make htmldocs results in an error:
doc/android/boot-image.rst:33:
WARNING: Unparseable C cross-reference: 'struct andr_img_hdr'
Invalid C declaration: Expected identifier in nested name, got keyword:
struct [error at 6]
Follow the style prescribed in
https://www.kernel.org/doc/html/latest/doc-guide/kernel-doc.html#highlights-and-cross-references
Add missing definite article.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
There might be hardware configurations where 64-bit data accesses
to NVMe registers are not supported properly. This patch removes
the readq/writeq so always two 32-bit accesses are used to read/write
64-bit NVMe registers, similarly as it is done in Linux kernel.
This patch fixes operation of NVMe devices on RPi4 Broadcom BCM2711 SoC
based board, where the PCIe Root Complex, which is attached to the
system through the SCB bridge.
Even though the architecture is 64-bit the PCIe BAR is 32-bit and likely
the 64-bit wide register accesses initiated by the CPU are not properly
translated to a sequence of 32-bit PCIe accesses.
nvme_readq(), for example, always returns same value in upper and lower
32-bits, e.g. 0x3c033fff3c033fff which lead to NVMe devices to fail
probing.
This fix is analogous to commit 8e2ab05000 ("usb: xhci: Use only
32-bit accesses in xhci_writeq/xhci_readq").
Cc: Sylwester Nawrocki <s.nawrocki@samsung.com>
Cc: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
Cc: Matthias Brugger <mbrugger@suse.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Stefan Agner <stefan@agner.ch>
When unaligned 3 bytes data write operation is performed, 3rd byte
is being over written by 1st byte of 3 bytes data. This patch
fixes it.
Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Add parallel nor device to distroboot for microblaze.
Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Set script_offset_nor env variable using CONFIG_BOOT_SCRIPT_OFFSET
and nor flash start address to keep bootscript offset configurable.
Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Endianness detection is checked against uninitialized ret variable.
Assign ret with read value from status register to fix this.
Fixes: 31a359f87e ("serial: uartlite: Add support to work with any endianness")
Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
* UEFI capsule authentication
* UEFI capsule update on QEMU ARM
* fsuuid command for FAT file system
* bug fixes
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAl/t+U4ACgkQxIHbvCwF
GsTexw/+K0BXWsx2lSBuOty0QIazr9ZjljVYLHIWa9PuWibEWPlfDZFLVSXZmYJ2
nv7B8ieagO8Ev+ULog8Y64q0Ild8188J/00zhWHRe96ovIjjyZ60jJPHUeUlL9UY
XJdpKPUyYdtJEG8I8DUaFiuGpleidNLScnEhGdpyJXvyW5vV9helcpSYexB/jOCe
LTgFR6a4ULpTQUpbKPEBlhF7Ww4/jJbVT8rdmACRGGvNMBI65wbvTHcQ2fZbi8MS
gau7eUd9rBCn/SbBKv19rGCffKvksBxXGfmp/+neB7ZUNwf2suQqVmDkucSATw93
fUyZCbyMm1f5WfhmJK7EfF8xUE4v5gBwrmCuV7TARzX9dRJeslezd5OVK+WpniVM
ZhRt7dBXdmbpf35o2KyPuvI//+Sa8vJw80vtiSK/UZCH5uEAkDK9+VXzQiRna7dN
tNmFW1bJEYz18lf6n9KWLH4A8mustwi2mwHS5sk+m8pYpS8Cihmwhpmv++QvSEyg
RvmS1ax77Bj3krfqVCiFQixuRmcwYjwPySvTzjFVJzVlEiRgoYo7BIHo6bZx8aDh
3lkB7By2OyC2xzRyd0Lkxw497tMaEQMuFV9voRuT7jmdK7g0grnu1daapKM5wKnt
wKxoZ8XmFKw2hyTnlNvkg8CP+B4lPPB2AEyf4q21iBM/bfOawo4=
=d+Lk
-----END PGP SIGNATURE-----
Merge tag 'efi-next' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi into next
Pull request for UEFI sub-system for next
* UEFI capsule authentication
* UEFI capsule update on QEMU ARM
* fsuuid command for FAT file system
* bug fixes
Add documentation highlighting the steps for using the uefi capsule
update feature for updating the u-boot firmware image.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add a efidebug subcommand to initiate a firmware update using the efi
firmware management protocol(fmp) set_image routine.
The firmware update can be initiated through
'efidebug capsule disk-update'
This would locate the efi capsule file on the efi system partition,
and call the platform's set_image fmp routine to initiate the firmware
update.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add support for enabling uefi capsule authentication. This feature is
enabled by setting the environment variable
"capsule_authentication_enabled".
The following configs are needed for enabling uefi capsule update and
capsule authentication features on the platform.
CONFIG_EFI_HAVE_CAPSULE_SUPPORT=y
CONFIG_EFI_CAPSULE_ON_DISK=y
CONFIG_EFI_CAPSULE_FIRMWARE_MANAGEMENT=y
CONFIG_EFI_CAPSULE_FIRMWARE=y
CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_EFI_CAPSULE_AUTHENTICATE=y
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add support for authenticating uefi capsules. Most of the signature
verification functionality is shared with the uefi secure boot
feature.
The root certificate containing the public key used for the signature
verification is stored as part of the device tree blob. The root
certificate is stored as an efi signature list(esl) file -- this file
contains the x509 certificate which is the root certificate.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The efi_sigstore_parse_sigdb function reads the uefi authenticated
variable, stored in the signature database format and builds the
signature store structure. Factor out the code for building
the signature store. This can then be used by the capsule
authentication routine to build the signature store even when the
signature database is not stored as an uefi authenticated variable
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The pkcs7 header parsing functionality is pretty generic, and can be
used by other features like capsule authentication. Make the function
an extern, also changing it's name to efi_parse_pkcs7_header
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Prior to writing to an mtd device, mtd_erase is called. This call
fails in case the sector being erased is locked. Call mtd_unlock to
unlock the region which is to be erased and later written to. Lock the
region once the write to the region has completed.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
When building the capsule using scripts in edk2, a fmp header is
added on top of the binary payload. Add logic to detect presence of
the header. When present, the pointer to the image needs to be
adjusted as per the size of the header to point to the actual binary
payload.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The fsp_types.h header file contains macros for building signatures of
different widths. These signature macros are architecture agnostic,
and can be used in all places which use signatures in a data
structure. Move and rename the fsp_types.h under the common include
header.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The dfu framework uses the dfu_alt_info environment variable to get
information that is needed for performing the firmware update. Add
logic to set the dfu_alt_info for the qemu arm64 platform to reflect
the two mtd partitions created for the u-boot env and the firmware
image. This can be subsequently extended for other qemu architectures
which need this variable set.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add support for setting the default values for mtd partitions on the
platform. This would be used for updating the firmware image using
uefi capsule update with the dfu mtd backend driver.
Currently, values have been defined for the qemu arm64 platform, with
default values defined for the mtd partitions based on the NOR
flash. This can be subsequently extended for other qemu architectures
which need mtdparts set.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
RFC 2315 Section 9.3 describes the message digesting process. The
digest calculated depends on whether the authenticated attributes are
present. In case of a scenario where the authenticated attributes are
present, the message digest that gets signed and is part of the pkcs7
message is computed from the auth attributes rather than the contents
field.
Check if the auth attributes are present, and if set, use the auth
attributes to compute the hash that would be compared with the
encrypted hash on the pkcs7 message.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
On the qemu arm platform, the virtio devices are initialised in the
board_init function, which gets called before the initr_pci. With
this sequence, the virtio block devices on the pci bus are not
initialised. Move the initialisation of the virtio devices to
board_late_init which gets called after the call to initr_pci.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add options for embedding the public key esl(efi signature list) file
to the platform's dtb. The esl file is then retrieved and used for
authenticating the capsule to be used for updating firmare components
on the platform.
The esl file can now be embedded in the dtb by invoking the following
command
mkeficapsule -K <pub_key.esl> -D <dtb>
In the scenario where the esl file is to be embedded in an overlay,
this can be done through the following command
mkeficapsule -O -K <pub_key.esl> -D <dtb>
This will create a node named 'signature' in the dtb, and the esl file
will be stored as 'capsule-key'
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
When a new event is queued we have to process the event queue by calling
efi_process_event_queue(). But there is not reason to call the function
when the event is not queueable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Although the function description states the caller must provide a
sufficient buffer, it's better to have in function checks that the
destination buffer can hold the intended value.
So let's add an extra argument with the buffer size and check that
before doing any copying.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Up to now we install the EFI_LOAD_FILE2_PROTOCOL to load an initrd
unconditionally. Although we correctly return various EFI exit codes
depending on the file status (i.e EFI_NO_MEDIA, EFI_NOT_FOUND etc), the
kernel loader only falls back to the cmdline interpreted initrd if the
protocol is not installed.
This creates a problem for EFI installers, since they won't be able to
load their own initrd and start the installation.
A following patch introduces a different logic where we search for an
initrd path defined in an EFI variable named 'Initrd####'.
If the bootmgr is used to launch the EFI payload, we'll will try to match
the BootCurrent value and find the corresponding initrd
(i.e Boot0000 -> Initrd0000 etc). If the file is found, we'll install
the required protocol which the kernel's efi-stub can use and load our
initrd.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
dm.h and env.h serve no purpose here. Remove them and sort the
remaining in alphabetical order.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Do not use data from the loaded image object after deleting it.
Fixes: 126a43f15b ("efi_loader: unload applications upon Exit()")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
load_options passed from do_efibootmgr() to do_bootefi_exec() may contain
invalid data from the stack which will lead to an invalid free().
Fixes: 0ad64007fe ("efi_loader: set load options in boot manager")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Up to now the escape key was not correctly detected in UEFI applications.
We had to hit it twice for a single escape to be recognized.
Use a 10 ms delay to detect if we are dealing with the escape key or an
escape sequence.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
IS_ENABLED() contains parentheses. But we should still put extra
parentheses around it in an if statement for readability.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The FAT file system does not have a UUID but a 4 byte volume ID.
Let the fsuuid command show it in XXXX-XXXX format.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The FAT filesystem implementation uses several marcros referring to a magic
variable name mydata which renders the code less readable. Eliminate one of
them which is only used for a debug() statement.
Use log_debug() instead of debug().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
When opening an OP-TEE session we need to check the internal return
value of OP-TEE call arguments as well the return code of the
function itself.
The code was also ignoring to close the OP-TEE session in case the
shared memory registration failed.
Fixes: f042e47e8f ("efi_loader: Implement EFI variable handling via OP-TEE")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Currently the size of the buffer to keep UEFI variables in memory is fixed
at 16384 bytes. This size has proven to be too small for some use cases.
Make the size of the memory buffer for UEFI variables customizable.
Reported-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The following errors in the UEFI sub-system are fixed:
* use after free in efi_exit()
* invalid free when using the boot manager
* pressing escape key once not recognized
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAl/rIkAACgkQxIHbvCwF
GsTEEw/+KjnvH5+rDyacPjH2+NEejhtjCCFqdG1068Kl2fCnDOsPzlGT3E4NRZDd
WWZQIvnARCgEs2JcIFi2xDs++djHpBMG+VjErOY5miRCqp2ysZn6tvTGebG29hqV
vofRT85ZGg8A/Ag8JtidiKGBmwrMWdz21Bl+kBuU4Lmcoed3Avii++AHCrB/k1Jv
7nrnXJKwhijkJLx6xhuLX2kOq/QcO5Ey0Ht3+dgP8FRHGTiDp8s+blyIcz+Q3tk5
ts5k63Uc1Ey3f+xezzMEw7Y0I3ALKXwArLsdqvCDdECpbER7qvpO1Q6TaCzQrpG2
VH0tGt3Ngpj3betiRu4E1f/0HarZP+Rhafzf4NiAr2HzlY28VI9ZOipz45pf/b3K
jBsaFYlNTJrWvbi9mBRH3QgvWBLBMzINQaE3fb3YHMvKsf1sELlRzThaDmIwKrMP
CHnSujGk4A57vNmCa0yJpO0ebLfCk/iXd6WdULlWql2lzzOobdkf/0eGYNodEc6/
k31SmMgqJ/G9W+Wujk+bIUzpYmokpbVX7gP4QWiA/itIPCV+T6MXa7hH8G3lytE3
17FtDRGDFgrjZ0oV4LfhWyw3VlESn4jekR2+RdRHvdc7fcIX+URYylGn12W+gc2y
dErKqNsLhybJDC6G6cMf7wauJiJSXakQ8a05G+EgoSh+lJ5d9b8=
=W6EE
-----END PGP SIGNATURE-----
Merge tag 'efi-2021-01-rc5-2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2021-01-rc5 (2)
The following errors in the UEFI sub-system are fixed:
* use after free in efi_exit()
* invalid free when using the boot manager
* pressing escape key once not recognized
Do not use data from the loaded image object after deleting it.
Fixes: 126a43f15b ("efi_loader: unload applications upon Exit()")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
load_options passed from do_efibootmgr() to do_bootefi_exec() may contain
invalid data from the stack which will lead to an invalid free().
Fixes: 0ad64007fe ("efi_loader: set load options in boot manager")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Up to now the escape key was not correctly detected in UEFI applications.
We had to hit it twice for a single escape to be recognized.
Use a 10 ms delay to detect if we are dealing with the escape key or an
escape sequence.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
IS_ENABLED() contains parentheses. But we should still put extra
parentheses around it in an if statement for readability.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This reverts commit 828d326216.
This change revers code which asserting PERST# signal when unloading
driver. Driver's remove callback is still there as it is used for other
functionality.
Asserting PERST# signal prior booting kernel is causing that A3720 boards
(Turris MOX and Espressobin) with stable Linux kernel versions 4.14 and
4.19 are not able to detect some PCIe cards (e.g. Compex WLE200 and WLE900)
and anymore. When PERST# signal is not asserted these cards are detected
correctly. As this is regression for existing stable Linux kernel versions
revert this problematic change in U-Boot.
To make cards working with OpenWRT 4.14 kernel it is needed to disable link
training prior booting kernel, which is already done in driver's remove
callback.
Described issue is in Linux kernel pci aardvark driver which is (hopefully)
fixed in latest upstream versions. Latest upstream versions should be able
to initialize PCIe bus and detects cards independently of the link training
and PERST# signal state.
So with this change, U-Boot on A3720 boards should be able to boot OpenWRT
4.14 kernel, stable 4.14 and 4.19 kernels and also latest mainline kernels.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
For correct spi bus detection the spi0 alias is needed in the DT.
Otherwise this error will ocurr in U-Boot:
Invalid bus 0 (err=-19)
Failed to initialize SPI flash at 0:0 (error -19)
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Dennis Gilmore <dgilmore@redhat.com>
Tested-by: Dennis Gilmore <dgilmore@redhat.com>
