Defines local helper function find_scmi_transport_device() with the
instructions to find the SCMI transport device from a SCMI protocol
device.
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Changes SCMI driver API function devm_scmi_process_msg() to add
an SCMI channel reference argument for when SCMI agent supports
SCMI protocol specific channels. First argument of devm_scmi_process_msg()
is also change to point to the caller SCMI protocol device rather
than its parent device (the SCMI agent device).
The argument is a pointer to opaque struct scmi_channel known from
the SCMI transport drivers. It is currently unused and caller a pass
NULL value. A later change will enable such support once SCMI protocol
drivers have means to get the channel reference during initialization.
Cc: Lukasz Majewski <lukma@denx.de>
Cc: Sean Anderson <seanga2@gmail.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Changes implementation when using TEE dynamically allocated shared
memory to synchronize with the Linux implementation where the legacy
SMT protocol cannot be used with such memory since it is expected from
device mapped memory whereas OP-TEE shared memory is cached and
hence should not be accessed using memcpy_toio()/memcpy_fromio().
This change implements the MSG shared memory protocol introduced
in Linux [1]. The protocol uses a simplified SMT header of 32bit
named MSG_SMT to carry SCMI protocol information and uses side channel
means to carry exchanged buffer size information, as TEE invocation API
parameters when used in the SCMI OP-TEE transport.
Link: [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f301bba0ca7392d16a6ea4f1d264a91f1fadea1a
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Add a fuzzer to test the vring handling code against unexpected
mutations from the virtio device.
After building the sandbox with CONFIG_FUZZ=y, the fuzzer can be invoked
with by:
UBOOT_SB_FUZZ_TEST=fuzz_vring ./u-boot
This fuzzer finds unvalidated inputs in the vring driver that allow a
buggy or malicious device to make the driver chase wild pointers.
Signed-off-by: Andrew Scull <ascull@google.com>
Add a fuzzing engine driver for the sandbox to take inputs from
libfuzzer and expose them to the fuzz tests.
Signed-off-by: Andrew Scull <ascull@google.com>
Add an implementation of LLVMFuzzerTestOneInput() that starts the
sandbox on a secondary thread and exposes a function to synchronize the
generation of fuzzing inputs with their consumption by the sandbox.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move the program's entry point to os.c, in preparation for a separate
fuzzing entry point to be added.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add the basic infrastructure for declaring fuzz tests and a command to
invoke them.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This new class of device will provide fuzzing inputs from a fuzzing
engine.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In order to prevent build regressions with ASAN, add the builds to CI.
The longer term objective will be to enabled test targets with ASAN
enabled, but there are too many at the moment.
Signed-off-by: Andrew Scull <ascull@google.com>
The stack protector test intentionally overflows a buffer in order to
corrupt the stack canary so that it can test that the corruption is
detected as expected. However, this is incompatible with ASAN, which
detects the buffer overflow and interrupts the test, so disable the test
for such configurations.
Signed-off-by: Andrew Scull <ascull@google.com>
Add CONFIG_ASAN to build with the Address Sanitizer. This only works
with the sandbox so the config is likewise dependent. The resulting
executable will have ASAN instrumentation, including the leak detector
that can be disabled with the ASAN_OPTIONS environment variable:
ASAN_OPTIONS=detect_leaks=0 ./u-boot
Since u-boot uses its own dlmalloc, dynamic allocations aren't
automatically instrumented, but stack variables and globals are.
Instrumentation could be added to dlmalloc to poison and unpoison memory
as it is allocated and deallocated, and to introduce redzones between
allocations. Alternatively, the sandbox may be able to play games with
the system allocator and somehow still keep the required memory
abstraction. No effort to address dynamic allocation is made by this
patch.
The config is not yet enabled for any targets by default.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rename the sections used to implement linker lists so they begin with
'__u_boot_list' rather than '.u_boot_list'. The double underscore at the
start is still distinct from the single underscore used by the symbol
names.
Having a '.' in the section names conflicts with clang's ASAN
instrumentation which tries to add redzones between the linker list
elements, causing expected accesses to fail. However, clang doesn't try
to add redzones to user sections, which are names with all alphanumeric
and underscore characters.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rename the sections used for defining sandbox command line options so
that they don't start with a '.'. ELF says that sections starting with a
'.' are reserved for system use, but the sandbox runs as a normal user
process so should be using user sections instead.
Clang's ASAN adds redzones to non-user sections and the extra padding
meant that the list of options was being corrupted. Naming the sections
as user sections avoids this issue as clang handles them as we intended.
Signed-off-by: Andrew Scull <ascull@google.com>
Rename the sections used for placing the EFI runtime so that they don't
start with a '.'. ELF says that sections starting with a '.' are
reserved for system use, but the sandbox runs as a normal user process
so should be using user sections instead.
Clang's ASAN adds redzones to non-user sections and the extra padding
meant that the list of options was being corrupted. Naming the sections
as user sections avoids this issue as clang handles them as we intended.
Signed-off-by: Andrew Scull <ascull@google.com>
Fix the buffer underflow that would occur if puts is called with length
of zero.
Fixes: efa51f2bd6 ("serial: sandbox: Implement puts")
Cc: Sean Anderson <sean.anderson@seco.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
AST2600 supports boot from SPI(mmap), eMMC, and UART.
This patch adds the boot mode detection and return the
corresponding boot device type.
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
The commit b583348ca8 ("image: fit: Align hash output buffers") places
the hash output buffer at the .bss section. However, AST2600 by default
executes SPL in the NOR flash XIP way. This results in the hash output
cannot be written to the buffer as it is located at the R/X only region.
We need to move the .bss section out of the SPL body to the DRAM space,
where hash output can be written to. This patch includes:
- Define the .bss section base and size
- A new SPL linker script is added with a separate .bss region specified
- Enable CONFIG_SPL_SEPARATE_BSS kconfig option
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Reviewed-by: Neal Liu <neal_liu@aspeedtech.com>
The HPE SoC is new to linux. A basic device tree layout with minimum
required for linux to boot including a timer and watchdog support has
been created.
The dts file is empty at this point but will be updated in subsequent
updates as board specific features are enabled.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
The GXP supports 3 separate SPI interfaces to accommodate the system
flash, core flash, and other functions. The SPI engine supports variable
clock frequency, selectable 3-byte or 4-byte addressing and a
configurable x1, x2, and x4 command/address/data modes. The memory
buffer for reading and writing ranges between 256 bytes and 8KB. This
driver supports access to the core flash.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
Add support for the HPE GXP SOC timer. The GXP supports several different
kinds of timers but for the purpose of this driver there is only support
for the General Timer. The timer has a 1us resolution and is 56 bits.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
The GXP is the HPE BMC SoC that is used in the majority
of current generation HPE servers. Traditionally the asic will
last multiple generations of server before being replaced.
Info about SoC:
HPE GXP is the name of the HPE Soc. This SoC is used to implement many BMC
features at HPE. It supports ARMv7 architecture based on the Cortex A9
core. It is capable of using an AXI bus to whicha memory controller is
attached. It has multiple SPI interfaces to connect boot flash and BIOS
flash. It uses a 10/100/1000 MAC for network connectivity. It has multiple
i2c engines to drive connectivity with a host infrastructure. There
currently are no public specifications but this process is being worked.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
Currently, enabling CMD_MISC gives:
cmd/misc.c:67:25: warning: assignment to 'int (*)(struct udevice *, int, void *, int)' from incompatible pointer type 'int (*)(struct udevice *, int, const void *, int)' [-Wincompatible-pointer-types]
Because 'misc_read' takes a void * and 'misc_write' takes a const void
*, both of which make sense for their operation. Given there's one
place we make use of the function pointer, just call read or write
directly for the operation we're called with.
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
cp.b is used a lot as a way to load binaries to memory and execute
them, however we may need to integrate this with the efi subsystem to
set it up as a bootdev.
So, introduce a loadm command that will be consistent with the other
loadX commands and will call the efi API's.
ex: loadm $kernel_addr $kernel_addr_r $kernel_size
with this a kernel with CONFIG_EFI_STUB enabled will be loaded and
then subsequently booted with bootefi command.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Seems that u-boot can't probe i2c bus at 2.6Mhz speed, so lower
the speed to the default value 100Khz.
v2: fix i2c1 frequency in the root omap3-u-boot.dtsi include.
Signed-off-by: Anthoine Bourgeois <anthoine.bourgeois@gmail.com>
- Correct livetree support in stm32mp1 boards
- Activate livetree for stm32mp15 DHSOM boards
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEE56Yx6b9SnloYCWtD4rK92eCqk3UFAmKsehgACgkQ4rK92eCq
k3UexAf+JThCd7FlN3OkTVKIdZKeNm2KpQxrqt20whiqp/nSUzxXrjdlCTKZEER2
lLJoVnwr+bkmdlqsa6gAZXSsd0lUv37XnLsLA5or278tFNlKp6gzYrz49FR59mVC
ie7/NlY5FgM5qmKGCob7tjwJ78r2/S3T2EaLiAMWUmw2UB5KZU6h3napHZ+1T0se
vaEAVRzAaZeYzKU3k6RBSv2tXQ6ssvfpp9RcXpRGtrN908AqDhHiOfntuOrnsEe0
9rjY1DSXO9a5WqHRm2KQ3FrA/By2layQ+4WH/HgIPHasisnmo3E/euVWmhtTaiT/
g5bOLwyFQ2/RvdMlMxXlKUcuMfNwRA==
=Hhzj
-----END PGP SIGNATURE-----
Merge tag 'u-boot-stm32-20220620' of https://source.denx.de/u-boot/custodians/u-boot-stm into next
- Add STM32MP13 SoCs support with associated board STM32M135F-DK
- Correct livetree support in stm32mp1 boards
- Activate livetree for stm32mp15 DHSOM boards
The board supports up to 8 GiB memory. The memory is soldered on the
board but the configuration is equivalent to a dual chip select, dual
rank DIMM module.
Signed-off-by: Michael Walle <michael@walle.cc>
With a 8GiB memory board, it seems that the "very unlikely event" of a
DDR initialization with non-optimal values are not really that unlikely.
It happens in about every other reboot. As described in erratum
A-009942, preset the DEBUG_28 register with an optimal value. The value
iself depends on the memory configuration of the board, but the used
value seems to work well for all variants.
Signed-off-by: Michael Walle <michael@walle.cc>