Using the new AAPCS function remote execution support, add support to
read from and write to SPI flash connected to a device.
This allows flashing boot code to a device.
Signed-off-by: Siarhei Siamashka <siarhei.siamashka@gmail.com>
[Andre: adjust to upstream changes]
Signed-off-by: Andre Przywara <osp@andrep.de>
This patch adds a wrapper script, which can automatically compile
and wrap a small C function, taking care of all the necessary
function arguments marshalling.
The functions 'aw_fel_remotefunc_prepare/aw_fel_remotefunc_execute'
allow using such functions in the sunxi-fel tool to get this code
executed remotely on the device.
Signed-off-by: Siarhei Siamashka <siarhei.siamashka@gmail.com>
[Andre: adjust to match upstream changes]
Signed-off-by: Andre Przywara <osp@andrep.de>
Allwinner H6 SoC has a totally different memory map and different clock
control unit with other SoCs.
Add support for it in uart0-helloworld-sdboot.
To avoid writing blindly into the device MMIO area first (for triggering
the SRAM version register), we query the known content of some GIC register
to verify we are looking at an H6 memory map.
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Andre Przywara <osp@andrep.de>
Allwinner A80 and H6 SoC has totally different memory map with other
Allwinner SoCs, and so the GPIO/UART0 base addresses are different on
these SoCs.
Use a static variable to store the base address, to fit these SoCs with
different memory map.
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Andre Przywara <osp@andrep.de>
Allwinner H6 is a new SoC with its memory map changed.
Add its SoC info, including SRAM addresses and SID address.
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Andre Przywara <osp@andrep.de>
A U-Boot image has two CRCs, one to cover the data and that we already
check, and one to cover the header.
Since we're not checking the latter, let's make sure it's the case.
Tested-by: Frank Kunz <mailinglists@kunz-im-inter.net>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
The current code checks that the transferred size is matching the size
reported in the image header.
Unfortunately, the transferred image might be padded, which doesn't change
anything at the functional level, but will make that check trigger since
the actual image will be smaller than the transferred data.
Change that logic to first check that the transferred size isn't less that
the header image size, which will still be an error, and then check for the
CRC of the image itself. This will prove to be an more robust integrity
check than what we have right now anyway.
The CRC used in the image header is the CRC32 algorithm, that is
implemented in the zlib, which is installed on most devices on the planet,
so we can just use that implementation instead of rolling our own.
Tested-by: Frank Kunz <mailinglists@kunz-im-inter.net>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
The U-Boot image parsing code so far has been relying on hardcoded offsets
directly into the image's buffer.
While that works, it's a bit obscure and isn't practical to understand and
modify.
Let's add the structure definition, and convert the code to use it.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
The version 2 of SPL added the possibility to add a device tree name in
the header, with adding some pad and using a reserved word.
As FEL boot currently doesn't need the device tree name, directly raise
the maximum supported version number to 2.
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Use a hardwired L.NOP instruction from the OpenRISC reset
vector as a way to check if the workaround is necessary.
Because these L.NOP instructions are guaranteed to be there
and are read-only, this is the most reliable non-invasive test.
Reading SID would be less reliable because it is one-time
programmable and theoretically may be set to zero on some boards.
Signed-off-by: Siarhei Siamashka <siarhei.siamashka@gmail.com>
If an SoC has the "secure boot" fuse burned, it will enter FEL mode in
non-secure state, so with the SCR.NS bit set. Since in this mode the
secure/non-secure state restrictions are actually observed, we suffer
from several restrictions:
- No access to the SID information (both via memory mapped and "register").
- No access to secure SRAM (SRAM A2 on H3/A64/H5).
- No access to the secure side of the GIC, so it can't be configured to
be accessible from non-secure world.
- No RMR trigger on ARMv8 cores to bring the core into AArch64.
Those limitations make a board pretty useless for many applications.
However it has been found out that a simple "smc" call will immediately
return from monitor mode, but with the NS bit cleared, so access to all
secure peripherals is suddenly possible.
Add all the necessary support code for doing a runtime check and
activating this workaround. Affected SoCs need to have the "smc"
workaround enabled in their soc_info struct.
Signed-off-by: Andre Przywara <osp@andrep.de>
["sunxi-fel smc" command changed to automatic detection by Siarhei]
Signed-off-by: Siarhei Siamashka <siarhei.siamashka@gmail.com>
This patch moves the scan for an ARM gcc into a separate shell
script. To prevent against recursion issues, the new script adds
"-maxdepth 1" to the find invocation; and it now also correctly
handles directories in $PATH that contain spaces in their name.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
This function provides bitwise clear/set operations on 32-bit words
via FEL. It may help with implementing future functionality, where
ARM register manipulations often involve such bit level access.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
"make headers" (which in turn invokes "make -C thunks/" should now
build the include files via awk, avoiding the need for ruby.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
Try an 'educated guess' for a suitable toolchain if no explicit
CROSS_COMPILE was set (but still default to "arm-none-eabi-").
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
This functionality is now available via "sunxi-fel memmove", so
change the fel-gpio script accordingly and remove the thunk code.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
The functions represent ARM "thunk" code that can be invoked via
FEL to execute arbitrary memory copy operations on the target
device, i.e. they deal with overlap and unaligned access. Where
possible, the copy operation will use (32-bit) word transfers,
otherwise it falls back to bytewise copying.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
With fixed SID reading routine, it's now possible to differ H2+ with H3
with SID.
Tested on an Orange Pi One and an Orange Pi Zero.
Signed-off-by: Icenowy Zheng <icenowy@aosc.xyz>
The patch also introduces a "sid-register" command for diagnostic
purposes. It allows to use/enforce the workaround method for other
SoCs, to check if there are any inconsistencies with the values
read from memory.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
The new function fel_get_sid_registers() uses ARM code for register
access to the SID root key. This is necessary to retrieve correct
values for certain SoCs, e.g. when not using this approach the H3
has been observed to return 'mangled' values (when reading SID from
memory).
See https://groups.google.com/forum/#!topic/linux-sunxi/ynyIP8c61Qs
The FEL library provides a uniform fel_get_sid_root_key() wrapper
that will automatically use the workaround method for SoCs that
are tagged accordingly - so the application program does not have
to bother with selecting memory vs. register-based access.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
H3 SID controller has some bug, that makes the initial value at
0x01c14200 wrong.
This commit workarounds this bug by reading them with register access
first.
Signed-off-by: Icenowy Zheng <icenowy@aosc.xyz>
Reviewed-by: Bernhard Nortmann <bernhard.nortmann@web.de>
This is a preparatory step. Instead of using memory-based access,
we might want to retrieve SID keys (e-fuses) via SID registers.
For this, it's convenient if the plain base address is available.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
This is to make sure that users get notified accordingly if the
"sunxi-fel --list" doesn't find any FEL devices.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
For unknown option-style arguments (starting with '-'), exit after
printing an error message.
This avoids situations where sunxi-fel would not report incorrect
options (with no FEL device attached/detected) and fail with
"Allwinner USB FEL device not found" instead, which is undesirable.
TODO: Might have to eventually migrate this to some better argument
parsing, e.g. getopt(3) or something similar.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
fel:
- Minor review of ARM scratch code
- POSIX conformance: Use nanosleep() instead of deprecated usleep()
README:
- revert Unicode dash to standard ASCII
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
