02908046113893df5eeb9ef40605)

    Ji Luo
     
  • e543be2df   MA-15158 Set spl recovery mode for dual bootloader ... Browse Code »

    The A/B slot selection is moved to spl, it may lead to hang
    if no bootable slots found. The only way to recover the board
    is re-flash images with uuu tool, which is quite inconvenient
    for some customers who can't enter serial download mode.

    This patch will set "spl recovery mode" which will give us a
    chance to re-flash images with fastboot commands.

    Test: Enter spl recovery mode and flash images when no bootable
    slots found.

    Change-Id: I31278f5212bde7609fe2f49e77b3849e92c0c516
    Signed-off-by: Ji Luo
    (cherry picked from commit 46cc755cf3f42422ee1d7783394e14e8125df2b6)

    Ji Luo
     
  • 1411f5bb8   MA-15151 Limit some hwcrypto commands within bootloader ... Browse Code »

    It can be dangerous to export some hwcrypto commands to Linux,
    add commands to limit some commands within bootloader.

    Test: hwcrypto commands can't be used after locking boot state.

    Change-Id: Ib0a96a87f661778c133178840d8dccf49f151c22
    Signed-off-by: Ji Luo
    (cherry picked from commit 3fc3f521957677b1f363624494ed866985a25505)

    Ji Luo
     
  • 0532229ce   MA-15017 Add new command to generate bkek from trusty ... Browse Code »

    Add new command to generate bkek from trusty.

    Test: generate and dump bkek.

    Change-Id: I6b2a30b87c755eecd00ced7c53cfb86e432040de
    Signed-off-by: Ji Luo
    (cherry picked from commit 6c1087c030de491a12b7f1be9d332f30ba27d183)

    Ji Luo
     
  • bb4943cae   MA-15015 Add sha256_hmac support ... Browse Code »

    Add sha256 hmac support in u-boot.

    Test: hmac calculation.

    Change-Id: I0f1438fed8290620a1bb0663d19c21e20098eb5a
    Signed-off-by: Ji Luo
    (cherry picked from 1e06de6ef23c1ae9d51383f3c57bb045ea180c03)

    Ji Luo
     
  • 6ada408d7   MA-15142 Support secure attestation provision ... Browse Code »

    In host end, need encrypt the attestation keys and certs
    by manufacture protection public key though AES-128-ECB.
    Then use below 4 set of commands to provision encrypted
    RSA attestation and EC attestation:
    * $fastboot stage atte_rsa_key.bin
    * $fastboot oem set-rsa-atte-key-enc
    * $fastboot stage atte_rsa_cert.bin
    * $fastboot oem append-rsa-atte-cert-enc
    * $fastboot stage atte_ec_key.bin
    * $fastboot oem set-ec-atte-key-enc
    * $fastboot stage atte_ec_cert.bin
    * $fastboot oem append-ec-atte-cert-enc

    Change-Id: I8a7c64004a17f7dde89f28c3123a2e2b1a6d3346
    Signed-off-by: Haoran.Wang
    (cherry picked from commit 58965915dd69050429142d3d180c75e98ad14788)

    Haoran.Wang
     
  • 6b09b4240   MA-15019-1 Support Manufacture Protection public key generation ... Browse Code »

    Add new keymaster commands to get Manufacure Production key (mppubk).
    Since the mppubk can only be generated in OEM CLOSED imx8q board, so
    we can only use this command when the board is HAB/AHAB closed.

    Commands to extract the mppubk:
    * $fastboot oem get-mppubk
    * $fastboot get_staged mppubk.bin

    Test: Generate and dump the mppubk.bin

    Change-Id: Idc59e78ca6345497e744162664b8293f50d1eda4
    Signed-off-by: Ji Luo
    (cherry picked from commit 52300d644a275dfa4fe73ecb51601a8efaff8ab7)

    Ji Luo
     
  • 90539a1e7   MA-15062-2 change mcu firmware partition name ... Browse Code »

    new imx8mn chips have Cortex-M7 inside, not like any other existing
    multi-core i.MX MPU, users may manually flash mcu firmware with
    fastboot, partition name need to be specified at the same time, so the
    mcu firmware partition name need to be changed. related enum and
    variable names are also modified.

    Change-Id: Ia801e76fb3a20d0074dbbc1433258358c1a53907
    Signed-off-by: faqiang.zhu
    Signed-off-by: Ji Luo
    (cherry picked from commit dc25b7b27fa5c2293d09789a338a1aed2e3a010f)

    Ji Luo
     
  • 8802568e3   MA-15062-1 change names of MACROs used to boot MCU on imx8m devices ... Browse Code »

    new imx8mn chips have Cortex-M7 inside, not like other imx8m devices
    of imx8mm and imx8mq which have Cortex-M4 inside. the names of MACROs
    used to boot MCU on imx8m devices is modified to make them more common
    to cover M4 and M7.
    annotations are also modified based on the differences between M4 and
    M7.

    Change-Id: Ida272e6ecdf577eeaadb9f1242f4524bd1014cac
    Signed-off-by: faqiang.zhu
    (cherry picked from commit eb825f8d4fbc2289b9ccf8f457fcba04922c8259)

    faqiang.zhu
     
  • ed915f7d4   MA-14916-4 support dual bootloader for imx8m/imx8q ... Browse Code »

    This commit enables dual bootloader feature for imx8m/imx8q, but
    as commit 'a2018ab' already brings in some dual bootloader codes
    when enabling fastboot support, so this commit won't be a complete
    and standalone patch to introduce the dual bootloader feature.

    This commit will do the following:
    1. clean up dual bootloader flow and add missing implementation.
    2. Merge the dual bootloader entry for fit and container to one
    function 'mmc_load_image_raw_sector_dual_uboot'.

    Change-Id: Ic9410a48092cc05de599dd897fc912177e2a1fe1
    Signed-off-by: Ji Luo

    Ji Luo
     
  • 648a4c537   MA-14916-8 [iot] Set power-on write protection for boot1 partition ... Browse Code »

    The RPMB keyslot is stored in last block of boot1 partition which
    is easily erased or tampered, set power-on write protection for this
    partition to prevent corruption.

    Test: Power-on write protection works as expected on imx8m.

    Change-Id: Ib7e1094b979f7d94c0a2817391c5b3b5f3205d76
    Signed-off-by: Luo Ji
    (cherry picked from commit c7e207fbbcd8618d29b1192829c630777fea5220)

    Luo Ji
     

15 May, 2020

1 commit

13 May, 2020

2 commits

11 May, 2020

15 commits