From ad371084201c0609d34b95c78b5f46f72cb2a9b7 Mon Sep 17 00:00:00 2001 From: Nico Berlee Date: Wed, 4 Dec 2024 18:58:55 +0100 Subject: [PATCH] fix: skip loading /dtb when booting from eMMC This commit updates U-Boot to 2024.10 in order to fix booting from eMMC without the kernel DTB. U-Boot 2024.04 and 2404.07 ignore the DTB on the EFI partition when booting from eMMC. This is not an issue when booting from NVMe (and having a U-Boot spi image on eMMC). Since I boot from NVMe I failed to notice getting the Turing RK1 upstream in a very narrow timeframe. Thanks to @rducom for bringing this problem to my attention in very short notice. As an upgrade bonus, KASLR is enabled out of the box, meaning I do not need my U-Boot patch anymore to forward entropy to the kernel. Signed-off-by: Nico Berlee Signed-off-by: Andrey Smirnov --- Pkgfile | 5 ++++ .../0002-uboot-rng-for-KASLR-seed.patch | 27 ------------------- artifacts/turingrk1/u-boot/patches/README.md | 1 - artifacts/turingrk1/u-boot/pkg.yaml | 6 ++--- 4 files changed, 8 insertions(+), 31 deletions(-) delete mode 100644 artifacts/turingrk1/u-boot/patches/0002-uboot-rng-for-KASLR-seed.patch diff --git a/Pkgfile b/Pkgfile index b78c0ca..20e42c3 100644 --- a/Pkgfile +++ b/Pkgfile @@ -17,6 +17,11 @@ vars: uboot_sha256: f591da9ab90ef3d6b3d173766d0ddff90c4ed7330680897486117df390d83c8f uboot_sha512: 678f44e2b9132140f0bf05c637e57e638c73c278611037a41824b3ebff2131af4dec0163da4664bb2e5c4fd8034ba8c95b93b57f7aa9f4c045da322d87c3b5e9 + # renovate: datasource=github-tags extractVersion=^v(?.*)$ depName=u-boot/u-boot + uboot_rk1_version: 2024.10 + uboot_rk1_sha256: b28daf4ac17e43156363078bf510297584137f6df50fced9b12df34f61a92fb0 + uboot_rk1_sha512: ef817c9b5ae8dc6cd9e3f57811e90acc6a4d4394f0356aa5923e3e3c8559168f977bd5bf82824cd3650aa8e5e3c3d1b00e20818d21368151748682f1fc51152c + # renovate: datasource=git-refs versioning=git depName=https://github.com/rockchip-linux/rkbin.git rkbin_ref: 7c35e21a8529b3758d1f051d1a5dc62aae934b2b rkbin_sha256: 18bde6ce71df308197db0e1d95fd73a19b6a32f4f0b6f5567333ef3c5b617452 diff --git a/artifacts/turingrk1/u-boot/patches/0002-uboot-rng-for-KASLR-seed.patch b/artifacts/turingrk1/u-boot/patches/0002-uboot-rng-for-KASLR-seed.patch deleted file mode 100644 index adcfd46..0000000 --- a/artifacts/turingrk1/u-boot/patches/0002-uboot-rng-for-KASLR-seed.patch +++ /dev/null @@ -1,27 +0,0 @@ -From: Nico Berlee - -This patch addresses an issue where Kernel Address Space Layout Randomization -(KASLR) fails on RK3588 systems due to insufficient entropy during the boot -process. The root cause is that the hardware Random Number Generator (RNG) -within the kernel is not initialized early enough to provide the necessary -seed for KASLR. - -To resolve this, the patch enables the Rockchip RNG driver in the U-Boot -bootloader. This approach allows the system to gather sufficient entropy -early in the boot process. The seed generated by the RNG is then passed to -the kernel using the EFI_RNG_PROTOCOL, ensuring that KASLR can function -correctly. - -Signed-off-by: Nico Berlee - -diff --git a/configs/turing-rk1-rk3588_defconfig b/configs/turing-rk1-rk3588_defconfig -index 289f2da..44c1155 100644 ---- a/configs/turing-rk1-rk3588_defconfig -+++ b/configs/turing-rk1-rk3588_defconfig -@@ -108,3 +108,6 @@ - CONFIG_USB_GADGET_DOWNLOAD=y - CONFIG_USB_FUNCTION_ROCKUSB=y - CONFIG_ERRNO_STR=y -+CONFIG_EFI_RNG_PROTOCOL=y -+CONFIG_DM_RNG=y -+CONFIG_RNG_ROCKCHIP=y diff --git a/artifacts/turingrk1/u-boot/patches/README.md b/artifacts/turingrk1/u-boot/patches/README.md index 8c30236..a686f2d 100644 --- a/artifacts/turingrk1/u-boot/patches/README.md +++ b/artifacts/turingrk1/u-boot/patches/README.md @@ -2,4 +2,3 @@ | Patch file | Description | Upstream status | Link | |----------------------------------------------------------------|---------------------------------------------------------------------------------------------------|-----------------|-----------------------| | 0001-spi-for-mmc-so-nvme-can-boot.patch | Enable SPI image creation on for flashing on eMMC so NVMe can boot | not upstreamed | Talos Linux Exclusive | -| 0002-uboot-rng-for-KASLR-seed.patch | Make KASLR in kernel possible by initializing RNG in U-BOOT and passing randomness using EFI-vars | not upstreamed | Talos Linux Exclusive | diff --git a/artifacts/turingrk1/u-boot/pkg.yaml b/artifacts/turingrk1/u-boot/pkg.yaml index ab5370c..1d5945b 100644 --- a/artifacts/turingrk1/u-boot/pkg.yaml +++ b/artifacts/turingrk1/u-boot/pkg.yaml @@ -12,10 +12,10 @@ dependencies: steps: - sources: - - url: https://ftp.denx.de/pub/u-boot/u-boot-{{ .uboot_version }}.tar.bz2 + - url: https://ftp.denx.de/pub/u-boot/u-boot-{{ .uboot_rk1_version }}.tar.bz2 destination: u-boot.tar.bz2 - sha256: "{{ .uboot_sha256 }}" - sha512: "{{ .uboot_sha512 }}" + sha256: "{{ .uboot_rk1_sha256 }}" + sha512: "{{ .uboot_rk1_sha512 }}" env: SOURCE_DATE_EPOCH: {{ .BUILD_ARG_SOURCE_DATE_EPOCH }} prepare: