diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 47f6004ec..c0fe95ebc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -69,10 +69,8 @@ jobs: uses: actions/checkout@v3 - name: Free Disk Space uses: ./.github/workflows/free-disk-space - - name: Build bootloader image for PG1 - run: ./kas-container build kas-iot2050-boot-pg1.yml - - name: Build bootloader image for PG2 & m.2 - run: ./kas-container build kas-iot2050-boot-pg2.yml + - name: Build bootloader image + run: ./kas-container build kas-iot2050-boot.yml - name: Archive bootloaders uses: actions/upload-artifact@v3 with: diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 94206a9cd..2a7187b59 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -25,6 +25,4 @@ all: - kas build kas-iot2050-example.yml:kas/opt/preempt-rt.yml - kas build kas-iot2050-swupdate.yml - sudo rm -rf build/tmp - - kas build kas-iot2050-boot-pg1.yml - - sudo rm -rf build/tmp - - kas build kas-iot2050-boot-pg2.yml + - kas build kas-iot2050-boot.yml diff --git a/Kconfig b/Kconfig index ee673e2f5..828c6367f 100644 --- a/Kconfig +++ b/Kconfig @@ -30,21 +30,13 @@ config IMAGE_SWUPDATE Based on the example image, this adds SWUpdate and changes the partition layout to an A/B rootfs. -config IMAGE_BOOT_PG1 - bool "Firmware image for PG1 devices" +config IMAGE_BOOT + bool "Firmware image for PG1, PG2 and M.2 devices" help - Build the firmware image that is responsible for booting Product - Generation 1 (PG1) devices. - - WARNING: Do not flash this image onto your device unless you know - that it fits AND you have an external flash programmer at hand that - allows to recover. Otherwise you risk to BRICK THE IOT2050! - -config IMAGE_BOOT_PG2 - bool "Firmware image for PG2 and M.2 devices" - help - Build the firmware image that is responsible for booting Product - Generation 2 (PG2) devices, including its M.2 variant. + Build firmware images that are responsible for booting IOT2050 + devices. Two artifacts are generated: iot2050-pg1-image-boot.bin + for Product Generation 1 devices and iot2050-pg2-image-boot.bin for + Product Generation 2 devices, including M.2 variants. WARNING: Do not flash this image onto your device unless you know that it fits AND you have an external flash programmer at hand that @@ -56,8 +48,7 @@ config KAS_INCLUDE_MAIN string default "kas-iot2050-example.yml" if IMAGE_EXAMPLE default "kas-iot2050-swupdate.yml" if IMAGE_SWUPDATE - default "kas-iot2050-boot-pg1.yml" if IMAGE_BOOT_PG1 - default "kas-iot2050-boot-pg2.yml" if IMAGE_BOOT_PG2 + default "kas-iot2050-boot.yml" if IMAGE_BOOT comment "Image features" @@ -128,7 +119,7 @@ config SECURE_BOOT config SECURE_BOOT bool "Secure boot" - depends on IMAGE_BOOT_PG2 + depends on IMAGE_BOOT help Enable signing of all customizable firmware artifacts, enforce UEFI Secure Boot mode, protect sensitive U-Boot environment variables and @@ -138,9 +129,12 @@ config SECURE_BOOT This uses the public custMpk.key and certificate by default. Do not use this key in production, it is for demonstration purposes only. + NOTE: Only PG2 and M.2 devices are officially supported regarding + secure boot. + config OTP_PROVISIONING bool "OTP Provisioning" - depends on IMAGE_BOOT_PG2 + depends on IMAGE_BOOT help Integrate OTP provisioning data into the firmware artifacts. Various options are avaiable. By default, this will integrate the OTP command @@ -152,7 +146,7 @@ config OTP_PROVISIONING config RPMB_SETUP bool "OPTEE RPMB setup for OTP key write" - depends on IMAGE_BOOT_PG2 && !SECURE_BOOT + depends on IMAGE_BOOT && !SECURE_BOOT help Enable one-time pairing between processor and secure storage (RPMB on eMMC). Do not sign and distribute this version. Run it @@ -244,7 +238,7 @@ config KAS_INCLUDE_DEBIAN_MIRROR config FIRMWARE_SECURE_VER string "Use specific firmware secure version" default "0" - depends on SECURE_BOOT && IMAGE_BOOT_PG2 + depends on SECURE_BOOT && IMAGE_BOOT help Use specific anti-rollback secure version rather than the default 0. Range 0 - 127. diff --git a/conf/distro/iot2050-debian.conf b/conf/distro/iot2050-debian.conf index 2ea92af1f..78eb5ec32 100644 --- a/conf/distro/iot2050-debian.conf +++ b/conf/distro/iot2050-debian.conf @@ -16,8 +16,6 @@ DISTRO_NAME = "IOT2050 Debian System" HOSTNAME ??= "iot2050-debian" -PREFERRED_VERSION_u-boot-iot2050-pg1 ?= "2022.10" -PREFERRED_VERSION_u-boot-iot2050-pg2 ?= "2022.10" PREFERRED_VERSION_linux-iot2050 ?= "5.10.%" PREFERRED_VERSION_linux-iot2050-rt ?= "5.10.%" diff --git a/conf/machine/iot2050.conf b/conf/machine/iot2050.conf index b7a0ad4cf..df4cbc584 100644 --- a/conf/machine/iot2050.conf +++ b/conf/machine/iot2050.conf @@ -11,10 +11,8 @@ DISTRO_ARCH ?= "arm64" -PRODUCT_GENERATION ?= "pg2" - -PREFERRED_PROVIDER_u-boot-${MACHINE} ?= "u-boot-iot2050-${PRODUCT_GENERATION}" -PREFERRED_PROVIDER_u-boot-${MACHINE}-config ?= "u-boot-iot2050-${PRODUCT_GENERATION}" +PREFERRED_PROVIDER_u-boot-${MACHINE} ?= "u-boot-iot2050" +PREFERRED_PROVIDER_u-boot-${MACHINE}-config ?= "u-boot-iot2050" KERNEL_NAME ?= "iot2050" DTB_FILES ?= " \ diff --git a/kas-iot2050-boot-pg1.yml b/kas-iot2050-boot-pg1.yml deleted file mode 100644 index 980275c7c..000000000 --- a/kas-iot2050-boot-pg1.yml +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright (c) Siemens AG, 2019-2022 -# -# Authors: -# Le Jin -# Jan Kiszka -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -header: - version: 14 - includes: - - kas/iot2050.yml - -build_system: isar - -target: u-boot-iot2050 - -local_conf_header: - u-boot: | - PRODUCT_GENERATION = "pg1" diff --git a/kas-iot2050-boot-pg2.yml b/kas-iot2050-boot.yml similarity index 89% rename from kas-iot2050-boot-pg2.yml rename to kas-iot2050-boot.yml index 2d3df3bfc..8227e008a 100644 --- a/kas-iot2050-boot-pg2.yml +++ b/kas-iot2050-boot.yml @@ -1,5 +1,5 @@ # -# Copyright (c) Siemens AG, 2019-2021 +# Copyright (c) Siemens AG, 2019-2023 # # Authors: # Le Jin diff --git a/kas/opt/upstream.yml b/kas/opt/upstream.yml index f56d7b3d7..5f1b578d6 100644 --- a/kas/opt/upstream.yml +++ b/kas/opt/upstream.yml @@ -10,8 +10,6 @@ header: local_conf_header: upstream-versions: | - PREFERRED_VERSION_u-boot-iot2050-pg1 = "202x.xx-upstream" - PREFERRED_VERSION_u-boot-iot2050-pg2 = "202x.xx-upstream" PREFERRED_VERSION_linux-iot2050 = "5.x-upstream" extra-args: | EXTRA_KERNEL_PARAMS = "fw_devlink=permissive" diff --git a/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb b/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb index 924bbbc04..238159706 100644 --- a/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb +++ b/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb @@ -39,6 +39,4 @@ python() { if re.search("rpmb-setup", overrides): if re.search("secureboot", overrides): bb.fatal("Not possible to use Secure Boot and RPMB setup for OPTEE") - if d.getVar('PRODUCT_GENERATION') == "pg1": - bb.warn("PG1 devices do not supported RPMB based secure storage") } diff --git a/recipes-bsp/secure-boot-otp-provisioning/README.md b/recipes-bsp/secure-boot-otp-provisioning/README.md index e1c0d8a7b..d9e2e3eed 100644 --- a/recipes-bsp/secure-boot-otp-provisioning/README.md +++ b/recipes-bsp/secure-boot-otp-provisioning/README.md @@ -57,7 +57,7 @@ Before start the build, make sure the currently using key set is copied to `recipes-bsp/u-boot/files/keys/custMpk.pem`. ```shell -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision.yml ``` > Warning: The default key sets within kas/opt/key-provision.yml only contain @@ -93,7 +93,7 @@ Then start to building the new key signed firmware together with the key switchi otpcmd data. ```shell -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch.yml ``` > Warning: The default switching within kas/opt/key-switch.yml is from MPK to SMPK. @@ -118,7 +118,7 @@ by feeding different kas option file to the building. If the BMPK need to be programmed together: ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-3keys.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-3keys.yml ``` ### Provision keys only without enabling secure boot @@ -126,7 +126,7 @@ If the BMPK need to be programmed together: If only the keys need to be programmed but not enabling the secure boot: ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-keys-only.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-keys-only.yml ``` ### Enable secure boot only @@ -134,7 +134,7 @@ If only the keys need to be programmed but not enabling the secure boot: If you want to only enable the secure boot(because the keys are already programmed): ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-enabling-only.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-enabling-only.yml ``` ### Switch from SMPK to BMPK @@ -142,7 +142,7 @@ If you want to only enable the secure boot(because the keys are already programm If the key switching is from SMPK to BMPK: ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch-2to3.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch-2to3.yml ``` ### Use TUI alternative diff --git a/recipes-bsp/u-boot/README.md b/recipes-bsp/u-boot/README.md index 0ea683efa..0a27bfadb 100644 --- a/recipes-bsp/u-boot/README.md +++ b/recipes-bsp/u-boot/README.md @@ -5,8 +5,7 @@ The boot loader for PG1 and PG2 boards is built like this: ```shell -./kas-container build kas-iot2050-boot-pg1.yml -./kas-container build kas-iot2050-boot-pg2.yml +./kas-container build kas-iot2050-boot.yml ``` After the build the boot images are under @@ -81,7 +80,7 @@ A special firmware build is required to run in a secure operating environment to program this key into RPMB. To build this special firmware: ```shell -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/rpmb-setup.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/rpmb-setup.yml ``` This will build a special OPTee binary for generating and programming the otp diff --git a/recipes-bsp/u-boot/files/0022-Add-a-reserved-memory-for-watchdog.patch b/recipes-bsp/u-boot/files/0001-Watchdog-Support-WDIOF_CARDRESET-on-TI-AM65x-platfor.patch similarity index 80% rename from recipes-bsp/u-boot/files/0022-Add-a-reserved-memory-for-watchdog.patch rename to recipes-bsp/u-boot/files/0001-Watchdog-Support-WDIOF_CARDRESET-on-TI-AM65x-platfor.patch index 4d5fda137..169120a87 100644 --- a/recipes-bsp/u-boot/files/0022-Add-a-reserved-memory-for-watchdog.patch +++ b/recipes-bsp/u-boot/files/0001-Watchdog-Support-WDIOF_CARDRESET-on-TI-AM65x-platfor.patch @@ -1,10 +1,10 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Li Hua Qian -Date: Wed, 7 Jun 2023 11:29:59 +0800 -Subject: [PATCH] Add a reserved memory for watchdog +Date: Tue, 29 Aug 2023 11:46:21 +0800 +Subject: [PATCH] Watchdog: Support WDIOF_CARDRESET on TI AM65x platform To have the WDIOF_CARDRESET support for the TI AM65x platform watchdog, -this patch reserves the memory, which indicates if the current boot due +this patch reserves some memories, which indicate if the current boot due to a watchdog reset. Signed-off-by: Li Hua Qian @@ -13,7 +13,7 @@ Signed-off-by: Li Hua Qian 1 file changed, 11 insertions(+) diff --git a/arch/arm/dts/k3-am65-iot2050-common.dtsi b/arch/arm/dts/k3-am65-iot2050-common.dtsi -index e60006be..acc41335 100644 +index 65da226847f..b6135b849f1 100644 --- a/arch/arm/dts/k3-am65-iot2050-common.dtsi +++ b/arch/arm/dts/k3-am65-iot2050-common.dtsi @@ -64,6 +64,12 @@ @@ -29,7 +29,7 @@ index e60006be..acc41335 100644 }; leds { -@@ -731,6 +737,11 @@ +@@ -720,6 +726,11 @@ mboxes = <&mailbox0_cluster1 &mbox_mcu_r5fss0_core1>; }; diff --git a/recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch b/recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch deleted file mode 100644 index e563112f4..000000000 --- a/recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 25 Apr 2022 10:33:15 +0200 -Subject: [PATCH] efi_loader: Improve console screen clearing and reset - -Before clearing the screen, ensure that no previous output of firmware -or UEFI programs will be overwritten on serial devices or other -streaming consoles. This helps generating complete boot logs. - -Tested regarding multi-output against qemu-x86_defconfig. - -Signed-off-by: Jan Kiszka ---- - lib/efi_loader/efi_console.c | 16 +++++++++++++--- - 1 file changed, 13 insertions(+), 3 deletions(-) - -diff --git a/lib/efi_loader/efi_console.c b/lib/efi_loader/efi_console.c -index ee9dc6bbd8..95777e894b 100644 ---- a/lib/efi_loader/efi_console.c -+++ b/lib/efi_loader/efi_console.c -@@ -472,8 +472,18 @@ static efi_status_t EFIAPI efi_cout_set_attribute( - static efi_status_t EFIAPI efi_cout_clear_screen( - struct efi_simple_text_output_protocol *this) - { -+ unsigned int row; -+ - EFI_ENTRY("%p", this); - -+ /* Avoid overwriting previous outputs on streaming consoles */ -+ for (row = 1; row < efi_cout_modes[efi_con_mode.mode].rows; row++) -+ printf("\n"); -+ -+ /* Set default colors if not done yet */ -+ if (efi_con_mode.attribute == 0) -+ efi_cout_set_attribute(this, 0x07); -+ - /* - * The Linux console wants both a clear and a home command. The video - * uclass does not support [H without coordinates, yet. -@@ -531,9 +541,9 @@ static efi_status_t EFIAPI efi_cout_reset( - { - EFI_ENTRY("%p, %d", this, extended_verification); - -- /* Set default colors */ -- efi_con_mode.attribute = 0x07; -- printf(ESC "[0;37;40m"); -+ /* Trigger reset to default colors */ -+ efi_con_mode.attribute = 0; -+ - /* Clear screen */ - EFI_CALL(efi_cout_clear_screen(this)); - diff --git a/recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch b/recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch deleted file mode 100644 index f397c9540..000000000 --- a/recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 28 Feb 2022 12:00:14 +0100 -Subject: [PATCH] env: Complete generic support for writable list - -This completes what 890feecaab72 started by selecting ENV_APPEND and -ENV_IS_NOWHERE and by moving this driver to top if the list. This -ensures that load operations pick up both the default env and the -permitted parts of the next-prio location. When writing though, we must -use the regular ordering. - -With this change, boards only need to define the list of writable -variables but no longer have to provide a custom env_get_location -implementation. - -CC: Joe Hershberger -CC: Marek Vasut -Signed-off-by: Jan Kiszka ---- - env/Kconfig | 2 ++ - env/env.c | 22 ++++++++++++++++++++++ - 2 files changed, 24 insertions(+) - -diff --git a/env/Kconfig b/env/Kconfig -index 238e4c70cf..7b4d54031e 100644 ---- a/env/Kconfig -+++ b/env/Kconfig -@@ -714,6 +714,8 @@ config ENV_APPEND - - config ENV_WRITEABLE_LIST - bool "Permit write access only to listed variables" -+ select ENV_IS_NOWHERE -+ select ENV_APPEND - help - If defined, only environment variables which explicitly set the 'w' - writeable flag can be written and modified at runtime. No variables -diff --git a/env/env.c b/env/env.c -index 69848fb060..d0649f9540 100644 ---- a/env/env.c -+++ b/env/env.c -@@ -133,6 +133,28 @@ __weak enum env_location arch_env_get_location(enum env_operation op, int prio) - if (prio >= ARRAY_SIZE(env_locations)) - return ENVL_UNKNOWN; - -+ if (IS_ENABLED(CONFIG_ENV_WRITEABLE_LIST)) { -+ /* -+ * In writeable-list mode, ENVL_NOWHERE gains highest prio by -+ * virtually injecting it at prio 0. -+ */ -+ if (prio == 0) { -+ /* -+ * Avoid the injection for write operations as that -+ * would block it. -+ */ -+ if (op != ENVOP_SAVE && op != ENVOP_ERASE) -+ return ENVL_NOWHERE; -+ } else { -+ /* -+ * always subtract 1, also for writing because -+ * env_load_prio, which is used for writing, was -+ * initialized with that offset. -+ */ -+ prio--; -+ } -+ } -+ - return env_locations[prio]; - } - diff --git a/recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch b/recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch new file mode 100644 index 000000000..4c01c51f6 --- /dev/null +++ b/recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch @@ -0,0 +1,41 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jan Kiszka +Date: Wed, 27 Sep 2023 17:35:02 +0200 +Subject: [PATCH] tools: iot2050-sign-fw.sh: Make localization of tools dir + more robust + +When building in-tree, there is no source link. + +Signed-off-by: Jan Kiszka +--- + tools/iot2050-sign-fw.sh | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/tools/iot2050-sign-fw.sh b/tools/iot2050-sign-fw.sh +index 6b426c854c2..75ffd560823 100755 +--- a/tools/iot2050-sign-fw.sh ++++ b/tools/iot2050-sign-fw.sh +@@ -5,6 +5,8 @@ if [ -z "$1" ]; then + exit 1 + fi + ++TOOLS_DIR=$(dirname $0) ++ + TEMP_X509=$(mktemp XXXXXXXX.temp) + + REVISION=${2:-0} +@@ -39,10 +41,10 @@ CERT_X509=$(mktemp XXXXXXXX.crt) + + openssl req -new -x509 -key $1 -nodes -outform DER -out $CERT_X509 -config $TEMP_X509 -sha512 + cat $CERT_X509 tispl.bin > tispl.bin_signed +-source/tools/binman/binman replace -i flash-pg1.bin -f tispl.bin_signed fit@180000 +-source/tools/binman/binman replace -i flash-pg2.bin -f tispl.bin_signed fit@180000 ++$TOOLS_DIR/binman/binman replace -i flash-pg1.bin -f tispl.bin_signed fit@180000 ++$TOOLS_DIR/binman/binman replace -i flash-pg2.bin -f tispl.bin_signed fit@180000 + + rm $TEMP_X509 $CERT_X509 + +-source/tools/binman/binman sign -i flash-pg1.bin -k $1 -a sha256,rsa4096 fit@380000 +-source/tools/binman/binman sign -i flash-pg2.bin -k $1 -a sha256,rsa4096 fit@380000 ++$TOOLS_DIR/binman/binman sign -i flash-pg1.bin -k $1 -a sha256,rsa4096 fit@380000 ++$TOOLS_DIR/binman/binman sign -i flash-pg2.bin -k $1 -a sha256,rsa4096 fit@380000 diff --git a/recipes-bsp/u-boot/files/0003-board-siemens-iot2050-Fix-logical-bug-in-PG1-PG2-det.patch b/recipes-bsp/u-boot/files/0003-board-siemens-iot2050-Fix-logical-bug-in-PG1-PG2-det.patch new file mode 100644 index 000000000..5154426ba --- /dev/null +++ b/recipes-bsp/u-boot/files/0003-board-siemens-iot2050-Fix-logical-bug-in-PG1-PG2-det.patch @@ -0,0 +1,27 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jan Kiszka +Date: Thu, 5 Oct 2023 06:04:09 +0200 +Subject: [PATCH] board: siemens: iot2050: Fix logical bug in PG1/PG2 detection + +This caused the wrong fdtfile to be set and was failing to apply M.2 +settings. + +Fixes: badaa1f6a7a9 ("boards: siemens: iot2050: Unify PG1 and PG2/M.2 configurations again") +Signed-off-by: Jan Kiszka +--- + board/siemens/iot2050/board.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c +index 15f5310c7bf..e35e55fb5de 100644 +--- a/board/siemens/iot2050/board.c ++++ b/board/siemens/iot2050/board.c +@@ -160,7 +160,7 @@ static bool board_is_sr1(void) + struct iot2050_info *info = IOT2050_INFO_DATA; + + return info->magic == IOT2050_INFO_MAGIC && +- strstr((char *)info->name, "-PG2") != NULL; ++ strstr((char *)info->name, "-PG2") == NULL; + } + + static bool board_is_m2(void) diff --git a/recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch b/recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch deleted file mode 100644 index c78a2305e..000000000 --- a/recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 25 Apr 2022 11:15:36 +0200 -Subject: [PATCH] env: Couple networking-related variable flags to CONFIG_NET - -Boards may set networking variables programmatically, thus may have -CONFIG_NET on but CONFIG_CMD_NET off. The IOT2050 is an example. - -CC: Joe Hershberger -Signed-off-by: Jan Kiszka ---- - env/flags.c | 10 +++++----- - include/env_flags.h | 4 ++-- - 2 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/env/flags.c b/env/flags.c -index e3e833c433..e2866361df 100644 ---- a/env/flags.c -+++ b/env/flags.c -@@ -22,7 +22,7 @@ - #include - #endif - --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - #define ENV_FLAGS_NET_VARTYPE_REPS "im" - #else - #define ENV_FLAGS_NET_VARTYPE_REPS "" -@@ -57,7 +57,7 @@ static const char * const env_flags_vartype_names[] = { - "decimal", - "hexadecimal", - "boolean", --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - "IP address", - "MAC address", - #endif -@@ -211,7 +211,7 @@ static void skip_num(int hex, const char *value, const char **end, - *end = value; - } - --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - int eth_validate_ethaddr_str(const char *addr) - { - const char *end; -@@ -244,7 +244,7 @@ static int _env_flags_validate_type(const char *value, - enum env_flags_vartype type) - { - const char *end; --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - const char *cur; - int i; - #endif -@@ -273,7 +273,7 @@ static int _env_flags_validate_type(const char *value, - if (value[1] != '\0') - return -1; - break; --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - case env_flags_vartype_ipaddr: - cur = value; - for (i = 0; i < 4; i++) { -diff --git a/include/env_flags.h b/include/env_flags.h -index 313cb8c49a..b49ec8e80f 100644 ---- a/include/env_flags.h -+++ b/include/env_flags.h -@@ -12,7 +12,7 @@ enum env_flags_vartype { - env_flags_vartype_decimal, - env_flags_vartype_hex, - env_flags_vartype_bool, --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - env_flags_vartype_ipaddr, - env_flags_vartype_macaddr, - #endif -@@ -111,7 +111,7 @@ enum env_flags_varaccess env_flags_parse_varaccess(const char *flags); - */ - enum env_flags_varaccess env_flags_parse_varaccess_from_binflags(int binflags); - --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - /* - * Check if a string has the format of an Ethernet MAC address - */ diff --git a/recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch b/recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch deleted file mode 100644 index 4345ddb16..000000000 --- a/recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 14 Feb 2022 07:05:15 +0100 -Subject: [PATCH] tools: Add script for converting public key into device tree - include - -Allows to create a public key device tree dtsi for inclusion into U-Boot -SPL and proper during first build already. This can be achieved via -CONFIG_DEVICE_TREE_INCLUDES. - -Signed-off-by: Jan Kiszka ---- - tools/key2dtsi.py | 64 +++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 64 insertions(+) - create mode 100755 tools/key2dtsi.py - -diff --git a/tools/key2dtsi.py b/tools/key2dtsi.py -new file mode 100755 -index 0000000000..1dbb2cc94b ---- /dev/null -+++ b/tools/key2dtsi.py -@@ -0,0 +1,64 @@ -+#!/usr/bin/env python3 -+# SPDX-License-Identifier: GPL-2.0-only -+# -+# Public key to dtsi converter. -+# -+# Copyright (c) Siemens AG, 2022 -+# -+ -+from argparse import ArgumentParser, FileType -+from os.path import basename, splitext -+from Cryptodome.PublicKey import RSA -+from Cryptodome.Util.number import inverse -+ -+def int_to_bytestr(n, length=None): -+ if not length: -+ length = (n.bit_length() + 7) // 8 -+ byte_array = n.to_bytes(length, 'big') -+ return ' '.join(['{:02x}'.format(byte) for byte in byte_array]) -+ -+ap = ArgumentParser(description='Public key to dtsi converter') -+ -+ap.add_argument('--hash', '-H', default='sha256', -+ help='hash to be used with key (default: sha256)') -+ap.add_argument('--required-conf', '-c', action='store_true', -+ help='mark key required for configuration') -+ap.add_argument('--required-image', '-i', action='store_true', -+ help='mark key required for image') -+ap.add_argument('--spl', '-s', action='store_true', -+ help='mark key for usage in SPL') -+ap.add_argument('key_file', metavar='KEY_FILE', type=FileType('r'), -+ help='key file (formats: X.509, PKCS#1, OpenSSH)') -+ap.add_argument('dtsi_file', metavar='DTSI_FILE', type=FileType('w'), -+ help='dtsi output file') -+ -+args = ap.parse_args() -+ -+key_name, _ = splitext(basename(args.key_file.name)) -+ -+key_data = args.key_file.read() -+key = RSA.importKey(key_data) -+ -+r_squared = (2**key.size_in_bits())**2 % key.n -+n0_inverse = 2**32 - inverse(key.n, 2**32) -+ -+out = args.dtsi_file -+out.write('/ {\n') -+out.write('\tsignature {\n') -+out.write('\t\tkey-{} {{\n'.format(key_name)) -+out.write('\t\t\tkey-name-hint = "{}";\n'.format(key_name)) -+out.write('\t\t\talgo = "{},rsa{}";\n'.format(args.hash, key.size_in_bits())) -+out.write('\t\t\trsa,num-bits = <{}>;\n'.format(key.size_in_bits())) -+out.write('\t\t\trsa,modulus = [{}];\n'.format(int_to_bytestr(key.n))) -+out.write('\t\t\trsa,exponent = [{}];\n'.format(int_to_bytestr(key.e, 8))) -+out.write('\t\t\trsa,r-squared = [{}];\n'.format(int_to_bytestr(r_squared))) -+out.write('\t\t\trsa,n0-inverse = <0x{:x}>;\n'.format(n0_inverse)) -+if args.required_conf: -+ out.write('\t\t\trequired = "conf";\n') -+elif args.required_image: -+ out.write('\t\t\trequired = "image";\n') -+if args.spl: -+ out.write('\t\t\tu-boot,dm-spl;\n') -+out.write('\t\t};\n') -+out.write('\t};\n') -+out.write('};\n') diff --git a/recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch b/recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch deleted file mode 100644 index 552e7a333..000000000 --- a/recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch +++ /dev/null @@ -1,335 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Su Baocheng -Date: Wed, 12 Jan 2022 15:05:27 +0800 -Subject: [PATCH] board: siemens: iot2050: Split the build for PG1 and PG2 - -Due to different signature keys, the PG1 and the PG2 boards can no -longer use the same FSBL (tiboot3). This makes it impossible anyway to -maintaine a single flash.bin for both variants, so we can also split the -build. - -A new target is added to indicates the build is for PG1 vs. PG2 boards. -Hence now the variants have separated defconfig files. - -The runtime board_is_sr1() check does make no sense anymore, so remove -it and replace with build time check. - -Documentation is updated accordingly. New binary artifacts are already -available via meta-iot2050. - -Signed-off-by: Su Baocheng -[Jan: refactor config option into targets, tweak some wordings] -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 80 ++++++------------- - board/siemens/iot2050/Kconfig | 28 ++++++- - board/siemens/iot2050/board.c | 12 +-- - ...ot2050_defconfig => iot2050_pg1_defconfig} | 2 +- - ...ot2050_defconfig => iot2050_pg2_defconfig} | 4 +- - doc/board/siemens/iot2050.rst | 15 +++- - 6 files changed, 65 insertions(+), 76 deletions(-) - copy configs/{iot2050_defconfig => iot2050_pg1_defconfig} (99%) - rename configs/{iot2050_defconfig => iot2050_pg2_defconfig} (97%) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 27058370cc..3135ad0471 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -1,6 +1,6 @@ - // SPDX-License-Identifier: GPL-2.0 - /* -- * Copyright (c) Siemens AG, 2020-2021 -+ * Copyright (c) Siemens AG, 2020-2022 - * - * Authors: - * Jan Kiszka -@@ -17,7 +17,11 @@ - - blob-ext@0x000000 { - offset = <0x000000>; -- filename = "tiboot3.bin"; -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -+ filename = "seboot_pg1.bin"; -+#else -+ filename = "seboot_pg2.bin"; -+#endif - missing-msg = "iot2050-seboot"; - }; - -@@ -43,42 +47,30 @@ - }; - - fdt-iot2050-basic { -- description = "k3-am6528-iot2050-basic.dtb"; -+ description = "k3-am6528-iot2050-basic*.dtb"; - type = "flat_dt"; - arch = "arm64"; - compression = "none"; - blob { -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 - filename = "arch/arm/dts/k3-am6528-iot2050-basic.dtb"; -- }; -- }; -- -- fdt-iot2050-basic-pg2 { -- description = "k3-am6528-iot2050-basic-pg2.dtb"; -- type = "flat_dt"; -- arch = "arm64"; -- compression = "none"; -- blob { -+#else - filename = "arch/arm/dts/k3-am6528-iot2050-basic-pg2.dtb"; -+#endif - }; - }; - - fdt-iot2050-advanced { -- description = "k3-am6548-iot2050-advanced.dtb"; -+ description = "k3-am6548-iot2050-advanced*.dtb"; - type = "flat_dt"; - arch = "arm64"; - compression = "none"; - blob { -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 - filename = "arch/arm/dts/k3-am6548-iot2050-advanced.dtb"; -- }; -- }; -- -- fdt-iot2050-advanced-pg2 { -- description = "k3-am6548-iot2050-advanced-pg2.dtb"; -- type = "flat_dt"; -- arch = "arm64"; -- compression = "none"; -- blob { -+#else - filename = "arch/arm/dts/k3-am6548-iot2050-advanced-pg2.dtb"; -+#endif - }; - }; - -@@ -108,30 +100,12 @@ - #endif - }; - -- conf-iot2050-basic-pg2 { -- description = "iot2050-basic-pg2"; -- firmware = "u-boot"; -- fdt = "fdt-iot2050-basic-pg2"; --#ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; --#endif -- }; -- - conf-iot2050-advanced { - description = "iot2050-advanced"; - firmware = "u-boot"; - fdt = "fdt-iot2050-advanced"; - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - loadables = "k3-rti-wdt-firmware"; --#endif -- }; -- -- conf-iot2050-advanced-pg2 { -- description = "iot2050-advanced-pg2"; -- firmware = "u-boot"; -- fdt = "fdt-iot2050-advanced-pg2"; --#ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; - #endif - }; - }; -@@ -150,28 +124,24 @@ - fill-byte = [00]; - }; - -- /* PG1 sysfw, basic variant */ -+ /* sysfw, basic variant */ - blob-ext@0x6c0000 { - offset = <0x6c0000>; -- filename = "sysfw.itb"; -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -+ filename = "sysfw_sr1.itb"; -+#else -+ filename = "sysfw_sr2.itb"; -+#endif - missing-msg = "iot2050-sysfw"; - }; -- /* PG1 sysfw, advanced variant */ -+ /* sysfw, advanced variant */ - blob-ext@0x740000 { - offset = <0x740000>; -- filename = "sysfw.itb_HS"; -- missing-msg = "iot2050-sysfw"; -- }; -- /* PG2 sysfw, basic variant */ -- blob-ext@0x7c0000 { -- offset = <0x7c0000>; -- filename = "sysfw_sr2.itb"; -- missing-msg = "iot2050-sysfw"; -- }; -- /* PG2 sysfw, advanced variant */ -- blob-ext@0x840000 { -- offset = <0x840000>; -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -+ filename = "sysfw_sr1.itb_HS"; -+#else - filename = "sysfw_sr2.itb_HS"; -+#endif - missing-msg = "iot2050-sysfw"; - }; - }; -diff --git a/board/siemens/iot2050/Kconfig b/board/siemens/iot2050/Kconfig -index 063142a43b..a2b40881d1 100644 ---- a/board/siemens/iot2050/Kconfig -+++ b/board/siemens/iot2050/Kconfig -@@ -1,20 +1,40 @@ - # SPDX-License-Identifier: GPL-2.0+ - # --# Copyright (c) Siemens AG, 2018-2021 -+# Copyright (c) Siemens AG, 2018-2022 - # - # Authors: - # Le Jin - # Jan Kiszka - --config TARGET_IOT2050_A53 -- bool "IOT2050 running on A53" -+choice -+ prompt "Siemens SIMATIC IOT2050 boards" -+ optional -+ -+config TARGET_IOT2050_A53_PG1 -+ bool "IOT2050 PG1 running on A53" -+ select IOT2050_A53_COMMON -+ help -+ This builds U-Boot for the Product Generation 1 (PG1) of the IOT2050 -+ devices. -+ -+config TARGET_IOT2050_A53_PG2 -+ bool "IOT2050 PG2 running on A53" -+ select IOT2050_A53_COMMON -+ help -+ This builds U-Boot for the Product Generation 2 (PG2) of the IOT2050 -+ devices. -+ -+endchoice -+ -+config IOT2050_A53_COMMON -+ bool - select ARM64 - select SOC_K3_AM654 - select BOARD_LATE_INIT - select SYS_DISABLE_DCACHE_OPS - select BINMAN - --if TARGET_IOT2050_A53 -+if IOT2050_A53_COMMON - - config SYS_BOARD - default "iot2050" -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index b965ae9fa4..050ddb5899 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -55,14 +55,6 @@ static bool board_is_advanced(void) - strstr((char *)info->name, "IOT2050-ADVANCED") != NULL; - } - --static bool board_is_sr1(void) --{ -- struct iot2050_info *info = IOT2050_INFO_DATA; -- -- return info->magic == IOT2050_INFO_MAGIC && -- !strstr((char *)info->name, "-PG2"); --} -- - static void remove_mmc1_target(void) - { - char *boot_targets = strdup(env_get("boot_targets")); -@@ -109,12 +101,12 @@ void set_board_info_env(void) - } - - if (board_is_advanced()) { -- if (board_is_sr1()) -+ if (IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG1)) - fdtfile = "ti/k3-am6548-iot2050-advanced.dtb"; - else - fdtfile = "ti/k3-am6548-iot2050-advanced-pg2.dtb"; - } else { -- if (board_is_sr1()) -+ if (IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG1)) - fdtfile = "ti/k3-am6528-iot2050-basic.dtb"; - else - fdtfile = "ti/k3-am6528-iot2050-basic-pg2.dtb"; -diff --git a/configs/iot2050_defconfig b/configs/iot2050_pg1_defconfig -similarity index 99% -copy from configs/iot2050_defconfig -copy to configs/iot2050_pg1_defconfig -index 81cce0812b..4a59104149 100644 ---- a/configs/iot2050_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -8,7 +8,7 @@ CONFIG_SPL_LIBCOMMON_SUPPORT=y - CONFIG_SPL_LIBGENERIC_SUPPORT=y - CONFIG_NR_DRAM_BANKS=2 - CONFIG_SOC_K3_AM654=y --CONFIG_TARGET_IOT2050_A53=y -+CONFIG_TARGET_IOT2050_A53_PG1=y - CONFIG_ENV_SIZE=0x20000 - CONFIG_ENV_OFFSET=0x680000 - CONFIG_ENV_SECT_SIZE=0x20000 -diff --git a/configs/iot2050_defconfig b/configs/iot2050_pg2_defconfig -similarity index 97% -rename from configs/iot2050_defconfig -rename to configs/iot2050_pg2_defconfig -index 81cce0812b..4eba7a3476 100644 ---- a/configs/iot2050_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -8,13 +8,13 @@ CONFIG_SPL_LIBCOMMON_SUPPORT=y - CONFIG_SPL_LIBGENERIC_SUPPORT=y - CONFIG_NR_DRAM_BANKS=2 - CONFIG_SOC_K3_AM654=y --CONFIG_TARGET_IOT2050_A53=y -+CONFIG_TARGET_IOT2050_A53_PG2=y - CONFIG_ENV_SIZE=0x20000 - CONFIG_ENV_OFFSET=0x680000 - CONFIG_ENV_SECT_SIZE=0x20000 - CONFIG_DM_GPIO=y - CONFIG_SPL_DM_SPI=y --CONFIG_DEFAULT_DEVICE_TREE="k3-am6528-iot2050-basic" -+CONFIG_DEFAULT_DEVICE_TREE="k3-am6528-iot2050-basic-pg2" - CONFIG_SPL_TEXT_BASE=0x80080000 - CONFIG_SYS_PROMPT="IOT2050> " - CONFIG_SPL_SERIAL=y -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 7e97f817ce..fd3431fa3f 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -24,9 +24,10 @@ Binary dependencies can be found in - https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild. - The following binaries from that source need to be present in the build folder: - -- - tiboot3.bin -- - sysfw.itb -- - sysfw.itb_HS -+ - seboot_pg1.bin -+ - sysfw_sr1.itb -+ - sysfw_sr1.itb_HS -+ - seboot_pg2.bin - - sysfw_sr2.itb - - sysfw_sr2.itb_HS - -@@ -57,7 +58,13 @@ U-Boot: - - $ export ATF=/path/to/bl31.bin - $ export TEE=/path/to/tee-pager_v2.bin -- $ make iot2050_defconfig -+ -+ # configure for PG1 -+ $ make iot2050_pg1_defconfig -+ -+ # or configure for PG2 -+ $ make iot2050_pg2_defconfig -+ - $ make - - Flashing diff --git a/recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch b/recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch deleted file mode 100644 index aac2c6ff2..000000000 --- a/recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch +++ /dev/null @@ -1,132 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Su Baocheng -Date: Wed, 12 Jan 2022 14:52:01 +0800 -Subject: [PATCH] arm: dts: iot2050: Use the auto generator nodes for fdt - -Refactor according to the entry `fit: Entry containing a FIT` of -document tools/binman/README.entries. - -As the generator uses the device tree name for the config description, -board_fit_config_name_match requires a small adjustment as well. - -Signed-off-by: Su Baocheng -[Jan: re-add now required CONFIG_OF_LIST, update config matching] -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 44 ++++---------------- - board/siemens/iot2050/board.c | 3 ++ - configs/iot2050_pg1_defconfig | 1 + - configs/iot2050_pg2_defconfig | 1 + - 4 files changed, 12 insertions(+), 37 deletions(-) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 3135ad0471..4666957686 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -32,6 +32,7 @@ - - fit@0x280000 { - description = "U-Boot for IOT2050"; -+ fit,fdt-list = "of-list"; - offset = <0x280000>; - images { - u-boot { -@@ -46,32 +47,11 @@ - }; - }; - -- fdt-iot2050-basic { -- description = "k3-am6528-iot2050-basic*.dtb"; -+ @fdt-SEQ { -+ description = "fdt-NAME"; - type = "flat_dt"; - arch = "arm64"; - compression = "none"; -- blob { --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "arch/arm/dts/k3-am6528-iot2050-basic.dtb"; --#else -- filename = "arch/arm/dts/k3-am6528-iot2050-basic-pg2.dtb"; --#endif -- }; -- }; -- -- fdt-iot2050-advanced { -- description = "k3-am6548-iot2050-advanced*.dtb"; -- type = "flat_dt"; -- arch = "arm64"; -- compression = "none"; -- blob { --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "arch/arm/dts/k3-am6548-iot2050-advanced.dtb"; --#else -- filename = "arch/arm/dts/k3-am6548-iot2050-advanced-pg2.dtb"; --#endif -- }; - }; - - #ifdef CONFIG_WDT_K3_RTI_FW_FILE -@@ -89,21 +69,11 @@ - }; - - configurations { -- default = "conf-iot2050-basic"; -- -- conf-iot2050-basic { -- description = "iot2050-basic"; -- firmware = "u-boot"; -- fdt = "fdt-iot2050-basic"; --#ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; --#endif -- }; -- -- conf-iot2050-advanced { -- description = "iot2050-advanced"; -+ default = "@config-DEFAULT-SEQ"; -+ @config-SEQ { -+ description = "NAME"; - firmware = "u-boot"; -- fdt = "fdt-iot2050-advanced"; -+ fdt = "fdt-SEQ"; - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - loadables = "k3-rti-wdt-firmware"; - #endif -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index 050ddb5899..2be5d1eefc 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -154,6 +154,9 @@ int board_fit_config_name_match(const char *name) - struct iot2050_info *info = IOT2050_INFO_DATA; - char upper_name[32]; - -+ /* skip the prefix "k3-am65x8-" */ -+ name += 10; -+ - if (info->magic != IOT2050_INFO_MAGIC || - strlen(name) >= sizeof(upper_name)) - return -1; -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 4a59104149..953206b343 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -69,6 +69,7 @@ CONFIG_CMD_TIME=y - # CONFIG_ISO_PARTITION is not set - CONFIG_OF_CONTROL=y - CONFIG_SPL_OF_CONTROL=y -+CONFIG_OF_LIST="k3-am6528-iot2050-basic k3-am6548-iot2050-advanced" - CONFIG_SPL_MULTI_DTB_FIT=y - CONFIG_SPL_OF_LIST="k3-am65-iot2050-spl" - CONFIG_SPL_MULTI_DTB_FIT_NO_COMPRESSION=y -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index 4eba7a3476..6b5e50a99a 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -69,6 +69,7 @@ CONFIG_CMD_TIME=y - # CONFIG_ISO_PARTITION is not set - CONFIG_OF_CONTROL=y - CONFIG_SPL_OF_CONTROL=y -+CONFIG_OF_LIST="k3-am6528-iot2050-basic-pg2 k3-am6548-iot2050-advanced-pg2" - CONFIG_SPL_MULTI_DTB_FIT=y - CONFIG_SPL_OF_LIST="k3-am65-iot2050-spl" - CONFIG_SPL_MULTI_DTB_FIT_NO_COMPRESSION=y diff --git a/recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch b/recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch deleted file mode 100644 index 376193237..000000000 --- a/recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch +++ /dev/null @@ -1,143 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 14 Jan 2022 18:52:06 +0100 -Subject: [PATCH] iot2050: Update firmware layout - -The latest version of the binary-only firmware parts come in a combined -form of FSBL and sysfw containers. This implies some layout changes to -the generated firmware image but also makes handling of artifacts much -simpler (4 files less). The env locations will not change, just the -space reserved for U-Boot will shrink from 4 to 3 MB - still plenty of -space left in practice. - -Adjust configuration and documentation accordingly. - -Along this change, add a new reservation for update commands of the -user-controlled OTP part. A specific userspace tool will fill it, and -the FSBL will evaluate it during boot. This reservation will use 64K of -the former sysfw section. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 30 ++++++-------------- - configs/iot2050_pg1_defconfig | 2 +- - configs/iot2050_pg2_defconfig | 2 +- - doc/board/siemens/iot2050.rst | 4 --- - tools/binman/missing-blob-help | 8 +----- - 5 files changed, 11 insertions(+), 35 deletions(-) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 4666957686..3ee0842e99 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -25,15 +25,15 @@ - missing-msg = "iot2050-seboot"; - }; - -- blob@0x080000 { -- offset = <0x080000>; -+ blob@0x180000 { -+ offset = <0x180000>; - filename = "tispl.bin"; - }; - -- fit@0x280000 { -+ fit@0x380000 { - description = "U-Boot for IOT2050"; - fit,fdt-list = "of-list"; -- offset = <0x280000>; -+ offset = <0x380000>; - images { - u-boot { - description = "U-Boot"; -@@ -94,25 +94,11 @@ - fill-byte = [00]; - }; - -- /* sysfw, basic variant */ -- blob-ext@0x6c0000 { -+ /* OTP update command block */ -+ fill@0x6c0000 { - offset = <0x6c0000>; --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "sysfw_sr1.itb"; --#else -- filename = "sysfw_sr2.itb"; --#endif -- missing-msg = "iot2050-sysfw"; -- }; -- /* sysfw, advanced variant */ -- blob-ext@0x740000 { -- offset = <0x740000>; --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "sysfw_sr1.itb_HS"; --#else -- filename = "sysfw_sr2.itb_HS"; --#endif -- missing-msg = "iot2050-sysfw"; -+ size = <0x010000>; -+ fill-byte = [ff]; - }; - }; - }; -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 953206b343..934266c26e 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -52,7 +52,7 @@ CONFIG_SPL_POWER_DOMAIN=y - # CONFIG_SPL_SPI_FLASH_TINY is not set - CONFIG_SPL_SPI_FLASH_SFDP_SUPPORT=y - CONFIG_SPL_SPI_LOAD=y --CONFIG_SYS_SPI_U_BOOT_OFFS=0x280000 -+CONFIG_SYS_SPI_U_BOOT_OFFS=0x380000 - CONFIG_SYS_MAXARGS=64 - CONFIG_SYS_PBSIZE=1050 - CONFIG_CMD_ASKENV=y -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index 6b5e50a99a..c76abcca67 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -52,7 +52,7 @@ CONFIG_SPL_POWER_DOMAIN=y - # CONFIG_SPL_SPI_FLASH_TINY is not set - CONFIG_SPL_SPI_FLASH_SFDP_SUPPORT=y - CONFIG_SPL_SPI_LOAD=y --CONFIG_SYS_SPI_U_BOOT_OFFS=0x280000 -+CONFIG_SYS_SPI_U_BOOT_OFFS=0x380000 - CONFIG_SYS_MAXARGS=64 - CONFIG_SYS_PBSIZE=1050 - CONFIG_CMD_ASKENV=y -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index fd3431fa3f..26972e20ae 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -25,11 +25,7 @@ https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/u-boot/files/pre - The following binaries from that source need to be present in the build folder: - - - seboot_pg1.bin -- - sysfw_sr1.itb -- - sysfw_sr1.itb_HS - - seboot_pg2.bin -- - sysfw_sr2.itb -- - sysfw_sr2.itb_HS - - Building - -------- -diff --git a/tools/binman/missing-blob-help b/tools/binman/missing-blob-help -index c61ca02a35..5bb8961ce0 100644 ---- a/tools/binman/missing-blob-help -+++ b/tools/binman/missing-blob-help -@@ -21,13 +21,7 @@ Please read the section on SCP firmware in board/sunxi/README.sunxi64 - iot2050-seboot: - See the documentation for IOT2050 board. Your image is missing SEBoot - which is mandatory for board startup. Prebuilt SEBoot located at --meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/tiboot3.bin. -- --iot2050-sysfw: --See the documentation for IOT2050 board. Your image is missing system --firmware which is mandatory for board startup. Prebuilt system firmware --located at meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/ --with sysfw prefix. -+meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/seboot_pg*.bin. - - k3-rti-wdt-firmware: - If CONFIG_WDT_K3_RTI_LOAD_FW is enabled, a firmware image is needed for diff --git a/recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch b/recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch deleted file mode 100644 index ff6fa97d4..000000000 --- a/recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Sun, 20 Mar 2022 15:00:34 +0100 -Subject: [PATCH] iot2050: Add watchdog start to bootcmd - -Allows run-time control over watchdog auto-start and the timeout via -setting the environment variable watchdog_timeout_ms. A value of zero -means "do not start". Use CONFIG_WATCHDOG_TIMEOUT_MSECS as initial value -and this to zero by default. Users can then enable the watchdog once the -use and OS which picks it up during boot. - -Signed-off-by: Jan Kiszka ---- - configs/iot2050_pg1_defconfig | 2 ++ - configs/iot2050_pg2_defconfig | 2 ++ - include/configs/iot2050.h | 9 +++++++++ - 3 files changed, 13 insertions(+) - -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 934266c26e..49f8110936 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -32,6 +32,7 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set - CONFIG_SPL_MAX_SIZE=0x58000 -@@ -142,6 +143,7 @@ CONFIG_USB_DWC3_GENERIC=y - CONFIG_USB_KEYBOARD=y - # CONFIG_WATCHDOG is not set - # CONFIG_WATCHDOG_AUTOSTART is not set -+CONFIG_WATCHDOG_TIMEOUT_MSECS=0 - CONFIG_WDT=y - CONFIG_WDT_K3_RTI=y - CONFIG_WDT_K3_RTI_LOAD_FW=y -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index c76abcca67..43410160c8 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -32,6 +32,7 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set - CONFIG_SPL_MAX_SIZE=0x58000 -@@ -142,6 +143,7 @@ CONFIG_USB_DWC3_GENERIC=y - CONFIG_USB_KEYBOARD=y - # CONFIG_WATCHDOG is not set - # CONFIG_WATCHDOG_AUTOSTART is not set -+CONFIG_WATCHDOG_TIMEOUT_MSECS=0 - CONFIG_WDT=y - CONFIG_WDT_K3_RTI=y - CONFIG_WDT_K3_RTI_LOAD_FW=y -diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h -index 0f6150fc9c..dc4b5f9059 100644 ---- a/include/configs/iot2050.h -+++ b/include/configs/iot2050.h -@@ -15,6 +15,14 @@ - - /* SPL Loader Configuration */ - -+#define WATCHDOG_ENV \ -+ "watchdog_timeout_ms=" __stringify(CONFIG_WATCHDOG_TIMEOUT_MSECS) "\0" \ -+ "start_watchdog=if test ${watchdog_timeout_ms} -gt 0; then " \ -+ "wdt dev watchdog@40610000; " \ -+ "wdt start ${watchdog_timeout_ms}; " \ -+ "echo Watchdog started, timeout ${watchdog_timeout_ms} ms; " \ -+ "fi\0" -+ - /* U-Boot general configuration */ - #define EXTRA_ENV_IOT2050_BOARD_SETTINGS \ - "usb_pgood_delay=900\0" -@@ -43,6 +51,7 @@ - #define CONFIG_EXTRA_ENV_SETTINGS \ - DEFAULT_LINUX_BOOT_ENV \ - BOOTENV \ -+ WATCHDOG_ENV \ - EXTRA_ENV_IOT2050_BOARD_SETTINGS - - #include diff --git a/recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch b/recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch deleted file mode 100644 index 3d3dba8bb..000000000 --- a/recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 25 Apr 2022 10:42:25 +0200 -Subject: [PATCH] iot2050: Add CONFIG_ENV_FLAGS_LIST_STATIC - -Will be needed when CONFIG_ENV_WRITEABLE_LIST is enabled. The listed -variables shall remain writable, for informational purposes - they have -to be considered untrusted because the persistent U-Boot env is not -protected. - -Signed-off-by: Jan Kiszka ---- - include/configs/iot2050.h | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h -index dc4b5f9059..d2cba5acfd 100644 ---- a/include/configs/iot2050.h -+++ b/include/configs/iot2050.h -@@ -56,4 +56,12 @@ - - #include - -+#ifdef CONFIG_ENV_WRITEABLE_LIST -+/* relevant for secure boot with CONFIG_ENV_WRITEABLE_LIST=y */ -+#define CONFIG_ENV_FLAGS_LIST_STATIC \ -+ "board_uuid:sw,board_name:sw,board_serial:sw,board_a5e:sw," \ -+ "mlfb:sw,fw_version:sw,seboot_version:sw," \ -+ "eth1addr:mw,eth2addr:mw,watchdog_timeout_ms:dw,boot_targets:sw" -+#endif -+ - #endif /* __CONFIG_IOT2050_H */ diff --git a/recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch b/recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch deleted file mode 100644 index bd187964b..000000000 --- a/recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Sun, 7 Nov 2021 17:59:17 +0100 -Subject: [PATCH] arm: dts: iot2050: Allow verifying U-Boot proper by SPL - -Add hashes and configuration signature stubs to prepare verified boot -of main U-Boot by SPL. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 3ee0842e99..9082a79a03 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -14,6 +14,7 @@ - filename = "flash.bin"; - pad-byte = <0xff>; - size = <0x8c0000>; -+ allow-repack; - - blob-ext@0x000000 { - offset = <0x000000>; -@@ -45,6 +46,9 @@ - entry = <0x80800000>; - u-boot-nodtb { - }; -+ hash { -+ algo = "sha256"; -+ }; - }; - - @fdt-SEQ { -@@ -52,6 +56,9 @@ - type = "flat_dt"; - arch = "arm64"; - compression = "none"; -+ hash { -+ algo = "sha256"; -+ }; - }; - - #ifdef CONFIG_WDT_K3_RTI_FW_FILE -@@ -64,6 +71,9 @@ - filename = CONFIG_WDT_K3_RTI_FW_FILE; - missing-msg = "k3-rti-wdt-firmware"; - }; -+ hash { -+ algo = "sha256"; -+ }; - }; - #endif - }; -@@ -77,10 +87,16 @@ - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - loadables = "k3-rti-wdt-firmware"; - #endif -+ signature { -+ sign-images = "firmware", "fdt", "loadables"; -+ }; - }; - }; - }; - -+ fdtmap { -+ }; -+ - /* primary env */ - fill@0x680000 { - offset = <0x680000>; diff --git a/recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch b/recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch deleted file mode 100644 index 9cff5b5d6..000000000 --- a/recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch +++ /dev/null @@ -1,134 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Thu, 18 Nov 2021 10:56:22 +0100 -Subject: [PATCH] iot2050: Add script for signing artifacts - -There are many ways to get a signed firmware for the IOT2050 devices, -namely for the parts under user-control. This script documents one way -of doing it, given a signing key. Augment the board documentation with -the required procedure around it. - -Signed-off-by: Jan Kiszka ---- - doc/board/siemens/iot2050.rst | 52 +++++++++++++++++++++++++++++++++++ - tools/iot2050-sign-fw.sh | 51 ++++++++++++++++++++++++++++++++++ - 2 files changed, 103 insertions(+) - create mode 100755 tools/iot2050-sign-fw.sh - -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 26972e20ae..4e0925c72c 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -79,3 +79,55 @@ Via external programmer Dediprog SF100 or SF600: - .. code-block:: text - - $ dpcmd --vcc 2 -v -u flash.bin -+ -+Signing (optional) -+------------------ -+ -+To enable verified boot for the firmware artifacts after the Siemens-managed -+first-stage loader (seboot_pg*.bin), the following steps need to be taken -+before and after the build: -+ -+Generate dtsi holding the public key -+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -+ -+.. code-block:: text -+ -+ tools/key2dtsi.py -c -s key.pem public-key.dtsi -+ -+This will be used to embed the public key into U-Boot SPL and main so that each -+step can validate signatures of the succeeding one. -+ -+Adjust U-Boot configuration -+^^^^^^^^^^^^^^^^^^^^^^^^^^^ -+ -+Enabled at least the following options in U-Boot: -+ -+.. code-block:: text -+ -+ CONFIG_SPL_FIT_SIGNATURE=y -+ CONFIG_DEVICE_TREE_INCLUDES="/path/to/public-key.dtsi" -+ CONFIG_RSA=y -+ -+Note that there are more configuration changes needed in order to lock-down -+the command line and the boot process of U-Boot for secure scenarios. These are -+not in scope here. -+ -+Build U-Boot -+^^^^^^^^^^^^ -+ -+See related section above. -+ -+Sign flash.bin -+^^^^^^^^^^^^^^ -+ -+In the build folder still containing artifacts from step 3, invoke: -+ -+.. code-block:: text -+ -+ tools/iot2050-sign-fw.sh /path/to/key.pem -+ -+Flash signed flash.bin -+^^^^^^^^^^^^^^^^^^^^^^ -+ -+The signing has happen in-place in flash.bin, thus the flashing procedure -+described above. -diff --git a/tools/iot2050-sign-fw.sh b/tools/iot2050-sign-fw.sh -new file mode 100755 -index 0000000000..4d1d79498c ---- /dev/null -+++ b/tools/iot2050-sign-fw.sh -@@ -0,0 +1,51 @@ -+#!/bin/sh -+ -+if [ -z "$1" ]; then -+ echo "Usage: $0 KEY" -+ exit 1 -+fi -+ -+TEMP_X509=$(mktemp XXXXXXXX.temp) -+ -+REVISION=${2:-0} -+SHA_VAL=$(openssl dgst -sha512 -hex tispl.bin | sed -e "s/^.*= //g") -+BIN_SIZE=$(stat -c %s tispl.bin) -+ -+cat <$TEMP_X509 -+[ req ] -+distinguished_name = req_distinguished_name -+x509_extensions = v3_ca -+prompt = no -+dirstring_type = nobmp -+ -+[ req_distinguished_name ] -+CN = IOT2050 Firmware Signature -+ -+[ v3_ca ] -+basicConstraints = CA:true -+1.3.6.1.4.1.294.1.3 = ASN1:SEQUENCE:swrv -+1.3.6.1.4.1.294.1.34 = ASN1:SEQUENCE:sysfw_image_integrity -+ -+[ swrv ] -+swrv = INTEGER:$REVISION -+ -+[ sysfw_image_integrity ] -+shaType = OID:2.16.840.1.101.3.4.2.3 -+shaValue = FORMAT:HEX,OCT:$SHA_VAL -+imageSize = INTEGER:$BIN_SIZE -+EOF -+ -+CERT_X509=$(mktemp XXXXXXXX.crt) -+ -+openssl req -new -x509 -key $1 -nodes -outform DER -out $CERT_X509 -config $TEMP_X509 -sha512 -+cat $CERT_X509 tispl.bin > tispl.bin_signed -+# currently broken in upstream -+#source/tools/binman/binman replace -i flash.bin -f tispl.bin_signed blob@0x180000 -+dd if=tispl.bin_signed of=flash.bin bs=$((0x1000)) seek=$((0x180000/0x1000)) conv=notrunc -+ -+rm $TEMP_X509 $CERT_X509 -+ -+tools/mkimage -G $1 -r -o sha256,rsa4096 -F fit@0x380000.fit -+# currently broken in upstream -+#source/tools/binman/binman replace -i flash.bin -f fit@0x380000.fit fit@0x380000 -+dd if=fit@0x380000.fit of=flash.bin bs=$((0x1000)) seek=$((0x380000/0x1000)) conv=notrunc diff --git a/recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch b/recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch deleted file mode 100644 index cb1a3c164..000000000 --- a/recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch +++ /dev/null @@ -1,98 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 27 May 2022 11:29:20 +0200 -Subject: [PATCH] arm: dts: iot2050: Optionally embed OTP programming data into - image - -Use external blob otpcmd.bin to replace the 0xff filled OTP programming -command block to create a firmware image that provisions the OTP on -first boot. This otpcmd.bin is generated from the customer keys using -steps described in the meta-iot2050 integration layer for the device. - -Based on original patch by Baocheng Su. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 8 ++++++++ - board/siemens/iot2050/Kconfig | 7 +++++++ - doc/board/siemens/iot2050.rst | 8 ++++++++ - tools/binman/missing-blob-help | 8 ++++++++ - 4 files changed, 31 insertions(+) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 9082a79a03..25a22a7b7b 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -111,10 +111,18 @@ - }; - - /* OTP update command block */ -+#if CONFIG_IOT2050_EMBED_OTPCMD -+ blob-ext@0x6c0000 { -+ offset = <0x6c0000>; -+ size = <0x010000>; -+ filename = "otpcmd.bin"; -+ missing-msg = "iot2050-otpcmd"; -+#else - fill@0x6c0000 { - offset = <0x6c0000>; - size = <0x010000>; - fill-byte = [ff]; -+#endif - }; - }; - }; -diff --git a/board/siemens/iot2050/Kconfig b/board/siemens/iot2050/Kconfig -index a2b40881d1..e66b2427d9 100644 ---- a/board/siemens/iot2050/Kconfig -+++ b/board/siemens/iot2050/Kconfig -@@ -49,4 +49,11 @@ config IOT2050_BOOT_SWITCH - bool "Disable eMMC boot via USER button (Advanced version only)" - default y - -+config IOT2050_EMBED_OTPCMD -+ bool "Embed OTP programming data" -+ help -+ Embed signed OTP programming data 'otpcmd.bin' into the firmware -+ image. This data will be evaluated and executed on first boot of the -+ device. -+ - endif -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 4e0925c72c..cb49a0e36b 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -27,6 +27,14 @@ The following binaries from that source need to be present in the build folder: - - seboot_pg1.bin - - seboot_pg2.bin - -+For building an image containing the OTP key provisioning data, below binary -+needs to be present in the build folder: -+ -+ - otpcmd.bin -+ -+Regarding how to generating this otpcmd.bin, please refer to: -+https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/secure-boot-otp-provisioning/files/make-otpcmd.sh -+ - Building - -------- - -diff --git a/tools/binman/missing-blob-help b/tools/binman/missing-blob-help -index 5bb8961ce0..7e88cd0395 100644 ---- a/tools/binman/missing-blob-help -+++ b/tools/binman/missing-blob-help -@@ -23,6 +23,14 @@ See the documentation for IOT2050 board. Your image is missing SEBoot - which is mandatory for board startup. Prebuilt SEBoot located at - meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/seboot_pg*.bin. - -+iot2050-otpcmd: -+See the documentation for IOT2050 board. Your image is missing OTP command data -+block which is used for provisioning the customer keys to the board. -+Please refer to -+meta-iot2050/tree/master/recipes-bsp/secure-boot-otp-provisioning/files/make-otpcmd.sh -+for how to generate this binary. If you are not using secure boot or do not -+intend to provision the keys, disable CONFIG_IOT2050_EMBED_OTPCMD. -+ - k3-rti-wdt-firmware: - If CONFIG_WDT_K3_RTI_LOAD_FW is enabled, a firmware image is needed for - the R5F core(s) to trigger the system reset. One possible source is diff --git a/recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch b/recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch deleted file mode 100644 index 13da0658a..000000000 --- a/recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 27 May 2022 11:35:45 +0200 -Subject: [PATCH] doc: iot2050: Add a note about the watchdog firmware - -This is enabled by default, thus should be described as well. - -Signed-off-by: Jan Kiszka ---- - doc/board/siemens/iot2050.rst | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index cb49a0e36b..efe94a448a 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -27,6 +27,10 @@ The following binaries from that source need to be present in the build folder: - - seboot_pg1.bin - - seboot_pg2.bin - -+When using the watchdog, a related firmware for the R5 core(s) is needed, e.g. -+https://github.com/siemens/k3-rti-wdt. The name and location of the image is -+configured via CONFIG_WDT_K3_RTI_FW_FILE. -+ - For building an image containing the OTP key provisioning data, below binary - needs to be present in the build folder: - diff --git a/recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch b/recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch deleted file mode 100644 index 47f2ed054..000000000 --- a/recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: chao zeng -Date: Wed, 12 Jan 2022 10:34:18 +0800 -Subject: [PATCH] board: siemens: iot2050: use the named gpio to control the - user-button - -User-button is controlled by the mcu domain gpio number 25. -But main0 main1 mcu domain all have gpio number 25. - -To identify where the gpio is from, Using gpio controll base as the prefix -to indicate the gpio resource. - -Signed-off-by: chao zeng ---- - board/siemens/iot2050/board.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index 2be5d1eefc..be30b9c4d1 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -183,7 +183,7 @@ static bool user_button_pressed(void) - - memset(&gpio, 0, sizeof(gpio)); - -- if (dm_gpio_lookup_name("25", &gpio) < 0 || -+ if (dm_gpio_lookup_name("gpio@42110000_25", &gpio) < 0 || - dm_gpio_request(&gpio, "USER button") < 0 || - dm_gpio_set_dir_flags(&gpio, GPIOD_IS_IN) < 0) - return false; diff --git a/recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch b/recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch deleted file mode 100644 index d28ecd9b1..000000000 --- a/recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch +++ /dev/null @@ -1,198 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: chao zeng -Date: Fri, 7 Jan 2022 10:18:07 +0800 -Subject: [PATCH] arm: dts: iot2050: Add support for M.2 variant - -Add support for the M.2 board based on the iot2050 advanced board. -The board has two m.2 connectors, one is B-keyed, the other E-keyed. -The B-key slot can connect 5G/SSD devices, and E-key can be used for -WIFI/BT devices. - -This variant is covered by PG2 firmware image. - -Signed-off-by: chao zeng -[Jan: align DT to kernel, polish wording] -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/Makefile | 4 +- - .../arm/dts/k3-am6548-iot2050-advanced-m2.dts | 117 ++++++++++++++++++ - configs/iot2050_pg2_defconfig | 2 +- - doc/board/siemens/iot2050.rst | 6 +- - 4 files changed, 125 insertions(+), 4 deletions(-) - create mode 100644 arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts - -diff --git a/arch/arm/dts/Makefile b/arch/arm/dts/Makefile -index 965895bc2a..d0ce6c9754 100644 ---- a/arch/arm/dts/Makefile -+++ b/arch/arm/dts/Makefile -@@ -1210,7 +1210,9 @@ dtb-$(CONFIG_SOC_K3_AM654) += \ - k3-am6528-iot2050-basic.dtb \ - k3-am6528-iot2050-basic-pg2.dtb \ - k3-am6548-iot2050-advanced.dtb \ -- k3-am6548-iot2050-advanced-pg2.dtb -+ k3-am6548-iot2050-advanced-pg2.dtb \ -+ k3-am6548-iot2050-advanced-m2.dtb -+ - dtb-$(CONFIG_SOC_K3_J721E) += k3-j721e-common-proc-board.dtb \ - k3-j721e-r5-common-proc-board.dtb \ - k3-j7200-common-proc-board.dtb \ -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -new file mode 100644 -index 0000000000..cb0f3a8729 ---- /dev/null -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -@@ -0,0 +1,117 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * Copyright (c) Siemens AG, 2018-2022 -+ * -+ * Authors: -+ * Chao Zeng -+ * Jan Kiszka -+ * -+ * AM6548-based (quad-core) IOT2050 M.2 variant (based on Advanced Product -+ * Generation 2), 2 GB RAM, 16 GB eMMC, USB-serial converter on connector X30 -+ * -+ * Product homepage: -+ * https://new.siemens.com/global/en/products/automation/pc-based/iot-gateways/simatic-iot2050.html -+ */ -+ -+#include "k3-am6548-iot2050-advanced-common.dtsi" -+#include "k3-am65-iot2050-common-pg2.dtsi" -+ -+/ { -+ compatible = "siemens,iot2050-advanced-m2", "ti,am654"; -+ model = "SIMATIC IOT2050 Advanced M2"; -+}; -+ -+&mcu_r5fss0 { -+ /* lock-step mode not supported on this board */ -+ ti,cluster-mode = <0>; -+}; -+ -+&main_pmx0 { -+ main_m2_enable_pins_default: main-m2-enable-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01c4, PIN_INPUT_PULLUP, 7) /* (AH13) GPIO1_17 */ -+ >; -+ }; -+ -+ main_bkey_pcie_reset: main-bkey-pcie-reset { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01bc, PIN_OUTPUT_PULLUP, 7) /* (AG13) GPIO1_15 */ -+ >; -+ }; -+ -+ main_pmx0_m2_config_pins_default: main-pmx0-m2-config-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01c8, PIN_INPUT_PULLUP, 7) /* (AE13) GPIO1_18 */ -+ AM65X_IOPAD(0x01cc, PIN_INPUT_PULLUP, 7) /* (AD13) GPIO1_19 */ -+ >; -+ }; -+ -+ main_m2_pcie_mux_control: main-m2-pcie-mux-control { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x0148, PIN_INPUT_PULLUP, 7) /* (AG22) GPIO0_82 */ -+ AM65X_IOPAD(0x0160, PIN_INPUT_PULLUP, 7) /* (AE20) GPIO0_88 */ -+ AM65X_IOPAD(0x0164, PIN_INPUT_PULLUP, 7) /* (AF19) GPIO0_89 */ -+ >; -+ }; -+}; -+ -+&main_pmx1 { -+ main_pmx1_m2_config_pins_default: main-pmx1-m2-config-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x0018, PIN_INPUT_PULLUP, 7) /* (B22) GPIO1_88 */ -+ AM65X_IOPAD(0x001c, PIN_INPUT_PULLUP, 7) /* (C23) GPIO1_89 */ -+ >; -+ }; -+}; -+ -+&main_gpio0 { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&main_m2_pcie_mux_control>; -+}; -+ -+&main_gpio1 { -+ pinctrl-names = "default"; -+ pinctrl-0 = < -+ &main_m2_enable_pins_default -+ &main_pmx0_m2_config_pins_default -+ &main_pmx1_m2_config_pins_default -+ >; -+}; -+ -+/* -+ * Base configuration for B-key slot with PCIe x2, E-key with USB 2.0 only. -+ * Firmware switches to other modes via device tree overlays. -+ */ -+ -+&serdes0 { -+ assigned-clocks = <&k3_clks 153 4>, <&serdes0 AM654_SERDES_CMU_REFCLK>; -+ assigned-clock-parents = <&k3_clks 153 8>, <&k3_clks 153 4>; -+}; -+ -+&pcie0_rc { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&main_bkey_pcie_reset>; -+ -+ num-lanes = <2>; -+ phys = <&serdes0 PHY_TYPE_PCIE 1>, <&serdes1 PHY_TYPE_PCIE 1>; -+ phy-names = "pcie-phy0","pcie-phy1"; -+ reset-gpios = <&main_gpio1 15 GPIO_ACTIVE_HIGH>; -+ status = "okay"; -+}; -+ -+&pcie1_rc { -+ status = "disabled"; -+}; -+ -+&dwc3_0 { -+ assigned-clock-parents = <&k3_clks 151 4>, /* set REF_CLK to 20MHz i.e. PER0_PLL/48 */ -+ <&k3_clks 151 9>; /* set PIPE3_TXB_CLK to CLK_12M_RC/256 (for HS only) */ -+ /delete-property/ phys; -+ /delete-property/ phy-names; -+}; -+ -+&usb0 { -+ maximum-speed = "high-speed"; -+ /delete-property/ snps,dis-u1-entry-quirk; -+ /delete-property/ snps,dis-u2-entry-quirk; -+}; -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index 43410160c8..a31691a1d1 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -70,7 +70,7 @@ CONFIG_CMD_TIME=y - # CONFIG_ISO_PARTITION is not set - CONFIG_OF_CONTROL=y - CONFIG_SPL_OF_CONTROL=y --CONFIG_OF_LIST="k3-am6528-iot2050-basic-pg2 k3-am6548-iot2050-advanced-pg2" -+CONFIG_OF_LIST="k3-am6528-iot2050-basic-pg2 k3-am6548-iot2050-advanced-pg2 k3-am6548-iot2050-advanced-m2" - CONFIG_SPL_MULTI_DTB_FIT=y - CONFIG_SPL_OF_LIST="k3-am65-iot2050-spl" - CONFIG_SPL_MULTI_DTB_FIT_NO_COMPRESSION=y -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index efe94a448a..442d2cac21 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -6,7 +6,9 @@ SIMATIC IOT2050 BASIC and ADVANCED - - The SIMATIC IOT2050 is an open industrial IoT gateway that is using the TI - AM6528 GP (Basic variant) or the AM6548 HS (Advanced variant). The Advanced --variant is prepared for secure boot. -+variant is prepared for secure boot. M.2 Variant also uses the AM6548 HS. -+Instead of a MiniPCI connector, it comes with two M.2 connectors and can -+support 5G/WIFI/BT applications or connect an SSD. - - The IOT2050 starts only from OSPI. It loads a Siemens-provided bootloader - called SE-Boot for the MCU domain (R5F cores), then hands over to ATF and -@@ -70,7 +72,7 @@ U-Boot: - # configure for PG1 - $ make iot2050_pg1_defconfig - -- # or configure for PG2 -+ # or configure for PG2 or the M.2 variant - $ make iot2050_pg2_defconfig - - $ make diff --git a/recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch b/recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch deleted file mode 100644 index e3a26e0b5..000000000 --- a/recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch +++ /dev/null @@ -1,553 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Tue, 11 Oct 2022 13:23:21 +0200 -Subject: [PATCH] iot2050: Add support for configuring M.2 connector - -The M.2 slots of the related IOT2050 variant need to be configured -according to the plugged cards. This tries to detect the card using the -M.2 configuration pins of the B-key slot. If that fails, a U-Boot -environment variable can be set to configure manually. This variable is -write-permitted also in secure boot mode as it is not able to undermine -the integrity of the booted system. - -The configuration is then applied to mux the serdes and to fix up the -device tree passed to or loaded by the bootloader. The fix-ups are -coming from device tree overlays that are embedded into the firmware -image and there also integrity protected. The OS remains free to load -a device tree to which they do not apply: U-Boot will not fail to boot -in that case. - -Based on original patch by Chao Zeng. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/Makefile | 4 +- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 38 ++- - ...050-advanced-m2-bkey-ekey-pcie-overlay.dts | 27 ++ - ...-iot2050-advanced-m2-bkey-usb3-overlay.dts | 47 ++++ - board/siemens/iot2050/board.c | 259 +++++++++++++++++- - doc/board/siemens/iot2050.rst | 18 ++ - include/configs/iot2050.h | 1 + - 7 files changed, 391 insertions(+), 3 deletions(-) - create mode 100644 arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts - create mode 100644 arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts - -diff --git a/arch/arm/dts/Makefile b/arch/arm/dts/Makefile -index d0ce6c9754..d4c5622e11 100644 ---- a/arch/arm/dts/Makefile -+++ b/arch/arm/dts/Makefile -@@ -1211,7 +1211,9 @@ dtb-$(CONFIG_SOC_K3_AM654) += \ - k3-am6528-iot2050-basic-pg2.dtb \ - k3-am6548-iot2050-advanced.dtb \ - k3-am6548-iot2050-advanced-pg2.dtb \ -- k3-am6548-iot2050-advanced-m2.dtb -+ k3-am6548-iot2050-advanced-m2.dtb \ -+ k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dtbo \ -+ k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dtbo - - dtb-$(CONFIG_SOC_K3_J721E) += k3-j721e-common-proc-board.dtb \ - k3-j721e-r5-common-proc-board.dtb \ -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 25a22a7b7b..a5b35d8298 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -61,6 +61,36 @@ - }; - }; - -+#ifdef CONFIG_TARGET_IOT2050_A53_PG2 -+ bkey-usb3-overlay { -+ description = "M.2-bkey-usb3-overlay"; -+ type = "blob"; -+ load = <0x82100000>; -+ arch = "arm64"; -+ compression = "none"; -+ blob-ext { -+ filename = "k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dtbo"; -+ }; -+ hash { -+ algo = "sha256"; -+ }; -+ }; -+ -+ bkey-ekey-pcie-overlay { -+ description = "M.2-bkey-ekey-pcie-overlay"; -+ type = "blob"; -+ load = <0x82110000>; -+ arch = "arm64"; -+ compression = "none"; -+ blob-ext { -+ filename = "k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dtbo"; -+ }; -+ hash { -+ algo = "sha256"; -+ }; -+ }; -+#endif -+ - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - k3-rti-wdt-firmware { - type = "firmware"; -@@ -84,9 +114,15 @@ - description = "NAME"; - firmware = "u-boot"; - fdt = "fdt-SEQ"; -+ loadables = -+#ifdef CONFIG_TARGET_IOT2050_A53_PG2 -+ "bkey-usb3-overlay", -+ "bkey-ekey-pcie-overlay", -+#endif - #ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; -+ "k3-rti-wdt-firmware", - #endif -+ <>; - signature { - sign-images = "firmware", "fdt", "loadables"; - }; -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts -new file mode 100644 -index 0000000000..c9e736098f ---- /dev/null -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts -@@ -0,0 +1,27 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * IOT2050 M.2 variant, overlay for B-key PCIE0_LANE0 + E-key PCIE1_LANE0 -+ * Copyright (c) Siemens AG, 2022 -+ * -+ * Authors: -+ * Chao Zeng -+ * Jan Kiszka -+ */ -+ -+/dts-v1/; -+/plugin/; -+ -+#include -+#include -+ -+&pcie0_rc { -+ num-lanes = <1>; -+ phys = <&serdes0 PHY_TYPE_PCIE 1>; -+ phy-names = "pcie-phy0"; -+ reset-gpios = <&main_gpio1 15 GPIO_ACTIVE_HIGH>; -+ status = "okay"; -+}; -+ -+&pcie1_rc { -+ status = "okay"; -+}; -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts -new file mode 100644 -index 0000000000..72fc011bd5 ---- /dev/null -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts -@@ -0,0 +1,47 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * IOT2050 M.2 variant, overlay for B-key USB3.0 + E-key PCIE1_LANE0 -+ * Copyright (c) Siemens AG, 2022 -+ * -+ * Authors: -+ * Chao Zeng -+ * Jan Kiszka -+ */ -+ -+/dts-v1/; -+/plugin/; -+ -+#include -+#include -+ -+&serdes0 { -+ assigned-clock-parents = <&k3_clks 153 7>, <&k3_clks 153 4>; -+}; -+ -+&pcie0_rc { -+ status = "disabled"; -+}; -+ -+&pcie1_rc { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&minipcie_pins_default>; -+ -+ num-lanes = <1>; -+ phys = <&serdes1 PHY_TYPE_PCIE 0>; -+ phy-names = "pcie-phy0"; -+ reset-gpios = <&wkup_gpio0 27 GPIO_ACTIVE_HIGH>; -+ status = "okay"; -+}; -+ -+&dwc3_0 { -+ assigned-clock-parents = <&k3_clks 151 4>, /* set REF_CLK to 20MHz i.e. PER0_PLL/48 */ -+ <&k3_clks 151 8>; /* set PIPE3_TXB_CLK to WIZ8B2M4VSB */ -+ phys = <&serdes0 PHY_TYPE_USB3 0>; -+ phy-names = "usb3-phy"; -+}; -+ -+&usb0 { -+ maximum-speed = "super-speed"; -+ snps,dis-u1-entry-quirk; -+ snps,dis-u2-entry-quirk; -+}; -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index be30b9c4d1..2e90d3bd8c 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -1,7 +1,7 @@ - // SPDX-License-Identifier: GPL-2.0+ - /* - * Board specific initialization for IOT2050 -- * Copyright (c) Siemens AG, 2018-2021 -+ * Copyright (c) Siemens AG, 2018-2022 - * - * Authors: - * Le Jin -@@ -11,9 +11,11 @@ - #include - #include - #include -+#include - #include - #include - #include -+#include - #include - #include - #include -@@ -47,6 +49,114 @@ struct iot2050_info { - - DECLARE_GLOBAL_DATA_PTR; - -+struct gpio_config { -+ const char *gpio_name; -+ const char *label; -+}; -+ -+enum m2_connector_mode { -+ BKEY_PCIEX2 = 0, -+ BKEY_PCIE_EKEY_PCIE, -+ BKEY_USB30_EKEY_PCIE, -+ CONNECTOR_MODE_INVALID -+}; -+ -+struct m2_config_pins { -+ int config[4]; -+}; -+ -+struct serdes_mux_control { -+ int ctrl_usb30_pcie0_lane0; -+ int ctrl_pcie1_pcie0; -+ int ctrl_usb30_pcie0_lane1; -+}; -+ -+struct m2_config_table { -+ struct m2_config_pins config_pins; -+ enum m2_connector_mode mode; -+}; -+ -+static const struct gpio_config serdes_mux_ctl_pin_info[] = { -+ {"gpio@600000_88", "CTRL_USB30_PCIE0_LANE0"}, -+ {"gpio@600000_82", "CTRL_PCIE1_PCIE0"}, -+ {"gpio@600000_89", "CTRL_USB30_PCIE0_LANE1"}, -+}; -+ -+static const struct gpio_config m2_bkey_cfg_pin_info[] = { -+ {"gpio@601000_18", "KEY_CONFIG_0"}, -+ {"gpio@601000_19", "KEY_CONFIG_1"}, -+ {"gpio@601000_88", "KEY_CONFIG_2"}, -+ {"gpio@601000_89", "KEY_CONFIG_3"}, -+}; -+ -+static const struct m2_config_table m2_config_table[] = { -+ {{{0, 1, 0, 0}}, BKEY_PCIEX2}, -+ {{{0, 0, 1, 0}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{0, 1, 1, 0}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{1, 0, 0, 1}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{1, 1, 0, 1}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{0, 0, 0, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{0, 1, 0, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{0, 0, 1, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{0, 1, 1, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{1, 0, 1, 1}}, BKEY_USB30_EKEY_PCIE}, -+}; -+ -+static const struct serdes_mux_control serdes_mux_ctrl[] = { -+ [BKEY_PCIEX2] = {0, 0, 1}, -+ [BKEY_PCIE_EKEY_PCIE] = {0, 1, 0}, -+ [BKEY_USB30_EKEY_PCIE] = {1, 1, 0}, -+}; -+ -+static const char *m2_connector_mode_name[] = { -+ [BKEY_PCIEX2] = "PCIe x2 (key B)", -+ [BKEY_PCIE_EKEY_PCIE] = "PCIe (key B) / PCIe (key E)", -+ [BKEY_USB30_EKEY_PCIE] = "USB 3.0 (key B) / PCIe (key E)", -+}; -+ -+static enum m2_connector_mode connector_mode; -+ -+#if defined(CONFIG_OF_LIBFDT) && defined(CONFIG_OF_BOARD_SETUP) -+static void *connector_overlay; -+static u32 connector_overlay_size; -+#endif -+ -+static int get_pinvalue(const char *gpio_name, const char *label) -+{ -+ struct gpio_desc gpio; -+ -+ if (dm_gpio_lookup_name(gpio_name, &gpio) < 0 || -+ dm_gpio_request(&gpio, label) < 0 || -+ dm_gpio_set_dir_flags(&gpio, GPIOD_IS_IN) < 0) { -+ pr_err("Cannot get pin %s for M.2 configuration\n", gpio_name); -+ return 0; -+ } -+ -+ return dm_gpio_get_value(&gpio); -+} -+ -+static void set_pinvalue(const char *gpio_name, const char *label, int value) -+{ -+ struct gpio_desc gpio; -+ -+ if (dm_gpio_lookup_name(gpio_name, &gpio) < 0 || -+ dm_gpio_request(&gpio, label) < 0 || -+ dm_gpio_set_dir_flags(&gpio, GPIOD_IS_OUT) < 0) { -+ pr_err("Cannot set pin %s for M.2 configuration\n", gpio_name); -+ return; -+ } -+ dm_gpio_set_value(&gpio, value); -+} -+ -+static bool board_is_m2(void) -+{ -+ struct iot2050_info *info = IOT2050_INFO_DATA; -+ -+ return IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG2) && -+ info->magic == IOT2050_INFO_MAGIC && -+ strcmp((char *)info->name, "IOT2050-ADVANCED-M2") == 0; -+} -+ - static bool board_is_advanced(void) - { - struct iot2050_info *info = IOT2050_INFO_DATA; -@@ -103,6 +213,8 @@ void set_board_info_env(void) - if (board_is_advanced()) { - if (IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG1)) - fdtfile = "ti/k3-am6548-iot2050-advanced.dtb"; -+ else if(board_is_m2()) -+ fdtfile = "ti/k3-am6548-iot2050-advanced-m2.dtb"; - else - fdtfile = "ti/k3-am6548-iot2050-advanced-pg2.dtb"; - } else { -@@ -118,6 +230,101 @@ void set_board_info_env(void) - env_save(); - } - -+static void m2_overlay_prepare(void) -+{ -+#if defined(CONFIG_OF_LIBFDT) && defined(CONFIG_OF_BOARD_SETUP) -+ const char *overlay_path; -+ void *overlay; -+ u64 loadaddr; -+ ofnode node; -+ int ret; -+ -+ if (connector_mode == BKEY_PCIEX2) -+ return; -+ -+ if (connector_mode == BKEY_PCIE_EKEY_PCIE) -+ overlay_path = "/fit-images/bkey-ekey-pcie-overlay"; -+ else -+ overlay_path = "/fit-images/bkey-usb3-overlay"; -+ -+ node = ofnode_path(overlay_path); -+ if (!ofnode_valid(node)) -+ goto fit_error; -+ -+ ret = ofnode_read_u64(node, "load", &loadaddr); -+ if (ret) -+ goto fit_error; -+ -+ ret = ofnode_read_u32(node, "size", &connector_overlay_size); -+ if (ret) -+ goto fit_error; -+ -+ overlay = map_sysmem(loadaddr, connector_overlay_size); -+ -+ connector_overlay = malloc(connector_overlay_size); -+ if (!connector_overlay) -+ goto fit_error; -+ -+ memcpy(connector_overlay, overlay, connector_overlay_size); -+ return; -+ -+fit_error: -+ pr_err("M.2 device tree overlay %s not available,\n", overlay_path); -+#endif -+} -+ -+static void m2_connector_setup(void) -+{ -+ ulong m2_manual_config = env_get_ulong("m2_manual_config", 10, -+ CONNECTOR_MODE_INVALID); -+ const char *mode_info = ""; -+ struct m2_config_pins config_pins; -+ unsigned int n; -+ -+ /* enable M.2 connector power */ -+ set_pinvalue("gpio@601000_17", "P3V3_M2_EN", 1); -+ udelay(4 * 100); -+ -+ if (m2_manual_config < CONNECTOR_MODE_INVALID) { -+ mode_info = " [manual mode]"; -+ connector_mode = m2_manual_config; -+ } else { /* auto detection */ -+ for (n = 0; n < ARRAY_SIZE(config_pins.config); n++) -+ config_pins.config[n] = -+ get_pinvalue(m2_bkey_cfg_pin_info[n].gpio_name, -+ m2_bkey_cfg_pin_info[n].label); -+ connector_mode = CONNECTOR_MODE_INVALID; -+ for (n = 0; n < ARRAY_SIZE(m2_config_table); n++) { -+ if (!memcmp(config_pins.config, -+ m2_config_table[n].config_pins.config, -+ sizeof(config_pins.config))) { -+ connector_mode = m2_config_table[n].mode; -+ break; -+ } -+ } -+ if (connector_mode == CONNECTOR_MODE_INVALID) { -+ mode_info = " [fallback, card unknown/unsupported]"; -+ connector_mode = BKEY_USB30_EKEY_PCIE; -+ } -+ } -+ -+ printf("M.2: %s%s\n", m2_connector_mode_name[connector_mode], -+ mode_info); -+ -+ /* configure serdes mux */ -+ set_pinvalue(serdes_mux_ctl_pin_info[0].gpio_name, -+ serdes_mux_ctl_pin_info[0].label, -+ serdes_mux_ctrl[connector_mode].ctrl_usb30_pcie0_lane0); -+ set_pinvalue(serdes_mux_ctl_pin_info[1].gpio_name, -+ serdes_mux_ctl_pin_info[1].label, -+ serdes_mux_ctrl[connector_mode].ctrl_pcie1_pcie0); -+ set_pinvalue(serdes_mux_ctl_pin_info[2].gpio_name, -+ serdes_mux_ctl_pin_info[2].label, -+ serdes_mux_ctrl[connector_mode].ctrl_usb30_pcie0_lane1); -+ -+ m2_overlay_prepare(); -+} -+ - int board_init(void) - { - return 0; -@@ -215,6 +422,9 @@ int board_late_init(void) - /* change CTRL_MMR register to let serdes0 not output USB3.0 signals. */ - writel(0x3, SERDES0_LANE_SELECT); - -+ if (board_is_m2()) -+ m2_connector_setup(); -+ - set_board_info_env(); - - /* remove the eMMC if requested via button */ -@@ -226,6 +436,50 @@ int board_late_init(void) - } - - #if defined(CONFIG_OF_LIBFDT) && defined(CONFIG_OF_BOARD_SETUP) -+static void m2_fdt_fixup(void *blob) -+{ -+ void *overlay_copy = NULL; -+ void *fdt_copy = NULL; -+ u32 fdt_size; -+ int err; -+ -+ if (!connector_overlay) -+ return; -+ -+ /* -+ * We need to work with temporary copies here because fdt_overlay_apply -+ * is destructive to the overlay and also to the target blob, even if -+ * application fails. -+ */ -+ fdt_size = fdt_totalsize(blob); -+ fdt_copy = malloc(fdt_size); -+ if (!fdt_copy) -+ goto fixup_error; -+ -+ memcpy(fdt_copy, blob, fdt_size); -+ -+ overlay_copy = malloc(connector_overlay_size); -+ if (!overlay_copy) -+ goto fixup_error; -+ -+ memcpy(overlay_copy, connector_overlay, connector_overlay_size); -+ -+ err = fdt_overlay_apply_verbose(fdt_copy, overlay_copy); -+ if (err) -+ goto fixup_error; -+ -+ memcpy(blob, fdt_copy, fdt_size); -+ -+cleanup: -+ free(fdt_copy); -+ free(overlay_copy); -+ return; -+ -+fixup_error: -+ pr_err("Could not apply M.2 device tree overlay\n"); -+ goto cleanup; -+} -+ - int ft_board_setup(void *blob, struct bd_info *bd) - { - int ret; -@@ -237,6 +491,9 @@ int ft_board_setup(void *blob, struct bd_info *bd) - if (ret) - pr_err("%s: fixing up msmc ram failed %d\n", __func__, ret); - -+ if (board_is_m2()) -+ m2_fdt_fixup(blob); -+ - return ret; - } - #endif -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 442d2cac21..074d6aa15a 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -145,3 +145,21 @@ Flash signed flash.bin - - The signing has happen in-place in flash.bin, thus the flashing procedure - described above. -+ -+M.2 slot configuration -+---------------------- -+ -+The M.2 variant of the IOT2050 comes with one B-keyed and one E-keyed slot. -+These are configured by U-Boot depending on the detected usage (auto -+configuration). The device tree loaded later on for the OS will be fixed up -+by U-Boot according to this configuration. -+ -+For the case auto configuration does not work reliably, it is possible to set -+the U-Boot environment variable "m2_manual_config" to select the mode manually: -+ -+"0" - B-key: PCIe x2, USB 2.0 -+ E-key: USB 2.0 -+"1" - B-key: PCIe, USB 2.0 -+ E-key: PCIe, USB 2.0 -+"2" - B-key: USB 3.0, -+ E-key: PCIe, USB 2.0 -diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h -index d2cba5acfd..fe6a8bff59 100644 ---- a/include/configs/iot2050.h -+++ b/include/configs/iot2050.h -@@ -61,6 +61,7 @@ - #define CONFIG_ENV_FLAGS_LIST_STATIC \ - "board_uuid:sw,board_name:sw,board_serial:sw,board_a5e:sw," \ - "mlfb:sw,fw_version:sw,seboot_version:sw," \ -+ "m2_manuel_config:sw," \ - "eth1addr:mw,eth2addr:mw,watchdog_timeout_ms:dw,boot_targets:sw" - #endif - diff --git a/recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch b/recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch deleted file mode 100644 index ee26a87e0..000000000 --- a/recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Baocheng Su -Date: Sat, 30 Jul 2022 10:53:55 +0800 -Subject: [PATCH] spl: fit: Report fdt error for loading u-boot - -Commit 71551055cbdb ("spl: fit: Load devicetree when a Linux payload is -found") made a change to not report the spl_fit_append_fdt error at all -if next-stage image is u-boot. - -However for u-boot image without CONFIG_OF_EMBED, the error should be -reported to uplevel caller. Otherwise, uplevel caller would think the -fdt is already loaded which is obviously not true. - -Signed-off-by: Baocheng Su ---- - common/spl/spl_fit.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c -index a35be52965..00404935cb 100644 ---- a/common/spl/spl_fit.c -+++ b/common/spl/spl_fit.c -@@ -770,8 +770,12 @@ int spl_load_simple_fit(struct spl_image_info *spl_image, - */ - if (os_takes_devicetree(spl_image->os)) { - ret = spl_fit_append_fdt(spl_image, info, sector, &ctx); -- if (ret < 0 && spl_image->os != IH_OS_U_BOOT) -- return ret; -+ if (ret < 0) { -+ if (spl_image->os != IH_OS_U_BOOT) -+ return ret; -+ else if (!IS_ENABLED(CONFIG_OF_EMBED)) -+ return ret; -+ } - } - - firmware_node = node; diff --git a/recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch b/recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch deleted file mode 100644 index 4ad78a9e9..000000000 --- a/recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 14 Oct 2022 18:01:28 +0200 -Subject: [PATCH] efi_loader: Let networking support depend on NETDEVICES - -CONFIG_NET does not imply that there are actually network devices -available, only CONFIG_NETDEVICES does. Changing to this dependency -obsoletes the check in Kconfig because NETDEVICES means DM_ETH. - -Suggested-by: Tom Rini -Signed-off-by: Jan Kiszka ---- - lib/efi_loader/Kconfig | 1 - - lib/efi_loader/Makefile | 2 +- - lib/efi_loader/efi_device_path.c | 6 +++--- - lib/efi_loader/efi_setup.c | 2 +- - lib/efi_selftest/Makefile | 2 +- - 5 files changed, 6 insertions(+), 7 deletions(-) - -diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig -index b8fb2701a7..94feadda5e 100644 ---- a/lib/efi_loader/Kconfig -+++ b/lib/efi_loader/Kconfig -@@ -11,7 +11,6 @@ config EFI_LOADER - # We need EFI_STUB_32BIT to be set on x86_32 with EFI_STUB - depends on !EFI_STUB || !X86 || X86_64 || EFI_STUB_32BIT - depends on BLK -- depends on DM_ETH || !NET - depends on !EFI_APP - default y if !ARM || SYS_CPU = armv7 || SYS_CPU = armv8 - select CHARSET -diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile -index e187d2a914..418db296b2 100644 ---- a/lib/efi_loader/Makefile -+++ b/lib/efi_loader/Makefile -@@ -68,7 +68,7 @@ obj-y += efi_watchdog.o - obj-$(CONFIG_EFI_ESRT) += efi_esrt.o - obj-$(CONFIG_DM_VIDEO) += efi_gop.o - obj-$(CONFIG_BLK) += efi_disk.o --obj-$(CONFIG_NET) += efi_net.o -+obj-$(CONFIG_NETDEVICES) += efi_net.o - obj-$(CONFIG_GENERATE_ACPI_TABLE) += efi_acpi.o - obj-$(CONFIG_GENERATE_SMBIOS_TABLE) += efi_smbios.o - obj-$(CONFIG_EFI_RNG_PROTOCOL) += efi_rng.o -diff --git a/lib/efi_loader/efi_device_path.c b/lib/efi_loader/efi_device_path.c -index ebffb77122..179b36f321 100644 ---- a/lib/efi_loader/efi_device_path.c -+++ b/lib/efi_loader/efi_device_path.c -@@ -613,7 +613,7 @@ __maybe_unused static void *dp_fill(void *buf, struct udevice *dev) - *vdp = ROOT; - return &vdp[1]; - } --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - case UCLASS_ETH: { - struct efi_device_path_mac_addr *dp = - dp_fill(buf, dev->parent); -@@ -1051,7 +1051,7 @@ struct efi_device_path *efi_dp_from_uart(void) - return buf; - } - --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - struct efi_device_path *efi_dp_from_eth(void) - { - void *buf, *start; -@@ -1168,7 +1168,7 @@ efi_status_t efi_dp_from_name(const char *dev, const char *devnr, - return EFI_INVALID_PARAMETER; - - if (!strcmp(dev, "Net")) { --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - if (device) - *device = efi_dp_from_eth(); - #endif -diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c -index c633fcd91e..979acc0142 100644 ---- a/lib/efi_loader/efi_setup.c -+++ b/lib/efi_loader/efi_setup.c -@@ -335,7 +335,7 @@ efi_status_t efi_init_obj_list(void) - if (ret != EFI_SUCCESS) - goto out; - #endif --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - ret = efi_net_register(); - if (ret != EFI_SUCCESS) - goto out; -diff --git a/lib/efi_selftest/Makefile b/lib/efi_selftest/Makefile -index daac6c3968..e4d75420bf 100644 ---- a/lib/efi_selftest/Makefile -+++ b/lib/efi_selftest/Makefile -@@ -50,7 +50,7 @@ efi_selftest_variables_runtime.o \ - efi_selftest_watchdog.o - - obj-$(CONFIG_EFI_ECPT) += efi_selftest_ecpt.o --obj-$(CONFIG_NET) += efi_selftest_snp.o -+obj-$(CONFIG_NETDEVICES) += efi_selftest_snp.o - - obj-$(CONFIG_EFI_DEVICE_PATH_TO_TEXT) += efi_selftest_devicepath.o - obj-$(CONFIG_EFI_UNICODE_COLLATION_PROTOCOL2) += \ diff --git a/recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch b/recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch deleted file mode 100644 index 82899b890..000000000 --- a/recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch +++ /dev/null @@ -1,126 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Baocheng Su -Date: Mon, 10 Apr 2023 13:25:47 +0800 -Subject: [PATCH] iot2050: Refactor the m.2 and minipcie power pin - -Make the m.2 power control pin also available on miniPCIE variants. - -This can fix some miniPCIE card hang issue, by forcing a power on reset -during boot. - -Signed-off-by: Baocheng Su ---- - arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi | 5 ++++- - arch/arm/dts/k3-am65-iot2050-common.dtsi | 11 +++++++++++ - arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts | 8 +------- - board/siemens/iot2050/board.c | 12 ++++++++---- - 4 files changed, 24 insertions(+), 12 deletions(-) - -diff --git a/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi b/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi -index e7e0ca4159..c6d9d49c1e 100644 ---- a/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi -@@ -20,7 +20,10 @@ - - &main_gpio1 { - pinctrl-names = "default"; -- pinctrl-0 = <&cp2102n_reset_pin_default>; -+ pinctrl-0 = < -+ &main_pcie_enable_pins_default -+ &cp2102n_reset_pin_default -+ >; - gpio-line-names = - "", "", "", "", "", "", "", "", "", "", - "", "", "", "", "", "", "", "", "", "", -diff --git a/arch/arm/dts/k3-am65-iot2050-common.dtsi b/arch/arm/dts/k3-am65-iot2050-common.dtsi -index 65da226847..e60006bec2 100644 ---- a/arch/arm/dts/k3-am65-iot2050-common.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-common.dtsi -@@ -233,6 +233,12 @@ - }; - - &main_pmx0 { -+ main_pcie_enable_pins_default: main-pcie-enable-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01c4, PIN_INPUT_PULLUP, 7) /* (AH13) GPIO1_17 */ -+ >; -+ }; -+ - main_uart1_pins_default: main-uart1-pins-default { - pinctrl-single,pins = < - AM65X_IOPAD(0x0174, PIN_INPUT, 6) /* (AE23) UART1_RXD */ -@@ -385,6 +391,11 @@ - "", "IO9"; - }; - -+&main_gpio1 { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&main_pcie_enable_pins_default>; -+}; -+ - &wkup_gpio0 { - pinctrl-names = "default"; - pinctrl-0 = < -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -index cb0f3a8729..99a519fd8b 100644 ---- a/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -@@ -27,12 +27,6 @@ - }; - - &main_pmx0 { -- main_m2_enable_pins_default: main-m2-enable-pins-default { -- pinctrl-single,pins = < -- AM65X_IOPAD(0x01c4, PIN_INPUT_PULLUP, 7) /* (AH13) GPIO1_17 */ -- >; -- }; -- - main_bkey_pcie_reset: main-bkey-pcie-reset { - pinctrl-single,pins = < - AM65X_IOPAD(0x01bc, PIN_OUTPUT_PULLUP, 7) /* (AG13) GPIO1_15 */ -@@ -72,7 +66,7 @@ - &main_gpio1 { - pinctrl-names = "default"; - pinctrl-0 = < -- &main_m2_enable_pins_default -+ &main_pcie_enable_pins_default - &main_pmx0_m2_config_pins_default - &main_pmx1_m2_config_pins_default - >; -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index 2e90d3bd8c..a0b12c564a 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -178,6 +178,12 @@ static void remove_mmc1_target(void) - free(boot_targets); - } - -+static void enable_mpcie_m2_power(void) -+{ -+ set_pinvalue("gpio@601000_17", "P3V3_MPCIE_M2_EN", 1); -+ udelay(4 * 100); -+} -+ - void set_board_info_env(void) - { - struct iot2050_info *info = IOT2050_INFO_DATA; -@@ -281,10 +287,6 @@ static void m2_connector_setup(void) - struct m2_config_pins config_pins; - unsigned int n; - -- /* enable M.2 connector power */ -- set_pinvalue("gpio@601000_17", "P3V3_M2_EN", 1); -- udelay(4 * 100); -- - if (m2_manual_config < CONNECTOR_MODE_INVALID) { - mode_info = " [manual mode]"; - connector_mode = m2_manual_config; -@@ -422,6 +424,8 @@ int board_late_init(void) - /* change CTRL_MMR register to let serdes0 not output USB3.0 signals. */ - writel(0x3, SERDES0_LANE_SELECT); - -+ enable_mpcie_m2_power(); -+ - if (board_is_m2()) - m2_connector_setup(); - diff --git a/recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch b/recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch deleted file mode 100644 index 10ce89c86..000000000 --- a/recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Neha Malcom Francis -Date: Wed, 11 Jan 2023 18:11:23 +0530 -Subject: [PATCH] configs: Increase malloc size after relocation - -Current default size of 0x100000 is not capable of getting the FIT -buffer during boot when transitioning to using binman generated boot -images for certain K3 devices, so increase it to 0x400000. Since A72 SPL -is coming after relocation to DDR this should not be an issue for any K3 -device, so make it default for all. - -Signed-off-by: Neha Malcom Francis -Acked-by: Andrew Davis ---- - common/spl/Kconfig | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/common/spl/Kconfig b/common/spl/Kconfig -index a25d8fd2e0845300cde5e1782bc19c5608de576b..3c2af453ab66e2161d258c182d95371fb465f9ec 100644 ---- a/common/spl/Kconfig -+++ b/common/spl/Kconfig -@@ -385,6 +385,7 @@ config SPL_STACK_R_ADDR - config SPL_STACK_R_MALLOC_SIMPLE_LEN - depends on SPL_STACK_R && SPL_SYS_MALLOC_SIMPLE - hex "Size of malloc_simple heap after switching to DRAM SPL stack" -+ default 0x400000 if ARCH_K3 && ARM64 - default 0x100000 - help - Specify the amount of the stack to use as memory pool for diff --git a/recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch b/recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch deleted file mode 100644 index 757e5d520..000000000 --- a/recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Thu, 27 Jul 2023 06:34:56 +0200 -Subject: [PATCH] configs: iot2050: Enabled keyed autoboot - -Only accept SPACE to stop autobooting. This is safer to avoid accidental -interruptions on unattended devices. - -Signed-off-by: Jan Kiszka ---- - configs/iot2050_pg1_defconfig | 4 ++++ - configs/iot2050_pg2_defconfig | 4 ++++ - 2 files changed, 8 insertions(+) - -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 49f8110936..5034719b8b 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -32,6 +32,10 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_AUTOBOOT_KEYED=y -+CONFIG_AUTOBOOT_FLUSH_STDIN=y -+CONFIG_AUTOBOOT_PROMPT="Hit SPACE to stop autoboot in %d seconds...\n" -+CONFIG_AUTOBOOT_STOP_STR=" " - CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index a31691a1d1..9c107d27f9 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -32,6 +32,10 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_AUTOBOOT_KEYED=y -+CONFIG_AUTOBOOT_FLUSH_STDIN=y -+CONFIG_AUTOBOOT_PROMPT="Hit SPACE to stop autoboot in %d seconds...\n" -+CONFIG_AUTOBOOT_STOP_STR=" " - CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set diff --git a/recipes-bsp/u-boot/files/rules.tmpl b/recipes-bsp/u-boot/files/rules.tmpl index 115ad6737..78e14139c 100755 --- a/recipes-bsp/u-boot/files/rules.tmpl +++ b/recipes-bsp/u-boot/files/rules.tmpl @@ -22,7 +22,7 @@ override_dh_auto_build: fi $(MAKE) $(PARALLEL_MAKE) ${U_BOOT_CONFIG} $(MAKE) $(PARALLEL_MAKE) ${U_BOOT_BIN} \ - ATF=/usr/lib/trusted-firmware-a/iot2050/bl31.bin \ + BL31=/usr/lib/trusted-firmware-a/iot2050/bl31.bin \ TEE=/usr/lib/optee-os/iot2050/tee-raw.bin $(MAKE) -n u-boot-initial-env >/dev/null 2>&1; if [ $$? -ne 2 ]; then \ $(MAKE) $(PARALLEL_MAKE) u-boot-initial-env; \ diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg b/recipes-bsp/u-boot/files/secure-boot.cfg index 4b725f646..594f95e6b 100644 --- a/recipes-bsp/u-boot/files/secure-boot.cfg +++ b/recipes-bsp/u-boot/files/secure-boot.cfg @@ -1,5 +1,5 @@ ### Secure boot config -# CONFIG_DISTRO_DEFAULTS is not set +CONFIG_NETDEVICES=y CONFIG_ENV_VARS_UBOOT_CONFIG=y CONFIG_SPL_FIT_SIGNATURE=y CONFIG_BOOTDELAY=-2 diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb deleted file mode 100644 index 30a0f8471..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb +++ /dev/null @@ -1,15 +0,0 @@ -# -# Copyright (c) Siemens AG, 2022 -# -# Authors: -# Su Baocheng -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -require u-boot-iot2050_2022.10.inc - -U_BOOT_CONFIG = "iot2050_${PRODUCT_GENERATION}_defconfig" - -SPI_FLASH_DEPLOY_IMG = "iot2050-${PRODUCT_GENERATION}-image-boot.bin" diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb deleted file mode 100644 index cc4bbc7c3..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright (c) Siemens AG, 2020-2022 -# -# Authors: -# Jan Kiszka -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -require u-boot-iot2050.inc - -SRC_URI += " \ - git://github.com/siemens/u-boot.git;protocol=https;branch=${UBOOT_BRANCH};rev=${UBOOT_BRANCH} \ - " - -UBOOT_BRANCH = "jan/iot2050" - -S = "${WORKDIR}/git" - -U_BOOT_CONFIG = "iot2050_${PRODUCT_GENERATION}_defconfig" - -SPI_FLASH_DEPLOY_IMG = "iot2050-${PRODUCT_GENERATION}-image-boot.bin" diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb deleted file mode 120000 index 1c7645d77..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb +++ /dev/null @@ -1 +0,0 @@ -u-boot-iot2050-pg1_2022.10.bb \ No newline at end of file diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb deleted file mode 120000 index 78d3cd307..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb +++ /dev/null @@ -1 +0,0 @@ -u-boot-iot2050-pg1_202x.xx-upstream.bb \ No newline at end of file diff --git a/recipes-bsp/u-boot/u-boot-iot2050.inc b/recipes-bsp/u-boot/u-boot-iot2050.inc index 928d6edce..b09ea62ef 100644 --- a/recipes-bsp/u-boot/u-boot-iot2050.inc +++ b/recipes-bsp/u-boot/u-boot-iot2050.inc @@ -28,15 +28,14 @@ SRC_URI:append:rpmb-setup = " \ U_BOOT_BIN = "flash.bin" U_BOOT_ENV = "u-boot-initial-env" - -SPI_FLASH_IMG = "${U_BOOT_BIN}" -SPI_FLASH_DEPLOY_IMG ??= "iot2050-image-boot.bin" +U_BOOT_CONFIG = "iot2050_defconfig" # Build environment DEPENDS += "trusted-firmware-a-iot2050 optee-os-iot2050 k3-rti-wdt" DEBIAN_BUILD_DEPENDS =. "openssl, libssl-dev:native, libssl-dev:arm64, \ trusted-firmware-a-iot2050, optee-os-iot2050, k3-rti-wdt, \ - swig, python3-dev:native, python3-pkg-resources," + swig, python3-dev:native, python3-pkg-resources, python3-setuptools, \ + python3-pyelftools," DEBIAN_BUILD_DEPENDS:append:secureboot = ", python3-pycryptodome:native, \ pesign, python3-openssl:native" @@ -51,7 +50,9 @@ U_BOOT_CONFIG_PACKAGE = "1" do_prepare_build:append() { ln -f ${WORKDIR}/prebuild/* ${S} ln -sf /lib/firmware/k3-rti-wdt.fw ${S} - echo "${SPI_FLASH_IMG} /usr/lib/u-boot/${MACHINE}" > \ + echo "flash-pg1.bin /usr/lib/u-boot/${MACHINE}" > \ + ${S}/debian/u-boot-${MACHINE}.install + echo "flash-pg2.bin /usr/lib/u-boot/${MACHINE}" >> \ ${S}/debian/u-boot-${MACHINE}.install echo -$(${ISAR_RELEASE_CMD}) > ${S}/.scmversion cp ${WORKDIR}/rules ${S}/debian/rules @@ -59,9 +60,6 @@ do_prepare_build:append() { } do_prepare_build:append:secureboot() { - if [ "${PRODUCT_GENERATION}" = "pg1" ]; then - bbwarn "PG1 devices are not supported in booting securely" - fi mkdir -p ${S}/keys ln -f ${WORKDIR}/keys/* ${S}/keys/ sed -ni '/### Secure boot config/q;p' ${S}/configs/${U_BOOT_CONFIG} @@ -76,26 +74,22 @@ dpkg_runbuild:append:secureboot() { } do_prepare_build:append:otpcmd() { - if [ "${PRODUCT_GENERATION}" = "pg1" ]; then - bbwarn "PG1 devices are not supported in booting securely" - fi ln -sf /usr/lib/secure-boot-otp-provisioning/otpcmd.bin ${S} sed -ni '/### OTP command config/q;p' ${S}/configs/${U_BOOT_CONFIG} cat ${WORKDIR}/otpcmd.cfg >> ${S}/configs/${U_BOOT_CONFIG} } do_prepare_build:append:rpmb-setup() { - if [ "${PRODUCT_GENERATION}" = "pg1" ]; then - bbwarn "PG1 devices do not support RPMB based secure storage" - fi sed -ni '/### RPMB key pairing config/q;p' ${S}/configs/${U_BOOT_CONFIG} cat ${WORKDIR}/rpmb-setup.cfg >> ${S}/configs/${U_BOOT_CONFIG} } do_deploy() { - dpkg --fsys-tarfile ${WORKDIR}/u-boot-${MACHINE}_${PV}*.deb | \ - tar xOf - "./usr/lib/u-boot/${MACHINE}/${U_BOOT_BIN}" \ - > "${DEPLOY_DIR_IMAGE}/${SPI_FLASH_DEPLOY_IMG}" + for gen in pg1 pg2; do + dpkg --fsys-tarfile ${WORKDIR}/u-boot-${MACHINE}_${PV}*.deb | \ + tar xOf - "./usr/lib/u-boot/${MACHINE}/flash-${gen}.bin" \ + > "${DEPLOY_DIR_IMAGE}/iot2050-${gen}-image-boot.bin" + done dpkg --fsys-tarfile ${WORKDIR}/u-boot-${MACHINE}-config_${PV}*.deb | \ tar xOf - "./etc/${U_BOOT_ENV}" \ > "${DEPLOY_DIR_IMAGE}/${U_BOOT_ENV}" diff --git a/recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc b/recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc deleted file mode 100644 index 5cc96c666..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc +++ /dev/null @@ -1,43 +0,0 @@ -# -# Copyright (c) Siemens AG, 2020-2023 -# -# Authors: -# Jan Kiszka -# Su Baocheng -# Li Huaqian -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -require u-boot-iot2050.inc - -SRC_URI += " \ - https://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \ - file://0001-efi_loader-Improve-console-screen-clearing-and-reset.patch \ - file://0002-env-Complete-generic-support-for-writable-list.patch \ - file://0003-env-Couple-networking-related-variable-flags-to-CONF.patch \ - file://0004-tools-Add-script-for-converting-public-key-into-devi.patch \ - file://0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch \ - file://0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch \ - file://0007-iot2050-Update-firmware-layout.patch \ - file://0008-iot2050-Add-watchdog-start-to-bootcmd.patch \ - file://0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch \ - file://0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch \ - file://0011-iot2050-Add-script-for-signing-artifacts.patch \ - file://0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch \ - file://0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch \ - file://0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch \ - file://0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch \ - file://0016-iot2050-Add-support-for-configuring-M.2-connector.patch \ - file://0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch \ - file://0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch \ - file://0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch \ - file://0020-configs-Increase-malloc-size-after-relocation.patch \ - file://0021-configs-iot2050-Enabled-keyed-autoboot.patch \ - file://0022-Add-a-reserved-memory-for-watchdog.patch \ - " - -SRC_URI[sha256sum] = "50b4482a505bc281ba8470c399a3c26e145e29b23500bc35c50debd7fa46bdf8" - -S = "${WORKDIR}/u-boot-${PV}" diff --git a/recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb b/recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb new file mode 100644 index 000000000..39185a6f2 --- /dev/null +++ b/recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb @@ -0,0 +1,22 @@ +# +# Copyright (c) Siemens AG, 2022-2023 +# +# Authors: +# Su Baocheng +# +# This file is subject to the terms and conditions of the MIT License. See +# COPYING.MIT file in the top-level directory. +# + +require u-boot-iot2050.inc + +SRC_URI += " \ + https://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \ + file://0001-Watchdog-Support-WDIOF_CARDRESET-on-TI-AM65x-platfor.patch \ + file://0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch \ + file://0003-board-siemens-iot2050-Fix-logical-bug-in-PG1-PG2-det.patch \ + " + +SRC_URI[sha256sum] = "e00e6c6f014e046101739d08d06f328811cebcf5ae101348f409cbbd55ce6900" + +S = "${WORKDIR}/u-boot-${PV}"