This commit adds the menu-driven UEFI Secure Boot Key
enrollment interface. User can enroll PK, KEK, db
and dbx by selecting file.
Only the signed EFI Signature List(s) with an authenticated
header, typically '.auth' file, is accepted.
To clear the PK, KEK, db and dbx, user needs to enroll the null key
signed by PK or KEK.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add a command to read the metadata as specified in the FWU
specification and print the fields of the metadata.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add a new 'font' command which allows the fonts to be listed as well as
selecting a different font and size.
Allow the test to run on sandbox, where multiple font/size combinations
are supported, as well as sandbox_flattree, where they are not.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move these commands and the implementation to the cmd/ directory, which is
where most commands are kept.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
[agust: keep vidconsole_position_cursor() in vidconsole uclass]
Signed-off-by: Anatolij Gustschin <agust@denx.de>
Currently, there is no way for users to check the readings from thermal
sensors from U-boot console, only some boards print it during boot.
So, lets add a simple "temperature" command that allows listing thermal
uclass devices and getting their value.
Note that the thermal devices are intenionally probed if list is used as
almost always they will not get probed otherwise and there is no way for
users to manually call probe on a certain device from console.
Assumption is made that temperature is returned in degrees C and not
milidegrees like in Linux as this is what most drivers seem to return.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add xxd command to print file content as hexdump to standard out
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Roger Knecht <rknecht@pm.me>
This condition is not needed for these commands, since BLK is enabled for
all boards which use block devices and commands are not available in SPL,
so even if SPL_BLK is not enabled, it doesn't affect commands.
Signed-off-by: Simon Glass <sjg@chromium.org>
UEFI:
Implement a command eficonfig to maintain Load Options and boot order via
menus.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmMh/kQACgkQxIHbvCwF
GsSYVhAAlhyCiAQudBJtrOyAA0HDPMio/Fx9F3YV1Laay//6+xHhEh5H94fMr7jP
BHOrpE+IDKQTiQ8X3FpJpm3FzgQBzu0s4gQ+8fCKwkXCkaPTtWhs3s5SdHN0TWmv
qGlNbuPdoU+4i7PeBWw87EvOCzh4+snn+l3t+npMxUlZJInGy+6xj0irnSEXTvXV
lpDRw2UDq3/smAS8tAcR+zriTH5o1Lx+0qPIO9Hw8BSDHOcvZD+S9d6cd6j+M+Wz
rWk1Bshol6anIZWS5Gnx14ddKF8SQcSiPsDXg2Uj2DvFg7lWepKxAbDJD5CVF9R9
aEu6THCurc+769A/IHAS9M0EDNnWoUGFSxe0JuEHdYVuGj30RRfzSaciKkNxsxUZ
UGvDnQ+zdRoj6bTVi4Zf8SeZUTm/04lWMoIF05uhZFDiwxidbMowoNsk9FeKria/
4vXybfj/IhRwbiAhOUqyDjGuoLj8iVeOAyzin4FnDvBwdshIkSsB+4y1sX1aQv02
HQbP6WXkiYoYNkw5i9E9ZChioxkzMrn2za3GxWhkTBMJArDw6xSuHMdQsgwWWoqU
fCKjwe+D96lHq5cKt3DmGTvGxQtx9ckSJGK5r+US5y1udzotjOKc1jqMkMvS3Jyg
ureTj0wvLYSx+/UirVAZ4IDviDMBVEar79VS2xi+SYBMLeQPy3I=
=P89S
-----END PGP SIGNATURE-----
Merge tag 'efi-next-2022-09-14' of https://source.denx.de/u-boot/custodians/u-boot-efi into next
Pull request for efi next
UEFI:
Implement a command eficonfig to maintain Load Options and boot order via
menus.
This commit add the "eficonfig" command.
The "eficonfig" command implements the menu-driven UEFI boot option
maintenance feature. This commit implements the addition of
new boot option. User can select the block device volume having
efi_simple_file_system_protocol and select the file corresponding
to the Boot#### variable. User can also enter the description and
optional_data of the BOOT#### variable in utf8.
This commit adds "include/efi_config.h", it contains the common
definition to be used from other menus such as UEFI Secure Boot
key management.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
This patch adds the cyclic command, which currently only supports the
'list' subcommand, to list all currently registered cyclic functions.
Here an example:
=> cyclic list
function: cyclic_demo, cpu-time: 7010 us, frequency: 99.80 times/s
function: cyclic_demo2, cpu-time: 1 us, frequency: 1.13 times/s
As you can see, the cpu-time is accounted, so that cyclic functions
that take too long might be discovered. Additionally the frequency is
logged.
The 'cyclic demo' commands registers the cyclic_demo() function to
be executed all 'cycletime_ms' milliseconds. The only thing this
function does is delaying by 'delay_us' microseconds.
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
This command is being introduced with the goal of allowing user-friendly
"generic use case" U-Boot builds to pause until user input under some
situations.
The main use case would be when a boot failure happens, to pause until
the user has had time to acknowledge the current state.
Tested using:
make && ./u-boot -v -T -c 'ut lib lib_test_hush_pause'
Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
Cc: Simon Glass <sjg@chromium.org>
Add a 'bootdev' command to handle listing and selection of bootdevs.
Disable standard boot for a few boards which otherwise run out of space.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add Kconfig option(CONFIG_CMD_MP) to enable or disable multiprocessor
commands. Compile cmd/mp.c based on CONFIG_CMD_MP.
Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Commit 98f705c9ce ("powerpc: remove 4xx support") removed (in 2017) the
last code that made use of bedbug debugger support. Since there aren't
any boards left that define either CONFIG_CMD_BEDBUG or a real
bedbug_init(), drop this feature from u-boot.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present the 'efi' command only works in the EFI payload. Update it to
work in the app too, so the memory map can be examined.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Allow the kaslr-seed value in the chosen node to be set from a hardware
rng source.
Tested on a Rockchip PX30 (Odroid Go Advance), you must have loaded
the devicetree first and prepared it for editing. On my device the
workflow goes as follows:
setenv dtb_loadaddr "0x01f00000"
load mmc 0:1 ${dtb_loadaddr} rk3326-odroid-go2.dtb
fdt addr ${dtb_loadaddr}
fdt resize
kaslrseed
and the output can be seen here:
fdt print /chosen
chosen {
kaslr-seed = <0x6f61df74 0x6f7b996c>;
stdout-path = "serial2:115200n8";
};
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move the header file into the main include/ directory so we can use it
from the bootmethod code. Move the C file into boot/ since it relates to
booting.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
Tested-by: Artem Lapkin <email2tema@gmail.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Add format string handling operator to the setexpr command.
It allows to use C or Bash like format string expressions to be
evaluated with the result being stored inside the environment variable
name.
setexpr <name> fmt <format> [value]...
The following example
setexpr foo fmt "%d, 0x%x" 0x100 ff
will result in $foo being set to "256, 0xff".
Signed-off-by: Roland Gaudig <roland.gaudig@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This patch adds a new "extension" command, which aims at detecting
extension boards connected to the hardware platform, and apply the
Device Tree overlays that describe the hardware present on those
extension boards.
In order to enable this mechanism, board-specific code must implement
the extension_board_scan() function that fills in a linked list of
"struct extension", each describing one extension board. In addition,
the board-specific code must select the SUPPORT_EXTENSION_SCAN Kconfig
boolean.
Based on this:
- "extension scan" makes the generic code call the board-specific
extension_board_scan() function to retrieve the list of detected
extension boards.
- "extension list" allows to list the detected extension boards.
- "extension apply <number>|all" allows to apply the Device Tree
overlay(s) corresponding to one, or all, extension boards
The latter requires two environment variables to exist and set one variable
to run:
- extension_overlay_addr: the RAM address where to load the Device
Tree overlays
- extension_overlay_cmd: the U-Boot command to load one overlay.
Indeed, the location and mechanism to load DT overlays is very setup
specific.
- extension_overlay_name: set by the command: the name of the DT which
will be load during the execution.
When calling the command described in the extension_overlay_cmd
variable, the variable extension_overlay_name will be defined. So a
typical extension_overlay_cmd will look like this:
extension_overlay_cmd=load mmc 0:1 $extension_overlay_addr /boot/$extension_overlay_name
Here is an example on how to use it:
=> run loadfdt
=> fdt addr $fdtaddr
=> setenv extension_overlay_addr 0x1000
=> setenv extension_overlay_cmd 'load mmc 0:1 ${extension_overlay_addr} /boot/${extension_overlay_name}'
=> extension scan
Found 1 extension board(s).
=> extension apply 0
519 bytes read in 3 ms (168.9 KiB/s)
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Reviewed-by: Maxime Ripard <maxime@cerno.tech>
Add support for stack protector for UBOOT, SPL, and TPL
as well as new pytest for stackprotector
Signed-off-by: Joel Peshkin <joel.peshkin@broadcom.com>
Adjust UEFI build flags.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Enable and provision the SCP03 keys on a TEE controlled secured elemt
from the U-Boot shell.
Executing this command will generate and program new SCP03 encryption
keys on the secure element NVM.
Depending on the TEE implementation, the keys would then be stored in
some persistent storage or better derived from some platform secret
(so they can't be lost).
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io>
This adds a new command 'addrmap' to display the address map for
non-identity virtual-physical memory mappings.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
Add the command "pwm" for controlling the pwm channels. This
command provides pwm invert/config/enable/disable functionalities
via PWM uclass drivers
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a 'mbr' command to let users create or verify MBR partition layout
based on the provided text description. The partition layout is
alternatively read from the 'mbr_parts' environment variable. This can be
used in scripts to help system image flashing tools to ensure proper
partition layout.
The syntax of the text description of the partition list is similar to
the one used by the 'gpt' command. Supported parameters are: name
(currently ignored), start (partition start offset in bytes), size (in
bytes or '-' to expand it to the whole free area), bootable (boolean
flag) and id (MBR partition type). If one wants to create more than 4
partitions, an 'Extended' primary partition (with 0x05 ID) has to be
explicitely provided as a one of the first 4 entries.
Here is an example how to create a 6 partitions (3 on the 'extended
volume'), some of the predefined sizes:
> setenv mbr_parts 'name=boot,start=4M,size=128M,bootable,id=0x0e;
name=rootfs,size=3072M,id=0x83;
name=system-data,size=512M,id=0x83;
name=[ext],size=-,id=0x05;
name=user,size=-,id=0x83;
name=modules,size=100M,id=0x83;
name=ramdisk,size=8M,id=0x83'
> mbr write mmc 0
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Implement the commands
* exception undefined - execute an illegal instruction
* exception sigsegv - cause a segment violation
Here is a possible output:
=> exception undefined
Illegal instruction
pc = 0x55eb8d0a7575, pc_reloc = 0x57575
Resetting ...
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
This command lets the user list, select, and deselect mux controllers
introduced with the mux framework on the fly. It has 3 subcommands:
list, select, and deselect.
List: Lists all the mux present on the system. The muxes are listed for
each chip. The chip is identified by its device name. Each chip can have
a number of mux controllers. Each is listed in sequence and is assigned
a sequential ID based on its position in the mux chip. It lists details
like ID, whether the mux is currently selected or not, the current
state, the idle state, and the number of states.
A sample output would look something like:
=> mux list
a-mux-controller:
ID Selected Current State Idle State Num States
0 no unknown as-is 0x4
1 no 0x2 0x2 0x10
2 no 0x73 0x73 0x100
another-mux-controller:
ID Selected Current State Idle State Num States
0 no 0x1 0x1 0x4
1 no 0x2 0x2 0x4
Select: Selects a given mux and puts it in the specified state. This
subcommand takes 3 arguments: mux chip, mux ID, state to set
the mux in. The arguments mux chip and mux ID are used to identify which
mux needs to be selected, and then it is selected to the given state.
The mux needs to be deselected before it can be selected again in
another state. The state should be a hexadecimal number.
For example:
=> mux list
a-mux-controller:
ID Selected Current State Idle State Num States
0 no 0x1 0x1 0x4
1 no 0x1 0x1 0x4
=> mux select a-mux-controller 0 0x3
=> mux list
a-mux-controller:
ID Selected Current State Idle State Num States
0 yes 0x3 0x1 0x4
1 no 0x1 0x1 0x4
Deselect: Deselects a given mux and puts it in its idle state. This
subcommand takes 2 arguments: the mux chip and mux ID to identify which
mux needs to be deselected. So in the above example, we can deselect mux
0 using:
=> mux deselect a-mux-controller 0
=> mux list
a-mux-controller:
ID Selected Current State Idle State Num States
0 no 0x1 0x1 0x4
1 no 0x1 0x1 0x4
Signed-off-by: Pratyush Yadav <p.yadav@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Enable the command "misc" for accessing miscellaneous devices with
a MISC uclass driver. The command provides listing all MISC devices
as well as read and write functionalities via their drivers.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
The "cmd/Kconfig" has a TODO description for CMD_MISC that it should
really be named as CMD_SLEEP. Change it in the whole source tree.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Enable "optee_rpmb" command to write/read named persistent values
created on RPMB by opening session with OPTEE AVB TA.
This provides easy test for establishing a session with OPTEE
TA and storage of persistent data in MMC RPMB.
It includes following subcommands:
optee_rpmb read_pvalue:read persistent values on rpmb via OPTEE AVB TA
optee_rpmb write_pvalue:write persistent values on rpmb via OPTEE AVB
TA
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
[Rebased]
Signed-off-by: Priyanka Jain <priyanka.jain@nxp.com>
This patch adds a new pstore command allowing to display or save ramoops
logs (oops, panic, console, ftrace and user) generated by a previous
kernel crash.
PStore parameters can be set in U-Boot configuration file, or at run-time
using "pstore set" command. Records size should be the same as the ones
used by kernel, and should be a power of 2.
This command allows:
- to display uncompressed logs
- to save compressed or uncompressed logs, compressed logs are saved as a
compressed stream, it may need some work to be able to decompress it,
e.g. adding a fake header:
"printf "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x00" |
cat - dmesg-ramoops-0.enc.z | gzip -dc"
- ECC part is not used to check memory corruption
- only 1st FTrace log is displayed or saved
Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
[trini: Minor updates for current design, correct spacing in rST]
Signed-off-by: Tom Rini <trini@konsulko.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Heiko Schocher <hs@denx.de>
It is helpful to be able to see basic statistics about the bloblist and
also to list its contents. Add a 'bloblist' command to handle this.
Put the display functions in the bloblist modules rather than in the
command code itself. That allows showing a list from SPL, where commands
are not available.
Also make bloblist_first/next_blob() static as they are not used outside
this file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Extend Kconfig for the board with board-specific commands selection.
Signed-off-by: Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
Signed-off-by: Rayagonda Kokatanur <rayagonda.kokatanur@broadcom.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add initial infrastructure for Xen para-virtualized block device.
This includes compile-time configuration and the skeleton for
the future driver implementation.
Add new class UCLASS_PVBLOCK which is going to be a parent for
virtual block devices.
Add new interface type IF_TYPE_PVBLOCK.
Implement basic driver setup by reading XenStore configuration.
Signed-off-by: Andrii Anisov <andrii_anisov@epam.com>
Signed-off-by: Anastasiia Lukianenko <anastasiia_lukianenko@epam.com>
Signed-off-by: Oleksandr Andrushchenko <oleksandr_andrushchenko@epam.com>
This patch adds a feature for block device cloning similar to dd
command, this should be useful for boot-strapping a device where
usb gadget or networking is not available. For instance one can
clone a factory image into a blank emmc from an external sd card.
Signed-off-by: John Chau <john@harmon.hk>
Adds a command 'button' that provides the list of buttons
supported by the board, and the state of a button.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
The `fitupd' command is not used by any board. The `dfu tftp' command
provides the same capabilities.
So let's drop the `fitupd' command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Mostly as an aid for debugging RTC drivers, provide a command that can
be used to read/write arbitrary registers (assuming the driver
provides the read/write methods or their single-register-at-a-time
variants).
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Even in boot scripts it may be needed to "panic" when all options
are exhausted and the device specification specifies hanging
instead of resetting the board.
So add a new panic command that just wraps around the core panic
call in U-Boot and can take an optional message.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a command to print a list of available block device drivers,
and for each, the list of known block devices.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
It is useful to dump ACPI tables in U-Boot to see what has been generated.
Add a command to handle this.
To allow the command to find the tables, add a position into the global
data.
Support subcommands to list and dump the tables.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>