Commit graph

240 commits

Author SHA1 Message Date
Heinrich Schuchardt
fd25ca3275 sandbox: don't set SA_NODEFER in signal handler
The sandbox can handle signals. Due to a damaged global data pointer
additional exceptions in the signal handler may occur leading to an endless
loop. In this case leave the handling of the secondary exception to the
operating system.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-21 10:27:35 -06:00
Simon Glass
350b1d3b68 sandbox: Use hinting with the display
SDL provides a hinting feature which provides a higher-quality image
with the double-display option (-K). Enable it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-21 10:27:34 -06:00
Simon Glass
fcb7e31082 sandbox: Add work-around for SDL2 display
At present the display does not show on some machines, e.g. Ubunutu
20.04 but the reason is unknown. Add a work-around until this can be
determined.

Also include more error checking just in case.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-21 10:27:34 -06:00
Simon Glass
f178bebf55 sandbox: Support executables for more phases
The SPL header has a function for obtaining the phase in capital letters,
e.g. 'SPL'. Add one for lower-case also, as used by sandbox.

Use this to generalise the sandbox logic for determining the filename of
the next sandbox executable. This can provide support for VPL.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-21 10:27:34 -06:00
Simon Glass
9a72bea6cb sandbox: Silence coverity warning in state_read_file()
In this case the value seems save to pass to os_free(). Add a comment.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 165109)
2021-07-15 18:42:05 -04:00
Heinrich Schuchardt
825a9a94e1 sandbox: fix sandbox_reset()
state_uninit() and dm_uninit() are mutually exclusive:

state_uninit() prints via drivers. So it cannot be executed after
dm_uninit().

dm_uninit() requires memory. So it cannot be executed after state_uninit()
which releases all memory.

Just skip dm_uninit() when resetting the sandbox. We will wake up in a new
process and allocate new memory. So this cleanup is not required. We don't
do it in sandbox_exit() either.

This avoids a segmentation error when efi_reset_system_boottime() is
invoked by a UEFI application.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-06 10:38:03 -06:00
Heinrich Schuchardt
3beba4ad34 sandbox: ensure that state->ram_buf is in low memory
Addresses in state->ram_buf must be in the low 4 GiB of the address space.
Otherwise we cannot correctly fill SMBIOS tables. This shows up in warnings
like:

    WARNING: SMBIOS table_address overflow 7f752735e020

Ensure that state->ram_buf is initialized by the first invocation of
os_malloc().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-06 10:38:03 -06:00
Simon Glass
85f718f64d sandbox: Support signal handling only when requested
At present if sandbox crashes it prints a message and tries to exit. But
with the recently introduced signal handler, it often seems to get stuck
in a loop until the stack overflows:

Segmentation violation

Segmentation violation

Segmentation violation

Segmentation violation

Segmentation violation

Segmentation violation

Segmentation violation
...

The signal handler is only useful for a few tests, as I understand it.
Make it optional.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-07-06 10:38:03 -06:00
Heinrich Schuchardt
205b9f5100 sandbox: correct determination of the text base
os_find_text_base() assumes that first line of /proc/self/maps holds
information about the text. Hence we must call the function before calling
os_malloc() which calls mmap(0x10000000,).

Failure to do so has led to incorrect values for pc_reloc when an
exception was reported

    => exception undefined

    Illegal instruction
    pc = 0x5628d82e9d3c, pc_reloc = 0x5628c82e9d3c

as well as incorrect output of the bdinfo command

    => bdinfo
    relocaddr   = 0x0000000007858000
    reloc off   = 0x0000000010000000

Fixes: b308d9fd18 ("sandbox: Avoid using malloc() for system state")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-06-05 07:35:47 -06:00
Marek Behún
d1f81fd015 sandbox: use sections instead of symbols for getopt array boundaries
In style of linked lists, instead of declaring symbols for boundaries
of getopt options array in the linker script, declare corresponding
sections and retrieve the boundaries via static inline functions.

Without this clang's LTO produces binary without any getopt options,
because for some reason it thinks that array is empty (start and end
symbols are at the same address).

Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-05-24 14:21:30 -04:00
Heinrich Schuchardt
e5021221db sandbox: define __dyn_sym_start, dyn_sym_end
On RISC-V the symbols __dyn_sym_start, dyn_sym_end are referenced in
efi_runtime_relocate().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-03-27 16:26:48 +13:00
Simon Glass
c119528a1d sandbox: Correct uninit conflict
It is not possible to remove the state before driver model is uninited,
since the devices are allocated in the memory buffer. Also it is not
possible to uninit driver model afterwards, since the RAM has been
freed.

Drop the uninit altogether, since it is not actually necessary.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 15:04:31 +13:00
Simon Glass
5d8c37910d sandbox: Only delete the executable if requested
At present sandbox removes its executable after failing to run it,
since there is no other way that it would get cleaned up.

However, this is actually only wanted if the image was created within
sandbox. For the case where the image was generated by the build system,
such as u-boot-spl, we don't want to delete it.

Handle the two code paths accordingly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-27 15:04:31 +13:00
Simon Glass
d5cc19288e sandbox: Define a region for device priv/plat data
Collect this together in one place, so driver model can access set it up
in a new place if needed.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-26 17:03:09 +13:00
Simon Glass
b5e514a6ab sandbox: Drop debug message in os_spl_to_uboot()
This is not needed in normal operation. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-22 19:23:28 +13:00
Simon Glass
01ad9f75c5 sandbox: Update os_find_u_boot() to find the .img file
At present this function can only locate the u-boot ELF file. For SPL it
is handy to be able to locate u-boot.img since this is what would normally
be loaded by SPL.

Add another argument to allow this to be selected.

While we are here, update the function to load SPL when running in TPL,
since that is the next stage.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:31 -05:00
Simon Glass
8482356f48 test: Allow SPL to run any available test
At present SPL only runs driver model tests. Update it to run all
available tests, i.e. in any test suite.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:31 -05:00
Simon Glass
409f4a2a72 test: Rename test-main.c to test-dm.c
This is the main test function for driver model but not for other tests.
Rename the file and the function so this is clear.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:29 -05:00
Simon Glass
bef1b28335 sandbox: Drop the 'starting...' message
This message is annoying since it is only useful for testing. Drop it and
update the test to cope.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:29 -05:00
Simon Glass
1c52fcca72 sandbox: Write out bloblist when exiting
Sandbox provides a way to write out its emulated memory on exit. This
makes it possible to pass a bloblist from one phase (e.g. SPL) to the
next.

However the bloblist is not closed off, so the checksum is generally
invalid. Fix this by finishing up the bloblist before writing the memory
file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-02 15:53:37 -05:00
Simon Glass
b308d9fd18 sandbox: Avoid using malloc() for system state
This state is not accessible to the running U-Boot but at present it is
allocated in the emulated SDRAM. This doesn't seem very useful. Adjust
it to allocate from the OS instead.

The RAM buffer is currently not freed, but should be, so add that into
state_uninit(). Update the comment for os_free() to indicate that NULL is
a valid parameter value.

Note that the strdup() in spl_board_load_image() is changed as well, since
strdup() allocates memory in the RAM buffer.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-02 15:53:37 -05:00
Simon Glass
14e46dfb17 sandbox: Add os_realloc()
We provide os_malloc() and os_free() but not os_realloc(). Add this,
following the usual semantics. Also update os_malloc() to behave correctly
when passed a zero size.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-02 15:53:37 -05:00
Harald Seiler
35b65dd8ef reset: Remove addr parameter from reset_cpu()
Historically, the reset_cpu() function had an `addr` parameter which was
meant to pass in an address of the reset vector location, where the CPU
should reset to.  This feature is no longer used anywhere in U-Boot as
all reset_cpu() implementations now ignore the passed value.  Generic
code has been added which always calls reset_cpu() with `0` which means
this feature can no longer be used easily anyway.

Over time, many implementations seem to have "misunderstood" the
existence of this parameter as a way to customize/parameterize the reset
(e.g.  COLD vs WARM resets).  As this is not properly supported, the
code will almost always not do what it is intended to (because all
call-sites just call reset_cpu() with 0).

To avoid confusion and to clean up the codebase from unused left-overs
of the past, remove the `addr` parameter entirely.  Code which intends
to support different kinds of resets should be rewritten as a sysreset
driver instead.

This transformation was done with the following coccinelle patch:

    @@
    expression argvalue;
    @@
    - reset_cpu(argvalue)
    + reset_cpu()

    @@
    identifier argname;
    type argtype;
    @@
    - reset_cpu(argtype argname)
    + reset_cpu(void)
    { ... }

Signed-off-by: Harald Seiler <hws@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-03-02 14:03:02 -05:00
Simon Glass
401d1c4f5d common: Drop asm/global_data.h from common header
Move this out of the common header and include it only where needed.  In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly.   Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-02-02 15:33:42 -05:00
Heinrich Schuchardt
43db07507a sandbox: keep time offset when resetting
The UEFI Self Certification Test (SCT) checks the SetTime() service with
the following steps:

* set date
* reset
* check date matches

To be compliant the sandbox should keep the offset to the host RTC during
resets. The implementation uses the environment variable
UBOOT_SB_TIME_OFFSET to persist the offset.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:42 -07:00
Heinrich Schuchardt
b680c5539a sandbox: fix sandbox_cmdline_cb_test_fdt()
fmt does not foresee any parameter.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-30 14:25:41 -07:00
Patrick Delaunay
a4918b2310 test: add test for dropped trace before log_init
Add test for dropped trace before log_init, displayed by debug uart.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Patrick Delaunay
10bb90fa30 sandbox: remove ram buffer file when U-Boot is loaded by SPL
Update management of "--rm_memory" sandbox's option and force
this option when U-Boot is loaded by SPL in os_spl_to_uboot()
and remove the ram file after reading in main() as described
in option help message: "Remove memory file after reading".

This patch avoids that the file "/tmp/u-boot.mem.XXXXXX" [created in
os_jump_to_file() when U-Boot is loaded by SPL] is never deleted
because state_uninit() is not called after U-Boot execution
(CtrlC or with running pytest for example).

This issue is reproduced by
> build-sandbox_spl/spl/u-boot-spl
  and CtrlC in U-Bot console

> make qcheck

One temp file is created after each SPL and U-Boot execution
(7 tims in qcheck after test_handoff.py, test_ofplatdata.py,
 test_spl.py execution).

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-05 12:24:41 -07:00
Heinrich Schuchardt
3286d223fd sandbox: implement invalidate_icache_all()
Before executing code that we have loaded from a file we need to flush the
data cache and invalidate the instruction flash.

Implement functions flush_cache() and invalidate_icache_all().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-22 20:39:25 -07:00
Heinrich Schuchardt
9c54729c77 sandbox: implement runtime system reset
Implement a reset function that we can call after ExitBootServices(),
when all driver model devices are gone.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-22 20:39:25 -07:00
Heinrich Schuchardt
b46f30a378 sandbox: add handler for exceptions
Add a handler for SIGILL, SIGBUS, SIGSEGV.

When an exception occurs print the program counter and the loaded
UEFI binaries and reset the system if CONFIG_SANDBOX_CRASH_RESET=y
or exit to the OS otherwise.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-13 07:58:17 -07:00
Heinrich Schuchardt
329dccc067 sandbox: implement reset
Up to now the sandbox would shutdown upon a cold reset request. Instead it
should be reset.

In our coding we use static variables like LIST_HEAD(efi_obj_list). A reset
can occur at any time, e.g. via an UEFI binary calling the reset service.
The only safe way to return to an initial state is to relaunch the U-Boot
binary.

The reset implementation uses execv() to relaunch U-Boot.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Heinrich Schuchardt
c0b19f25a1 sandbox: use O_CLOEXEC in os_open()
During a cold reset execv() is used to relaunch the U-Boot binary.
We must ensure that all files are closed in this case.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Heinrich Schuchardt
6eec4b04a2 sandbox: eth-raw: do not close the console input
When the sandbox eth-raw device host_lo is removed this leads to closing
the console input.

Do not call close(0).

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Simon Glass
a8b1fbc14d dm: test: Drop of-platdata pytest
Now that we have a C version of this test, drop the Python implementation.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Simon Glass
22b29cc8fb sandbox: Allow selection of SPL unit tests
Now that we have more than one test, add a way to select the test to run.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Simon Glass
b25ff5cbaa dm: test: Add a way to run SPL tests
Add a -u flag for U-Boot SPL which requests that unit tests be run. To
make this work, export dm_test_main() and update it to skip test features
that are not used with of-platdata.

To run the tests:

   $ spl/u-boot-spl -u
   U-Boot SPL 2020.10-rc5 (Oct 01 2020 - 07:35:39 -0600)
   Running 0 driver model tests
   Failures: 0

At present there are no SPL unit tests.

Note that there is one wrinkle with these tests. SPL has limited memory
available for allocation. Also malloc_simple does not free memory
(free() is a nop) and running tests repeatedly causes driver-model to
reinit multiple times and allocate memory. Therefore it is not possible
to run more than a few tests at a time. One solution is to increase the
amount of malloc space in sandbox_spl. This is not a problem for pytest,
since it runs each test individually, so for now this is left as is.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Heinrich Schuchardt
18bca1f172 sandbox: make SDL window resizable
Without resizing the SDL window showed by

    ./u-boot -D -l

is not legible on a high resolution screen.

Allow resizing the window

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Heinrich Schuchardt
c4216219ec sandbox: add missing SDL key scan codes
Add missing SDL key scan codes, e.g.

* shift, ctrl, meta, alt
* brace/bracket

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-10-06 09:07:54 -06:00
Ovidiu Panait
a402035028 sandbox: u-boot.lds: Remove bogus __bss_start symbol
The sections described in the sandbox linker script are inserted before
data section via "INSERT BEFORE .data;". Running readelf -S on sandbox
u-boot binary shows that the bss section is located after the data
section:

  Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
  ...
  [25] .u_boot_list      PROGBITS         000000000041d1c8  0021d1c8
       000000000000dd90  0000000000000000  WA       0     0     8
  [26] _u_boot_sandbox_g PROGBITS         000000000042af58  0022af58
       00000000000000a0  0000000000000000  WA       0     0     8
  [27] .data             PROGBITS         000000000042b000  0022b000
       000000000000f708  0000000000000000  WA       0     0     32
  [28] .bss              NOBITS           000000000043a720  0023a708
       0000000000018930  0000000000000000  WA       0     0     32

This means that the __bss_start assignment in the linker script is bogus,
as the actual bss section start is located elsewhere. Remove this
assignment, as the __bss_start symbol is not used on sandbox anyway.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
2020-08-22 08:54:51 -06:00
Walter Lozano
df29730410 sandbox: Move section u_boot_list to make it RW
In order to be able to update data in u_boot_list, move this section to
make it RW.

Signed-off-by: Walter Lozano <walter.lozano@collabora.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-09 22:00:29 -06:00
Heinrich Schuchardt
c7e49ddc61 sandbox: handling out of memory
assert() only works in debug mode. So checking a successful memory
allocation should not use assert().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-09 18:57:21 -06:00
Simon Glass
c05ed00afb common: Drop linux/delay.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:23 -04:00
Simon Glass
f7ae49fc4f common: Drop log.h from common header
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:18 -04:00
Simon Glass
691d719db7 common: Drop init.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:33 -04:00
Simon Glass
52f2423804 common: Drop bootstage.h from common header
Move this fairly uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:33 -04:00
Rasmus Villemoes
2960107a22 sandbox: also restore terminal settings when killed by SIGINT
Hitting Ctrl-C is a documented way to exit the sandbox, but it is not
actually equivalent to the reset command. The latter, since it follows
normal process exit, takes care to reset terminal settings and
restoring the O_NONBLOCK behaviour of stdin (and, in a terminal, that
is usually the same file description as stdout and stderr, i.e. some
/dev/pts/NN).

Failure to restore (remove) O_NONBLOCK from stdout/stderr can cause
very surprising and hard to debug problems back in the terminal. For
example, I had "make -j8" consistently failing without much
information about just exactly what went wrong, but sometimes I did
get a "echo: write error". I was at first afraid my disk was getting
bad, but then a simple "dmesg" _also_ failed with write error - so it
was writing to the terminal that was buggered. And both "make -j8" and
dmesg in another terminal window worked just fine.

So install a SIGINT handler so that if the chosen terminal
mode (cooked or raw-with-sigs) means Ctrl-C sends a SIGINT, we will
still call os_fd_restore(), then reraise the signal and die as usual
from SIGINT.

Before:

$ grep flags /proc/$$/fdinfo/1
flags:  0102002
$ ./u-boot
# hit Ctrl-C
$ grep flags /proc/$$/fdinfo/1
flags:  0106002

After:

$ grep flags /proc/$$/fdinfo/1
flags:  0102002
$ ./u-boot
# hit Ctrl-C
$ grep flags /proc/$$/fdinfo/1
flags:  0102002

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-16 08:07:57 -06:00
Simon Glass
336d4615f8 dm: core: Create a new header file for 'compat' features
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.

Move the compatibility features into a separate header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Simon Glass
6be88c7282 sandbox: sdl: Add an option to double the screen size
On high-DPI displays U-Boot's LCD window can look very small. Add a
-K flag to expand it to make things easier to read, while still using
the existing resolution internally.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Anatolij Gustschin <agust@denx.de>
2020-02-05 19:33:46 -07:00
Simon Glass
96d0cd4604 sandbox: sdl: Move to use SDL2
Sandbox currently uses SDL1.2. SDL2 has been around for quite a while and
is widely supported. It has a number of useful features. It seems
appropriate to move sandbox over.

Update the code to use SDL2 instead of SDL1.2.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00