From: Ahmad Fatoum
We currently lack a way to build a barebox EFI payload on ARM without
enabling some other subarchitecture. As CONFIG_EFI_PAYLOAD has a global
effect and adds EFI stubs to all enabled board, an EFI subarchitecture
doesn't fit into our current model.
Instead, let's make it possi
On Wed, Sep 17, 2025 at 05:22:12PM +0200, David Picard wrote:
> Enable the lw-fpga2hps and fpga2hps bridges.
>
> Signed-off-by: David Picard
> ---
> arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi | 10 ++
> 1 file changed, 10 insertions(+)
Please squash into the patch adding this file.
On Wed, Sep 17, 2025 at 05:22:10PM +0200, David Picard wrote:
> From: Ahmad Fatoum
>
> This device driver is OF-only, so reflect that in the Kconfig and have
> it parse aliases if available to derive its id.
>
> Signed-off-by: Ahmad Fatoum
> ---
> drivers/gpio/Kconfig | 1 +
> drivers/gpio/g
Fastboot OEM commands allow to execute arbitrary commands via fastboot,
so add a security policy for it to limit access to this functionality.
Signed-off-by: Sascha Hauer
---
common/Sconfig| 4
common/fastboot.c | 6 ++
2 files changed, 10 insertions(+)
diff --git a/common/Sconfig
On Wed, Sep 17, 2025 at 05:22:07PM +0200, David Picard wrote:
> From: Ahmad Fatoum
>
> The device trees from the Enclustra BSP are outdated and not compatible
> with what barebox expects. Drop them and use the upstream SoC device
> tree imported from Linux instead. For the board itself, we import
On Wed, Sep 17, 2025 at 05:22:05PM +0200, David Picard wrote:
> Signed-off-by: David Picard
> ---
> arch/arm/boards/Makefile | 1 +
> arch/arm/boards/enclustra-sa2/Makefile| 2 ++
> arch/arm/boards/enclustra-sa2/board.c | 32
> +++
>
Hi David,
On Wed, Sep 17, 2025 at 05:22:09PM +0200, David Picard wrote:
> Signed-off-by: David Picard
> ---
> arch/arm/boards/enclustra-sa2/Makefile| 2 +-
> arch/arm/boards/enclustra-sa2/atsha204a.c | 436
> ++
> arch/arm/boards/enclustra-sa2/atsha204a.h | 19
Based on Linux commit 77991645952c2 ("crc-itu-t: fix typo in CRC ITU-T
polynomial comment"):
| The code comment says that the polynomial is x^16 + x^12 + x^15 + 1, but
| the correct polynomial is x^16 + x^12 + x^5 + 1. Quoting from page 2 in
| the ITU-T V.41 specification [1]:
|
| 2 Encoding an
Hi,
On 9/14/25 9:32 PM, chalian...@gmail.com wrote:
> From: Chali Anis
>
> This patch is an esthetic cleanup, rename the dma_ops to dma_device_ops
> to be sure that the struct in drivers/dma is different from one used in
> arch/riscv/cpu. I accidentally faced the issue telling that the struct is
struct of_device_id::data already is a const void *, so drop explicit
casting to void * when initialized with something that already is a
pointer.
Signed-off-by: Sascha Hauer
---
drivers/hw_random/rockchip-rng.c | 6 +++---
drivers/pinctrl/pinctrl-rockchip.c | 2 +-
drivers/spi/dspi_spi.c
On Sun, 14 Sep 2025 15:32:49 -0400, chalian...@gmail.com wrote:
> This patch is an esthetic cleanup, rename the dma_ops to dma_device_ops
> to be sure that the struct in drivers/dma is different from one used in
> arch/riscv/cpu. I accidentally faced the issue telling that the struct is
> defined
From: Ahmad Fatoum
The enforcement of security policies to be up-to-date and removal of
implicit syncing nudges users into checking in the actual security
policy into version control. To allow the policies to live outside the
barebox tree, introduce CONFIG_SECURITY_POLICY_PATH that takes a
space-
On Wed, 10 Sep 2025 07:42:25 +0200, Steffen Trumtrar wrote:
> The wait_on_timeout uses get_time_ns for timekeeping. It seems that this
> considerably decreases transfer speeds, because the wait_on_timeout loop
> gets throttled by the timekeeping.
> Moving the timekeeping after the hot path result
Sometimes firmware files can be links. When rebuilding barebox correctly
rebuilds the firmware when file the link points to is updated, but the
firmware is not rebuilt when the link itself is changed to link to
another file.
Fix this by including the sha256sum directly in the generated assembly
fi
From: Ahmad Fatoum
The go command doesn't do any signature verification and allows
executing arbitrary code. Add a security option, so a policy can disable
this command at runtime.
Signed-off-by: Ahmad Fatoum
---
Sconfig | 1 +
commands/Sconfig | 12
commands/go.c|
FEC_TYPE_IMX27 is 0 which meands device_get_match_data() returns NULL
and the driver bails out on the error check of this function. Start
counting the enum at one to pass the error check also on i.MX27.
Signed-off-by: Sascha Hauer
---
drivers/net/fec_imx.h | 2 +-
1 file changed, 1 insertion(+),
Disabling the input path of the console is the safest bet to make
barebox fully non interactive. Add a security policy for this case.
Signed-off-by: Sascha Hauer
---
common/Sconfig | 11 ++-
common/console.c| 6 ++
common/console_simple.c | 6 ++
3 files change
Hello.
I think we can bring the crc16() procedure into the public location
(/crypto?, /lib?).
ср, 17 сент. 2025 г. в 18:51, David Picard :
>
> Signed-off-by: David Picard
> ---
> arch/arm/boards/enclustra-sa2/Makefile| 2 +-
> arch/arm/boards/enclustra-sa2/atsha204a.c | 436
> +++
On Wed, Sep 17, 2025 at 12:21:57PM +0200, Ahmad Fatoum wrote:
> On 9/17/25 11:58 AM, Sascha Hauer wrote:
> > Sometimes firmware files can be links. When rebuilding barebox correctly
> > rebuilds the firmware when file the link points to is updated, but the
> > firmware is not rebuilt when the link
From: Ahmad Fatoum
bootm_init is a late initcall and thus the code has the implicit
assumption that bootm_force_signed_images is called after it runs.
Rework the code to allow calling the function at any time.
Signed-off-by: Ahmad Fatoum
---
common/bootm.c | 32 +++
Enable the lw-fpga2hps and fpga2hps bridges.
Signed-off-by: David Picard
---
arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi
b/arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi
index
52a9
Signed-off-by: David Picard
---
arch/arm/boards/enclustra-sa2/Makefile| 2 +-
arch/arm/boards/enclustra-sa2/atsha204a.c | 436 ++
arch/arm/boards/enclustra-sa2/atsha204a.h | 19 ++
arch/arm/boards/enclustra-sa2/board.c | 51 +++-
arch/arm/boards/enclustra-s
Security policies are a mechanism for barebox to prevent, when so
desired, security relevant code from being executed.
Security policies are controlled via a second Kconfig menu structure
(called Sconfig) which collects security relevant options.
While the normal Kconfig menu structure is about f
From: Ahmad Fatoum
The normal cmd can not be used in foreach, because it's prefixed by @.
Add an optional loopable variant as well as a noop_cmd that's suitable
for use in nesten $(call ...) invocations that would otherwise lead to
Make aborting due to perceived cycles in log_print.
Signed-off-b
From: Ahmad Fatoum
A key aspect of security policies is the enforcement of a policy to be
complete with no implicit defaults. To make this easier to use, the
security_*config targets directly manipulate the specified KPOLICY or
all known policies if none were specified.
This is at odds with buil
From: Ahmad Fatoum
Security policies are a mechanism for barebox to prevent, when so
desired, security relevant code from being executed.
Security policies are controlled via a second Kconfig menu structure
(called Sconfig) which collects security relevant options.
While the normal Kconfig menu
Executing shell scripts can be dangerous in secure environments, so add
a security policy for it. While shell scripts can be executed securely
if made sure that no scripts from unknown sources are executed,
executing an interactive shell for sure is not desired in secure
environments, so offer two
From: Ahmad Fatoum
For secure systems that disable the regular console, RATP should be
disabled as well, so add an option to do so.
Signed-off-by: Ahmad Fatoum
---
Sconfig| 1 +
common/Sconfig | 9 +
common/console.c | 4 +++-
common/ratp/ratp.c | 17 ++
From: Ahmad Fatoum
The security policy support does not allow for incomplete configs and
thus sconfig files must be refreshed when config options they depend on
changes. This means that a security profile that's up-to-date with
respect to one .config is often outdated with respect to another.
To
From: Ahmad Fatoum
The device trees from the Enclustra BSP are outdated and not compatible
with what barebox expects. Drop them and use the upstream SoC device
tree imported from Linux instead. For the board itself, we import the
device tree in the most recent posting[1] to the kernel mailing lis
Add support for the Enclustra Mercury+ SA2, a Cyclone V based
SoC FPGA.
https://www.enclustra.com/en/products/system-on-chip-modules/mercury-sa2/
The SoM provides a 64MiB NOR QSPI flash, DDR3, Ethernet PHY, RTC.
The Cyclone V features a hardware ARM core (aka HPS) that can boot
from SD card (MMC)
Signed-off-by: David Picard
---
arch/arm/boards/Makefile | 1 +
arch/arm/boards/enclustra-sa2/Makefile| 2 ++
arch/arm/boards/enclustra-sa2/board.c | 32 +++
arch/arm/boards/enclustra-sa2/lowlevel.c | 13 +++
arch/arm/con
Copied from Enclustra's BSP
Signed-off-by: David Picard
---
dts/src/arm/intel/socfpga/skeleton.dtsi| 13 +
.../intel/socfpga/socfpga_cyclone5_enclustra.dtsi | 69 ++
.../intel/socfpga/socfpga_cyclone5_mercury_sa2.dts | 128 +++
dts/src/arm/intel/socfpga/socfpga_enclustra.dtsi |
From: Ahmad Fatoum
When deep probing GPIO controller, we expect struct gpio_chip::dev to be
bound to a driver.
This is currently not the case as the driver for the parent nodes
creates devices for the child nodes and never binds a driver to them.
As the child nodes have compatibles themselves t
Configure the SI5338 clock generator on the ST1 baseboard.
Signed-off-by: David Picard
---
arch/arm/boards/enclustra-sa2/Makefile | 2 +-
.../boards/enclustra-sa2/Si5338-RevB-Registers.h | 433 +
arch/arm/boards/enclustra-sa2/board.c | 6 +
arch
From: Ahmad Fatoum
This device driver is OF-only, so reflect that in the Kconfig and have
it parse aliases if available to derive its id.
Signed-off-by: Ahmad Fatoum
---
drivers/gpio/Kconfig | 1 +
drivers/gpio/gpio-dw.c | 4 +++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a
The clock generator SI5338 is not implemented on the SA2 module itself,
but on e.g. the ST1 baseboard.
Signed-off-by: David Picard
---
arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi | 6 ++
1 file changed, 6 insertions(+)
diff --git a/arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi
b/arch/a
Signed-off-by: David Picard
---
arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi | 25 +++--
1 file changed, 23 insertions(+), 2 deletions(-)
diff --git a/arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi
b/arch/arm/dts/socfpga_cyclone5_mercury_sa2.dtsi
index
73bd75fcf224fbf31fc
Copy handoff files from Mercury_SA2_ST1_Reference_Design
released by Enclustra.
Signed-off-by: David Picard
---
.../boards/enclustra-sa2/iocsr_config_cyclone5.c | 678 +
arch/arm/boards/enclustra-sa2/pinmux_config.c | 241
arch/arm/boards/enclustra-sa2/pll_con
In secure environments we shouldn't load a persistent and potentially
manipulated environment. Add a security policy for it.
Signed-off-by: Sascha Hauer
---
common/Sconfig | 8
common/environment.c | 6 ++
2 files changed, 14 insertions(+)
diff --git a/common/Sconfig b/common
We don't have any trusted filesystems in barebox and a manipulated
filesystem could trick barebox into crashing or loading untrusted data,
so add a security policy for the barebox filesystems.
With SCONFIG_FS_EXTERNAL set barebox will allow mounting all filesystems
whereas with this option disable
We'll need static inline wrappers in following patches, let's add them.
Signed-off-by: Sascha Hauer
---
include/linux/usb/usbserial.h | 11 +++
1 file changed, 11 insertions(+)
diff --git a/include/linux/usb/usbserial.h b/include/linux/usb/usbserial.h
index
e1375c489a027448c8e75ce1ce05
On Tue, Sep 16, 2025 at 11:38:48AM +0200, Ahmad Fatoum wrote:
> Hello Sascha,
>
> On 9/16/25 11:32 AM, Sascha Hauer wrote:
> > Several drivers in the tree use an enum for the chip type casted to int
> > as driver_data. This comes with the problem that device_get_match_data()
> > returns NULL for t
The sconfig command provides a convenient interface to test the new
security policy support. It allows inspecting available policies
and optionally switching between them and enabling/disabling them
piecewise for interactive testing of code that is gated behind these
security options.
Signed-off-b
From: Ahmad Fatoum
Let's add some first documentation for the newly added security policy
support.
Signed-off-by: Ahmad Fatoum
---
Documentation/devel/devel.rst | 1 +
Documentation/devel/security-policies.rst | 96 ++
Documentation/user/security-policies.rst
From: Ahmad Fatoum
This nifty optional feature makes it easy to see what security policy
is currently active.
Signed-off-by: Ahmad Fatoum
---
Documentation/user/defaultenv-2.rst | 2 ++
common/Kconfig | 5 +
defaultenv/Makefile
From: Ahmad Fatoum
We already have one implementation of list.h, so we do not need to
replicate it of Kconfig specially. Make use of scripts/include for all
host tools to align us with what Linux is doing.
Signed-off-by: Ahmad Fatoum
---
Makefile | 6 ++-
scripts/Makefile
Wenn PROMPT_COMMAND is used then a "echo $?" shows the result of the
PROMPT_COMMAND instead of the result of the last command. Fix this by
restoring the previous value after PROMPT_COMMAND has been executed.
Signed-off-by: Sascha Hauer
---
common/hush.c | 4
1 file changed, 4 insertions(+)
On Wed, Sep 17, 2025 at 11:58:34AM +0200, Sascha Hauer wrote:
> Sometimes firmware files can be links. When rebuilding barebox correctly
> rebuilds the firmware when file the link points to is updated, but the
> firmware is not rebuilt when the link itself is changed to link to
> another file.
>
>
On 9/17/25 11:58 AM, Sascha Hauer wrote:
> Sometimes firmware files can be links. When rebuilding barebox correctly
> rebuilds the firmware when file the link points to is updated, but the
> firmware is not rebuilt when the link itself is changed to link to
> another file.
This is surprising. I th
Sometimes firmware files can be links. When rebuilding barebox correctly
rebuilds the firmware when file the link points to is updated, but the
firmware is not rebuilt when the link itself is changed to link to
another file.
Fix this by including the sha256sum directly in the generated assembly
fi
From: Chali Anis
rename dma_ops to dma_map_ops for more consistence.
Signed-off-by: Chali Anis
---
arch/riscv/cpu/dma.c | 6 +++---
arch/riscv/include/asm/dma.h | 4 ++--
drivers/soc/starfive/jh7100_dma.c | 2 +-
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/
52 matches
Mail list logo
