| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
- Support for production devices with PKC
- Support for --gen-signed-msgs, --signed-msgs, and --download-signed-msgs
options.
- Support for --usb-timeout option.
- Various man page and code cleanups.
- Compilation fix when cryptopp isn't installed system-wide.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
| |
(Not signed-off-by the submitter, but the patch is trivial, so I don't
believe it's an issue in this case)
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current build system adds "-isystem /usr/include/$(CRYPTOLIB)" to
AM_CPPFLAGS, but this is wrong because cryptopp might not be installed
in this location. Instead, the build system should simply include
<cryptopp/...> or <crypto++/...> and rely on the compiler include
path.
The tricky part is that it can be <cryptopp/...> or <crypto++/...>. To
solve this, we use a solution similar to the one used in
https://github.com/bingmann/crypto-speedtest/blob/master/m4/cryptopp.m4
and
https://github.com/bingmann/crypto-speedtest/blob/master/src/speedtest_cryptopp.cpp:
the configure script fills in a variable called
CRYPTOLIB_HEADER_PREFIX, and we use that in the C++ code to include
the right header file.
It is worth mentioning that doing #include
<CRYPTOLIB_HEADER_PREFIX/foobar.h> doesn't work, and we have to use an
intermediate #define'd constant to overcome this C preprocessor
limitation.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(swarren, apply the same change to rsa-pss.cpp)
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Update the miniloader license to match the license used for other firmware
blobs in the Linux firmware git repository. This reduces the number of
licenses used for different parts of Tegra-related software.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
man --warnings shows this warning because some dots at the beginning
of the line are not escaped:
> usr/share/man/man1/tegrarcm.1.gz 111: warning: macro `..' not defined
Put the ellipsis in brackets to avoid this.
This was found thanks to lintian, the Debian package checker.
Signed-off-by: Martin Michlmayr <tbm@cyrius.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
| |
The command .fi is used after .nf to turn on paragraph filling mode
again. Fix the obvious typo.
Signed-off-by: Martin Michlmayr <tbm@cyrius.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Expand documentation of --pkc, --gen-signed-msgs, and
--download-signed-msgs.
Clean up various capitalization issues.
Fix a typo, in the code too.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RCM communication sometimes fails if the USB timeout is short. The default
timeout is 1000ms. Increasing the timeout value may avoid this issue. The
exact cause is not yet diagnosed. This patch implements a --usb-timeout
option to allow the value to be configured. A value of 0 means unlimited
timeout.
Example:
$ sudo tegrarcm --bct=jetson-tk1-bct.bct --bootloader=u-boot.bin \
--loadaddr=0x83d88000 --pkc=rsa_priv.der --usb-timeout=5000
Signed-off-by: Jimmy Zhang <jimmzhang@nvidia.com>
(swarren, commit description fixes)
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature allows user to download signed messages to devices
secured with PKC.
Example:
tegrarcm --download-signed-msgs --signed-msgs-file rel_1001.bin \
--bct=jetson-tk1-bct.bct --bootloader=u-boot.bin --loadaddr=0x83d88000
Where the following blob files are downloaded to device sequentially:
a) rel_1001.bin.qry
b) rel_1001.bin.ml
c) rel_1001.bin.bl
Signed-off-by: Jimmy Zhang <jimmzhang@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature allows generation of signed blobs that can later be used
to communicate with a PKC-enabled Tegra device without access to the
PKC. Option --bootloader, --soc and --pkc are also required when generating
the blob.
Example:
tegrarcm --gen-signed-msgs --signed-msgs-file rel_1001.bin \
--bootloader u-boot.bin --loadaddr 0x83d88000 --soc 124 \
--pkc rsa_priv.der
Where generated signed message files are:
a) rel_1001.bin.qry
b) rel_1001.bin.ml
c) rel_1001.bin.bl
Signed-off-by: Jimmy Zhang <jimmzhang@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add the support code needed to sign the RCM messages with RSA-PSS as
needed to communicate with secured production devices. This mode is
enabled by passing a key via the --pkc command line argument. If such
a key is set the RCM messages will be signed with it as well as the
bootloader.
Signed-off-by: Alban Bedel <alban.bedel@avionic-design.de>
Signed-off-by: Jimmy Zhang <jimmzhang@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
- Documented patch submission process in this file
- Added better USB debugging message
- Require a specific minimum version of libusb
- Added --usb-port-path cmdline option
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
This allows the user to specify which USB device to control, and in a
manner that is most immune to the set of attached USB devices varying.
See the manpage edit in this commit for a full description of how to
use this option.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When executing the RCM process, the Tegra device will be re-enumerated
on the USB bus once the miniloader is booted. This requires tegrarcm to
search for it again. In a system with multiple attached Tegra boards, all
being booted/shutdown in parallel, it is possible that the second call to
usb_open() will find a different Tegra device. Solve this issue by having
usb_open() record the exact physical USB port path of the device, and
match only that path on subsequent searches. This will be robust except in
the case where the device being operated on is physically unplugged and
replaced (not simply power-cycled) while tegrarcm is executing. This is
much less likely that the previous failure modes.
This feature also enables the next patch in this series.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
| |
This consolidates the matching logic into one place, which will make
future enhancements to the logic simpler.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
tegrarcm needs at least libusb 1.0.9 which introduces libusb_error_name.
Otherwise the build fails with the following linker error:
usb.o: In function `usb_read':
.../tegrarcm/src/usb.c:260: undefined reference to `libusb_error_name'
usb.o: In function `usb_write':
.../tegrarcm/src/usb.c:233: undefined reference to `libusb_error_name'
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
| |
Print more explicit messages when usb transition failed.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
| |
This tells users how/where to send patches, etc.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Update version number to 1.6 and update changelog in README for
version 1.6 release notes.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
tegrarcm should work if the operating mode is ODM production
secure mode. Add the operating mode definition and description.
Signed-off-by: Penny Chiu <pchiu@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
Acked-by: Allen Martin <amartin@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Update README with change log for version 1.5, and bump version
number.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
Add --miniloader and --miniloader_entry commands which allow passing
in the miniloader from a file and specifying the miniloader entry
address from the command line instead of using built-in miniloader.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Add a new command "readbct" which will read the BCT from the target
system and write it to bctfile.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Added --help and --version commands to usage. Made it more clear that
--entryaddr is optional.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Change the initialization logic so that if RCM protocol isn't
repsonding but a tegra recovery USB is reported, assume the nv3p
server is already running. This allows things like enumeration of
devices via nv3p without having to reset into RCM mode to talk to the
device again.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
| |
This prevents tegrarcm from just hanging in the event that the target
gets in some bad state and stops responding to USB (like downloading a
bad BCT). Set default timeout to 1s which should be plenty long
enough for the max xfer size of 4096 bytes.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
| |
Add Tegra124 USB device id, miniloader, and chip SKU information.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
| |
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
| |
RCM protocol 40 is required for Tegra124
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
Sync up SKU numbers with TOT tegra u-boot. Also change the default
SKU print to just use the chip family name so it's more resistant to
being out of sync in the future.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
Change the LICENSE file to make it clear that the NVIDIA proprietary
license applies to all miniloader files, not just the ones explicitly
listed.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
| |
Bump the version number to 1.4 and update change log.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
Update tegra114 miniloader file with a version that supports boot from
SPI flash. The previous version would hang if the board was
configured to boot from SPI.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
In preparation of changing the LICENSE file to refer to "miniloader"
directory instead of individual filenames, move all miniloader files
into "miniloader" subdir.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
| |
Add a description of the "--help" command to the man page.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Add command line option "--version" that prints the version number and
exits.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
| |
Bump the version number to 1.3 and update change log.
Signed-off-by: Allen Martin <amartin@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
On some distributions (e.g. Arch Linux) configure will fail to find
crypto++ because of the test program not linking due to undefined
references to pthread functions.
Signed-off-by: Alexandre Courbot <acourbot@nvidia.com>
Acked-by: Allen Martin <amartin@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add a check on the return value of rcm_get_msg_len() so if it fails
it isn't passed into usb_write().
Change-Id: I31aedf9f1dcde8aeed34b23a020e83dddd3179b6
Signed-off-by: Allen Martin <amartin@nvidia.com>
Reviewed-on: http://git-master/r/167827
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
stat() returns a hard-coded -1 on error. Return errno instead, so that
when main() calls error() with the returned value, the actual error can
be decoded. This transforms the error message from:
...: Unknown error -1
to e.g.:
...: No such file or directory
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Change-Id: I1c7503eeef2cebafeaf5d1cfba5626244979e3df
Reviewed-on: http://git-master/r/167774
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Allen Martin <amartin@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
| |
Bump the version number to 1.2 and update change log.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: I188eba740904ba5f9cd43179e16a39c077900d19
Reviewed-on: http://git-master/r/164852
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add a new man page for tegrarcm
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: If9f587d708b80311c814218dc268d91d7edb1055
Reviewed-on: http://git-master/r/167545
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add support for t114. This includes a new T114 miniloader, new USB
and nv3p device ids, and increased UID size.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: I5b77549317cad73c4499fe7797a30f09fffaebfb
Reviewed-on: http://git-master/r/164851
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
T114 uses version 35 of RCM protocol, in preparation for adding T114
support to tegrarcm add support for this version of RCM protocol.
The message size has changed because new fields were added and the
version number was bumped to 0x35. None of the new fields are
actually used by tegrarcm, so the only changes are to handle the size
and version differences.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: I2ff66205e5f1a9f2efbee711f7bad784ae297edf
Reviewed-on: http://git-master/r/164850
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This allows a developer to run autoreconf and then put the package
back into distclean state.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: I384b3722cf877343f85b0ee6684a3d7aee55f0b8
Reviewed-on: http://git-master/r/167544
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add helper script to recreate all auto generated files for building.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: Ia3b86bbfb73a6f7183a5422504bcb4c116eb6cda
Reviewed-on: http://git-master/r/167543
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove files that are generated by autoconf/automake. When packaging
a tarball for release they can be included, but they don't need to be
in source code control.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: Ie21bbc93c6367fa3885e1c49f080a181d816bf03
Reviewed-on: http://git-master/r/167542
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add some documentation of nv3p packet formats as comments
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: I5685612b75bb2150ca5307497c5b83d18aa8da6b
Reviewed-on: http://git-master/r/164849
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update miniloaders for T20 and T30 to latest version. This bumps nv3p
protocol to the latest version as well which changes some of the
message packages and command numbers.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: Ic16243f979ff505696aa97520f8b11a2cebf24fa
Reviewed-on: http://git-master/r/164848
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add more diagnostic information to some of the erorr/debug
messages
Signed-off-by: Allen Martin <amartin@nvidia.com>
Change-Id: I6d2c996e02711fbf913e5f9332f7c2781c40a3a1
Reviewed-on: http://git-master/r/164847
Reviewed-by: Automatic_Commit_Validation_User
Reviewed-by: Stephen Warren <swarren@nvidia.com>
|
