Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into nextWIP/07Apr2020-next

Xilinx changes for v2020.07

common:
- Align ENV_FAT_INTERFACE
- Fix MAC address source print log
- Improve based autodetection code

xilinx:
- Enable netconsole

Microblaze:
- Setup default ENV_OFFSET/ENV_SECT_SIZE

Zynq:
- Multiple DT updates/fixes
- Use DEVICE_TREE environment variable for DTB selection
- Switch to single zynq configuration
- Enable NOR flash via DM
- Minor SPL print removal
- Enable i2c mux driver

ZynqMP:
- Print multiboot register
- Enable cache commands in mini mtest
- Multiple DT updates/fixes
- Fix firmware probing when driver is not enabled
- Specify 3rd backup RAM boot mode in SPL
- Add SPL support for zcu102 v1.1 and zcu111 revA
- Redesign debug uart enabling and psu_init delay
- Enable full u-boot run from EL3
- Enable u-boot.itb generation without ATF with U-Boot in EL3

Versal:
- Enable distro default
- Enable others SPI flashes
- Enable systems without DDR

Drivers:
- Gem:
  - Flush memory after freeing
  - Handle mdio bus separately
- Watchdog:
  - Get rid of unused global data pointer
  - Enable window watchdog timer
- Serial:
  - Change reinitialization logic in zynq serial driver

Signed-off-by: Tom Rini <trini@konsulko.com>

1 files changed, 41 insertions, 8 deletions

diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c
index f6caeb0c59..490566ca90 100644
--- a/common/image-fit-sig.c
+++ b/common/image-fit-sig.c
@@ -98,7 +98,7 @@ static int fit_image_setup_verify(struct image_sign_info *info,
 		padding_name = RSA_DEFAULT_PADDING_NAME;
 
 	memset(info, '\0', sizeof(*info));
-	info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
+	info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
 	info->fit = (void *)fit;
 	info->node_offset = noffset;
 	info->name = algo_name;
@@ -209,7 +209,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
 		const char *required;
 		int ret;
 
-		required = fdt_getprop(sig_blob, noffset, "required", NULL);
+		required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED,
+				       NULL);
 		if (!required || strcmp(required, "image"))
 			continue;
 		ret = fit_image_verify_sig(fit, image_noffset, data, size,
@@ -228,20 +229,39 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
 	return 0;
 }
 
-int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
-			 char **err_msgp)
+/**
+ * fit_config_check_sig() - Check the signature of a config
+ *
+ * @fit: FIT to check
+ * @noffset: Offset of configuration node (e.g. /configurations/conf-1)
+ * @required_keynode:	Offset in the control FDT of the required key node,
+ *			if any. If this is given, then the configuration wil not
+ *			pass verification unless that key is used. If this is
+ *			-1 then any signature will do.
+ * @conf_noffset: Offset of the configuration subnode being checked (e.g.
+ *	 /configurations/conf-1/kernel)
+ * @err_msgp:		In the event of an error, this will be pointed to a
+ *			help error string to display to the user.
+ * @return 0 if all verified ok, <0 on error
+ */
+static int fit_config_check_sig(const void *fit, int noffset,
+				int required_keynode, int conf_noffset,
+				char **err_msgp)
 {
 	char * const exc_prop[] = {"data"};
 	const char *prop, *end, *name;
 	struct image_sign_info info;
 	const uint32_t *strings;
+	const char *config_name;
 	uint8_t *fit_value;
 	int fit_value_len;
+	bool found_config;
 	int max_regions;
 	int i, prop_len;
 	char path[200];
 	int count;
 
+	config_name = fit_get_name(fit, conf_noffset, NULL);
 	debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(),
 	      fit_get_name(fit, noffset, NULL),
 	      fit_get_name(gd_fdt_blob(), required_keynode, NULL));
@@ -282,9 +302,20 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
 	char *node_inc[count];
 
 	debug("Hash nodes (%d):\n", count);
+	found_config = false;
 	for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) {
 		debug("   '%s'\n", name);
 		node_inc[i] = (char *)name;
+		if (!strncmp(FIT_CONFS_PATH, name, strlen(FIT_CONFS_PATH)) &&
+		    name[sizeof(FIT_CONFS_PATH) - 1] == '/' &&
+		    !strcmp(name + sizeof(FIT_CONFS_PATH), config_name)) {
+			debug("      (found config node %s)", config_name);
+			found_config = true;
+		}
+	}
+	if (!found_config) {
+		*err_msgp = "Selected config not in hashed nodes";
+		return -1;
 	}
 
 	/*
@@ -352,7 +383,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset,
 		if (!strncmp(name, FIT_SIG_NODENAME,
 			     strlen(FIT_SIG_NODENAME))) {
 			ret = fit_config_check_sig(fit, noffset, sig_offset,
-						   &err_msg);
+						   conf_noffset, &err_msg);
 			if (ret) {
 				puts("- ");
 			} else {
@@ -368,13 +399,14 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset,
 		goto error;
 	}
 
-	return verified ? 0 : -EPERM;
+	if (verified)
+		return 0;
 
 error:
 	printf(" error!\n%s for '%s' hash node in '%s' config node\n",
 	       err_msg, fit_get_name(fit, noffset, NULL),
 	       fit_get_name(fit, conf_noffset, NULL));
-	return -1;
+	return -EPERM;
 }
 
 int fit_config_verify_required_sigs(const void *fit, int conf_noffset,
@@ -395,7 +427,8 @@ int fit_config_verify_required_sigs(const void *fit, int conf_noffset,
 		const char *required;
 		int ret;
 
-		required = fdt_getprop(sig_blob, noffset, "required", NULL);
+		required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED,
+				       NULL);
 		if (!required || strcmp(required, "conf"))
 			continue;
 		ret = fit_config_verify_sig(fit, conf_noffset, sig_blob,