Eric Lee / smarc-uboot

22 May, 2020

1 commit

  • 292b88d4d   MA-17226 Invalidate the dcache after DMA operation ... Browse Code »

    The main memory contents can spontaneously come to the cache due to
    the speculative memory access by the CPU, this may cause coherency
    problem if this happens during the DMA operaion is on-going.

    Invalidate the dcache range after DMA opeartion but before the main
    memory read to avoid coherency problem.

    Test: reboot test.

    Change-Id: I93824deab9285b5478669e0a311e0b338bf02f8a
    Signed-off-by: Ji Luo

    Ji Luo
     

21 May, 2020

1 commit

  • d0f64bb82   MA-17159 Implement bootloader menu for imx7ulp ... Browse Code »

    According to the spec of android wear, the device MUST provides a
    bootloader menu for debugging purpose.

    This commit implements a simple bootloader menu based on imx7ulp_evk
    revb board, the menu will show when booting with 'VOL+' key pressed,
    users can press "VOL+" to choose the item, then press "ONOFF" key to
    confirm.

    Test: bootloader menu show on imx7ulp_evk revb.

    Change-Id: I80638a43afa17e312e633b05888c62440380b42b
    Signed-off-by: Ji Luo

    Ji Luo
     

19 May, 2020

1 commit

  • 071f1bdea   MA-17046-1 Show orange warning for unlocked device ... Browse Code »

    According to the google boot flow, an orange warning should
    be displayed on UNLOCKED device to reminder the users of the
    potential risks.

    This commit will show an orange warning logo and warning text
    on the screen, it shall be dismissed after 3 seconds, users
    can also skip it by pressing the ON-OFF button.

    Config 'CONFIG_AVB_WARNING_LOGO_COLS' and 'CONFIG_AVB_WARNING_LOGO_ROWS'
    define the (x, y) position of the warning logo, its default
    value is for 1080*720 resolution display and can be overridden.

    Test: Orange warning logo show on all imx8m/imx8q platfroms.

    Change-Id: I607edb3da039b47ddfac681f855834d8da187af8
    Signed-off-by: Ji Luo

    Ji Luo
     

18 May, 2020

21 commits

  • 073cfa56e   MA-17144 Only do security check for rpmb key flashed boards ... Browse Code »

    Only check the bootloader rollback index and trusty keyslot package
    for rpmb key flashed boards.

    Test: boots on boards without rpmb key.

    Change-Id: I130e4d906c0f08d602eac820ec5612214e01ff55
    Signed-off-by: Ji Luo

    Ji Luo
     
  • cf3fba9b8   MA-16457-3 allow automotive to access system partition info ... Browse Code »

    dynamic partition feature is not enabled on automotive, so there is
    system partition in GPT, uboot for automotive need to get the info of
    this partition to generate the correct bootargs.

    And also, there is no commandline descriptor as "dm=***" in vbmeta image
    for standard Android after dynamic partition feature is enabled, so
    there is no need to use "strstr" to eleminate this from the bootargs.

    Change-Id: I51b3b92f5a22550602335cfc212831b263526f42
    Signed-off-by: faqiang.zhu

    faqiang.zhu
     
  • a6ea228bd   MA-16457-1 avoid to try to access system partition ... Browse Code »

    To enable dynamic partition feature, system partition will be a logic
    parition in "super" partition, uboot can't access system partition
    anymore.

    In i.MX Android use case, only vbmeta partition is used to verify other
    imags. boot and system are not used. so there is no need to access
    system partition to get avb device info, remove system partition from
    avb lib.

    Now, standard Android will boot with ramdisk in boot.img, there is no
    need to provide root info to kernel for standard Android. so only
    Android Auto will provide this info.

    Change-Id: I99a43eb8f7aa1dc635e3937c93266f881c9b3655
    Signed-off-by: faqiang.zhu
    (cherry picked from commit 3a2418a1cc097cd956347fc12b0b4e0566652bfd)

    faqiang.zhu
     
  • 9540f6290   MA-16203 Load boot/dtbo image to fixed memory ... Browse Code »

    Only limited heap memory is available on imx8q platforms due
    to some memory is reserved for m4 image. Commit cd67414 will
    free avb verify data and thus help decrease the heap memory
    consumption.

    But when the device is locked, avb will try to verify one slot
    first, it will continue to verify another if the first slot
    returns failure. Function load_full_partition() will alloc memory
    to load boot/dtbo images from heap (which is a big and continuous
    memory region), this memory will be freed if the first slot returns
    verify failure. but because part of the continous memory region
    will be used in following verify process, even total available memory
    is enough, u-boot can't find a continous memory region to load the
    boot/dtbo image for another slot and will return error "Failed to
    allocate memory".

    Instead, this commit use fixed memory region start from 96MB offset of
    CONFIG_FASTBOOT_BUF_ADDR to load the boot/dtbo images.

    Test: slot verify and A/B slot switch.

    Change-Id: Ifc83bed5a6be37196c0fd109d942eaf9b07b6a74
    Signed-off-by: Ji Luo
    (cherry picked from commit d13752e831957fb84c71f8ca24fd1979d3605cde)

    Ji Luo
     
  • 291755236   MA-16048 Fix imx8q u-boot hang ... Browse Code »

    Address 0x8880_0000 is reserved for M4 image on imx8q, which
    leaves limited memory region for the malloc pool. The avb
    will consume much heap memory to verify the kernel and dtbo
    image, memory conflicts may happen as the kernel/dtbo image
    size is getting larger.

    As the avb will load kernel/dtbo in every avb_slot_verify(), but
    will only free the memory after both slots are checked(if needed).
    And for trusty enabled platforms, extra heap memory will be used
    to do the hash calculation.

    This commit will free the slot memory once it's marked as unbootable
    and will use fixed memory started from CONFIG_FASTBOOT_BUF_ADDR to
    help store the data to do the hash calculation. With above change,
    we get a chance to decrease the malloc pool size.

    Test: boot on imx8qxp and imx8mm.

    Change-Id: Ia5cdaf9962ae1cb8b8e9bee5305205ec6d90b84a
    Signed-off-by: Ji Luo
    (cherry picked from commit 0a299eb1a4c8c929d069cb4a0d58a096c04f09f7)

    Ji Luo
     
  • fae9176d3   MA-16084 Wrap oem unlock permission protection feature ... Browse Code »

    Guard oem unlock permission protection feature with new config
    'CONFIG_TRUSTY_UNLOCK_PERMISSION', so we can enable or disable
    it as needed.

    Test: build and boot on imx8mm.

    Signed-off-by: Ji Luo
    (cherry picked from commit c664d8e8b94e9b6f66b2bf04d1be47e9b8a22978)

    Change-Id: If1db4b46ecac21b8f187854531704eaff2df30c4

    Ji Luo
     
  • c7a3cec99   MA-15814 Check 'successful_boot' flag before marking unbootable ... Browse Code »

    Slot will be marked as "unbootable" state if error happens during
    image load/verify process, this may cause the board never boot up
    if some random failures happen (like eMMC/DRAM access error at some
    critical temperature).

    Check the "successful_boot" flag before marking the slot as "unbootable",
    this will help ease the "no bootable slot" issue.

    Test: slot switch on imx8qm_mek.

    Signed-off-by: Ji Luo
    (cherry picked from commit 6db8ebe2224ab6656e8e798288bd1b3c0472c0c0)

    Change-Id: Ib060b11cc6687a3bacd09cecda7dd925beba6316

    Ji Luo
     
  • 2380630c9   MA-15575-3 Add support for oemlock 1.0 hal ... Browse Code »

    Add commands to read oem device unlock state from
    trusty avb app. Use the oem device unlock state to
    determine if the device can be unlocked instead of
    the state in persistdata part.

    Test: Read oem device unlock state from avb app.

    Change-Id: Ifccaa788ba0f681c2b3a47151c8474e8da5a2559
    Signed-off-by: Ji Luo
    (cherry picked from commit c6eaf8e32987f120c0c5441ea39aa0f39a65b50d)

    Ji Luo
     
  • 946769ebe   MA-15360 Verify vbmeta public key for non-trusty devices ... Browse Code »

    Don't skip vbmeta public key verify for non-trusty
    platforms.

    Test: boot on imx8mm.

    Change-Id: I4712e5dd6e5c8848468e9d85c6b38eb5fb11377f
    Signed-off-by: Ji Luo
    (cherry picked from commit 9b8264c89ccb3e9179a438e428ad79d72c7efe9b)

    Ji Luo
     
  • 4bab52fe8   MA-15321-3 Support secure unlock feature ... Browse Code »

    Decrypt and verify the secure credential in keymaster TA, unlock
    operation can only be allowed after secure credential verify pass.

    Since the mppubk can only be generated on hab closed imx8q, so secure
    unlock feature can only supported when hab is closed.

    Test: secure unlock credential verify on hab closed imx8mm_evk.

    Change-Id: I1ab5e24df28d1e75ff853de3adf29f34da1d0a71
    Signed-off-by: Ji Luo
    (cherry picked from commit 631149fc0fc8ce035311949db643c2708e41435a)

    Ji Luo
     
  • a36a63948   MA-15208 Remap mmc device id in spl ... Browse Code »

    MMC device id remap function "board_mmc_get_env_dev()" was
    removed in u-boot v2019 because we add the mmc device aliases
    in dts file. But we still need to remap the mmc device id in
    spl or read/write rpmb keyslot package will fail.

    This patch adds mmc device id remap function in spl to get the
    correct device id.

    Test: boot on imx8mm with trusty enabled.

    Change-Id: I41c46494326d9eb2658d2cda692968fb895d0292
    Signed-off-by: Ji Luo
    (cherry picked from commit c079188d06b3669df7836e1b8c6126558b1fa39e)

    Ji Luo
     
  • e543be2df   MA-15158 Set spl recovery mode for dual bootloader ... Browse Code »

    The A/B slot selection is moved to spl, it may lead to hang
    if no bootable slots found. The only way to recover the board
    is re-flash images with uuu tool, which is quite inconvenient
    for some customers who can't enter serial download mode.

    This patch will set "spl recovery mode" which will give us a
    chance to re-flash images with fastboot commands.

    Test: Enter spl recovery mode and flash images when no bootable
    slots found.

    Change-Id: I31278f5212bde7609fe2f49e77b3849e92c0c516
    Signed-off-by: Ji Luo
    (cherry picked from commit 46cc755cf3f42422ee1d7783394e14e8125df2b6)

    Ji Luo
     
  • 1411f5bb8   MA-15151 Limit some hwcrypto commands within bootloader ... Browse Code »

    It can be dangerous to export some hwcrypto commands to Linux,
    add commands to limit some commands within bootloader.

    Test: hwcrypto commands can't be used after locking boot state.

    Change-Id: Ib0a96a87f661778c133178840d8dccf49f151c22
    Signed-off-by: Ji Luo
    (cherry picked from commit 3fc3f521957677b1f363624494ed866985a25505)

    Ji Luo
     
  • 0532229ce   MA-15017 Add new command to generate bkek from trusty ... Browse Code »

    Add new command to generate bkek from trusty.

    Test: generate and dump bkek.

    Change-Id: I6b2a30b87c755eecd00ced7c53cfb86e432040de
    Signed-off-by: Ji Luo
    (cherry picked from commit 6c1087c030de491a12b7f1be9d332f30ba27d183)

    Ji Luo
     
  • bb4943cae   MA-15015 Add sha256_hmac support ... Browse Code »

    Add sha256 hmac support in u-boot.

    Test: hmac calculation.

    Change-Id: I0f1438fed8290620a1bb0663d19c21e20098eb5a
    Signed-off-by: Ji Luo
    (cherry picked from 1e06de6ef23c1ae9d51383f3c57bb045ea180c03)

    Ji Luo
     
  • 6ada408d7   MA-15142 Support secure attestation provision ... Browse Code »

    In host end, need encrypt the attestation keys and certs
    by manufacture protection public key though AES-128-ECB.
    Then use below 4 set of commands to provision encrypted
    RSA attestation and EC attestation:
    * $fastboot stage atte_rsa_key.bin
    * $fastboot oem set-rsa-atte-key-enc
    * $fastboot stage atte_rsa_cert.bin
    * $fastboot oem append-rsa-atte-cert-enc
    * $fastboot stage atte_ec_key.bin
    * $fastboot oem set-ec-atte-key-enc
    * $fastboot stage atte_ec_cert.bin
    * $fastboot oem append-ec-atte-cert-enc

    Change-Id: I8a7c64004a17f7dde89f28c3123a2e2b1a6d3346
    Signed-off-by: Haoran.Wang
    (cherry picked from commit 58965915dd69050429142d3d180c75e98ad14788)

    Haoran.Wang
     
  • 6b09b4240   MA-15019-1 Support Manufacture Protection public key generation ... Browse Code »

    Add new keymaster commands to get Manufacure Production key (mppubk).
    Since the mppubk can only be generated in OEM CLOSED imx8q board, so
    we can only use this command when the board is HAB/AHAB closed.

    Commands to extract the mppubk:
    * $fastboot oem get-mppubk
    * $fastboot get_staged mppubk.bin

    Test: Generate and dump the mppubk.bin

    Change-Id: Idc59e78ca6345497e744162664b8293f50d1eda4
    Signed-off-by: Ji Luo
    (cherry picked from commit 52300d644a275dfa4fe73ecb51601a8efaff8ab7)

    Ji Luo
     
  • c57f6effc   MA-15181 use correct API in SPL to get mmc index ... Browse Code »

    Due SPL doesn't have env, so cannot use mmc_get_env_dev() get
    the mmc index.
    Following spl_mmc.c get correct mmc index in SPL.

    Change-Id: I0f07a9ea35d5b3ba0d638af436238d0cfe925981
    Signed-off-by: Haoran.Wang
    (cherry picked from commit 6e4753b4dc0c5bde5aa573b42cb6b7caa6a95bc9)

    Haoran.Wang
     
  • ed915f7d4   MA-14916-4 support dual bootloader for imx8m/imx8q ... Browse Code »

    This commit enables dual bootloader feature for imx8m/imx8q, but
    as commit 'a2018ab' already brings in some dual bootloader codes
    when enabling fastboot support, so this commit won't be a complete
    and standalone patch to introduce the dual bootloader feature.

    This commit will do the following:
    1. clean up dual bootloader flow and add missing implementation.
    2. Merge the dual bootloader entry for fit and container to one
    function 'mmc_load_image_raw_sector_dual_uboot'.

    Change-Id: Ic9410a48092cc05de599dd897fc912177e2a1fe1
    Signed-off-by: Ji Luo

    Ji Luo
     
  • a845c7674   MA-14916-7 comply with mmc struct definition in avb library ... Browse Code »

    Driver Module may be used in SPL, with CONFIG_BLK enabled for U-Boot,
    CONFIG_SPL_BLK will be enabled, struct mmc definition will be different.
    comply with that mmc struct definition in fsl_avbkey.c file to handle
    conditions when DM is used in SPL.

    Change-Id: I632600556e764b25228ba467a5e5141cf3fc3dfe
    Signed-off-by: faqiang.zhu
    (cherry picked from commit de905a8a3c6dfdf9241a188b2e22c76dbef851c1)

    faqiang.zhu
     
  • e9bcb2537   MA-14916-1 adapt to the directory change of libavb ... Browse Code »

    libavb is now under the directory of lib/, not lib/avb/ as before, to
    adapt to this change, some modifications are made:
    1. header file inclusion change, including parameter of -I option in
    Makefile
    2. remove fsl_avb_sysdeps_uboot.c as the functions have been defined in
    avb_sysdeps_posix.c.

    Change-Id: I4216e3ddb4e3e810783e4f46b953eda510c2627b
    Signed-off-by: faqiang.zhu
    Signed-off-by: Ji Luo
    (cherry pick from 58010b99560eea2027dd39909eb5b35404e6030e)

    faqiang.zhu
     

27 Apr, 2020

7 commits

  • 09d565c4a   MLK-22035-1 lmb: Add lmb_reserve_overlap for fdt reserved memory ... Browse Code »

    Previous patch "MLK-21885 lmb: Handle the overlap case for lmb reserve" adds
    the overlap support to lmb reserve. However, u-boot has some places to use the
    lmb_reserve when allocating memory in loading images. If we allowed overlap
    in this function, it means images loading address can overlap each other and
    cause the address check mechanism not work.

    So add another function to allow overlap and only use it for fdt reserved-memory
    nodes. The FDT reserved-memory is ok to merge with other reserved memory, since
    this won't break image loading address check.

    Signed-off-by: Ye Li
    (cherry picked from commit 2109dc2a4da592003ec62820f5bdfb6bd0899805)

    Ye Li
     
  • 2876d2923   MLK-21885 lmb: Handle the overlap case for lmb reserve ... Browse Code »

    lmb reserve is used to reserve some memory so that when loading images
    (like kernel, dtb, initrd), images won't be loaded into the reserved memory.

    The problem in current lmb is it does not handle the overlap case. When adding
    a new reserved memory, if the memory region is overlap with regions already been
    added in lmb, it will fail. One example is reserved memory in DTB may overlap with
    u-boot relocate address. lmb reserves the u-boot relocate address firstly, so when
    adding reserved memory from DTB, we will meet failure.

    Actually if we handle the overlap case, we can resolve the overlap by using a max
    common region for the overlap regions. So that this case won't fail.

    Signed-off-by: Ye Li
    Reviewed-by: Peng Fan
    (cherry picked from commit 37d86c68816dffde3dc8dcda5b9d67a195b2f9c2)

    Ye Li
     
  • dd33947fa   MLK-20356-1 common: Fix resource leak in sparse image writting ... Browse Code »

    Fix coverity issue CID 18031: Resource leak (RESOURCE_LEAK)
    leaked_storage: Variable fill_buf going out of scope leaks the storage it points to

    Should free the fill_buf before function return.

    Signed-off-by: Ye Li
    (cherry picked from commit bc23ae569c7aaea338648c000b7b733b09eb735a)
    (cherry picked from commit 0a496da0851e981b0ab19338145fcb622762af94)

    Ye Li
     
  • a24fc810e   MLK-19969 fastboot: write to wrong position when size bigger than 4GB ... Browse Code »

    chunk_data_sz = sparse_header->blk_sz * chunk_header->chunk_sz;
    All is uint32. chunk_data_sz may be bigger than 4G.

    Change chunk_data_sz to 64bit.
    force chunk_header->chunk_sz and sparse_header->blk_sz to 64bit.

    Signed-off-by: Frank Li
    Acked-by: Ye Li
    (cherry picked from commit 08090670625c4ccf86dbc9157dad4799f3669fb7)
    (cherry picked from commit af09befee9c55525a6bc9844904048c324db7261)

    Frank Li
     
  • 8c955dd97   MLK-18591-4 android: iot: Import ql-tipc lib for Trusty OS ... Browse Code »

    The lib provided ql-tipc communication channel with
    Trusty OS.
    Also the AVB, Keymaster, hwcrypto and SecureStorage service
    tipc client implement in this lib.

    Change-Id: I0ab1ec9ee1b6f272b960c2e944008283c2c9249a
    Signed-off-by: Haoran.Wang
    (cherry picked from commit 8fb370dd80fbb293b58115d2e7fc4970813773c7)
    (cherry picked from commit 0ccdd527a794c2b450658980361a7857ce7495c9)
    (cherry picked from commit ffca28682c5a9375c29b3036a156aff190341960)

    Haoran.Wang
     
  • a2018ab0d   MLK-18591-3 android: Add FSL android fastboot support ... Browse Code »
    12

    Porting the FSL android fastboot features from imx u-boot v2018.03 to
    support all SoCs: imx6/imx7/imx7ulp/imx8/imx8m.

    The UUU commands like UCmd and ACmd are also added. Users need set
    CONFIG_FASTBOOT_UUU_SUPPORT=y to enable the feature.

    Signed-off-by: Frank Li
    Signed-off-by: Ye Li
    (cherry picked from commit 65120b06a7f750b9b1a6e0db3d2082cc7088d5a8)
    (cherry picked from commit 9b149c2a28829fe7017f83981d634157bc31cc94)

    Ye Li
     
  • 6932a10a1   MLK-18591-1 android: Add the AVB library ... Browse Code »

    Porting the android AVB lib from imx u-boot v2018.03. Since 2019 u-boot
    has added latest AVB library, try to reuse it.

    Signed-off-by: Ye Li
    (cherry picked from commit 2105662ada738a271e12a81d775134a5821dc38f)
    (cherry picked from commit f7291d86c4183ce2e299ad271aa5618c71507ffc)
    (cherry picked from commit b871714c519e1bda3de6afbd354bee2cb246e4b7)

    Ye Li
     

01 Apr, 2020

1 commit

23 Mar, 2020

1 commit

22 Mar, 2020

7 commits