xypron changed the topic of #u-boot to: #u-boot SOURCE MOVED TO https://source.denx.de/u-boot/u-boot.git / U-Boot 2023.01 / Merge Window is OPEN, -next is CLOSED / Release v2023.01 is scheduled for 2023-01-09 / Channel archives at https://libera.irclog.whitequark.org/u-boot
umbramalison has quit [Quit: %So long and thanks for all the fish%]
umbramalison has joined #u-boot
mmu_man has quit [Ping timeout: 246 seconds]
mthall has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
mthall has joined #u-boot
umbramalison has quit [*.net *.split]
umbramalison has joined #u-boot
minimal has quit [Quit: Leaving]
thopiekar has quit [Ping timeout: 246 seconds]
thopiekar has joined #u-boot
jclsn has quit [Ping timeout: 252 seconds]
jclsn has joined #u-boot
thopiekar has quit [Ping timeout: 255 seconds]
thopiekar has joined #u-boot
jagan has quit [Quit: Connection closed]
camus1 has joined #u-boot
camus has quit [Ping timeout: 260 seconds]
camus1 is now known as camus
camus1 has joined #u-boot
camus has quit [Ping timeout: 260 seconds]
camus1 is now known as camus
sbach has quit [Read error: Connection reset by peer]
sbach has joined #u-boot
hanetzer has quit [Ping timeout: 272 seconds]
hanetzer has joined #u-boot
hanetzer has quit [Ping timeout: 260 seconds]
hanetzer has joined #u-boot
<hays> dangit i compiled u-boot with ARM TRNG support, but I guess this A53 doesn't have it?
naoki has quit [Remote host closed the connection]
naoki has joined #u-boot
<hays> dang.. Any creative ways to get KASLR seeded without hardware support?
<mranostaj> i'm sure there are same creative ways.. but probably none practical
<mranostaj> or that secure rather
<mranostaj> so for this patch well revert (yes a decade old) the return code for mmc_send_if_cond() call isn't checked even though it is assigned to err... https://github.com/u-boot/u-boot/commit/afd5932b2c27
<mranostaj> is that just a oversight for a decade, and accidently introduced with this revert? or is it to quiet some compiler warning about an unused return code?
<Forty-Bot> looks like a decade-old oversight
<mranostaj> was thinking as much.. guess i can pop a patch up
naoki has quit [Quit: naoki]
mncheck has joined #u-boot
mckoan|away is now known as mckoan
matthias_bgg has joined #u-boot
naoki has joined #u-boot
camus has quit [Ping timeout: 272 seconds]
camus has joined #u-boot
sszy has joined #u-boot
<marex> hays: iirc zynqmp has no RNG (which is A53)
chron0 has quit [Ping timeout: 248 seconds]
chron0 has joined #u-boot
<marex> so it could be a soc feature
<marex> hays: which soc is that ?
<apalos> marex: I don't remember if those have an RNG but fwiw TF-A and OP-TEE can provide you with one now if you need it
<marex> apalos: oh wow, so they magically conjure randomness from nowhere ?
underpantsgnome[ has quit [Quit: Bridge terminating on SIGTERM]
par[m] has quit [Quit: Bridge terminating on SIGTERM]
mvaittin has quit [Quit: Bridge terminating on SIGTERM]
samueldr has quit [Quit: Bridge terminating on SIGTERM]
Tartarus has quit [Quit: Bridge terminating on SIGTERM]
Domon has quit [Quit: Bridge terminating on SIGTERM]
ric342[m] has quit [Quit: Bridge terminating on SIGTERM]
jkorsnes[m] has quit [Quit: Bridge terminating on SIGTERM]
hthiery has quit [Quit: Bridge terminating on SIGTERM]
kallisti5[m] has quit [Quit: Bridge terminating on SIGTERM]
mripard has quit [Quit: Bridge terminating on SIGTERM]
lespocky[m] has quit [Quit: Bridge terminating on SIGTERM]
Julia[m]1 has quit [Quit: Bridge terminating on SIGTERM]
elvishjerricco has quit [Quit: Bridge terminating on SIGTERM]
Dhruvag2000[m] has quit [Quit: Bridge terminating on SIGTERM]
LinuxHackerman has quit [Quit: Bridge terminating on SIGTERM]
vitali64[m] has quit [Quit: Bridge terminating on SIGTERM]
jevinskie[m] has quit [Quit: Bridge terminating on SIGTERM]
kmaincent[m] has quit [Quit: Bridge terminating on SIGTERM]
<apalos> marex: I think they both implement a DRBG as defined in NIST standards
<apalos> but I've benver checked the details
<marex> apalos: but if it is pseudoRNG, then it is basically not useful
vitali64[m] has joined #u-boot
apritzel has joined #u-boot
<hays> marex: the Armada 3720 or 3700 series
samueldr has joined #u-boot
<hays> just trying to gat KASLR working
mripard has joined #u-boot
Tartarus has joined #u-boot
lespocky[m] has joined #u-boot
jevinskie[m] has joined #u-boot
LinuxHackerman has joined #u-boot
par[m] has joined #u-boot
elvishjerricco has joined #u-boot
hthiery has joined #u-boot
mvaittin has joined #u-boot
jkorsnes[m] has joined #u-boot
underpantsgnome[ has joined #u-boot
Domon has joined #u-boot
ric342[m] has joined #u-boot
kallisti5[m] has joined #u-boot
Dhruvag2000[m] has joined #u-boot
<hays> and yeah a PRNG needs a seed so its chicken/egg
Julia[m] has joined #u-boot
kmaincent[m] has joined #u-boot
mmu_man has joined #u-boot
<apalos> hays: KASLR with or without EFI
<hays> apalos: this does not have EFI
<hays> that's not something i can add, is it?
<j`ey> hays: u-boot has an EFI implementation
<hays> hmm does this mean im using grub or could i just boot the kernel directly
<apalos> you can boot the kernel directly
<apalos> the problem without EFI is that you only randomize the virtual placement of the kernel
<apalos> if you boot with EFI you also randomize it's initial physical placement
<apalos> efidebug boot add -b 1 my_OS usb 0:1 efi/boot/bootarm.efi -I usb 0:1 ledge-initramfs.rootfs.cpio.gz -s 'console=ttySTM0,115200 console=tty0 root=UUID=6091b3a4-ce08-3020-93a6-f755a22ef03b rootwait panic=60'
<apalos> efidebug boot order 1
<apalos> bootefi bootmgr
<apalos> In theory that's all you need
<apalos> (of replace the kernel and initrd with your own)
<apalos> -b == the kernel,
<apalos> -i == initramfs
<apalos> oh and -s == kernel cmdline
<hays> what is -b 1 my_OS
<apalos> that's the name you want to show up
<hays> bootarm.efi is that a file I need?
<apalos> you need your kernel image in that (uncompressed)
<hays> "in" that?
<marex> hays: doesnt the armada have true HW RNG ?
<hays> I have Image and a .dtb... no initramfs
<marex> kabel: ^
<hays> marex: i haven't been able to find this out, or if it does, how to get it added to the .dts
<apalos> oh that assumes you are using the default u-boot dtb
<apalos> I think you can provide the address to your special DTB as the third argument of 'bootefi bootmgr'
<hays> i am building a dtb with u-boot
<apalos> that's fine then, just skip the -i option
<hays> apalos: this is cool, but i am still unclear on how I prepare the efi/boot/bootarm.efi file
<apalos> hays: you dont
<apalos> the default Image that your kernel compilation spits out is what you need
<hays> let me check that
<apalos> EFI has default names for the binaries it loads, so it can loaded *something* if you havent configured anything
<apalos> so you can skip the entire efidebug command, since you dont need an initrd
<apalos> and just name your kernel bootaa64.efi
<marex> hays: it shoudl be in the base SoC DT, maybe even enabled
<apalos> oh and efidebug is not enabled by default iirc
<hays> apalos: wait I just rename Image?
<hays> marex: its not
<apalos> ywa
<apalos> hays: if your bootcommand is "distro boot_cmd" yes
<apalos> if it's not you need that efidebug command
<marex> $ git grep -i rng arch/arm64/boot/dts/marvell/
<marex> arch/arm64/boot/dts/marvell/armada-cp11x.dtsi: CP11X_LABEL(trng): trng@760000 {
<marex> arch/arm64/boot/dts/marvell/armada-cp11x.dtsi: compatible = "marvell,armada-8k-rng",
<marex> that's linux ^
<marex> try poking around that
<apalos> hays: it's a bit 'weird' atm since not all EFI changes we are planning are done
<apalos> but the tl;dr is
<apalos> 1. if your device has EFI enabled, your boot command is 'run distro_bootcmd' and you don't need an initramfs just name the kernel bootaa64.efi
<hays> apalos: i may try this... although its a little scary i don;t want to brick my device
<apalos> you can't brick it
<apalos> you are literally not doing anything to your firmware
<hays> right now i boot like this --
<hays> bootargs=console=ttyMV0,115200 earlycon=ar3700_uart,0xd0012000 systemd.gpt_auto=no root=PARTUUID=89708921-02 rootfstype=btrfs rootflags=subvol=@debian-root rw rootwait
<hays> bootcmd=mmc dev 0; ext4load mmc 0:1 $kernel_addr_r $image_name; ext4load mmc 0:1 $fdt_addr_r $fdt_name; booti $kernel_addr_r - $fdt_addr_r
<hays> so i think i need that command to set boot args
<apalos> ok so you dont need an initrd because you have the kernel loading the partuuiid
<apalos> the bootargs are read and translate automatically with bootefi
<apalos> so you just need to set those
<hays> sorry if i am being obtuse.. but it sounds like you are saying ... maybe i dont change anything but the name of the kernel file?
<hays> or does my bootcmd simplify because its using the u-boot dtb
<hays> or maybe i need an EFI partition?
<hays> rather than the ext4 partition i have now?
<kettenis> you're using the booti command right now
<hays> marex: I will poke. thanks for the tip
<hays> kettenis: so is it as simple as bootcmd=mmc dev 0; ext4load mmc 0:1 $kernel_addr_r $image_name; ext4load mmc 0:1 $fdt_addr_r $fdt_name; bootefi $kernel_addr_r $fdt_addr_r
<kettenis> possibly
<hays> where $image_name is bootaa64.efi (Image)
<apalos> hays: yes that bootefi will probably work
<hays> and this will solve the KASLR issue?
<apalos> well there's no 'issue'
<hays> "KASLR disabled due to lack of seed"
<apalos> it adds an extra level of randomization if you boot with efi
<apalos> yea that means there's no RNG on your device
<apalos> EFI ignores the kasrl-seed
<hays> that appears so.
<apalos> so you need an RNG device on u-boot
<hays> i compiled RNG support, but it seems to want hardware support also
<apalos> yep
<apalos> there's an EFI_RNG protocol, which the kernel queries on boot
<apalos> and if you have no device availaible, we dont install the protocol
<hays> so with or without EFI, KASLR is going to be disabled
sukbeom has quit [Quit: WeeChat 3.5]
ldevulder has quit [Remote host closed the connection]
<hays> it did not boot this way. "No EFI system partition" maybe is problem?
ldevulder has joined #u-boot
<apalos> that's not a problem overall, it just says u-boot found no ESP,
<apalos> worst case you wont be able to store EFI variables
<apalos> The kernel boots up,
<apalos> I think you are just missing a console
<apalos> earlycon on kernel cmdargs might help
<hays> bootargs=console=ttyMV0,115200 earlycon=ar3700_uart,0xd0012000 systemd.gpt_auto=no root=PARTUUID=89708921-02 rootfstype=btrfs rootflags=subvol=@debian-root rw rootwait
<hays> I have it
<apalos> is that address correct though ?
<hays> provided by vendor
mmu_man has quit [Ping timeout: 255 seconds]
<hays> fwiw: configs/mvebu_espressobin-ultra-88f3720_defconfig:CONFIG_DEBUG_UART_BASE=0xd0012000
<hays> it also seems to be using the u-boot dtb despite me specifying one..
mckoan is now known as mckoan|away
<hays> I have more -- https://h0c.us/v/RzgR
<apalos> EFI is done at that point
<apalos> basically after "EFI stub: Exiting boot services..." The EFI has done it's job and is now jumping to the kernel proper
<apalos> so I am not entirely sure what happens in ther e
<apalos> If the dtb you end up using is the built in u-boot one, that's the first thing I would look at
<hays> well it should boot, and i am actually not sure anymore that's the case
<hays> this -- do_undefinstr+0x2b0/0x2e0
<hays> i can recompile with a matching dtb
<hays> reflash firmware, etc.. to rule it out
<apalos> How did you end up to the conclusion the internal DTB is used?
<hays> I saw this -- EFI stub: Using DTB from configuration table
mmu_man has joined #u-boot
<hays> but I think that's a red herring... the docs say that the cmdline param adds the dtb to the config table
<hays> going to check my kernel
<apalos> that doesn't mean it used the default FDT
<hays> CONFIG_EFI_STUB=y
<apalos> the EFI way of handing over the DT is via a config table
<apalos> yea you need that
<hays> yeah... so I think its using the right dtb
<apalos> any chance you can try a kernel pre6-xx ?
<apalos> There are some weird bugs in > 6.0-rcx from some refactoring, that we look into as we speak
<j`ey> hays: are you able to rebuild the kernel too? if the undef thing persists, applying https://lore.kernel.org/linux-arm-kernel/20220913101732.3925290-2-mark.rutland@arm.com/ to the kernel will help with debugging
<j`ey> or objdump and see whats at gic_of_iomap+0x0/0x78
<hays> j`ey: im loading the kernel with patch now
<apalos> oh ignore my efi remarks though, they seem unrelated
<hays> apalos: kernel 6.0.2 although I just found a glitch on my end I want to fix
<hays> probably unrelated, but I didnt have modules installed for 6.0.2
<hays> lol now its printing nothing again. very odd
zibolo has quit [Ping timeout: 252 seconds]
<hays> Is this helpful? I dont know [ 0.000000] Internal error: Oops - Undefined instruction: 0 [#1] SMP
<j`ey> worth looking into
<apalos> hays: yea that's unrelated
<hays> apalos: unrelated to EFI?
<hays> something isn't right because im booting the same kernel, same dtb... just one with booti and one with bootefi
<apalos> i mean the modules missing
<apalos> yea that's probably worth a look, unfortunately i dont have the device to reproduce it :S
<hays> i am willing to do whatever test you want if you are willing
<j`ey> hays: can you objdump and look for gic_of_iomap? at least in the older log you pasted it says the first instruction is undefined..
<hays> sorry, not familiar with objdump but I can run it. looks like it needs a parameter
<hays> you are talking on the kernel right?
<j`ey> yeah, on the vmlinux file
<hays> objdump -t ?
<hays> ffff800008efa338 l F .text 0000000000000078 gic_of_iomap
<j`ey> -d
<apalos> hays: let me take a look at that dump
<hays> am I cutting off what looks like a function there in the first grep?
<hays> https://h0c.us/v/uTvS in full
<j`ey> thanks looking
<hays> I just got the same result using built-in dtb and not loading the custom dtb into memory
<hays> bootcmd 'mmc dev 0; ext4load mmc 0:1 $kernel_addr_r bootaa64.efi; bootefi $kernel_addr_r'
<hays> for some reason the newer dtb doesn't print a diagnostic on UART but I can get it to work on an older dtb
<apalos> and the kernel works fine with both dtbs, using booti ?
<hays> yeah
<hays> I've not tested the -ccpe dtb in a while... I could do a quick test to verify
<j`ey> the first instruction is `paciasp` which I believe should be a nop if the CPU doesnt support it
<hays> yeah boots fine
<apalos> that's the PAC stuff
<hays> im grasping at straws here but it shouldn't matter that the kernel load I do is a symlink
<hays> and it doesn't matter i don't have an EFI partition?
<apalos> that's the asm doing the pointer authentication,
<hays> i realize there is nothing to read from it.. i load everything
<apalos> It shouldn't really matter,
<apalos> and I can't understand why the non efi kernel loads
<j`ey> definitely loading the same kernel with non-EFI?
<apalos> j`ey: yea
<apalos> there's a *single* kernel binary
<apalos> What we do on EFI is wrap it in a PE/COFF header and add an entry point which jumps to the EFI stub
<hays> lrwxrwxrwx 1 root root 19 Oct 21 10:11 bootaa64.efi -> kernels/Image-6.0.2
<apalos> instead of the kernel proper
<hays> lrwxrwxrwx 1 root root 19 Oct 21 11:05 Image -> kernels/Image-6.0.2
<apalos> and the stub just does EFI stuff and then jumps to the kernel proper
<apalos> can you grep that objdump for more paciasp?
<j`ey> will be at the start of most (all-ish) functions
<hays> apalos: its everywhere at the start of functions
<apalos> hays: exactly, that's what I expected :>
<hays> do you want to see it?
<apalos> no that's fine
<apalos> In theory you could run this thing on a gdb and see exactly which ins fails
<hays> i would need to be walked through that unfortunately
<hays> i am not a C person
matthias_bgg has quit [Quit: Leaving]
<hays> apalos: the trace doesn't help?
<apalos> hays: this is not mainline u-boot right?
<hays> its u-boot 2022-10 i think is the most recent
<hays> and then I have modified the .dts files to be more recent
<apalos> this is a completely different panic though, so how did you end up there?
<hays> setenv bootcmd 'mmc dev 0; ext4load mmc 0:1 $kernel_addr_r /bootaa64.efi; ext4load mmc 0:1 $fdt_addr_r /dtbs/armada-3720-ccpe.dtb; bootefi $kernel_addr_r $fdt_addr_r'
<apalos> so that's a different .dtb?
<hays> apalos: yeah the espressobin-ultra dtb wasn't printing out the messages
<j`ey> again at 0x0 though
<hays> apalos: which is odd maybe because I do get early messages if boot is successful.. maybe the output isn't being flushed?
<hays> U-Boot 2022.10-00001-gdcc06f1c0d-dirty
<hays> (not sure why dirty)
<hays> maybe because of the marvell-atf stuff?
<hays> there is a whole build process for u-boot outside of u-boot: https://gist.github.com/stvhay/544012ce36c381e7eae5b4a9a65aab4f
<hays> And the marvell utils require a Linaro gcc 7.3 toolchain
<hays> So U-boot is built with that too
<apalos> hmm that's pretty old,
<hays> yeah it sucks
<apalos> but lets take a step back
<apalos> You pasted 2 panics, which I dont foloow why they are different?
<apalos> they were with 2 different .dtbs?
<hays> two different .dtbs The first one was a (broken) armada-3720-espressobin-ultra.dtb
<hays> The reason its broken is that the wifi chip doesn't come up due to a problem with the pinouts in the dts
<j`ey> hays: have you got one that boots fully?
<hays> j`ey: with efi? no
<hays> without efi, yes. I have two. I have a newer espressobin-ultra that boots fully, but bootefi doesn't print any diagnostic
<hays> and I have an old -ccpe dtb that is basically the development board dtb that also boots fully
<hays> So the second panic is with the -ccpe dtb
<hays> just because it prints SOMETHING
<hays> are the patches that I am using on the espressobin-ultra.dtb
<j`ey> hays: what CPUs are on this board?
<hays> A53
<apalos> the SP you halted on is outside that function you objdumped
<apalos> can you dump of_address_to_resource, gic_request_region and of_iomap?
<hays> do you want the functions or any mention of
<hays> https://termbin.com/rpsq (of_address_to_resource)
<hays> https://termbin.com/a7l2 (git_request_region)
<hays> https://termbin.com/yuetq (of_iomap)
<hays> the last line of the objdump is ffff8000094d13e4: d65f03c0 ret, which is a lower address than the sp
mmu_man has quit [Ping timeout: 255 seconds]
<hays> sp : ffff800009813d30
<hays> apalos: let me know if you need more context on those
<apalos> try this and then I am out of ideas about debugging without the binary :>
<hays> sorry what am i trying?
<hays> Do you want the vmlinuz binary?
<apalos> meeting maybe later
<hays> no prob thanks for looking into it... and at any point I can stop. I don't NEED EFI I just figure it might be helpful to track down a possible bug
<hays> apalos: this might expire but https://file.st5ve.com/vmlinux.xz
mmu_man has joined #u-boot
minimal has joined #u-boot
torez has joined #u-boot
<apalos> hays: can you send a bootlog without EFI ?
mmu_man has quit [Ping timeout: 252 seconds]
<apalos> hays: btw that file you sent me doesn't match the panic you are seeing
<hays> that's weird. I am pretty sure its from the same build
<hays> yes I can
<apalos> Well the [ 0.000000] Code: aa0203e0 7206003f 54fff6a0 17ffffb2 (d4210000) which is the instructions that blew off
<apalos> are not present in that objdump you sent me
<apalos> b3f91ac6b05744da22a42f381712411c that's the md5 of what you sent me
<hays> ok. well let me rebuild the kernel and load it in so im sure
<hays> let me check
<hays> b3f91ac6b05744da22a42f381712411c vmlinux
<hays> 0b270a284d9fa83284410b4ea1972038 arch/arm64/boot/Image
<hays> 0b270a284d9fa83284410b4ea1972038 kernels/Image-6.0.2
<hays> so those are the md5s on my build dir and on the test machine
<hays> am I supposed to be using the vmlinux file for EFI boot?
<hays> i was running objdump on vmlinux--was that wrong?
<j`ey> no that was fine
<j`ey> Image is the right one to boot with
<apalos> right can you try boot Image instead ?
<hays> what do you want me to objdumb
<hays> objdump
<apalos> vmlinux is fine, I got the binary now, so you dont have to objdump anything
<apalos> just use Image instead of vmlinux
<hays> apalos: what do you want me to try with the boot image
<apalos> it shouldnt in theory make any differece
<hays> I've always been booting from the boot image
<apalos> on that command line you are executing ext4load mmc 0:1 $kernel_addr_r /bootaa64.ef
<apalos> so which file is that /bootaa64.efi ?
<hays> I've been objdumping vmlinux and booting Image
<hays> ohhhh
<apalos> ok
<hays> bootaa64.efi symlinks to Image
<apalos> ok that should be fine
<apalos> scn you upload Image as well ?
<hays> yeahsure
<apalos> ok thanks
<apalos> From what I can tell of_irq_init does an idirect call at some point and the code goes off somewhere
<apalos> probably this ret = desc->irq_init_cb(desc->dev,desc->interrupt_parent);
<apalos> but that seems to be affected by the .dtb and you are saying you are using an identical dtb
<apalos> I think I have an espressobin buried somewhere, if i find it I'll use that Image file you sent me
Manouchehri has joined #u-boot
<Manouchehri> morning folks :)
<Manouchehri> question, how would I go about adding /chosen/kaslr-seed to this? https://github.com/u-boot/u-boot/blob/master/arch/arm/dts/rk3399-nanopi4.dtsi#L27
<cambrian_invader> Manouchehri: you can run the kaslrseed command before starting Linux
<Manouchehri> cambrian_invader: doesn't that require that I have a rwrng set up in my dts?
<Manouchehri> well I just gave it a go, fingers crossed
<hays> apalos: it should be close--mine is espressobin-ultra
<hays> different hardware
<hays> same SOC
<Manouchehri> kaslrseed
<Manouchehri> booti ${kernel_addr_r} ${ramdisk_addr_r} ${fdt_addr_r}
<Manouchehri> added that to my boot.scr
<hays> wow i had almost the same question like 6 hours ago
<Manouchehri> as me?
<hays> yeah in my case i don't have the hw support for it
<Manouchehri> ahh, I just need an rng right?
<hays> well i would follow cambrian_invader advice
<Manouchehri> I think I did? :) I tried adding it
<hays> when I run it I see this
<hays> No RNG device
<hays> => kaslrseed
<hays> what do you see
<Manouchehri> I don't actually have a serial connection :(
<apalos> hays: any chance you can use a newer cross compiler?
<apalos> I mean all right they require linaro-7.x-something for the firmware
<apalos> but you can compile the kernel with a newer one
<hays> apalos: the kernel is compiled with a newer one
<hays> just uboot and the armada tools are compiled with the old one
<apalos> ok
<hays> gcc (Debian 12.2.0-3) 12.2.0 <--kernel
<apalos> ok
<Manouchehri> Is there a way to see u-boot messages after booting into the linux kernel?
<hays> gcc (Ubuntu/Linaro 7.5.0-3ubuntu1~18.04) 7.5.0 <--u-boot etc
<apalos> hays: that panic is really weird tbh
<apalos> I'd bet it's a DT issue,
<apalos> but you said you also tried the default u-boot dt?
<hays> that one breaks wifi but I could try it
<apalos> yea give it a shot pls,
<hays> i was using this armada-3720-ccpe.dtb until I figured out how to fix the ultra
<hays> which was just to use the forked version from Globalscale that had a fix
<apalos> right I found my espressobin and I now remember I managed to fry that board
<hays> ok might take me a minute--lets hope my u-boot is a github repo
Gravis has quit [Quit: Murdered]
Gravis has joined #u-boot
<hays> hmm this means reflashing the bootloader right? i have a meeting i'll need to do that later
apritzel has quit [Ping timeout: 272 seconds]
<apalos> yea if you've build u-boot
<apalos> with a different dtb
<apalos> alternatively you can just use the existing bootloader and provide the 'new' dtb on the cmd line
mmu_man has joined #u-boot
<Manouchehri> hays: which SoC are you working with? I'm currently testing out this to see if it helps. https://github.com/armbian/build/pull/4310
<cambrian_invader> generally you can't view U-boot messages after Linux starts
<cambrian_invader> you can try setting up syslog
<cambrian_invader> or maybe you can log to a circular buffer at a fixed location, although I don't know if there is existing support for that
mmu_man has quit [Ping timeout: 252 seconds]
<Tartarus> We can do a syslog server output, yes
<Tartarus> And I forget what happened to the efforts to have some way to pass our log on to linux
<Manouchehri> so guessing I'm failing here
prabhakarlad has quit [Quit: Client closed]
prabhakarlad has joined #u-boot
<kabel> marex: "doesnt the armada have true HW RNG ?" which armada? 3720 does, but only with CZ.NIC's firmware running in the cortex-m3 secure coprocessor
<kabel> marex: this needs turrix-mox-rwtm driver in linux kernel
<marex> hays: ^
<Manouchehri> ah, does CONFIG_DM_RNG default to n?
<Tartarus> Yes
<Manouchehri> that makes sense why it's doing nothing, thanks. Rebuilding now.
WoC- has quit [Remote host closed the connection]
WoC- has joined #u-boot
WoC- has quit [Remote host closed the connection]
sszy has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
WoC- has joined #u-boot
prabhakarlad has quit [Ping timeout: 244 seconds]
prabhakarlad has joined #u-boot
<Manouchehri> Tartarus: hmm, *should* this be disabled by default though>
<Manouchehri> *though?
apritzel has joined #u-boot
<Manouchehri> do I need a alias like random = "/soc/rng@7e104000";?
<Manouchehri> macromorgan: oh perfect, you're here! Was gonna ask you about https://www.mail-archive.com/u-boot@lists.denx.de/msg415883.html
<hays> label: marex: I will research that when I’m back home. But don’t I need this at U-boot time not kernel time?
<hays> Also does the dtb need to have pin outs?
<Tartarus> Yes, most things should be default n, but perhaps it should be default y if SOMETHING ?
<hays> I remember rwtm but it wasn’t Turix mox
mmu_man has joined #u-boot
apritzel_ has joined #u-boot
Mark5tm has joined #u-boot
apritzel has quit [Read error: Connection reset by peer]
<macromorgan> Manouchehri: I think I might actually redo that based on this commit here: https://source.denx.de/u-boot/u-boot/-/commit/6dca1d9ad38de9b7f9a44d2c6eaa6acf9be6c2c0
<hays> Dts for espresso bin has rwtm: mailbox@b0000
<Manouchehri> macromorgan: I don't get how you got it working without CONFIG_RNG_ROCKCHIP=y in https://github.com/u-boot/u-boot/blob/master/configs/odroid-go2_defconfig
<macromorgan> but for that command the workflow would be 1) load your devicetree into RAM (fatload mmc 0:1 devicetree.dtb); 2) point fdt to it "fdt addr ${FDT_ADDR}; 3) allocate more room for it (fdt resize); 4) run kaslr-seed (kaslrseed)
<macromorgan> just enable the CONFIG_RNG_ROCKCHIP option
<macromorgan> I also had to add an entry to the u-boot dts file since Linux doesn't have support for that specific hardware yet, at least the v2 version
<Manouchehri> macromorgan: this is how I tried to add it. https://github.com/armbian/build/pull/4310/files
<macromorgan> it doesn't work without CONFIG_RNG_ROCKCHIP
<macromorgan> so far so good, can you compile in the rng command (CONFIG_CMD_RNG) and confirm your hardware RNG is working?
<hays> compatible = "marvell,armada-3700-rwtm-firmware"
<hays> It seems to have different firmware in the dts
<hays> Turris mox has a different string
<Manouchehri> macromorgan: ah kk lemme recompile with that enabled too. The rng is working after the system is booted for sure. :) https://gist.github.com/Manouchehri/5dba4e30d7fbae4abdfcc4fa6f1f378b
<macromorgan> cool
<Manouchehri> hmm, so trying to figure out how I can test CONFIG_CMD_RNG
<Manouchehri> without a serial console
<macromorgan> does anyone know (while we're on this subject) if the kaslr-seed and rng-seed can be the same size? kaslr-seed seems to have a defined size as a u64, but rng-seed says it's just parsed as a byte array
<macromorgan> I can't help you with the serial console, unless you have some dupont wires and a Raspberry Pi or another SBC handy...
<Manouchehri> hang on, I could pass the result of `rng` as a boot arg
<macromorgan> if I use a u64 for rng-seed I can use the exact same board_rng_seed() function to also populate the kaslr-seed and remove the need for a specific command to set it (basically cut and paste for CONFIG_BOARD_RNG_SEED)
<hays> 3700-rwtm { compatible = "marvell,armada-3700-rwtm-firmware", "cznic,turris-mox-rwtm";
<hays> Marex so do I edit the dts to include that firmware?
<marex> hays: you might want to pester kabel about that, I never worked with marvell armada
<Manouchehri> macromorgan: How can I do something like this? setenv bootargs "root=${rootdev} tester=$(rng)"
<Manouchehri> I want to pass the result of `rng` as a bootargs
prabhakarlad has quit [Quit: Client closed]
apritzel_ has quit [Ping timeout: 260 seconds]
<hays> Kabel do I just change the dts to include the firmware name? Or is this a rebuild
<hays> Seems too late for it to be in the kernel since uboot needs it for kaslr seed
<macromorgan> looks good I think
<macromorgan> I do not know how to get the output of rng to a variable... it looks like it just prints rng output?
<hays> Is there scripting docs online? Maybe there’s a way
<cambrian_invader> it's a pretty major limitation of scripting at the moment IMO
<cambrian_invader> you have to add a separate subcommand to set a variable
<Manouchehri> hmm as a sanity check, how can I fake a kaslr value?
<Manouchehri> fdt set /chosen/kaslr-seed < 0xdeadbeef 0x13371337 >
<Manouchehri> I feel like I'm somehow modifying the wrong dts file
<cambrian_invader> make sure fdt addr is correct
<Manouchehri> if it was wrong, wouldn't I fail to boot?
<cambrian_invader> no
<cambrian_invader> at some point you should run `fdt addr ${fdt_addr_r}` or something
naoki has quit [Quit: naoki]
naoki has joined #u-boot
<Manouchehri> it looks like the rk3399 should already have this working?
<Manouchehri> why aren't clocks set?
mmu_man has quit [Ping timeout: 255 seconds]
<Manouchehri> tried adding the clocks, still no /chosen/kaslr-seed :(
<macromorgan> without a serial console it'll be hard to troubleshoot further
<Manouchehri> there must be some way to pass info up to the kernel
mmu_man has joined #u-boot
<cambrian_invader> how are you flashing U-Boot?
<Manouchehri> dpkg -i linux-dtb-edge-rockchip64_22.11.0-trunk_arm64.deb linux-image-edge-rockchip64_22.11.0-trunk_arm64.deb linux-u-boot-edge-nanopi-r4s_22.11.0-trunk_arm64.deb && systemctl reboot
<cambrian_invader> what happens if you break U-Boot?
<Manouchehri> I have to ask someone to swap the microSD card with another system
<cambrian_invader> ah, fun
torez has quit [Quit: torez]
<Manouchehri> Lemme do a sanity check; how can I see what dtb actually is compiled in?
<cambrian_invader> to U-Boot?
<Manouchehri> yeah
<cambrian_invader> I think youn can inspect it with fdtcontroladdr
<cambrian_invader> err, with `fdt addr $fdtcontroladdr`
<cambrian_invader> but since you don't have a console, try looking at the end of the binary
<cambrian_invader> the device tree should be appended
flyback has quit [Ping timeout: 248 seconds]
<macromorgan> I still have a ton of bugs to work out before I start the upstreaming process, but I got U-Boot 2022.10 (somewhat consistently) working on the rk3568: https://github.com/macromorgan/u-boot-rk3566/tree/anbernic-v2022.10
<macromorgan> it requires either an upstream A-TF, binary A-TF equal to or less than 1.28, or a binary A-TF greater than 1.28 with reordering/rebuilding the image (the loadable order seems to matter post 1.28...)
<macromorgan> I am using upstream A-TF, I still haven't tested it with Linux yet but am about to
flyback has joined #u-boot
<macromorgan> upstream A-TF for the rk3568: https://github.com/macromorgan/arm-trusted-firmware-rk3568
<macromorgan> (not going to maintain it, just wanted something for now)
<Manouchehri> cambrian_invader: it'll be at the first few seconds on my sd card right?
<cambrian_invader> no clue; depends on your hardwarew
<cambrian_invader> if using dpkg work for installing, then perhaps you can examine the package files
agust has joined #u-boot
<Manouchehri> cambrian_invader: kk, so I have the 4MB boot.img
<Manouchehri> used this to extract it. https://github.com/PabloCastellano/extract-dtb
<Manouchehri> yep, I definitely have the rng in the dtb in uboot.img.
<Manouchehri> macromorgan: can I run kaslrseed multiple times without issue?
<macromorgan> you know, that should be something I tested but I honestly don't know...
vagrantc has joined #u-boot
<Manouchehri> sanity check, is a reboot the same as a cold boot here?
<cambrian_invader> generally a reboot will be warm, unless it's controlled by the pmic etc.
<Manouchehri> hmm, could that be why the rng is failing..?
<Manouchehri> I feel like the odds are close to 0%.
<cambrian_invader> if I were you, I'd try to get syslog working
<cambrian_invader> it will probably save you a lot of time debugging
<Manouchehri> I need to also have networking working though, no?
<cambrian_invader> yes
<Manouchehri> hmm
<Manouchehri> do I just add `dhcp` in there?
<Manouchehri> I'm worried if dhcp fails, it'll stop the script from continuing to boot
<cambrian_invader> if you don't use && or if, it will continue
<cambrian_invader> if you can't get that to work, try adding a command to record the console (see e.g. console_record_init/console_record_readline)
<cambrian_invader> and then e.g. save it as a file
<Manouchehri> isn't this what I want?
<cambrian_invader> yes
<cambrian_invader> even better than syslog :P
<Manouchehri> is "run nc" blocking?
<cambrian_invader> no
<cambrian_invader> it's just setting up some environmental variables
<Manouchehri> hmm
<Manouchehri> you know what, I might wait until tomorrow when I'm in the office
mncheck has quit [Ping timeout: 255 seconds]
<kabel> hays: if you need it in u-boot, you just need to extend the driver to also get random numbers. the driver now lives in board/CZ.NIC/turris_mox/mox_sp.c
<kabel> hays: cause it is only used by that board
prabhakarlad has joined #u-boot
agust has quit [Quit: Leaving.]