From f790b1bb8210b668c252c45cc27d367349b8e855 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Wed, 27 Sep 2023 14:00:40 +0200 Subject: [PATCH] u-boot-iot2050: Lift to 2023.10 Most of our patches are merged now, just one DT change, a small fix for the signing script are remaining. In this latest upstream version, we folded PG1 and PG2 U-Boot configs into a single one again, generating both artifacts in the same run. Consequently, we can simplify the build as there is now only one recipe as well. We need to drop the disabling of CONFIG_DISTRO_DEFAULTS from the secure boot configuration as this would make distro_bootcmd unavailable. Signed-off-by: Jan Kiszka --- .github/workflows/main.yml | 6 +- .gitlab-ci.yml | 4 +- Kconfig | 31 +- conf/distro/iot2050-debian.conf | 2 - conf/machine/iot2050.conf | 6 +- kas-iot2050-boot-pg1.yml | 23 - ...t2050-boot-pg2.yml => kas-iot2050-boot.yml | 2 +- kas/opt/upstream.yml | 2 - .../optee-os/optee-os-iot2050_3.22.0.bb | 2 - .../secure-boot-otp-provisioning/README.md | 12 +- recipes-bsp/u-boot/README.md | 5 +- ...-Add-a-reserved-memory-for-watchdog.patch} | 4 +- ...ve-console-screen-clearing-and-reset.patch | 52 -- ...te-generic-support-for-writable-list.patch | 69 --- ...gn-fw.sh-Make-localization-of-tools-.patch | 41 ++ ...rking-related-variable-flags-to-CONF.patch | 86 --- ...-for-converting-public-key-into-devi.patch | 86 --- ...t2050-Split-the-build-for-PG1-and-PG.patch | 335 ----------- ...Use-the-auto-generator-nodes-for-fdt.patch | 132 ----- .../0007-iot2050-Update-firmware-layout.patch | 143 ----- ...ot2050-Add-watchdog-start-to-bootcmd.patch | 85 --- ...050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch | 32 - ...Allow-verifying-U-Boot-proper-by-SPL.patch | 72 --- ...050-Add-script-for-signing-artifacts.patch | 134 ----- ...Optionally-embed-OTP-programming-dat.patch | 98 ---- ...d-a-note-about-the-watchdog-firmware.patch | 27 - ...t2050-use-the-named-gpio-to-control-.patch | 30 - ...-iot2050-Add-support-for-M.2-variant.patch | 198 ------- ...upport-for-configuring-M.2-connector.patch | 553 ------------------ ...-Report-fdt-error-for-loading-u-boot.patch | 37 -- ...etworking-support-depend-on-NETDEVIC.patch | 101 ---- ...actor-the-m.2-and-minipcie-power-pin.patch | 126 ---- ...ncrease-malloc-size-after-relocation.patch | 29 - ...nfigs-iot2050-Enabled-keyed-autoboot.patch | 44 -- recipes-bsp/u-boot/files/rules.tmpl | 2 +- recipes-bsp/u-boot/files/secure-boot.cfg | 2 +- .../u-boot/u-boot-iot2050-pg1_2022.10.bb | 15 - .../u-boot-iot2050-pg1_202x.xx-upstream.bb | 23 - .../u-boot/u-boot-iot2050-pg2_2022.10.bb | 1 - .../u-boot-iot2050-pg2_202x.xx-upstream.bb | 1 - recipes-bsp/u-boot/u-boot-iot2050.inc | 28 +- recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc | 43 -- recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb | 21 + 43 files changed, 102 insertions(+), 2643 deletions(-) delete mode 100644 kas-iot2050-boot-pg1.yml rename kas-iot2050-boot-pg2.yml => kas-iot2050-boot.yml (89%) rename recipes-bsp/u-boot/files/{0022-Add-a-reserved-memory-for-watchdog.patch => 0001-Add-a-reserved-memory-for-watchdog.patch} (95%) delete mode 100644 recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch delete mode 100644 recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch create mode 100644 recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch delete mode 100644 recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch delete mode 100644 recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch delete mode 100644 recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch delete mode 100644 recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch delete mode 100644 recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch delete mode 100644 recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch delete mode 100644 recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch delete mode 100644 recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch delete mode 100644 recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch delete mode 100644 recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch delete mode 100644 recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch delete mode 100644 recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch delete mode 100644 recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch delete mode 100644 recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch delete mode 100644 recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch delete mode 100644 recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch delete mode 100644 recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch delete mode 100644 recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch delete mode 100644 recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch delete mode 100644 recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb delete mode 100644 recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb delete mode 120000 recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb delete mode 120000 recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb delete mode 100644 recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc create mode 100644 recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 47f6004ec..c0fe95ebc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -69,10 +69,8 @@ jobs: uses: actions/checkout@v3 - name: Free Disk Space uses: ./.github/workflows/free-disk-space - - name: Build bootloader image for PG1 - run: ./kas-container build kas-iot2050-boot-pg1.yml - - name: Build bootloader image for PG2 & m.2 - run: ./kas-container build kas-iot2050-boot-pg2.yml + - name: Build bootloader image + run: ./kas-container build kas-iot2050-boot.yml - name: Archive bootloaders uses: actions/upload-artifact@v3 with: diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 94206a9cd..2a7187b59 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -25,6 +25,4 @@ all: - kas build kas-iot2050-example.yml:kas/opt/preempt-rt.yml - kas build kas-iot2050-swupdate.yml - sudo rm -rf build/tmp - - kas build kas-iot2050-boot-pg1.yml - - sudo rm -rf build/tmp - - kas build kas-iot2050-boot-pg2.yml + - kas build kas-iot2050-boot.yml diff --git a/Kconfig b/Kconfig index ee673e2f5..dcd7beccf 100644 --- a/Kconfig +++ b/Kconfig @@ -30,21 +30,13 @@ config IMAGE_SWUPDATE Based on the example image, this adds SWUpdate and changes the partition layout to an A/B rootfs. -config IMAGE_BOOT_PG1 - bool "Firmware image for PG1 devices" +config IMAGE_BOOT + bool "Firmware image for PG1, PG2 and M.2 devices" help - Build the firmware image that is responsible for booting Product - Generation 1 (PG1) devices. - - WARNING: Do not flash this image onto your device unless you know - that it fits AND you have an external flash programmer at hand that - allows to recover. Otherwise you risk to BRICK THE IOT2050! - -config IMAGE_BOOT_PG2 - bool "Firmware image for PG2 and M.2 devices" - help - Build the firmware image that is responsible for booting Product - Generation 2 (PG2) devices, including its M.2 variant. + Build firmware images that are responsible for booting IOT2050 + devices. Two artifacts are generated: iot2050-pg1-image-boot.bin + for Product Generation 1 devices and iot2050-pg2-image-boot.bin for + Product Generation 2 devices, including M.2 variants. WARNING: Do not flash this image onto your device unless you know that it fits AND you have an external flash programmer at hand that @@ -56,8 +48,7 @@ config KAS_INCLUDE_MAIN string default "kas-iot2050-example.yml" if IMAGE_EXAMPLE default "kas-iot2050-swupdate.yml" if IMAGE_SWUPDATE - default "kas-iot2050-boot-pg1.yml" if IMAGE_BOOT_PG1 - default "kas-iot2050-boot-pg2.yml" if IMAGE_BOOT_PG2 + default "kas-iot2050-boot.yml" if IMAGE_BOOT comment "Image features" @@ -128,7 +119,7 @@ config SECURE_BOOT config SECURE_BOOT bool "Secure boot" - depends on IMAGE_BOOT_PG2 + depends on IMAGE_BOOT help Enable signing of all customizable firmware artifacts, enforce UEFI Secure Boot mode, protect sensitive U-Boot environment variables and @@ -140,7 +131,7 @@ config SECURE_BOOT config OTP_PROVISIONING bool "OTP Provisioning" - depends on IMAGE_BOOT_PG2 + depends on IMAGE_BOOT help Integrate OTP provisioning data into the firmware artifacts. Various options are avaiable. By default, this will integrate the OTP command @@ -152,7 +143,7 @@ config OTP_PROVISIONING config RPMB_SETUP bool "OPTEE RPMB setup for OTP key write" - depends on IMAGE_BOOT_PG2 && !SECURE_BOOT + depends on IMAGE_BOOT && !SECURE_BOOT help Enable one-time pairing between processor and secure storage (RPMB on eMMC). Do not sign and distribute this version. Run it @@ -244,7 +235,7 @@ config KAS_INCLUDE_DEBIAN_MIRROR config FIRMWARE_SECURE_VER string "Use specific firmware secure version" default "0" - depends on SECURE_BOOT && IMAGE_BOOT_PG2 + depends on SECURE_BOOT && IMAGE_BOOT help Use specific anti-rollback secure version rather than the default 0. Range 0 - 127. diff --git a/conf/distro/iot2050-debian.conf b/conf/distro/iot2050-debian.conf index 6a321c51b..49fea32cd 100644 --- a/conf/distro/iot2050-debian.conf +++ b/conf/distro/iot2050-debian.conf @@ -16,8 +16,6 @@ DISTRO_NAME = "IOT2050 Debian System" HOSTNAME ??= "iot2050-debian" -PREFERRED_VERSION_u-boot-iot2050-pg1 ?= "2022.10" -PREFERRED_VERSION_u-boot-iot2050-pg2 ?= "2022.10" PREFERRED_VERSION_linux-iot2050 ?= "5.10.%" PREFERRED_VERSION_linux-iot2050-rt ?= "5.10.%" diff --git a/conf/machine/iot2050.conf b/conf/machine/iot2050.conf index b7a0ad4cf..df4cbc584 100644 --- a/conf/machine/iot2050.conf +++ b/conf/machine/iot2050.conf @@ -11,10 +11,8 @@ DISTRO_ARCH ?= "arm64" -PRODUCT_GENERATION ?= "pg2" - -PREFERRED_PROVIDER_u-boot-${MACHINE} ?= "u-boot-iot2050-${PRODUCT_GENERATION}" -PREFERRED_PROVIDER_u-boot-${MACHINE}-config ?= "u-boot-iot2050-${PRODUCT_GENERATION}" +PREFERRED_PROVIDER_u-boot-${MACHINE} ?= "u-boot-iot2050" +PREFERRED_PROVIDER_u-boot-${MACHINE}-config ?= "u-boot-iot2050" KERNEL_NAME ?= "iot2050" DTB_FILES ?= " \ diff --git a/kas-iot2050-boot-pg1.yml b/kas-iot2050-boot-pg1.yml deleted file mode 100644 index 980275c7c..000000000 --- a/kas-iot2050-boot-pg1.yml +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright (c) Siemens AG, 2019-2022 -# -# Authors: -# Le Jin -# Jan Kiszka -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -header: - version: 14 - includes: - - kas/iot2050.yml - -build_system: isar - -target: u-boot-iot2050 - -local_conf_header: - u-boot: | - PRODUCT_GENERATION = "pg1" diff --git a/kas-iot2050-boot-pg2.yml b/kas-iot2050-boot.yml similarity index 89% rename from kas-iot2050-boot-pg2.yml rename to kas-iot2050-boot.yml index 2d3df3bfc..1d6dee82f 100644 --- a/kas-iot2050-boot-pg2.yml +++ b/kas-iot2050-boot.yml @@ -1,5 +1,5 @@ # -# Copyright (c) Siemens AG, 2019-2021 +# Copyright (c) Siemens AG, 2019-2022 # # Authors: # Le Jin diff --git a/kas/opt/upstream.yml b/kas/opt/upstream.yml index f56d7b3d7..5f1b578d6 100644 --- a/kas/opt/upstream.yml +++ b/kas/opt/upstream.yml @@ -10,8 +10,6 @@ header: local_conf_header: upstream-versions: | - PREFERRED_VERSION_u-boot-iot2050-pg1 = "202x.xx-upstream" - PREFERRED_VERSION_u-boot-iot2050-pg2 = "202x.xx-upstream" PREFERRED_VERSION_linux-iot2050 = "5.x-upstream" extra-args: | EXTRA_KERNEL_PARAMS = "fw_devlink=permissive" diff --git a/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb b/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb index 924bbbc04..238159706 100644 --- a/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb +++ b/recipes-bsp/optee-os/optee-os-iot2050_3.22.0.bb @@ -39,6 +39,4 @@ python() { if re.search("rpmb-setup", overrides): if re.search("secureboot", overrides): bb.fatal("Not possible to use Secure Boot and RPMB setup for OPTEE") - if d.getVar('PRODUCT_GENERATION') == "pg1": - bb.warn("PG1 devices do not supported RPMB based secure storage") } diff --git a/recipes-bsp/secure-boot-otp-provisioning/README.md b/recipes-bsp/secure-boot-otp-provisioning/README.md index e1c0d8a7b..d9e2e3eed 100644 --- a/recipes-bsp/secure-boot-otp-provisioning/README.md +++ b/recipes-bsp/secure-boot-otp-provisioning/README.md @@ -57,7 +57,7 @@ Before start the build, make sure the currently using key set is copied to `recipes-bsp/u-boot/files/keys/custMpk.pem`. ```shell -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision.yml ``` > Warning: The default key sets within kas/opt/key-provision.yml only contain @@ -93,7 +93,7 @@ Then start to building the new key signed firmware together with the key switchi otpcmd data. ```shell -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch.yml ``` > Warning: The default switching within kas/opt/key-switch.yml is from MPK to SMPK. @@ -118,7 +118,7 @@ by feeding different kas option file to the building. If the BMPK need to be programmed together: ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-3keys.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-3keys.yml ``` ### Provision keys only without enabling secure boot @@ -126,7 +126,7 @@ If the BMPK need to be programmed together: If only the keys need to be programmed but not enabling the secure boot: ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-keys-only.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-keys-only.yml ``` ### Enable secure boot only @@ -134,7 +134,7 @@ If only the keys need to be programmed but not enabling the secure boot: If you want to only enable the secure boot(because the keys are already programmed): ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-enabling-only.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-provision-enabling-only.yml ``` ### Switch from SMPK to BMPK @@ -142,7 +142,7 @@ If you want to only enable the secure boot(because the keys are already programm If the key switching is from SMPK to BMPK: ```bash -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch-2to3.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/secure-boot.yml:kas/opt/otpcmd/key-switch-2to3.yml ``` ### Use TUI alternative diff --git a/recipes-bsp/u-boot/README.md b/recipes-bsp/u-boot/README.md index 0ea683efa..0a27bfadb 100644 --- a/recipes-bsp/u-boot/README.md +++ b/recipes-bsp/u-boot/README.md @@ -5,8 +5,7 @@ The boot loader for PG1 and PG2 boards is built like this: ```shell -./kas-container build kas-iot2050-boot-pg1.yml -./kas-container build kas-iot2050-boot-pg2.yml +./kas-container build kas-iot2050-boot.yml ``` After the build the boot images are under @@ -81,7 +80,7 @@ A special firmware build is required to run in a secure operating environment to program this key into RPMB. To build this special firmware: ```shell -./kas-container build kas-iot2050-boot-pg2.yml:kas/opt/rpmb-setup.yml +./kas-container build kas-iot2050-boot.yml:kas/opt/rpmb-setup.yml ``` This will build a special OPTee binary for generating and programming the otp diff --git a/recipes-bsp/u-boot/files/0022-Add-a-reserved-memory-for-watchdog.patch b/recipes-bsp/u-boot/files/0001-Add-a-reserved-memory-for-watchdog.patch similarity index 95% rename from recipes-bsp/u-boot/files/0022-Add-a-reserved-memory-for-watchdog.patch rename to recipes-bsp/u-boot/files/0001-Add-a-reserved-memory-for-watchdog.patch index 4d5fda137..1cc51745f 100644 --- a/recipes-bsp/u-boot/files/0022-Add-a-reserved-memory-for-watchdog.patch +++ b/recipes-bsp/u-boot/files/0001-Add-a-reserved-memory-for-watchdog.patch @@ -13,7 +13,7 @@ Signed-off-by: Li Hua Qian 1 file changed, 11 insertions(+) diff --git a/arch/arm/dts/k3-am65-iot2050-common.dtsi b/arch/arm/dts/k3-am65-iot2050-common.dtsi -index e60006be..acc41335 100644 +index 65da226847f..b6135b849f1 100644 --- a/arch/arm/dts/k3-am65-iot2050-common.dtsi +++ b/arch/arm/dts/k3-am65-iot2050-common.dtsi @@ -64,6 +64,12 @@ @@ -29,7 +29,7 @@ index e60006be..acc41335 100644 }; leds { -@@ -731,6 +737,11 @@ +@@ -720,6 +726,11 @@ mboxes = <&mailbox0_cluster1 &mbox_mcu_r5fss0_core1>; }; diff --git a/recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch b/recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch deleted file mode 100644 index e563112f4..000000000 --- a/recipes-bsp/u-boot/files/0001-efi_loader-Improve-console-screen-clearing-and-reset.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 25 Apr 2022 10:33:15 +0200 -Subject: [PATCH] efi_loader: Improve console screen clearing and reset - -Before clearing the screen, ensure that no previous output of firmware -or UEFI programs will be overwritten on serial devices or other -streaming consoles. This helps generating complete boot logs. - -Tested regarding multi-output against qemu-x86_defconfig. - -Signed-off-by: Jan Kiszka ---- - lib/efi_loader/efi_console.c | 16 +++++++++++++--- - 1 file changed, 13 insertions(+), 3 deletions(-) - -diff --git a/lib/efi_loader/efi_console.c b/lib/efi_loader/efi_console.c -index ee9dc6bbd8..95777e894b 100644 ---- a/lib/efi_loader/efi_console.c -+++ b/lib/efi_loader/efi_console.c -@@ -472,8 +472,18 @@ static efi_status_t EFIAPI efi_cout_set_attribute( - static efi_status_t EFIAPI efi_cout_clear_screen( - struct efi_simple_text_output_protocol *this) - { -+ unsigned int row; -+ - EFI_ENTRY("%p", this); - -+ /* Avoid overwriting previous outputs on streaming consoles */ -+ for (row = 1; row < efi_cout_modes[efi_con_mode.mode].rows; row++) -+ printf("\n"); -+ -+ /* Set default colors if not done yet */ -+ if (efi_con_mode.attribute == 0) -+ efi_cout_set_attribute(this, 0x07); -+ - /* - * The Linux console wants both a clear and a home command. The video - * uclass does not support [H without coordinates, yet. -@@ -531,9 +541,9 @@ static efi_status_t EFIAPI efi_cout_reset( - { - EFI_ENTRY("%p, %d", this, extended_verification); - -- /* Set default colors */ -- efi_con_mode.attribute = 0x07; -- printf(ESC "[0;37;40m"); -+ /* Trigger reset to default colors */ -+ efi_con_mode.attribute = 0; -+ - /* Clear screen */ - EFI_CALL(efi_cout_clear_screen(this)); - diff --git a/recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch b/recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch deleted file mode 100644 index f397c9540..000000000 --- a/recipes-bsp/u-boot/files/0002-env-Complete-generic-support-for-writable-list.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 28 Feb 2022 12:00:14 +0100 -Subject: [PATCH] env: Complete generic support for writable list - -This completes what 890feecaab72 started by selecting ENV_APPEND and -ENV_IS_NOWHERE and by moving this driver to top if the list. This -ensures that load operations pick up both the default env and the -permitted parts of the next-prio location. When writing though, we must -use the regular ordering. - -With this change, boards only need to define the list of writable -variables but no longer have to provide a custom env_get_location -implementation. - -CC: Joe Hershberger -CC: Marek Vasut -Signed-off-by: Jan Kiszka ---- - env/Kconfig | 2 ++ - env/env.c | 22 ++++++++++++++++++++++ - 2 files changed, 24 insertions(+) - -diff --git a/env/Kconfig b/env/Kconfig -index 238e4c70cf..7b4d54031e 100644 ---- a/env/Kconfig -+++ b/env/Kconfig -@@ -714,6 +714,8 @@ config ENV_APPEND - - config ENV_WRITEABLE_LIST - bool "Permit write access only to listed variables" -+ select ENV_IS_NOWHERE -+ select ENV_APPEND - help - If defined, only environment variables which explicitly set the 'w' - writeable flag can be written and modified at runtime. No variables -diff --git a/env/env.c b/env/env.c -index 69848fb060..d0649f9540 100644 ---- a/env/env.c -+++ b/env/env.c -@@ -133,6 +133,28 @@ __weak enum env_location arch_env_get_location(enum env_operation op, int prio) - if (prio >= ARRAY_SIZE(env_locations)) - return ENVL_UNKNOWN; - -+ if (IS_ENABLED(CONFIG_ENV_WRITEABLE_LIST)) { -+ /* -+ * In writeable-list mode, ENVL_NOWHERE gains highest prio by -+ * virtually injecting it at prio 0. -+ */ -+ if (prio == 0) { -+ /* -+ * Avoid the injection for write operations as that -+ * would block it. -+ */ -+ if (op != ENVOP_SAVE && op != ENVOP_ERASE) -+ return ENVL_NOWHERE; -+ } else { -+ /* -+ * always subtract 1, also for writing because -+ * env_load_prio, which is used for writing, was -+ * initialized with that offset. -+ */ -+ prio--; -+ } -+ } -+ - return env_locations[prio]; - } - diff --git a/recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch b/recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch new file mode 100644 index 000000000..4c01c51f6 --- /dev/null +++ b/recipes-bsp/u-boot/files/0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch @@ -0,0 +1,41 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jan Kiszka +Date: Wed, 27 Sep 2023 17:35:02 +0200 +Subject: [PATCH] tools: iot2050-sign-fw.sh: Make localization of tools dir + more robust + +When building in-tree, there is no source link. + +Signed-off-by: Jan Kiszka +--- + tools/iot2050-sign-fw.sh | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/tools/iot2050-sign-fw.sh b/tools/iot2050-sign-fw.sh +index 6b426c854c2..75ffd560823 100755 +--- a/tools/iot2050-sign-fw.sh ++++ b/tools/iot2050-sign-fw.sh +@@ -5,6 +5,8 @@ if [ -z "$1" ]; then + exit 1 + fi + ++TOOLS_DIR=$(dirname $0) ++ + TEMP_X509=$(mktemp XXXXXXXX.temp) + + REVISION=${2:-0} +@@ -39,10 +41,10 @@ CERT_X509=$(mktemp XXXXXXXX.crt) + + openssl req -new -x509 -key $1 -nodes -outform DER -out $CERT_X509 -config $TEMP_X509 -sha512 + cat $CERT_X509 tispl.bin > tispl.bin_signed +-source/tools/binman/binman replace -i flash-pg1.bin -f tispl.bin_signed fit@180000 +-source/tools/binman/binman replace -i flash-pg2.bin -f tispl.bin_signed fit@180000 ++$TOOLS_DIR/binman/binman replace -i flash-pg1.bin -f tispl.bin_signed fit@180000 ++$TOOLS_DIR/binman/binman replace -i flash-pg2.bin -f tispl.bin_signed fit@180000 + + rm $TEMP_X509 $CERT_X509 + +-source/tools/binman/binman sign -i flash-pg1.bin -k $1 -a sha256,rsa4096 fit@380000 +-source/tools/binman/binman sign -i flash-pg2.bin -k $1 -a sha256,rsa4096 fit@380000 ++$TOOLS_DIR/binman/binman sign -i flash-pg1.bin -k $1 -a sha256,rsa4096 fit@380000 ++$TOOLS_DIR/binman/binman sign -i flash-pg2.bin -k $1 -a sha256,rsa4096 fit@380000 diff --git a/recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch b/recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch deleted file mode 100644 index c78a2305e..000000000 --- a/recipes-bsp/u-boot/files/0003-env-Couple-networking-related-variable-flags-to-CONF.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 25 Apr 2022 11:15:36 +0200 -Subject: [PATCH] env: Couple networking-related variable flags to CONFIG_NET - -Boards may set networking variables programmatically, thus may have -CONFIG_NET on but CONFIG_CMD_NET off. The IOT2050 is an example. - -CC: Joe Hershberger -Signed-off-by: Jan Kiszka ---- - env/flags.c | 10 +++++----- - include/env_flags.h | 4 ++-- - 2 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/env/flags.c b/env/flags.c -index e3e833c433..e2866361df 100644 ---- a/env/flags.c -+++ b/env/flags.c -@@ -22,7 +22,7 @@ - #include - #endif - --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - #define ENV_FLAGS_NET_VARTYPE_REPS "im" - #else - #define ENV_FLAGS_NET_VARTYPE_REPS "" -@@ -57,7 +57,7 @@ static const char * const env_flags_vartype_names[] = { - "decimal", - "hexadecimal", - "boolean", --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - "IP address", - "MAC address", - #endif -@@ -211,7 +211,7 @@ static void skip_num(int hex, const char *value, const char **end, - *end = value; - } - --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - int eth_validate_ethaddr_str(const char *addr) - { - const char *end; -@@ -244,7 +244,7 @@ static int _env_flags_validate_type(const char *value, - enum env_flags_vartype type) - { - const char *end; --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - const char *cur; - int i; - #endif -@@ -273,7 +273,7 @@ static int _env_flags_validate_type(const char *value, - if (value[1] != '\0') - return -1; - break; --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - case env_flags_vartype_ipaddr: - cur = value; - for (i = 0; i < 4; i++) { -diff --git a/include/env_flags.h b/include/env_flags.h -index 313cb8c49a..b49ec8e80f 100644 ---- a/include/env_flags.h -+++ b/include/env_flags.h -@@ -12,7 +12,7 @@ enum env_flags_vartype { - env_flags_vartype_decimal, - env_flags_vartype_hex, - env_flags_vartype_bool, --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - env_flags_vartype_ipaddr, - env_flags_vartype_macaddr, - #endif -@@ -111,7 +111,7 @@ enum env_flags_varaccess env_flags_parse_varaccess(const char *flags); - */ - enum env_flags_varaccess env_flags_parse_varaccess_from_binflags(int binflags); - --#ifdef CONFIG_CMD_NET -+#ifdef CONFIG_NET - /* - * Check if a string has the format of an Ethernet MAC address - */ diff --git a/recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch b/recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch deleted file mode 100644 index 4345ddb16..000000000 --- a/recipes-bsp/u-boot/files/0004-tools-Add-script-for-converting-public-key-into-devi.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 14 Feb 2022 07:05:15 +0100 -Subject: [PATCH] tools: Add script for converting public key into device tree - include - -Allows to create a public key device tree dtsi for inclusion into U-Boot -SPL and proper during first build already. This can be achieved via -CONFIG_DEVICE_TREE_INCLUDES. - -Signed-off-by: Jan Kiszka ---- - tools/key2dtsi.py | 64 +++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 64 insertions(+) - create mode 100755 tools/key2dtsi.py - -diff --git a/tools/key2dtsi.py b/tools/key2dtsi.py -new file mode 100755 -index 0000000000..1dbb2cc94b ---- /dev/null -+++ b/tools/key2dtsi.py -@@ -0,0 +1,64 @@ -+#!/usr/bin/env python3 -+# SPDX-License-Identifier: GPL-2.0-only -+# -+# Public key to dtsi converter. -+# -+# Copyright (c) Siemens AG, 2022 -+# -+ -+from argparse import ArgumentParser, FileType -+from os.path import basename, splitext -+from Cryptodome.PublicKey import RSA -+from Cryptodome.Util.number import inverse -+ -+def int_to_bytestr(n, length=None): -+ if not length: -+ length = (n.bit_length() + 7) // 8 -+ byte_array = n.to_bytes(length, 'big') -+ return ' '.join(['{:02x}'.format(byte) for byte in byte_array]) -+ -+ap = ArgumentParser(description='Public key to dtsi converter') -+ -+ap.add_argument('--hash', '-H', default='sha256', -+ help='hash to be used with key (default: sha256)') -+ap.add_argument('--required-conf', '-c', action='store_true', -+ help='mark key required for configuration') -+ap.add_argument('--required-image', '-i', action='store_true', -+ help='mark key required for image') -+ap.add_argument('--spl', '-s', action='store_true', -+ help='mark key for usage in SPL') -+ap.add_argument('key_file', metavar='KEY_FILE', type=FileType('r'), -+ help='key file (formats: X.509, PKCS#1, OpenSSH)') -+ap.add_argument('dtsi_file', metavar='DTSI_FILE', type=FileType('w'), -+ help='dtsi output file') -+ -+args = ap.parse_args() -+ -+key_name, _ = splitext(basename(args.key_file.name)) -+ -+key_data = args.key_file.read() -+key = RSA.importKey(key_data) -+ -+r_squared = (2**key.size_in_bits())**2 % key.n -+n0_inverse = 2**32 - inverse(key.n, 2**32) -+ -+out = args.dtsi_file -+out.write('/ {\n') -+out.write('\tsignature {\n') -+out.write('\t\tkey-{} {{\n'.format(key_name)) -+out.write('\t\t\tkey-name-hint = "{}";\n'.format(key_name)) -+out.write('\t\t\talgo = "{},rsa{}";\n'.format(args.hash, key.size_in_bits())) -+out.write('\t\t\trsa,num-bits = <{}>;\n'.format(key.size_in_bits())) -+out.write('\t\t\trsa,modulus = [{}];\n'.format(int_to_bytestr(key.n))) -+out.write('\t\t\trsa,exponent = [{}];\n'.format(int_to_bytestr(key.e, 8))) -+out.write('\t\t\trsa,r-squared = [{}];\n'.format(int_to_bytestr(r_squared))) -+out.write('\t\t\trsa,n0-inverse = <0x{:x}>;\n'.format(n0_inverse)) -+if args.required_conf: -+ out.write('\t\t\trequired = "conf";\n') -+elif args.required_image: -+ out.write('\t\t\trequired = "image";\n') -+if args.spl: -+ out.write('\t\t\tu-boot,dm-spl;\n') -+out.write('\t\t};\n') -+out.write('\t};\n') -+out.write('};\n') diff --git a/recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch b/recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch deleted file mode 100644 index 552e7a333..000000000 --- a/recipes-bsp/u-boot/files/0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch +++ /dev/null @@ -1,335 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Su Baocheng -Date: Wed, 12 Jan 2022 15:05:27 +0800 -Subject: [PATCH] board: siemens: iot2050: Split the build for PG1 and PG2 - -Due to different signature keys, the PG1 and the PG2 boards can no -longer use the same FSBL (tiboot3). This makes it impossible anyway to -maintaine a single flash.bin for both variants, so we can also split the -build. - -A new target is added to indicates the build is for PG1 vs. PG2 boards. -Hence now the variants have separated defconfig files. - -The runtime board_is_sr1() check does make no sense anymore, so remove -it and replace with build time check. - -Documentation is updated accordingly. New binary artifacts are already -available via meta-iot2050. - -Signed-off-by: Su Baocheng -[Jan: refactor config option into targets, tweak some wordings] -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 80 ++++++------------- - board/siemens/iot2050/Kconfig | 28 ++++++- - board/siemens/iot2050/board.c | 12 +-- - ...ot2050_defconfig => iot2050_pg1_defconfig} | 2 +- - ...ot2050_defconfig => iot2050_pg2_defconfig} | 4 +- - doc/board/siemens/iot2050.rst | 15 +++- - 6 files changed, 65 insertions(+), 76 deletions(-) - copy configs/{iot2050_defconfig => iot2050_pg1_defconfig} (99%) - rename configs/{iot2050_defconfig => iot2050_pg2_defconfig} (97%) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 27058370cc..3135ad0471 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -1,6 +1,6 @@ - // SPDX-License-Identifier: GPL-2.0 - /* -- * Copyright (c) Siemens AG, 2020-2021 -+ * Copyright (c) Siemens AG, 2020-2022 - * - * Authors: - * Jan Kiszka -@@ -17,7 +17,11 @@ - - blob-ext@0x000000 { - offset = <0x000000>; -- filename = "tiboot3.bin"; -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -+ filename = "seboot_pg1.bin"; -+#else -+ filename = "seboot_pg2.bin"; -+#endif - missing-msg = "iot2050-seboot"; - }; - -@@ -43,42 +47,30 @@ - }; - - fdt-iot2050-basic { -- description = "k3-am6528-iot2050-basic.dtb"; -+ description = "k3-am6528-iot2050-basic*.dtb"; - type = "flat_dt"; - arch = "arm64"; - compression = "none"; - blob { -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 - filename = "arch/arm/dts/k3-am6528-iot2050-basic.dtb"; -- }; -- }; -- -- fdt-iot2050-basic-pg2 { -- description = "k3-am6528-iot2050-basic-pg2.dtb"; -- type = "flat_dt"; -- arch = "arm64"; -- compression = "none"; -- blob { -+#else - filename = "arch/arm/dts/k3-am6528-iot2050-basic-pg2.dtb"; -+#endif - }; - }; - - fdt-iot2050-advanced { -- description = "k3-am6548-iot2050-advanced.dtb"; -+ description = "k3-am6548-iot2050-advanced*.dtb"; - type = "flat_dt"; - arch = "arm64"; - compression = "none"; - blob { -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 - filename = "arch/arm/dts/k3-am6548-iot2050-advanced.dtb"; -- }; -- }; -- -- fdt-iot2050-advanced-pg2 { -- description = "k3-am6548-iot2050-advanced-pg2.dtb"; -- type = "flat_dt"; -- arch = "arm64"; -- compression = "none"; -- blob { -+#else - filename = "arch/arm/dts/k3-am6548-iot2050-advanced-pg2.dtb"; -+#endif - }; - }; - -@@ -108,30 +100,12 @@ - #endif - }; - -- conf-iot2050-basic-pg2 { -- description = "iot2050-basic-pg2"; -- firmware = "u-boot"; -- fdt = "fdt-iot2050-basic-pg2"; --#ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; --#endif -- }; -- - conf-iot2050-advanced { - description = "iot2050-advanced"; - firmware = "u-boot"; - fdt = "fdt-iot2050-advanced"; - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - loadables = "k3-rti-wdt-firmware"; --#endif -- }; -- -- conf-iot2050-advanced-pg2 { -- description = "iot2050-advanced-pg2"; -- firmware = "u-boot"; -- fdt = "fdt-iot2050-advanced-pg2"; --#ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; - #endif - }; - }; -@@ -150,28 +124,24 @@ - fill-byte = [00]; - }; - -- /* PG1 sysfw, basic variant */ -+ /* sysfw, basic variant */ - blob-ext@0x6c0000 { - offset = <0x6c0000>; -- filename = "sysfw.itb"; -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -+ filename = "sysfw_sr1.itb"; -+#else -+ filename = "sysfw_sr2.itb"; -+#endif - missing-msg = "iot2050-sysfw"; - }; -- /* PG1 sysfw, advanced variant */ -+ /* sysfw, advanced variant */ - blob-ext@0x740000 { - offset = <0x740000>; -- filename = "sysfw.itb_HS"; -- missing-msg = "iot2050-sysfw"; -- }; -- /* PG2 sysfw, basic variant */ -- blob-ext@0x7c0000 { -- offset = <0x7c0000>; -- filename = "sysfw_sr2.itb"; -- missing-msg = "iot2050-sysfw"; -- }; -- /* PG2 sysfw, advanced variant */ -- blob-ext@0x840000 { -- offset = <0x840000>; -+#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -+ filename = "sysfw_sr1.itb_HS"; -+#else - filename = "sysfw_sr2.itb_HS"; -+#endif - missing-msg = "iot2050-sysfw"; - }; - }; -diff --git a/board/siemens/iot2050/Kconfig b/board/siemens/iot2050/Kconfig -index 063142a43b..a2b40881d1 100644 ---- a/board/siemens/iot2050/Kconfig -+++ b/board/siemens/iot2050/Kconfig -@@ -1,20 +1,40 @@ - # SPDX-License-Identifier: GPL-2.0+ - # --# Copyright (c) Siemens AG, 2018-2021 -+# Copyright (c) Siemens AG, 2018-2022 - # - # Authors: - # Le Jin - # Jan Kiszka - --config TARGET_IOT2050_A53 -- bool "IOT2050 running on A53" -+choice -+ prompt "Siemens SIMATIC IOT2050 boards" -+ optional -+ -+config TARGET_IOT2050_A53_PG1 -+ bool "IOT2050 PG1 running on A53" -+ select IOT2050_A53_COMMON -+ help -+ This builds U-Boot for the Product Generation 1 (PG1) of the IOT2050 -+ devices. -+ -+config TARGET_IOT2050_A53_PG2 -+ bool "IOT2050 PG2 running on A53" -+ select IOT2050_A53_COMMON -+ help -+ This builds U-Boot for the Product Generation 2 (PG2) of the IOT2050 -+ devices. -+ -+endchoice -+ -+config IOT2050_A53_COMMON -+ bool - select ARM64 - select SOC_K3_AM654 - select BOARD_LATE_INIT - select SYS_DISABLE_DCACHE_OPS - select BINMAN - --if TARGET_IOT2050_A53 -+if IOT2050_A53_COMMON - - config SYS_BOARD - default "iot2050" -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index b965ae9fa4..050ddb5899 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -55,14 +55,6 @@ static bool board_is_advanced(void) - strstr((char *)info->name, "IOT2050-ADVANCED") != NULL; - } - --static bool board_is_sr1(void) --{ -- struct iot2050_info *info = IOT2050_INFO_DATA; -- -- return info->magic == IOT2050_INFO_MAGIC && -- !strstr((char *)info->name, "-PG2"); --} -- - static void remove_mmc1_target(void) - { - char *boot_targets = strdup(env_get("boot_targets")); -@@ -109,12 +101,12 @@ void set_board_info_env(void) - } - - if (board_is_advanced()) { -- if (board_is_sr1()) -+ if (IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG1)) - fdtfile = "ti/k3-am6548-iot2050-advanced.dtb"; - else - fdtfile = "ti/k3-am6548-iot2050-advanced-pg2.dtb"; - } else { -- if (board_is_sr1()) -+ if (IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG1)) - fdtfile = "ti/k3-am6528-iot2050-basic.dtb"; - else - fdtfile = "ti/k3-am6528-iot2050-basic-pg2.dtb"; -diff --git a/configs/iot2050_defconfig b/configs/iot2050_pg1_defconfig -similarity index 99% -copy from configs/iot2050_defconfig -copy to configs/iot2050_pg1_defconfig -index 81cce0812b..4a59104149 100644 ---- a/configs/iot2050_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -8,7 +8,7 @@ CONFIG_SPL_LIBCOMMON_SUPPORT=y - CONFIG_SPL_LIBGENERIC_SUPPORT=y - CONFIG_NR_DRAM_BANKS=2 - CONFIG_SOC_K3_AM654=y --CONFIG_TARGET_IOT2050_A53=y -+CONFIG_TARGET_IOT2050_A53_PG1=y - CONFIG_ENV_SIZE=0x20000 - CONFIG_ENV_OFFSET=0x680000 - CONFIG_ENV_SECT_SIZE=0x20000 -diff --git a/configs/iot2050_defconfig b/configs/iot2050_pg2_defconfig -similarity index 97% -rename from configs/iot2050_defconfig -rename to configs/iot2050_pg2_defconfig -index 81cce0812b..4eba7a3476 100644 ---- a/configs/iot2050_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -8,13 +8,13 @@ CONFIG_SPL_LIBCOMMON_SUPPORT=y - CONFIG_SPL_LIBGENERIC_SUPPORT=y - CONFIG_NR_DRAM_BANKS=2 - CONFIG_SOC_K3_AM654=y --CONFIG_TARGET_IOT2050_A53=y -+CONFIG_TARGET_IOT2050_A53_PG2=y - CONFIG_ENV_SIZE=0x20000 - CONFIG_ENV_OFFSET=0x680000 - CONFIG_ENV_SECT_SIZE=0x20000 - CONFIG_DM_GPIO=y - CONFIG_SPL_DM_SPI=y --CONFIG_DEFAULT_DEVICE_TREE="k3-am6528-iot2050-basic" -+CONFIG_DEFAULT_DEVICE_TREE="k3-am6528-iot2050-basic-pg2" - CONFIG_SPL_TEXT_BASE=0x80080000 - CONFIG_SYS_PROMPT="IOT2050> " - CONFIG_SPL_SERIAL=y -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 7e97f817ce..fd3431fa3f 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -24,9 +24,10 @@ Binary dependencies can be found in - https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild. - The following binaries from that source need to be present in the build folder: - -- - tiboot3.bin -- - sysfw.itb -- - sysfw.itb_HS -+ - seboot_pg1.bin -+ - sysfw_sr1.itb -+ - sysfw_sr1.itb_HS -+ - seboot_pg2.bin - - sysfw_sr2.itb - - sysfw_sr2.itb_HS - -@@ -57,7 +58,13 @@ U-Boot: - - $ export ATF=/path/to/bl31.bin - $ export TEE=/path/to/tee-pager_v2.bin -- $ make iot2050_defconfig -+ -+ # configure for PG1 -+ $ make iot2050_pg1_defconfig -+ -+ # or configure for PG2 -+ $ make iot2050_pg2_defconfig -+ - $ make - - Flashing diff --git a/recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch b/recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch deleted file mode 100644 index aac2c6ff2..000000000 --- a/recipes-bsp/u-boot/files/0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch +++ /dev/null @@ -1,132 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Su Baocheng -Date: Wed, 12 Jan 2022 14:52:01 +0800 -Subject: [PATCH] arm: dts: iot2050: Use the auto generator nodes for fdt - -Refactor according to the entry `fit: Entry containing a FIT` of -document tools/binman/README.entries. - -As the generator uses the device tree name for the config description, -board_fit_config_name_match requires a small adjustment as well. - -Signed-off-by: Su Baocheng -[Jan: re-add now required CONFIG_OF_LIST, update config matching] -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 44 ++++---------------- - board/siemens/iot2050/board.c | 3 ++ - configs/iot2050_pg1_defconfig | 1 + - configs/iot2050_pg2_defconfig | 1 + - 4 files changed, 12 insertions(+), 37 deletions(-) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 3135ad0471..4666957686 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -32,6 +32,7 @@ - - fit@0x280000 { - description = "U-Boot for IOT2050"; -+ fit,fdt-list = "of-list"; - offset = <0x280000>; - images { - u-boot { -@@ -46,32 +47,11 @@ - }; - }; - -- fdt-iot2050-basic { -- description = "k3-am6528-iot2050-basic*.dtb"; -+ @fdt-SEQ { -+ description = "fdt-NAME"; - type = "flat_dt"; - arch = "arm64"; - compression = "none"; -- blob { --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "arch/arm/dts/k3-am6528-iot2050-basic.dtb"; --#else -- filename = "arch/arm/dts/k3-am6528-iot2050-basic-pg2.dtb"; --#endif -- }; -- }; -- -- fdt-iot2050-advanced { -- description = "k3-am6548-iot2050-advanced*.dtb"; -- type = "flat_dt"; -- arch = "arm64"; -- compression = "none"; -- blob { --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "arch/arm/dts/k3-am6548-iot2050-advanced.dtb"; --#else -- filename = "arch/arm/dts/k3-am6548-iot2050-advanced-pg2.dtb"; --#endif -- }; - }; - - #ifdef CONFIG_WDT_K3_RTI_FW_FILE -@@ -89,21 +69,11 @@ - }; - - configurations { -- default = "conf-iot2050-basic"; -- -- conf-iot2050-basic { -- description = "iot2050-basic"; -- firmware = "u-boot"; -- fdt = "fdt-iot2050-basic"; --#ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; --#endif -- }; -- -- conf-iot2050-advanced { -- description = "iot2050-advanced"; -+ default = "@config-DEFAULT-SEQ"; -+ @config-SEQ { -+ description = "NAME"; - firmware = "u-boot"; -- fdt = "fdt-iot2050-advanced"; -+ fdt = "fdt-SEQ"; - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - loadables = "k3-rti-wdt-firmware"; - #endif -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index 050ddb5899..2be5d1eefc 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -154,6 +154,9 @@ int board_fit_config_name_match(const char *name) - struct iot2050_info *info = IOT2050_INFO_DATA; - char upper_name[32]; - -+ /* skip the prefix "k3-am65x8-" */ -+ name += 10; -+ - if (info->magic != IOT2050_INFO_MAGIC || - strlen(name) >= sizeof(upper_name)) - return -1; -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 4a59104149..953206b343 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -69,6 +69,7 @@ CONFIG_CMD_TIME=y - # CONFIG_ISO_PARTITION is not set - CONFIG_OF_CONTROL=y - CONFIG_SPL_OF_CONTROL=y -+CONFIG_OF_LIST="k3-am6528-iot2050-basic k3-am6548-iot2050-advanced" - CONFIG_SPL_MULTI_DTB_FIT=y - CONFIG_SPL_OF_LIST="k3-am65-iot2050-spl" - CONFIG_SPL_MULTI_DTB_FIT_NO_COMPRESSION=y -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index 4eba7a3476..6b5e50a99a 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -69,6 +69,7 @@ CONFIG_CMD_TIME=y - # CONFIG_ISO_PARTITION is not set - CONFIG_OF_CONTROL=y - CONFIG_SPL_OF_CONTROL=y -+CONFIG_OF_LIST="k3-am6528-iot2050-basic-pg2 k3-am6548-iot2050-advanced-pg2" - CONFIG_SPL_MULTI_DTB_FIT=y - CONFIG_SPL_OF_LIST="k3-am65-iot2050-spl" - CONFIG_SPL_MULTI_DTB_FIT_NO_COMPRESSION=y diff --git a/recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch b/recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch deleted file mode 100644 index 376193237..000000000 --- a/recipes-bsp/u-boot/files/0007-iot2050-Update-firmware-layout.patch +++ /dev/null @@ -1,143 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 14 Jan 2022 18:52:06 +0100 -Subject: [PATCH] iot2050: Update firmware layout - -The latest version of the binary-only firmware parts come in a combined -form of FSBL and sysfw containers. This implies some layout changes to -the generated firmware image but also makes handling of artifacts much -simpler (4 files less). The env locations will not change, just the -space reserved for U-Boot will shrink from 4 to 3 MB - still plenty of -space left in practice. - -Adjust configuration and documentation accordingly. - -Along this change, add a new reservation for update commands of the -user-controlled OTP part. A specific userspace tool will fill it, and -the FSBL will evaluate it during boot. This reservation will use 64K of -the former sysfw section. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 30 ++++++-------------- - configs/iot2050_pg1_defconfig | 2 +- - configs/iot2050_pg2_defconfig | 2 +- - doc/board/siemens/iot2050.rst | 4 --- - tools/binman/missing-blob-help | 8 +----- - 5 files changed, 11 insertions(+), 35 deletions(-) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 4666957686..3ee0842e99 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -25,15 +25,15 @@ - missing-msg = "iot2050-seboot"; - }; - -- blob@0x080000 { -- offset = <0x080000>; -+ blob@0x180000 { -+ offset = <0x180000>; - filename = "tispl.bin"; - }; - -- fit@0x280000 { -+ fit@0x380000 { - description = "U-Boot for IOT2050"; - fit,fdt-list = "of-list"; -- offset = <0x280000>; -+ offset = <0x380000>; - images { - u-boot { - description = "U-Boot"; -@@ -94,25 +94,11 @@ - fill-byte = [00]; - }; - -- /* sysfw, basic variant */ -- blob-ext@0x6c0000 { -+ /* OTP update command block */ -+ fill@0x6c0000 { - offset = <0x6c0000>; --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "sysfw_sr1.itb"; --#else -- filename = "sysfw_sr2.itb"; --#endif -- missing-msg = "iot2050-sysfw"; -- }; -- /* sysfw, advanced variant */ -- blob-ext@0x740000 { -- offset = <0x740000>; --#ifdef CONFIG_TARGET_IOT2050_A53_PG1 -- filename = "sysfw_sr1.itb_HS"; --#else -- filename = "sysfw_sr2.itb_HS"; --#endif -- missing-msg = "iot2050-sysfw"; -+ size = <0x010000>; -+ fill-byte = [ff]; - }; - }; - }; -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 953206b343..934266c26e 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -52,7 +52,7 @@ CONFIG_SPL_POWER_DOMAIN=y - # CONFIG_SPL_SPI_FLASH_TINY is not set - CONFIG_SPL_SPI_FLASH_SFDP_SUPPORT=y - CONFIG_SPL_SPI_LOAD=y --CONFIG_SYS_SPI_U_BOOT_OFFS=0x280000 -+CONFIG_SYS_SPI_U_BOOT_OFFS=0x380000 - CONFIG_SYS_MAXARGS=64 - CONFIG_SYS_PBSIZE=1050 - CONFIG_CMD_ASKENV=y -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index 6b5e50a99a..c76abcca67 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -52,7 +52,7 @@ CONFIG_SPL_POWER_DOMAIN=y - # CONFIG_SPL_SPI_FLASH_TINY is not set - CONFIG_SPL_SPI_FLASH_SFDP_SUPPORT=y - CONFIG_SPL_SPI_LOAD=y --CONFIG_SYS_SPI_U_BOOT_OFFS=0x280000 -+CONFIG_SYS_SPI_U_BOOT_OFFS=0x380000 - CONFIG_SYS_MAXARGS=64 - CONFIG_SYS_PBSIZE=1050 - CONFIG_CMD_ASKENV=y -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index fd3431fa3f..26972e20ae 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -25,11 +25,7 @@ https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/u-boot/files/pre - The following binaries from that source need to be present in the build folder: - - - seboot_pg1.bin -- - sysfw_sr1.itb -- - sysfw_sr1.itb_HS - - seboot_pg2.bin -- - sysfw_sr2.itb -- - sysfw_sr2.itb_HS - - Building - -------- -diff --git a/tools/binman/missing-blob-help b/tools/binman/missing-blob-help -index c61ca02a35..5bb8961ce0 100644 ---- a/tools/binman/missing-blob-help -+++ b/tools/binman/missing-blob-help -@@ -21,13 +21,7 @@ Please read the section on SCP firmware in board/sunxi/README.sunxi64 - iot2050-seboot: - See the documentation for IOT2050 board. Your image is missing SEBoot - which is mandatory for board startup. Prebuilt SEBoot located at --meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/tiboot3.bin. -- --iot2050-sysfw: --See the documentation for IOT2050 board. Your image is missing system --firmware which is mandatory for board startup. Prebuilt system firmware --located at meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/ --with sysfw prefix. -+meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/seboot_pg*.bin. - - k3-rti-wdt-firmware: - If CONFIG_WDT_K3_RTI_LOAD_FW is enabled, a firmware image is needed for diff --git a/recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch b/recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch deleted file mode 100644 index ff6fa97d4..000000000 --- a/recipes-bsp/u-boot/files/0008-iot2050-Add-watchdog-start-to-bootcmd.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Sun, 20 Mar 2022 15:00:34 +0100 -Subject: [PATCH] iot2050: Add watchdog start to bootcmd - -Allows run-time control over watchdog auto-start and the timeout via -setting the environment variable watchdog_timeout_ms. A value of zero -means "do not start". Use CONFIG_WATCHDOG_TIMEOUT_MSECS as initial value -and this to zero by default. Users can then enable the watchdog once the -use and OS which picks it up during boot. - -Signed-off-by: Jan Kiszka ---- - configs/iot2050_pg1_defconfig | 2 ++ - configs/iot2050_pg2_defconfig | 2 ++ - include/configs/iot2050.h | 9 +++++++++ - 3 files changed, 13 insertions(+) - -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 934266c26e..49f8110936 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -32,6 +32,7 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set - CONFIG_SPL_MAX_SIZE=0x58000 -@@ -142,6 +143,7 @@ CONFIG_USB_DWC3_GENERIC=y - CONFIG_USB_KEYBOARD=y - # CONFIG_WATCHDOG is not set - # CONFIG_WATCHDOG_AUTOSTART is not set -+CONFIG_WATCHDOG_TIMEOUT_MSECS=0 - CONFIG_WDT=y - CONFIG_WDT_K3_RTI=y - CONFIG_WDT_K3_RTI_LOAD_FW=y -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index c76abcca67..43410160c8 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -32,6 +32,7 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set - CONFIG_SPL_MAX_SIZE=0x58000 -@@ -142,6 +143,7 @@ CONFIG_USB_DWC3_GENERIC=y - CONFIG_USB_KEYBOARD=y - # CONFIG_WATCHDOG is not set - # CONFIG_WATCHDOG_AUTOSTART is not set -+CONFIG_WATCHDOG_TIMEOUT_MSECS=0 - CONFIG_WDT=y - CONFIG_WDT_K3_RTI=y - CONFIG_WDT_K3_RTI_LOAD_FW=y -diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h -index 0f6150fc9c..dc4b5f9059 100644 ---- a/include/configs/iot2050.h -+++ b/include/configs/iot2050.h -@@ -15,6 +15,14 @@ - - /* SPL Loader Configuration */ - -+#define WATCHDOG_ENV \ -+ "watchdog_timeout_ms=" __stringify(CONFIG_WATCHDOG_TIMEOUT_MSECS) "\0" \ -+ "start_watchdog=if test ${watchdog_timeout_ms} -gt 0; then " \ -+ "wdt dev watchdog@40610000; " \ -+ "wdt start ${watchdog_timeout_ms}; " \ -+ "echo Watchdog started, timeout ${watchdog_timeout_ms} ms; " \ -+ "fi\0" -+ - /* U-Boot general configuration */ - #define EXTRA_ENV_IOT2050_BOARD_SETTINGS \ - "usb_pgood_delay=900\0" -@@ -43,6 +51,7 @@ - #define CONFIG_EXTRA_ENV_SETTINGS \ - DEFAULT_LINUX_BOOT_ENV \ - BOOTENV \ -+ WATCHDOG_ENV \ - EXTRA_ENV_IOT2050_BOARD_SETTINGS - - #include diff --git a/recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch b/recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch deleted file mode 100644 index 3d3dba8bb..000000000 --- a/recipes-bsp/u-boot/files/0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Mon, 25 Apr 2022 10:42:25 +0200 -Subject: [PATCH] iot2050: Add CONFIG_ENV_FLAGS_LIST_STATIC - -Will be needed when CONFIG_ENV_WRITEABLE_LIST is enabled. The listed -variables shall remain writable, for informational purposes - they have -to be considered untrusted because the persistent U-Boot env is not -protected. - -Signed-off-by: Jan Kiszka ---- - include/configs/iot2050.h | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h -index dc4b5f9059..d2cba5acfd 100644 ---- a/include/configs/iot2050.h -+++ b/include/configs/iot2050.h -@@ -56,4 +56,12 @@ - - #include - -+#ifdef CONFIG_ENV_WRITEABLE_LIST -+/* relevant for secure boot with CONFIG_ENV_WRITEABLE_LIST=y */ -+#define CONFIG_ENV_FLAGS_LIST_STATIC \ -+ "board_uuid:sw,board_name:sw,board_serial:sw,board_a5e:sw," \ -+ "mlfb:sw,fw_version:sw,seboot_version:sw," \ -+ "eth1addr:mw,eth2addr:mw,watchdog_timeout_ms:dw,boot_targets:sw" -+#endif -+ - #endif /* __CONFIG_IOT2050_H */ diff --git a/recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch b/recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch deleted file mode 100644 index bd187964b..000000000 --- a/recipes-bsp/u-boot/files/0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Sun, 7 Nov 2021 17:59:17 +0100 -Subject: [PATCH] arm: dts: iot2050: Allow verifying U-Boot proper by SPL - -Add hashes and configuration signature stubs to prepare verified boot -of main U-Boot by SPL. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 16 ++++++++++++++++ - 1 file changed, 16 insertions(+) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 3ee0842e99..9082a79a03 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -14,6 +14,7 @@ - filename = "flash.bin"; - pad-byte = <0xff>; - size = <0x8c0000>; -+ allow-repack; - - blob-ext@0x000000 { - offset = <0x000000>; -@@ -45,6 +46,9 @@ - entry = <0x80800000>; - u-boot-nodtb { - }; -+ hash { -+ algo = "sha256"; -+ }; - }; - - @fdt-SEQ { -@@ -52,6 +56,9 @@ - type = "flat_dt"; - arch = "arm64"; - compression = "none"; -+ hash { -+ algo = "sha256"; -+ }; - }; - - #ifdef CONFIG_WDT_K3_RTI_FW_FILE -@@ -64,6 +71,9 @@ - filename = CONFIG_WDT_K3_RTI_FW_FILE; - missing-msg = "k3-rti-wdt-firmware"; - }; -+ hash { -+ algo = "sha256"; -+ }; - }; - #endif - }; -@@ -77,10 +87,16 @@ - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - loadables = "k3-rti-wdt-firmware"; - #endif -+ signature { -+ sign-images = "firmware", "fdt", "loadables"; -+ }; - }; - }; - }; - -+ fdtmap { -+ }; -+ - /* primary env */ - fill@0x680000 { - offset = <0x680000>; diff --git a/recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch b/recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch deleted file mode 100644 index 9cff5b5d6..000000000 --- a/recipes-bsp/u-boot/files/0011-iot2050-Add-script-for-signing-artifacts.patch +++ /dev/null @@ -1,134 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Thu, 18 Nov 2021 10:56:22 +0100 -Subject: [PATCH] iot2050: Add script for signing artifacts - -There are many ways to get a signed firmware for the IOT2050 devices, -namely for the parts under user-control. This script documents one way -of doing it, given a signing key. Augment the board documentation with -the required procedure around it. - -Signed-off-by: Jan Kiszka ---- - doc/board/siemens/iot2050.rst | 52 +++++++++++++++++++++++++++++++++++ - tools/iot2050-sign-fw.sh | 51 ++++++++++++++++++++++++++++++++++ - 2 files changed, 103 insertions(+) - create mode 100755 tools/iot2050-sign-fw.sh - -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 26972e20ae..4e0925c72c 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -79,3 +79,55 @@ Via external programmer Dediprog SF100 or SF600: - .. code-block:: text - - $ dpcmd --vcc 2 -v -u flash.bin -+ -+Signing (optional) -+------------------ -+ -+To enable verified boot for the firmware artifacts after the Siemens-managed -+first-stage loader (seboot_pg*.bin), the following steps need to be taken -+before and after the build: -+ -+Generate dtsi holding the public key -+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -+ -+.. code-block:: text -+ -+ tools/key2dtsi.py -c -s key.pem public-key.dtsi -+ -+This will be used to embed the public key into U-Boot SPL and main so that each -+step can validate signatures of the succeeding one. -+ -+Adjust U-Boot configuration -+^^^^^^^^^^^^^^^^^^^^^^^^^^^ -+ -+Enabled at least the following options in U-Boot: -+ -+.. code-block:: text -+ -+ CONFIG_SPL_FIT_SIGNATURE=y -+ CONFIG_DEVICE_TREE_INCLUDES="/path/to/public-key.dtsi" -+ CONFIG_RSA=y -+ -+Note that there are more configuration changes needed in order to lock-down -+the command line and the boot process of U-Boot for secure scenarios. These are -+not in scope here. -+ -+Build U-Boot -+^^^^^^^^^^^^ -+ -+See related section above. -+ -+Sign flash.bin -+^^^^^^^^^^^^^^ -+ -+In the build folder still containing artifacts from step 3, invoke: -+ -+.. code-block:: text -+ -+ tools/iot2050-sign-fw.sh /path/to/key.pem -+ -+Flash signed flash.bin -+^^^^^^^^^^^^^^^^^^^^^^ -+ -+The signing has happen in-place in flash.bin, thus the flashing procedure -+described above. -diff --git a/tools/iot2050-sign-fw.sh b/tools/iot2050-sign-fw.sh -new file mode 100755 -index 0000000000..4d1d79498c ---- /dev/null -+++ b/tools/iot2050-sign-fw.sh -@@ -0,0 +1,51 @@ -+#!/bin/sh -+ -+if [ -z "$1" ]; then -+ echo "Usage: $0 KEY" -+ exit 1 -+fi -+ -+TEMP_X509=$(mktemp XXXXXXXX.temp) -+ -+REVISION=${2:-0} -+SHA_VAL=$(openssl dgst -sha512 -hex tispl.bin | sed -e "s/^.*= //g") -+BIN_SIZE=$(stat -c %s tispl.bin) -+ -+cat <$TEMP_X509 -+[ req ] -+distinguished_name = req_distinguished_name -+x509_extensions = v3_ca -+prompt = no -+dirstring_type = nobmp -+ -+[ req_distinguished_name ] -+CN = IOT2050 Firmware Signature -+ -+[ v3_ca ] -+basicConstraints = CA:true -+1.3.6.1.4.1.294.1.3 = ASN1:SEQUENCE:swrv -+1.3.6.1.4.1.294.1.34 = ASN1:SEQUENCE:sysfw_image_integrity -+ -+[ swrv ] -+swrv = INTEGER:$REVISION -+ -+[ sysfw_image_integrity ] -+shaType = OID:2.16.840.1.101.3.4.2.3 -+shaValue = FORMAT:HEX,OCT:$SHA_VAL -+imageSize = INTEGER:$BIN_SIZE -+EOF -+ -+CERT_X509=$(mktemp XXXXXXXX.crt) -+ -+openssl req -new -x509 -key $1 -nodes -outform DER -out $CERT_X509 -config $TEMP_X509 -sha512 -+cat $CERT_X509 tispl.bin > tispl.bin_signed -+# currently broken in upstream -+#source/tools/binman/binman replace -i flash.bin -f tispl.bin_signed blob@0x180000 -+dd if=tispl.bin_signed of=flash.bin bs=$((0x1000)) seek=$((0x180000/0x1000)) conv=notrunc -+ -+rm $TEMP_X509 $CERT_X509 -+ -+tools/mkimage -G $1 -r -o sha256,rsa4096 -F fit@0x380000.fit -+# currently broken in upstream -+#source/tools/binman/binman replace -i flash.bin -f fit@0x380000.fit fit@0x380000 -+dd if=fit@0x380000.fit of=flash.bin bs=$((0x1000)) seek=$((0x380000/0x1000)) conv=notrunc diff --git a/recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch b/recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch deleted file mode 100644 index cb1a3c164..000000000 --- a/recipes-bsp/u-boot/files/0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch +++ /dev/null @@ -1,98 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 27 May 2022 11:29:20 +0200 -Subject: [PATCH] arm: dts: iot2050: Optionally embed OTP programming data into - image - -Use external blob otpcmd.bin to replace the 0xff filled OTP programming -command block to create a firmware image that provisions the OTP on -first boot. This otpcmd.bin is generated from the customer keys using -steps described in the meta-iot2050 integration layer for the device. - -Based on original patch by Baocheng Su. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 8 ++++++++ - board/siemens/iot2050/Kconfig | 7 +++++++ - doc/board/siemens/iot2050.rst | 8 ++++++++ - tools/binman/missing-blob-help | 8 ++++++++ - 4 files changed, 31 insertions(+) - -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 9082a79a03..25a22a7b7b 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -111,10 +111,18 @@ - }; - - /* OTP update command block */ -+#if CONFIG_IOT2050_EMBED_OTPCMD -+ blob-ext@0x6c0000 { -+ offset = <0x6c0000>; -+ size = <0x010000>; -+ filename = "otpcmd.bin"; -+ missing-msg = "iot2050-otpcmd"; -+#else - fill@0x6c0000 { - offset = <0x6c0000>; - size = <0x010000>; - fill-byte = [ff]; -+#endif - }; - }; - }; -diff --git a/board/siemens/iot2050/Kconfig b/board/siemens/iot2050/Kconfig -index a2b40881d1..e66b2427d9 100644 ---- a/board/siemens/iot2050/Kconfig -+++ b/board/siemens/iot2050/Kconfig -@@ -49,4 +49,11 @@ config IOT2050_BOOT_SWITCH - bool "Disable eMMC boot via USER button (Advanced version only)" - default y - -+config IOT2050_EMBED_OTPCMD -+ bool "Embed OTP programming data" -+ help -+ Embed signed OTP programming data 'otpcmd.bin' into the firmware -+ image. This data will be evaluated and executed on first boot of the -+ device. -+ - endif -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 4e0925c72c..cb49a0e36b 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -27,6 +27,14 @@ The following binaries from that source need to be present in the build folder: - - seboot_pg1.bin - - seboot_pg2.bin - -+For building an image containing the OTP key provisioning data, below binary -+needs to be present in the build folder: -+ -+ - otpcmd.bin -+ -+Regarding how to generating this otpcmd.bin, please refer to: -+https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/secure-boot-otp-provisioning/files/make-otpcmd.sh -+ - Building - -------- - -diff --git a/tools/binman/missing-blob-help b/tools/binman/missing-blob-help -index 5bb8961ce0..7e88cd0395 100644 ---- a/tools/binman/missing-blob-help -+++ b/tools/binman/missing-blob-help -@@ -23,6 +23,14 @@ See the documentation for IOT2050 board. Your image is missing SEBoot - which is mandatory for board startup. Prebuilt SEBoot located at - meta-iot2050/tree/master/recipes-bsp/u-boot/files/prebuild/seboot_pg*.bin. - -+iot2050-otpcmd: -+See the documentation for IOT2050 board. Your image is missing OTP command data -+block which is used for provisioning the customer keys to the board. -+Please refer to -+meta-iot2050/tree/master/recipes-bsp/secure-boot-otp-provisioning/files/make-otpcmd.sh -+for how to generate this binary. If you are not using secure boot or do not -+intend to provision the keys, disable CONFIG_IOT2050_EMBED_OTPCMD. -+ - k3-rti-wdt-firmware: - If CONFIG_WDT_K3_RTI_LOAD_FW is enabled, a firmware image is needed for - the R5F core(s) to trigger the system reset. One possible source is diff --git a/recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch b/recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch deleted file mode 100644 index 13da0658a..000000000 --- a/recipes-bsp/u-boot/files/0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 27 May 2022 11:35:45 +0200 -Subject: [PATCH] doc: iot2050: Add a note about the watchdog firmware - -This is enabled by default, thus should be described as well. - -Signed-off-by: Jan Kiszka ---- - doc/board/siemens/iot2050.rst | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index cb49a0e36b..efe94a448a 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -27,6 +27,10 @@ The following binaries from that source need to be present in the build folder: - - seboot_pg1.bin - - seboot_pg2.bin - -+When using the watchdog, a related firmware for the R5 core(s) is needed, e.g. -+https://github.com/siemens/k3-rti-wdt. The name and location of the image is -+configured via CONFIG_WDT_K3_RTI_FW_FILE. -+ - For building an image containing the OTP key provisioning data, below binary - needs to be present in the build folder: - diff --git a/recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch b/recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch deleted file mode 100644 index 47f2ed054..000000000 --- a/recipes-bsp/u-boot/files/0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: chao zeng -Date: Wed, 12 Jan 2022 10:34:18 +0800 -Subject: [PATCH] board: siemens: iot2050: use the named gpio to control the - user-button - -User-button is controlled by the mcu domain gpio number 25. -But main0 main1 mcu domain all have gpio number 25. - -To identify where the gpio is from, Using gpio controll base as the prefix -to indicate the gpio resource. - -Signed-off-by: chao zeng ---- - board/siemens/iot2050/board.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index 2be5d1eefc..be30b9c4d1 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -183,7 +183,7 @@ static bool user_button_pressed(void) - - memset(&gpio, 0, sizeof(gpio)); - -- if (dm_gpio_lookup_name("25", &gpio) < 0 || -+ if (dm_gpio_lookup_name("gpio@42110000_25", &gpio) < 0 || - dm_gpio_request(&gpio, "USER button") < 0 || - dm_gpio_set_dir_flags(&gpio, GPIOD_IS_IN) < 0) - return false; diff --git a/recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch b/recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch deleted file mode 100644 index d28ecd9b1..000000000 --- a/recipes-bsp/u-boot/files/0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch +++ /dev/null @@ -1,198 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: chao zeng -Date: Fri, 7 Jan 2022 10:18:07 +0800 -Subject: [PATCH] arm: dts: iot2050: Add support for M.2 variant - -Add support for the M.2 board based on the iot2050 advanced board. -The board has two m.2 connectors, one is B-keyed, the other E-keyed. -The B-key slot can connect 5G/SSD devices, and E-key can be used for -WIFI/BT devices. - -This variant is covered by PG2 firmware image. - -Signed-off-by: chao zeng -[Jan: align DT to kernel, polish wording] -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/Makefile | 4 +- - .../arm/dts/k3-am6548-iot2050-advanced-m2.dts | 117 ++++++++++++++++++ - configs/iot2050_pg2_defconfig | 2 +- - doc/board/siemens/iot2050.rst | 6 +- - 4 files changed, 125 insertions(+), 4 deletions(-) - create mode 100644 arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts - -diff --git a/arch/arm/dts/Makefile b/arch/arm/dts/Makefile -index 965895bc2a..d0ce6c9754 100644 ---- a/arch/arm/dts/Makefile -+++ b/arch/arm/dts/Makefile -@@ -1210,7 +1210,9 @@ dtb-$(CONFIG_SOC_K3_AM654) += \ - k3-am6528-iot2050-basic.dtb \ - k3-am6528-iot2050-basic-pg2.dtb \ - k3-am6548-iot2050-advanced.dtb \ -- k3-am6548-iot2050-advanced-pg2.dtb -+ k3-am6548-iot2050-advanced-pg2.dtb \ -+ k3-am6548-iot2050-advanced-m2.dtb -+ - dtb-$(CONFIG_SOC_K3_J721E) += k3-j721e-common-proc-board.dtb \ - k3-j721e-r5-common-proc-board.dtb \ - k3-j7200-common-proc-board.dtb \ -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -new file mode 100644 -index 0000000000..cb0f3a8729 ---- /dev/null -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -@@ -0,0 +1,117 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * Copyright (c) Siemens AG, 2018-2022 -+ * -+ * Authors: -+ * Chao Zeng -+ * Jan Kiszka -+ * -+ * AM6548-based (quad-core) IOT2050 M.2 variant (based on Advanced Product -+ * Generation 2), 2 GB RAM, 16 GB eMMC, USB-serial converter on connector X30 -+ * -+ * Product homepage: -+ * https://new.siemens.com/global/en/products/automation/pc-based/iot-gateways/simatic-iot2050.html -+ */ -+ -+#include "k3-am6548-iot2050-advanced-common.dtsi" -+#include "k3-am65-iot2050-common-pg2.dtsi" -+ -+/ { -+ compatible = "siemens,iot2050-advanced-m2", "ti,am654"; -+ model = "SIMATIC IOT2050 Advanced M2"; -+}; -+ -+&mcu_r5fss0 { -+ /* lock-step mode not supported on this board */ -+ ti,cluster-mode = <0>; -+}; -+ -+&main_pmx0 { -+ main_m2_enable_pins_default: main-m2-enable-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01c4, PIN_INPUT_PULLUP, 7) /* (AH13) GPIO1_17 */ -+ >; -+ }; -+ -+ main_bkey_pcie_reset: main-bkey-pcie-reset { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01bc, PIN_OUTPUT_PULLUP, 7) /* (AG13) GPIO1_15 */ -+ >; -+ }; -+ -+ main_pmx0_m2_config_pins_default: main-pmx0-m2-config-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01c8, PIN_INPUT_PULLUP, 7) /* (AE13) GPIO1_18 */ -+ AM65X_IOPAD(0x01cc, PIN_INPUT_PULLUP, 7) /* (AD13) GPIO1_19 */ -+ >; -+ }; -+ -+ main_m2_pcie_mux_control: main-m2-pcie-mux-control { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x0148, PIN_INPUT_PULLUP, 7) /* (AG22) GPIO0_82 */ -+ AM65X_IOPAD(0x0160, PIN_INPUT_PULLUP, 7) /* (AE20) GPIO0_88 */ -+ AM65X_IOPAD(0x0164, PIN_INPUT_PULLUP, 7) /* (AF19) GPIO0_89 */ -+ >; -+ }; -+}; -+ -+&main_pmx1 { -+ main_pmx1_m2_config_pins_default: main-pmx1-m2-config-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x0018, PIN_INPUT_PULLUP, 7) /* (B22) GPIO1_88 */ -+ AM65X_IOPAD(0x001c, PIN_INPUT_PULLUP, 7) /* (C23) GPIO1_89 */ -+ >; -+ }; -+}; -+ -+&main_gpio0 { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&main_m2_pcie_mux_control>; -+}; -+ -+&main_gpio1 { -+ pinctrl-names = "default"; -+ pinctrl-0 = < -+ &main_m2_enable_pins_default -+ &main_pmx0_m2_config_pins_default -+ &main_pmx1_m2_config_pins_default -+ >; -+}; -+ -+/* -+ * Base configuration for B-key slot with PCIe x2, E-key with USB 2.0 only. -+ * Firmware switches to other modes via device tree overlays. -+ */ -+ -+&serdes0 { -+ assigned-clocks = <&k3_clks 153 4>, <&serdes0 AM654_SERDES_CMU_REFCLK>; -+ assigned-clock-parents = <&k3_clks 153 8>, <&k3_clks 153 4>; -+}; -+ -+&pcie0_rc { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&main_bkey_pcie_reset>; -+ -+ num-lanes = <2>; -+ phys = <&serdes0 PHY_TYPE_PCIE 1>, <&serdes1 PHY_TYPE_PCIE 1>; -+ phy-names = "pcie-phy0","pcie-phy1"; -+ reset-gpios = <&main_gpio1 15 GPIO_ACTIVE_HIGH>; -+ status = "okay"; -+}; -+ -+&pcie1_rc { -+ status = "disabled"; -+}; -+ -+&dwc3_0 { -+ assigned-clock-parents = <&k3_clks 151 4>, /* set REF_CLK to 20MHz i.e. PER0_PLL/48 */ -+ <&k3_clks 151 9>; /* set PIPE3_TXB_CLK to CLK_12M_RC/256 (for HS only) */ -+ /delete-property/ phys; -+ /delete-property/ phy-names; -+}; -+ -+&usb0 { -+ maximum-speed = "high-speed"; -+ /delete-property/ snps,dis-u1-entry-quirk; -+ /delete-property/ snps,dis-u2-entry-quirk; -+}; -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index 43410160c8..a31691a1d1 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -70,7 +70,7 @@ CONFIG_CMD_TIME=y - # CONFIG_ISO_PARTITION is not set - CONFIG_OF_CONTROL=y - CONFIG_SPL_OF_CONTROL=y --CONFIG_OF_LIST="k3-am6528-iot2050-basic-pg2 k3-am6548-iot2050-advanced-pg2" -+CONFIG_OF_LIST="k3-am6528-iot2050-basic-pg2 k3-am6548-iot2050-advanced-pg2 k3-am6548-iot2050-advanced-m2" - CONFIG_SPL_MULTI_DTB_FIT=y - CONFIG_SPL_OF_LIST="k3-am65-iot2050-spl" - CONFIG_SPL_MULTI_DTB_FIT_NO_COMPRESSION=y -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index efe94a448a..442d2cac21 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -6,7 +6,9 @@ SIMATIC IOT2050 BASIC and ADVANCED - - The SIMATIC IOT2050 is an open industrial IoT gateway that is using the TI - AM6528 GP (Basic variant) or the AM6548 HS (Advanced variant). The Advanced --variant is prepared for secure boot. -+variant is prepared for secure boot. M.2 Variant also uses the AM6548 HS. -+Instead of a MiniPCI connector, it comes with two M.2 connectors and can -+support 5G/WIFI/BT applications or connect an SSD. - - The IOT2050 starts only from OSPI. It loads a Siemens-provided bootloader - called SE-Boot for the MCU domain (R5F cores), then hands over to ATF and -@@ -70,7 +72,7 @@ U-Boot: - # configure for PG1 - $ make iot2050_pg1_defconfig - -- # or configure for PG2 -+ # or configure for PG2 or the M.2 variant - $ make iot2050_pg2_defconfig - - $ make diff --git a/recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch b/recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch deleted file mode 100644 index e3a26e0b5..000000000 --- a/recipes-bsp/u-boot/files/0016-iot2050-Add-support-for-configuring-M.2-connector.patch +++ /dev/null @@ -1,553 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Tue, 11 Oct 2022 13:23:21 +0200 -Subject: [PATCH] iot2050: Add support for configuring M.2 connector - -The M.2 slots of the related IOT2050 variant need to be configured -according to the plugged cards. This tries to detect the card using the -M.2 configuration pins of the B-key slot. If that fails, a U-Boot -environment variable can be set to configure manually. This variable is -write-permitted also in secure boot mode as it is not able to undermine -the integrity of the booted system. - -The configuration is then applied to mux the serdes and to fix up the -device tree passed to or loaded by the bootloader. The fix-ups are -coming from device tree overlays that are embedded into the firmware -image and there also integrity protected. The OS remains free to load -a device tree to which they do not apply: U-Boot will not fail to boot -in that case. - -Based on original patch by Chao Zeng. - -Signed-off-by: Jan Kiszka ---- - arch/arm/dts/Makefile | 4 +- - arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 38 ++- - ...050-advanced-m2-bkey-ekey-pcie-overlay.dts | 27 ++ - ...-iot2050-advanced-m2-bkey-usb3-overlay.dts | 47 ++++ - board/siemens/iot2050/board.c | 259 +++++++++++++++++- - doc/board/siemens/iot2050.rst | 18 ++ - include/configs/iot2050.h | 1 + - 7 files changed, 391 insertions(+), 3 deletions(-) - create mode 100644 arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts - create mode 100644 arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts - -diff --git a/arch/arm/dts/Makefile b/arch/arm/dts/Makefile -index d0ce6c9754..d4c5622e11 100644 ---- a/arch/arm/dts/Makefile -+++ b/arch/arm/dts/Makefile -@@ -1211,7 +1211,9 @@ dtb-$(CONFIG_SOC_K3_AM654) += \ - k3-am6528-iot2050-basic-pg2.dtb \ - k3-am6548-iot2050-advanced.dtb \ - k3-am6548-iot2050-advanced-pg2.dtb \ -- k3-am6548-iot2050-advanced-m2.dtb -+ k3-am6548-iot2050-advanced-m2.dtb \ -+ k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dtbo \ -+ k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dtbo - - dtb-$(CONFIG_SOC_K3_J721E) += k3-j721e-common-proc-board.dtb \ - k3-j721e-r5-common-proc-board.dtb \ -diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -index 25a22a7b7b..a5b35d8298 100644 ---- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi -@@ -61,6 +61,36 @@ - }; - }; - -+#ifdef CONFIG_TARGET_IOT2050_A53_PG2 -+ bkey-usb3-overlay { -+ description = "M.2-bkey-usb3-overlay"; -+ type = "blob"; -+ load = <0x82100000>; -+ arch = "arm64"; -+ compression = "none"; -+ blob-ext { -+ filename = "k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dtbo"; -+ }; -+ hash { -+ algo = "sha256"; -+ }; -+ }; -+ -+ bkey-ekey-pcie-overlay { -+ description = "M.2-bkey-ekey-pcie-overlay"; -+ type = "blob"; -+ load = <0x82110000>; -+ arch = "arm64"; -+ compression = "none"; -+ blob-ext { -+ filename = "k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dtbo"; -+ }; -+ hash { -+ algo = "sha256"; -+ }; -+ }; -+#endif -+ - #ifdef CONFIG_WDT_K3_RTI_FW_FILE - k3-rti-wdt-firmware { - type = "firmware"; -@@ -84,9 +114,15 @@ - description = "NAME"; - firmware = "u-boot"; - fdt = "fdt-SEQ"; -+ loadables = -+#ifdef CONFIG_TARGET_IOT2050_A53_PG2 -+ "bkey-usb3-overlay", -+ "bkey-ekey-pcie-overlay", -+#endif - #ifdef CONFIG_WDT_K3_RTI_FW_FILE -- loadables = "k3-rti-wdt-firmware"; -+ "k3-rti-wdt-firmware", - #endif -+ <>; - signature { - sign-images = "firmware", "fdt", "loadables"; - }; -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts -new file mode 100644 -index 0000000000..c9e736098f ---- /dev/null -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-ekey-pcie-overlay.dts -@@ -0,0 +1,27 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * IOT2050 M.2 variant, overlay for B-key PCIE0_LANE0 + E-key PCIE1_LANE0 -+ * Copyright (c) Siemens AG, 2022 -+ * -+ * Authors: -+ * Chao Zeng -+ * Jan Kiszka -+ */ -+ -+/dts-v1/; -+/plugin/; -+ -+#include -+#include -+ -+&pcie0_rc { -+ num-lanes = <1>; -+ phys = <&serdes0 PHY_TYPE_PCIE 1>; -+ phy-names = "pcie-phy0"; -+ reset-gpios = <&main_gpio1 15 GPIO_ACTIVE_HIGH>; -+ status = "okay"; -+}; -+ -+&pcie1_rc { -+ status = "okay"; -+}; -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts -new file mode 100644 -index 0000000000..72fc011bd5 ---- /dev/null -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2-bkey-usb3-overlay.dts -@@ -0,0 +1,47 @@ -+// SPDX-License-Identifier: GPL-2.0 -+/* -+ * IOT2050 M.2 variant, overlay for B-key USB3.0 + E-key PCIE1_LANE0 -+ * Copyright (c) Siemens AG, 2022 -+ * -+ * Authors: -+ * Chao Zeng -+ * Jan Kiszka -+ */ -+ -+/dts-v1/; -+/plugin/; -+ -+#include -+#include -+ -+&serdes0 { -+ assigned-clock-parents = <&k3_clks 153 7>, <&k3_clks 153 4>; -+}; -+ -+&pcie0_rc { -+ status = "disabled"; -+}; -+ -+&pcie1_rc { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&minipcie_pins_default>; -+ -+ num-lanes = <1>; -+ phys = <&serdes1 PHY_TYPE_PCIE 0>; -+ phy-names = "pcie-phy0"; -+ reset-gpios = <&wkup_gpio0 27 GPIO_ACTIVE_HIGH>; -+ status = "okay"; -+}; -+ -+&dwc3_0 { -+ assigned-clock-parents = <&k3_clks 151 4>, /* set REF_CLK to 20MHz i.e. PER0_PLL/48 */ -+ <&k3_clks 151 8>; /* set PIPE3_TXB_CLK to WIZ8B2M4VSB */ -+ phys = <&serdes0 PHY_TYPE_USB3 0>; -+ phy-names = "usb3-phy"; -+}; -+ -+&usb0 { -+ maximum-speed = "super-speed"; -+ snps,dis-u1-entry-quirk; -+ snps,dis-u2-entry-quirk; -+}; -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index be30b9c4d1..2e90d3bd8c 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -1,7 +1,7 @@ - // SPDX-License-Identifier: GPL-2.0+ - /* - * Board specific initialization for IOT2050 -- * Copyright (c) Siemens AG, 2018-2021 -+ * Copyright (c) Siemens AG, 2018-2022 - * - * Authors: - * Le Jin -@@ -11,9 +11,11 @@ - #include - #include - #include -+#include - #include - #include - #include -+#include - #include - #include - #include -@@ -47,6 +49,114 @@ struct iot2050_info { - - DECLARE_GLOBAL_DATA_PTR; - -+struct gpio_config { -+ const char *gpio_name; -+ const char *label; -+}; -+ -+enum m2_connector_mode { -+ BKEY_PCIEX2 = 0, -+ BKEY_PCIE_EKEY_PCIE, -+ BKEY_USB30_EKEY_PCIE, -+ CONNECTOR_MODE_INVALID -+}; -+ -+struct m2_config_pins { -+ int config[4]; -+}; -+ -+struct serdes_mux_control { -+ int ctrl_usb30_pcie0_lane0; -+ int ctrl_pcie1_pcie0; -+ int ctrl_usb30_pcie0_lane1; -+}; -+ -+struct m2_config_table { -+ struct m2_config_pins config_pins; -+ enum m2_connector_mode mode; -+}; -+ -+static const struct gpio_config serdes_mux_ctl_pin_info[] = { -+ {"gpio@600000_88", "CTRL_USB30_PCIE0_LANE0"}, -+ {"gpio@600000_82", "CTRL_PCIE1_PCIE0"}, -+ {"gpio@600000_89", "CTRL_USB30_PCIE0_LANE1"}, -+}; -+ -+static const struct gpio_config m2_bkey_cfg_pin_info[] = { -+ {"gpio@601000_18", "KEY_CONFIG_0"}, -+ {"gpio@601000_19", "KEY_CONFIG_1"}, -+ {"gpio@601000_88", "KEY_CONFIG_2"}, -+ {"gpio@601000_89", "KEY_CONFIG_3"}, -+}; -+ -+static const struct m2_config_table m2_config_table[] = { -+ {{{0, 1, 0, 0}}, BKEY_PCIEX2}, -+ {{{0, 0, 1, 0}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{0, 1, 1, 0}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{1, 0, 0, 1}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{1, 1, 0, 1}}, BKEY_PCIE_EKEY_PCIE}, -+ {{{0, 0, 0, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{0, 1, 0, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{0, 0, 1, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{0, 1, 1, 1}}, BKEY_USB30_EKEY_PCIE}, -+ {{{1, 0, 1, 1}}, BKEY_USB30_EKEY_PCIE}, -+}; -+ -+static const struct serdes_mux_control serdes_mux_ctrl[] = { -+ [BKEY_PCIEX2] = {0, 0, 1}, -+ [BKEY_PCIE_EKEY_PCIE] = {0, 1, 0}, -+ [BKEY_USB30_EKEY_PCIE] = {1, 1, 0}, -+}; -+ -+static const char *m2_connector_mode_name[] = { -+ [BKEY_PCIEX2] = "PCIe x2 (key B)", -+ [BKEY_PCIE_EKEY_PCIE] = "PCIe (key B) / PCIe (key E)", -+ [BKEY_USB30_EKEY_PCIE] = "USB 3.0 (key B) / PCIe (key E)", -+}; -+ -+static enum m2_connector_mode connector_mode; -+ -+#if defined(CONFIG_OF_LIBFDT) && defined(CONFIG_OF_BOARD_SETUP) -+static void *connector_overlay; -+static u32 connector_overlay_size; -+#endif -+ -+static int get_pinvalue(const char *gpio_name, const char *label) -+{ -+ struct gpio_desc gpio; -+ -+ if (dm_gpio_lookup_name(gpio_name, &gpio) < 0 || -+ dm_gpio_request(&gpio, label) < 0 || -+ dm_gpio_set_dir_flags(&gpio, GPIOD_IS_IN) < 0) { -+ pr_err("Cannot get pin %s for M.2 configuration\n", gpio_name); -+ return 0; -+ } -+ -+ return dm_gpio_get_value(&gpio); -+} -+ -+static void set_pinvalue(const char *gpio_name, const char *label, int value) -+{ -+ struct gpio_desc gpio; -+ -+ if (dm_gpio_lookup_name(gpio_name, &gpio) < 0 || -+ dm_gpio_request(&gpio, label) < 0 || -+ dm_gpio_set_dir_flags(&gpio, GPIOD_IS_OUT) < 0) { -+ pr_err("Cannot set pin %s for M.2 configuration\n", gpio_name); -+ return; -+ } -+ dm_gpio_set_value(&gpio, value); -+} -+ -+static bool board_is_m2(void) -+{ -+ struct iot2050_info *info = IOT2050_INFO_DATA; -+ -+ return IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG2) && -+ info->magic == IOT2050_INFO_MAGIC && -+ strcmp((char *)info->name, "IOT2050-ADVANCED-M2") == 0; -+} -+ - static bool board_is_advanced(void) - { - struct iot2050_info *info = IOT2050_INFO_DATA; -@@ -103,6 +213,8 @@ void set_board_info_env(void) - if (board_is_advanced()) { - if (IS_ENABLED(CONFIG_TARGET_IOT2050_A53_PG1)) - fdtfile = "ti/k3-am6548-iot2050-advanced.dtb"; -+ else if(board_is_m2()) -+ fdtfile = "ti/k3-am6548-iot2050-advanced-m2.dtb"; - else - fdtfile = "ti/k3-am6548-iot2050-advanced-pg2.dtb"; - } else { -@@ -118,6 +230,101 @@ void set_board_info_env(void) - env_save(); - } - -+static void m2_overlay_prepare(void) -+{ -+#if defined(CONFIG_OF_LIBFDT) && defined(CONFIG_OF_BOARD_SETUP) -+ const char *overlay_path; -+ void *overlay; -+ u64 loadaddr; -+ ofnode node; -+ int ret; -+ -+ if (connector_mode == BKEY_PCIEX2) -+ return; -+ -+ if (connector_mode == BKEY_PCIE_EKEY_PCIE) -+ overlay_path = "/fit-images/bkey-ekey-pcie-overlay"; -+ else -+ overlay_path = "/fit-images/bkey-usb3-overlay"; -+ -+ node = ofnode_path(overlay_path); -+ if (!ofnode_valid(node)) -+ goto fit_error; -+ -+ ret = ofnode_read_u64(node, "load", &loadaddr); -+ if (ret) -+ goto fit_error; -+ -+ ret = ofnode_read_u32(node, "size", &connector_overlay_size); -+ if (ret) -+ goto fit_error; -+ -+ overlay = map_sysmem(loadaddr, connector_overlay_size); -+ -+ connector_overlay = malloc(connector_overlay_size); -+ if (!connector_overlay) -+ goto fit_error; -+ -+ memcpy(connector_overlay, overlay, connector_overlay_size); -+ return; -+ -+fit_error: -+ pr_err("M.2 device tree overlay %s not available,\n", overlay_path); -+#endif -+} -+ -+static void m2_connector_setup(void) -+{ -+ ulong m2_manual_config = env_get_ulong("m2_manual_config", 10, -+ CONNECTOR_MODE_INVALID); -+ const char *mode_info = ""; -+ struct m2_config_pins config_pins; -+ unsigned int n; -+ -+ /* enable M.2 connector power */ -+ set_pinvalue("gpio@601000_17", "P3V3_M2_EN", 1); -+ udelay(4 * 100); -+ -+ if (m2_manual_config < CONNECTOR_MODE_INVALID) { -+ mode_info = " [manual mode]"; -+ connector_mode = m2_manual_config; -+ } else { /* auto detection */ -+ for (n = 0; n < ARRAY_SIZE(config_pins.config); n++) -+ config_pins.config[n] = -+ get_pinvalue(m2_bkey_cfg_pin_info[n].gpio_name, -+ m2_bkey_cfg_pin_info[n].label); -+ connector_mode = CONNECTOR_MODE_INVALID; -+ for (n = 0; n < ARRAY_SIZE(m2_config_table); n++) { -+ if (!memcmp(config_pins.config, -+ m2_config_table[n].config_pins.config, -+ sizeof(config_pins.config))) { -+ connector_mode = m2_config_table[n].mode; -+ break; -+ } -+ } -+ if (connector_mode == CONNECTOR_MODE_INVALID) { -+ mode_info = " [fallback, card unknown/unsupported]"; -+ connector_mode = BKEY_USB30_EKEY_PCIE; -+ } -+ } -+ -+ printf("M.2: %s%s\n", m2_connector_mode_name[connector_mode], -+ mode_info); -+ -+ /* configure serdes mux */ -+ set_pinvalue(serdes_mux_ctl_pin_info[0].gpio_name, -+ serdes_mux_ctl_pin_info[0].label, -+ serdes_mux_ctrl[connector_mode].ctrl_usb30_pcie0_lane0); -+ set_pinvalue(serdes_mux_ctl_pin_info[1].gpio_name, -+ serdes_mux_ctl_pin_info[1].label, -+ serdes_mux_ctrl[connector_mode].ctrl_pcie1_pcie0); -+ set_pinvalue(serdes_mux_ctl_pin_info[2].gpio_name, -+ serdes_mux_ctl_pin_info[2].label, -+ serdes_mux_ctrl[connector_mode].ctrl_usb30_pcie0_lane1); -+ -+ m2_overlay_prepare(); -+} -+ - int board_init(void) - { - return 0; -@@ -215,6 +422,9 @@ int board_late_init(void) - /* change CTRL_MMR register to let serdes0 not output USB3.0 signals. */ - writel(0x3, SERDES0_LANE_SELECT); - -+ if (board_is_m2()) -+ m2_connector_setup(); -+ - set_board_info_env(); - - /* remove the eMMC if requested via button */ -@@ -226,6 +436,50 @@ int board_late_init(void) - } - - #if defined(CONFIG_OF_LIBFDT) && defined(CONFIG_OF_BOARD_SETUP) -+static void m2_fdt_fixup(void *blob) -+{ -+ void *overlay_copy = NULL; -+ void *fdt_copy = NULL; -+ u32 fdt_size; -+ int err; -+ -+ if (!connector_overlay) -+ return; -+ -+ /* -+ * We need to work with temporary copies here because fdt_overlay_apply -+ * is destructive to the overlay and also to the target blob, even if -+ * application fails. -+ */ -+ fdt_size = fdt_totalsize(blob); -+ fdt_copy = malloc(fdt_size); -+ if (!fdt_copy) -+ goto fixup_error; -+ -+ memcpy(fdt_copy, blob, fdt_size); -+ -+ overlay_copy = malloc(connector_overlay_size); -+ if (!overlay_copy) -+ goto fixup_error; -+ -+ memcpy(overlay_copy, connector_overlay, connector_overlay_size); -+ -+ err = fdt_overlay_apply_verbose(fdt_copy, overlay_copy); -+ if (err) -+ goto fixup_error; -+ -+ memcpy(blob, fdt_copy, fdt_size); -+ -+cleanup: -+ free(fdt_copy); -+ free(overlay_copy); -+ return; -+ -+fixup_error: -+ pr_err("Could not apply M.2 device tree overlay\n"); -+ goto cleanup; -+} -+ - int ft_board_setup(void *blob, struct bd_info *bd) - { - int ret; -@@ -237,6 +491,9 @@ int ft_board_setup(void *blob, struct bd_info *bd) - if (ret) - pr_err("%s: fixing up msmc ram failed %d\n", __func__, ret); - -+ if (board_is_m2()) -+ m2_fdt_fixup(blob); -+ - return ret; - } - #endif -diff --git a/doc/board/siemens/iot2050.rst b/doc/board/siemens/iot2050.rst -index 442d2cac21..074d6aa15a 100644 ---- a/doc/board/siemens/iot2050.rst -+++ b/doc/board/siemens/iot2050.rst -@@ -145,3 +145,21 @@ Flash signed flash.bin - - The signing has happen in-place in flash.bin, thus the flashing procedure - described above. -+ -+M.2 slot configuration -+---------------------- -+ -+The M.2 variant of the IOT2050 comes with one B-keyed and one E-keyed slot. -+These are configured by U-Boot depending on the detected usage (auto -+configuration). The device tree loaded later on for the OS will be fixed up -+by U-Boot according to this configuration. -+ -+For the case auto configuration does not work reliably, it is possible to set -+the U-Boot environment variable "m2_manual_config" to select the mode manually: -+ -+"0" - B-key: PCIe x2, USB 2.0 -+ E-key: USB 2.0 -+"1" - B-key: PCIe, USB 2.0 -+ E-key: PCIe, USB 2.0 -+"2" - B-key: USB 3.0, -+ E-key: PCIe, USB 2.0 -diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h -index d2cba5acfd..fe6a8bff59 100644 ---- a/include/configs/iot2050.h -+++ b/include/configs/iot2050.h -@@ -61,6 +61,7 @@ - #define CONFIG_ENV_FLAGS_LIST_STATIC \ - "board_uuid:sw,board_name:sw,board_serial:sw,board_a5e:sw," \ - "mlfb:sw,fw_version:sw,seboot_version:sw," \ -+ "m2_manuel_config:sw," \ - "eth1addr:mw,eth2addr:mw,watchdog_timeout_ms:dw,boot_targets:sw" - #endif - diff --git a/recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch b/recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch deleted file mode 100644 index ee26a87e0..000000000 --- a/recipes-bsp/u-boot/files/0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Baocheng Su -Date: Sat, 30 Jul 2022 10:53:55 +0800 -Subject: [PATCH] spl: fit: Report fdt error for loading u-boot - -Commit 71551055cbdb ("spl: fit: Load devicetree when a Linux payload is -found") made a change to not report the spl_fit_append_fdt error at all -if next-stage image is u-boot. - -However for u-boot image without CONFIG_OF_EMBED, the error should be -reported to uplevel caller. Otherwise, uplevel caller would think the -fdt is already loaded which is obviously not true. - -Signed-off-by: Baocheng Su ---- - common/spl/spl_fit.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c -index a35be52965..00404935cb 100644 ---- a/common/spl/spl_fit.c -+++ b/common/spl/spl_fit.c -@@ -770,8 +770,12 @@ int spl_load_simple_fit(struct spl_image_info *spl_image, - */ - if (os_takes_devicetree(spl_image->os)) { - ret = spl_fit_append_fdt(spl_image, info, sector, &ctx); -- if (ret < 0 && spl_image->os != IH_OS_U_BOOT) -- return ret; -+ if (ret < 0) { -+ if (spl_image->os != IH_OS_U_BOOT) -+ return ret; -+ else if (!IS_ENABLED(CONFIG_OF_EMBED)) -+ return ret; -+ } - } - - firmware_node = node; diff --git a/recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch b/recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch deleted file mode 100644 index 4ad78a9e9..000000000 --- a/recipes-bsp/u-boot/files/0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Fri, 14 Oct 2022 18:01:28 +0200 -Subject: [PATCH] efi_loader: Let networking support depend on NETDEVICES - -CONFIG_NET does not imply that there are actually network devices -available, only CONFIG_NETDEVICES does. Changing to this dependency -obsoletes the check in Kconfig because NETDEVICES means DM_ETH. - -Suggested-by: Tom Rini -Signed-off-by: Jan Kiszka ---- - lib/efi_loader/Kconfig | 1 - - lib/efi_loader/Makefile | 2 +- - lib/efi_loader/efi_device_path.c | 6 +++--- - lib/efi_loader/efi_setup.c | 2 +- - lib/efi_selftest/Makefile | 2 +- - 5 files changed, 6 insertions(+), 7 deletions(-) - -diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig -index b8fb2701a7..94feadda5e 100644 ---- a/lib/efi_loader/Kconfig -+++ b/lib/efi_loader/Kconfig -@@ -11,7 +11,6 @@ config EFI_LOADER - # We need EFI_STUB_32BIT to be set on x86_32 with EFI_STUB - depends on !EFI_STUB || !X86 || X86_64 || EFI_STUB_32BIT - depends on BLK -- depends on DM_ETH || !NET - depends on !EFI_APP - default y if !ARM || SYS_CPU = armv7 || SYS_CPU = armv8 - select CHARSET -diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile -index e187d2a914..418db296b2 100644 ---- a/lib/efi_loader/Makefile -+++ b/lib/efi_loader/Makefile -@@ -68,7 +68,7 @@ obj-y += efi_watchdog.o - obj-$(CONFIG_EFI_ESRT) += efi_esrt.o - obj-$(CONFIG_DM_VIDEO) += efi_gop.o - obj-$(CONFIG_BLK) += efi_disk.o --obj-$(CONFIG_NET) += efi_net.o -+obj-$(CONFIG_NETDEVICES) += efi_net.o - obj-$(CONFIG_GENERATE_ACPI_TABLE) += efi_acpi.o - obj-$(CONFIG_GENERATE_SMBIOS_TABLE) += efi_smbios.o - obj-$(CONFIG_EFI_RNG_PROTOCOL) += efi_rng.o -diff --git a/lib/efi_loader/efi_device_path.c b/lib/efi_loader/efi_device_path.c -index ebffb77122..179b36f321 100644 ---- a/lib/efi_loader/efi_device_path.c -+++ b/lib/efi_loader/efi_device_path.c -@@ -613,7 +613,7 @@ __maybe_unused static void *dp_fill(void *buf, struct udevice *dev) - *vdp = ROOT; - return &vdp[1]; - } --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - case UCLASS_ETH: { - struct efi_device_path_mac_addr *dp = - dp_fill(buf, dev->parent); -@@ -1051,7 +1051,7 @@ struct efi_device_path *efi_dp_from_uart(void) - return buf; - } - --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - struct efi_device_path *efi_dp_from_eth(void) - { - void *buf, *start; -@@ -1168,7 +1168,7 @@ efi_status_t efi_dp_from_name(const char *dev, const char *devnr, - return EFI_INVALID_PARAMETER; - - if (!strcmp(dev, "Net")) { --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - if (device) - *device = efi_dp_from_eth(); - #endif -diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c -index c633fcd91e..979acc0142 100644 ---- a/lib/efi_loader/efi_setup.c -+++ b/lib/efi_loader/efi_setup.c -@@ -335,7 +335,7 @@ efi_status_t efi_init_obj_list(void) - if (ret != EFI_SUCCESS) - goto out; - #endif --#ifdef CONFIG_NET -+#ifdef CONFIG_NETDEVICES - ret = efi_net_register(); - if (ret != EFI_SUCCESS) - goto out; -diff --git a/lib/efi_selftest/Makefile b/lib/efi_selftest/Makefile -index daac6c3968..e4d75420bf 100644 ---- a/lib/efi_selftest/Makefile -+++ b/lib/efi_selftest/Makefile -@@ -50,7 +50,7 @@ efi_selftest_variables_runtime.o \ - efi_selftest_watchdog.o - - obj-$(CONFIG_EFI_ECPT) += efi_selftest_ecpt.o --obj-$(CONFIG_NET) += efi_selftest_snp.o -+obj-$(CONFIG_NETDEVICES) += efi_selftest_snp.o - - obj-$(CONFIG_EFI_DEVICE_PATH_TO_TEXT) += efi_selftest_devicepath.o - obj-$(CONFIG_EFI_UNICODE_COLLATION_PROTOCOL2) += \ diff --git a/recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch b/recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch deleted file mode 100644 index 82899b890..000000000 --- a/recipes-bsp/u-boot/files/0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch +++ /dev/null @@ -1,126 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Baocheng Su -Date: Mon, 10 Apr 2023 13:25:47 +0800 -Subject: [PATCH] iot2050: Refactor the m.2 and minipcie power pin - -Make the m.2 power control pin also available on miniPCIE variants. - -This can fix some miniPCIE card hang issue, by forcing a power on reset -during boot. - -Signed-off-by: Baocheng Su ---- - arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi | 5 ++++- - arch/arm/dts/k3-am65-iot2050-common.dtsi | 11 +++++++++++ - arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts | 8 +------- - board/siemens/iot2050/board.c | 12 ++++++++---- - 4 files changed, 24 insertions(+), 12 deletions(-) - -diff --git a/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi b/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi -index e7e0ca4159..c6d9d49c1e 100644 ---- a/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-common-pg2.dtsi -@@ -20,7 +20,10 @@ - - &main_gpio1 { - pinctrl-names = "default"; -- pinctrl-0 = <&cp2102n_reset_pin_default>; -+ pinctrl-0 = < -+ &main_pcie_enable_pins_default -+ &cp2102n_reset_pin_default -+ >; - gpio-line-names = - "", "", "", "", "", "", "", "", "", "", - "", "", "", "", "", "", "", "", "", "", -diff --git a/arch/arm/dts/k3-am65-iot2050-common.dtsi b/arch/arm/dts/k3-am65-iot2050-common.dtsi -index 65da226847..e60006bec2 100644 ---- a/arch/arm/dts/k3-am65-iot2050-common.dtsi -+++ b/arch/arm/dts/k3-am65-iot2050-common.dtsi -@@ -233,6 +233,12 @@ - }; - - &main_pmx0 { -+ main_pcie_enable_pins_default: main-pcie-enable-pins-default { -+ pinctrl-single,pins = < -+ AM65X_IOPAD(0x01c4, PIN_INPUT_PULLUP, 7) /* (AH13) GPIO1_17 */ -+ >; -+ }; -+ - main_uart1_pins_default: main-uart1-pins-default { - pinctrl-single,pins = < - AM65X_IOPAD(0x0174, PIN_INPUT, 6) /* (AE23) UART1_RXD */ -@@ -385,6 +391,11 @@ - "", "IO9"; - }; - -+&main_gpio1 { -+ pinctrl-names = "default"; -+ pinctrl-0 = <&main_pcie_enable_pins_default>; -+}; -+ - &wkup_gpio0 { - pinctrl-names = "default"; - pinctrl-0 = < -diff --git a/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -index cb0f3a8729..99a519fd8b 100644 ---- a/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -+++ b/arch/arm/dts/k3-am6548-iot2050-advanced-m2.dts -@@ -27,12 +27,6 @@ - }; - - &main_pmx0 { -- main_m2_enable_pins_default: main-m2-enable-pins-default { -- pinctrl-single,pins = < -- AM65X_IOPAD(0x01c4, PIN_INPUT_PULLUP, 7) /* (AH13) GPIO1_17 */ -- >; -- }; -- - main_bkey_pcie_reset: main-bkey-pcie-reset { - pinctrl-single,pins = < - AM65X_IOPAD(0x01bc, PIN_OUTPUT_PULLUP, 7) /* (AG13) GPIO1_15 */ -@@ -72,7 +66,7 @@ - &main_gpio1 { - pinctrl-names = "default"; - pinctrl-0 = < -- &main_m2_enable_pins_default -+ &main_pcie_enable_pins_default - &main_pmx0_m2_config_pins_default - &main_pmx1_m2_config_pins_default - >; -diff --git a/board/siemens/iot2050/board.c b/board/siemens/iot2050/board.c -index 2e90d3bd8c..a0b12c564a 100644 ---- a/board/siemens/iot2050/board.c -+++ b/board/siemens/iot2050/board.c -@@ -178,6 +178,12 @@ static void remove_mmc1_target(void) - free(boot_targets); - } - -+static void enable_mpcie_m2_power(void) -+{ -+ set_pinvalue("gpio@601000_17", "P3V3_MPCIE_M2_EN", 1); -+ udelay(4 * 100); -+} -+ - void set_board_info_env(void) - { - struct iot2050_info *info = IOT2050_INFO_DATA; -@@ -281,10 +287,6 @@ static void m2_connector_setup(void) - struct m2_config_pins config_pins; - unsigned int n; - -- /* enable M.2 connector power */ -- set_pinvalue("gpio@601000_17", "P3V3_M2_EN", 1); -- udelay(4 * 100); -- - if (m2_manual_config < CONNECTOR_MODE_INVALID) { - mode_info = " [manual mode]"; - connector_mode = m2_manual_config; -@@ -422,6 +424,8 @@ int board_late_init(void) - /* change CTRL_MMR register to let serdes0 not output USB3.0 signals. */ - writel(0x3, SERDES0_LANE_SELECT); - -+ enable_mpcie_m2_power(); -+ - if (board_is_m2()) - m2_connector_setup(); - diff --git a/recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch b/recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch deleted file mode 100644 index 10ce89c86..000000000 --- a/recipes-bsp/u-boot/files/0020-configs-Increase-malloc-size-after-relocation.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Neha Malcom Francis -Date: Wed, 11 Jan 2023 18:11:23 +0530 -Subject: [PATCH] configs: Increase malloc size after relocation - -Current default size of 0x100000 is not capable of getting the FIT -buffer during boot when transitioning to using binman generated boot -images for certain K3 devices, so increase it to 0x400000. Since A72 SPL -is coming after relocation to DDR this should not be an issue for any K3 -device, so make it default for all. - -Signed-off-by: Neha Malcom Francis -Acked-by: Andrew Davis ---- - common/spl/Kconfig | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/common/spl/Kconfig b/common/spl/Kconfig -index a25d8fd2e0845300cde5e1782bc19c5608de576b..3c2af453ab66e2161d258c182d95371fb465f9ec 100644 ---- a/common/spl/Kconfig -+++ b/common/spl/Kconfig -@@ -385,6 +385,7 @@ config SPL_STACK_R_ADDR - config SPL_STACK_R_MALLOC_SIMPLE_LEN - depends on SPL_STACK_R && SPL_SYS_MALLOC_SIMPLE - hex "Size of malloc_simple heap after switching to DRAM SPL stack" -+ default 0x400000 if ARCH_K3 && ARM64 - default 0x100000 - help - Specify the amount of the stack to use as memory pool for diff --git a/recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch b/recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch deleted file mode 100644 index 757e5d520..000000000 --- a/recipes-bsp/u-boot/files/0021-configs-iot2050-Enabled-keyed-autoboot.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jan Kiszka -Date: Thu, 27 Jul 2023 06:34:56 +0200 -Subject: [PATCH] configs: iot2050: Enabled keyed autoboot - -Only accept SPACE to stop autobooting. This is safer to avoid accidental -interruptions on unattended devices. - -Signed-off-by: Jan Kiszka ---- - configs/iot2050_pg1_defconfig | 4 ++++ - configs/iot2050_pg2_defconfig | 4 ++++ - 2 files changed, 8 insertions(+) - -diff --git a/configs/iot2050_pg1_defconfig b/configs/iot2050_pg1_defconfig -index 49f8110936..5034719b8b 100644 ---- a/configs/iot2050_pg1_defconfig -+++ b/configs/iot2050_pg1_defconfig -@@ -32,6 +32,10 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_AUTOBOOT_KEYED=y -+CONFIG_AUTOBOOT_FLUSH_STDIN=y -+CONFIG_AUTOBOOT_PROMPT="Hit SPACE to stop autoboot in %d seconds...\n" -+CONFIG_AUTOBOOT_STOP_STR=" " - CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set -diff --git a/configs/iot2050_pg2_defconfig b/configs/iot2050_pg2_defconfig -index a31691a1d1..9c107d27f9 100644 ---- a/configs/iot2050_pg2_defconfig -+++ b/configs/iot2050_pg2_defconfig -@@ -32,6 +32,10 @@ CONFIG_OF_BOARD_SETUP=y - CONFIG_BOOTSTAGE=y - CONFIG_SHOW_BOOT_PROGRESS=y - CONFIG_SPL_SHOW_BOOT_PROGRESS=y -+CONFIG_AUTOBOOT_KEYED=y -+CONFIG_AUTOBOOT_FLUSH_STDIN=y -+CONFIG_AUTOBOOT_PROMPT="Hit SPACE to stop autoboot in %d seconds...\n" -+CONFIG_AUTOBOOT_STOP_STR=" " - CONFIG_BOOTCOMMAND="run start_watchdog; run distro_bootcmd" - CONFIG_CONSOLE_MUX=y - # CONFIG_DISPLAY_CPUINFO is not set diff --git a/recipes-bsp/u-boot/files/rules.tmpl b/recipes-bsp/u-boot/files/rules.tmpl index 115ad6737..78e14139c 100755 --- a/recipes-bsp/u-boot/files/rules.tmpl +++ b/recipes-bsp/u-boot/files/rules.tmpl @@ -22,7 +22,7 @@ override_dh_auto_build: fi $(MAKE) $(PARALLEL_MAKE) ${U_BOOT_CONFIG} $(MAKE) $(PARALLEL_MAKE) ${U_BOOT_BIN} \ - ATF=/usr/lib/trusted-firmware-a/iot2050/bl31.bin \ + BL31=/usr/lib/trusted-firmware-a/iot2050/bl31.bin \ TEE=/usr/lib/optee-os/iot2050/tee-raw.bin $(MAKE) -n u-boot-initial-env >/dev/null 2>&1; if [ $$? -ne 2 ]; then \ $(MAKE) $(PARALLEL_MAKE) u-boot-initial-env; \ diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg b/recipes-bsp/u-boot/files/secure-boot.cfg index 4b725f646..594f95e6b 100644 --- a/recipes-bsp/u-boot/files/secure-boot.cfg +++ b/recipes-bsp/u-boot/files/secure-boot.cfg @@ -1,5 +1,5 @@ ### Secure boot config -# CONFIG_DISTRO_DEFAULTS is not set +CONFIG_NETDEVICES=y CONFIG_ENV_VARS_UBOOT_CONFIG=y CONFIG_SPL_FIT_SIGNATURE=y CONFIG_BOOTDELAY=-2 diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb deleted file mode 100644 index 30a0f8471..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg1_2022.10.bb +++ /dev/null @@ -1,15 +0,0 @@ -# -# Copyright (c) Siemens AG, 2022 -# -# Authors: -# Su Baocheng -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -require u-boot-iot2050_2022.10.inc - -U_BOOT_CONFIG = "iot2050_${PRODUCT_GENERATION}_defconfig" - -SPI_FLASH_DEPLOY_IMG = "iot2050-${PRODUCT_GENERATION}-image-boot.bin" diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb deleted file mode 100644 index cc4bbc7c3..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg1_202x.xx-upstream.bb +++ /dev/null @@ -1,23 +0,0 @@ -# -# Copyright (c) Siemens AG, 2020-2022 -# -# Authors: -# Jan Kiszka -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -require u-boot-iot2050.inc - -SRC_URI += " \ - git://github.com/siemens/u-boot.git;protocol=https;branch=${UBOOT_BRANCH};rev=${UBOOT_BRANCH} \ - " - -UBOOT_BRANCH = "jan/iot2050" - -S = "${WORKDIR}/git" - -U_BOOT_CONFIG = "iot2050_${PRODUCT_GENERATION}_defconfig" - -SPI_FLASH_DEPLOY_IMG = "iot2050-${PRODUCT_GENERATION}-image-boot.bin" diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb deleted file mode 120000 index 1c7645d77..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg2_2022.10.bb +++ /dev/null @@ -1 +0,0 @@ -u-boot-iot2050-pg1_2022.10.bb \ No newline at end of file diff --git a/recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb b/recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb deleted file mode 120000 index 78d3cd307..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050-pg2_202x.xx-upstream.bb +++ /dev/null @@ -1 +0,0 @@ -u-boot-iot2050-pg1_202x.xx-upstream.bb \ No newline at end of file diff --git a/recipes-bsp/u-boot/u-boot-iot2050.inc b/recipes-bsp/u-boot/u-boot-iot2050.inc index 928d6edce..b09ea62ef 100644 --- a/recipes-bsp/u-boot/u-boot-iot2050.inc +++ b/recipes-bsp/u-boot/u-boot-iot2050.inc @@ -28,15 +28,14 @@ SRC_URI:append:rpmb-setup = " \ U_BOOT_BIN = "flash.bin" U_BOOT_ENV = "u-boot-initial-env" - -SPI_FLASH_IMG = "${U_BOOT_BIN}" -SPI_FLASH_DEPLOY_IMG ??= "iot2050-image-boot.bin" +U_BOOT_CONFIG = "iot2050_defconfig" # Build environment DEPENDS += "trusted-firmware-a-iot2050 optee-os-iot2050 k3-rti-wdt" DEBIAN_BUILD_DEPENDS =. "openssl, libssl-dev:native, libssl-dev:arm64, \ trusted-firmware-a-iot2050, optee-os-iot2050, k3-rti-wdt, \ - swig, python3-dev:native, python3-pkg-resources," + swig, python3-dev:native, python3-pkg-resources, python3-setuptools, \ + python3-pyelftools," DEBIAN_BUILD_DEPENDS:append:secureboot = ", python3-pycryptodome:native, \ pesign, python3-openssl:native" @@ -51,7 +50,9 @@ U_BOOT_CONFIG_PACKAGE = "1" do_prepare_build:append() { ln -f ${WORKDIR}/prebuild/* ${S} ln -sf /lib/firmware/k3-rti-wdt.fw ${S} - echo "${SPI_FLASH_IMG} /usr/lib/u-boot/${MACHINE}" > \ + echo "flash-pg1.bin /usr/lib/u-boot/${MACHINE}" > \ + ${S}/debian/u-boot-${MACHINE}.install + echo "flash-pg2.bin /usr/lib/u-boot/${MACHINE}" >> \ ${S}/debian/u-boot-${MACHINE}.install echo -$(${ISAR_RELEASE_CMD}) > ${S}/.scmversion cp ${WORKDIR}/rules ${S}/debian/rules @@ -59,9 +60,6 @@ do_prepare_build:append() { } do_prepare_build:append:secureboot() { - if [ "${PRODUCT_GENERATION}" = "pg1" ]; then - bbwarn "PG1 devices are not supported in booting securely" - fi mkdir -p ${S}/keys ln -f ${WORKDIR}/keys/* ${S}/keys/ sed -ni '/### Secure boot config/q;p' ${S}/configs/${U_BOOT_CONFIG} @@ -76,26 +74,22 @@ dpkg_runbuild:append:secureboot() { } do_prepare_build:append:otpcmd() { - if [ "${PRODUCT_GENERATION}" = "pg1" ]; then - bbwarn "PG1 devices are not supported in booting securely" - fi ln -sf /usr/lib/secure-boot-otp-provisioning/otpcmd.bin ${S} sed -ni '/### OTP command config/q;p' ${S}/configs/${U_BOOT_CONFIG} cat ${WORKDIR}/otpcmd.cfg >> ${S}/configs/${U_BOOT_CONFIG} } do_prepare_build:append:rpmb-setup() { - if [ "${PRODUCT_GENERATION}" = "pg1" ]; then - bbwarn "PG1 devices do not support RPMB based secure storage" - fi sed -ni '/### RPMB key pairing config/q;p' ${S}/configs/${U_BOOT_CONFIG} cat ${WORKDIR}/rpmb-setup.cfg >> ${S}/configs/${U_BOOT_CONFIG} } do_deploy() { - dpkg --fsys-tarfile ${WORKDIR}/u-boot-${MACHINE}_${PV}*.deb | \ - tar xOf - "./usr/lib/u-boot/${MACHINE}/${U_BOOT_BIN}" \ - > "${DEPLOY_DIR_IMAGE}/${SPI_FLASH_DEPLOY_IMG}" + for gen in pg1 pg2; do + dpkg --fsys-tarfile ${WORKDIR}/u-boot-${MACHINE}_${PV}*.deb | \ + tar xOf - "./usr/lib/u-boot/${MACHINE}/flash-${gen}.bin" \ + > "${DEPLOY_DIR_IMAGE}/iot2050-${gen}-image-boot.bin" + done dpkg --fsys-tarfile ${WORKDIR}/u-boot-${MACHINE}-config_${PV}*.deb | \ tar xOf - "./etc/${U_BOOT_ENV}" \ > "${DEPLOY_DIR_IMAGE}/${U_BOOT_ENV}" diff --git a/recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc b/recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc deleted file mode 100644 index 5cc96c666..000000000 --- a/recipes-bsp/u-boot/u-boot-iot2050_2022.10.inc +++ /dev/null @@ -1,43 +0,0 @@ -# -# Copyright (c) Siemens AG, 2020-2023 -# -# Authors: -# Jan Kiszka -# Su Baocheng -# Li Huaqian -# -# This file is subject to the terms and conditions of the MIT License. See -# COPYING.MIT file in the top-level directory. -# - -require u-boot-iot2050.inc - -SRC_URI += " \ - https://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \ - file://0001-efi_loader-Improve-console-screen-clearing-and-reset.patch \ - file://0002-env-Complete-generic-support-for-writable-list.patch \ - file://0003-env-Couple-networking-related-variable-flags-to-CONF.patch \ - file://0004-tools-Add-script-for-converting-public-key-into-devi.patch \ - file://0005-board-siemens-iot2050-Split-the-build-for-PG1-and-PG.patch \ - file://0006-arm-dts-iot2050-Use-the-auto-generator-nodes-for-fdt.patch \ - file://0007-iot2050-Update-firmware-layout.patch \ - file://0008-iot2050-Add-watchdog-start-to-bootcmd.patch \ - file://0009-iot2050-Add-CONFIG_ENV_FLAGS_LIST_STATIC.patch \ - file://0010-arm-dts-iot2050-Allow-verifying-U-Boot-proper-by-SPL.patch \ - file://0011-iot2050-Add-script-for-signing-artifacts.patch \ - file://0012-arm-dts-iot2050-Optionally-embed-OTP-programming-dat.patch \ - file://0013-doc-iot2050-Add-a-note-about-the-watchdog-firmware.patch \ - file://0014-board-siemens-iot2050-use-the-named-gpio-to-control-.patch \ - file://0015-arm-dts-iot2050-Add-support-for-M.2-variant.patch \ - file://0016-iot2050-Add-support-for-configuring-M.2-connector.patch \ - file://0017-spl-fit-Report-fdt-error-for-loading-u-boot.patch \ - file://0018-efi_loader-Let-networking-support-depend-on-NETDEVIC.patch \ - file://0019-iot2050-Refactor-the-m.2-and-minipcie-power-pin.patch \ - file://0020-configs-Increase-malloc-size-after-relocation.patch \ - file://0021-configs-iot2050-Enabled-keyed-autoboot.patch \ - file://0022-Add-a-reserved-memory-for-watchdog.patch \ - " - -SRC_URI[sha256sum] = "50b4482a505bc281ba8470c399a3c26e145e29b23500bc35c50debd7fa46bdf8" - -S = "${WORKDIR}/u-boot-${PV}" diff --git a/recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb b/recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb new file mode 100644 index 000000000..64e1fed47 --- /dev/null +++ b/recipes-bsp/u-boot/u-boot-iot2050_2023.10.bb @@ -0,0 +1,21 @@ +# +# Copyright (c) Siemens AG, 2022-2023 +# +# Authors: +# Su Baocheng +# +# This file is subject to the terms and conditions of the MIT License. See +# COPYING.MIT file in the top-level directory. +# + +require u-boot-iot2050.inc + +SRC_URI += " \ + https://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \ + file://0001-Add-a-reserved-memory-for-watchdog.patch \ + file://0002-tools-iot2050-sign-fw.sh-Make-localization-of-tools-.patch \ + " + +SRC_URI[sha256sum] = "e00e6c6f014e046101739d08d06f328811cebcf5ae101348f409cbbd55ce6900" + +S = "${WORKDIR}/u-boot-${PV}"