For the initrd portion of handling our bootm arguments we do not have a
sufficiently long enough buffer for some improbable 64bit cases. Expand
this buffer to allow for a 64bit address and almost 256MB initrd to be
used. Make use of strncpy/strncat when constructing the values here
since we know what the worst case valid values are, length wise.
Similarly for bootargs themselves, we need to make use of strlen/sizeof
and strncpy/strncat to ensure that we don't overflow bootargs itself.
Cc: Simon Glass <sjg@chromium.org>
Cc: Alexander Graf <agraf@suse.de>
Reported-by: Coverity (CID: 131256)
Signed-off-by: Tom Rini <trini@konsulko.com>
When we have multiple messages provided, we need to be sure that we do
not exceed the length of our 'message' buffer. In the for loop, make
sure that pos is not larger than message. Only copy in at most however
much of the message buffer remains. Finally, if we have not reached the
end of the message buffer, put in a space and NULL, and if we have,
ensure the buffer is now NULL termined.
Reported-by: Coverity (CID: 165116)
Signed-off-by: Tom Rini <trini@konsulko.com>
Create a common exit for most of the error handling code in
do_rename_gpt_parts. Delete the list elements in disk_partitions
before calling INIT_LIST_HEAD from get_gpt_info() a second time.
The SIZEOF_MISMATCH error is not addressed, since that problem was
already fixed by "GPT: incomplete initialization in
allocate_disk_part".
Signed-off-by: Alison Chaiken <alison@peloton-tech.com>
Reported-by: Coverity (CID: 167222, 167235, 167237)
Reviewed-by: Tom Rini <trini@konsulko.com>
U-Boot widely uses error() as a bit noisier variant of printf().
This macro causes name conflict with the following line in
include/linux/compiler-gcc.h:
# define __compiletime_error(message) __attribute__((error(message)))
This prevents us from using __compiletime_error(), and makes it
difficult to fully sync BUILD_BUG macros with Linux. (Notice
Linux's BUILD_BUG_ON_MSG is implemented by using compiletime_assert().)
Let's convert error() into now treewide-available pr_err().
Done with the help of Coccinelle, excluing tools/ directory.
The semantic patch I used is as follows:
// <smpl>
@@@@
-error
+pr_err
(...)
// </smpl>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Re-run Coccinelle]
Signed-off-by: Tom Rini <trini@konsulko.com>
The current code, if there's both an eMMC and an MMC slot available on the
board, will swap the MMC indices based on whether we booted from the eMMC
or the MMC. This way, the MMC we're supposed to boot on will always have
the index 0.
However, this causes various issues, for example when using other
components that base their behaviour on the MMC index, such as fastboot.
Let's remove that hack, and take the opposite approach. The MMC will always
have the same index, but the bootcmd will pick the same device than the one
we booted from. This is done through the introduction of the mmc_bootdev
environment variable that will be filled by the board code based on the
boot device informations we can get from the SoC.
In order to not introduce regressions, we also need to adjust the fastboot
MMC device and the environment device in order to set it to the eMMC, over
the MMC, like it used to be the case.
Tested-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
CONFIG_RANDOM_UUID is used by the GPT command to generate random UUID when
none are provided.
Move that option to Kconfig.
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Fastboot need a bunch of options to be operating properly, such as the
g_dnl gadget, the fastboot command, and some options that make sense. Since
fastboot is now part of Kconfig, make sure we have them right.
That will also reduce the boilerplate in the defconfigs.
Reviewed-by: Łukasz Majewski <lukma@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Lots of new things this time. High level highlights are:
- Shim support (to boot Fedora)
- Initial set of unit tests
- Preparations to support UEFI Shell
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJZ0KdpAAoJECszeR4D/txga+AQAL8ehBlkr3R6b/n00p3kuAVE
cfM+o/16b+P/r3U2/wvlNtw7L+UPlGaQNk8o7n4xTu0DpVlIt7DhFrSBIcK6VbYB
8BFJ/EL9NRj/sd/wb9B1Bc0SlXJcGxzRM+JxNseVmc7rz9sWdARvx/diQlP+YAX4
qjp2YRzsErjUgix4eGDXvgFQdFmh4Pnp7UnHlSq4WkINo14navGLe/PwChxsL91M
AZV7JulVcm7XtOPTON8udec3O15O8BExAM1cH2ITjtD99Je+4VcuI99nLm2aIE++
U6vTuoogHAU+oCutD3qZU85uj2VJ2kYy2k5A/RK/i6Ug/QrTa+JA8PNWP78/TZ+8
xmyDVzG5MQhMIddDjJlMXbxIwgKhr0SjUJ1iVaGI0bS/6Glc7h9m+hhIXKudqOvs
lxqPhy7mahtBwETjoUlM1WJg+TG+vIGDJtT22njjOSTh0CVYw2H3xihyFKE3AjaW
L26EOEsxArErtzF17GgF5KxFOGaYAmVmA3XnCcEZEIY5gzL65uok1GX/apf4sIsi
j8HSbW3UH6QwjWKBhF+RVuK4CcTDUS9K2YmJlrdZ69elDZyg5PWbpMLNdYIP+VVG
+j91c7e3O2q2AHAzTprpmkyeIeqZfFhgyu4H/jPQ8Yi8N/b7wbugcLm3fHuUNal4
RB0KjbyJzJPQwbYGSLYi
=9HkH
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot
Patch queue for efi - 2017-10-01
Lots of new things this time. High level highlights are:
- Shim support (to boot Fedora)
- Initial set of unit tests
- Preparations to support UEFI Shell
memset(newpart, '\0', sizeof(newpart));
only initializes the firest 4 or 8 bytes of *newpart and not the whole
structure disk_part.
We should use sizeof(struct disk_part).
Instead of malloc and memset we can use calloc.
Identified by cppcheck.
Fixes: 09a49930e4 GPT: read partition table from device into a data structure
Reported-by: Coverity (CID: 167228)
Cc: Stefan Roese <sr@denx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
efi_exit() already restores gd, so we shouldn't EFI_EXIT() on the
otherside of the longjmp().
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
ad503ffe9c6 efi_loader: refactor boot device and loaded_image handling
leads to an error when building with CONFIG_CMD_BOOTEFI_SELFTEST=y
This patch fixes the problem.
Fixes: ad503ffe9c6 efi_loader: refactor boot device and loaded_image handling
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Similar to a "real" UEFI implementation, the bootmgr looks at the
BootOrder and BootXXXX variables to try to find an EFI payload to load
and boot. This is added as a sub-command of bootefi.
The idea is that the distro bootcmd would first try loading a payload
via the bootmgr, and then if that fails (ie. first boot or corrupted
EFI variables) it would fallback to loading bootaa64.efi. (Which
would then load fallback.efi which would look for \EFI\*\boot.csv and
populate BootOrder and BootXXXX based on what it found.)
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add EFI variable support, mapping to u-boot environment variables.
Variables are pretty important for setting up boot order, among other
things. If the board supports saveenv, then it will be called in
ExitBootServices() to persist variables set by the efi payload. (For
example, fallback.efi configuring BootOrder and BootXXXX load-option
variables.)
Variables are *not* currently exposed at runtime, post ExitBootServices.
On boards without a dedicated device for storage, which the loaded OS
is not trying to also use, this is rather tricky. One idea, at least
for boards that can persist RAM across reboot, is to keep a "journal"
of modified variables in RAM, and then turn halt into a reboot into
u-boot, plus store variables, plus halt. Whatever the solution, it
likely involves some per-board support.
Mapping between EFI variables and u-boot variables:
efi_$guid_$varname = {attributes}(type)value
For example:
efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_OsIndicationsSupported=
"{ro,boot,run}(blob)0000000000000000"
efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_BootOrder=
"(blob)00010000"
The attributes are a comma separated list of these possible
attributes:
+ ro - read-only
+ boot - boot-services access
+ run - runtime access
NOTE: with current implementation, no variables are available after
ExitBootServices, and all are persisted (if possible).
If not specified, the attributes default to "{boot}".
The required type is one of:
+ utf8 - raw utf8 string
+ blob - arbitrary length hex string
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Get rid of the hacky fake boot-device and duplicate device-path
constructing (which needs to match what efi_disk and efi_net do).
Instead convert over to use efi_device_path helpers to construct
device-paths, and use that to look up the actual boot device.
Also, extract out a helper to plug things in properly to the
loaded_image. In a following patch we'll want to re-use this in
efi_load_image() to handle the case of loading an image from a
file_path.
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
A testing framework for the EFI API is provided.
It can be executed with the 'bootefi selftest' command.
It is coded in a way that at a later stage we may turn it
into a standalone EFI application. The current build system
does not allow this yet.
All tests use a driver model and are run in three phases:
setup, execute, teardown.
A test may be setup and executed at boottime,
it may be setup at boottime and executed at runtime,
or it may be setup and executed at runtime.
After executing all tests the system is reset.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In scripts/Makefile.lib we build section including helloworld.efi.
This allows to load the EFI binary with command 'bootefi hello'.
scripts/Makefile.lib contains explicit references to strings
containing helloworld and hello_world. This makes it impossible
to generalize the coding to accomodate additional built in
EFI binaries.
Let us rename the variables __efi_hello_world_* to
__efi_helloworld_*.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Command 'bootefi hello' currently uses CONFIG_SYS_LOAD_ADDR
as loading address.
qemu machines have by default 128 MiB RAM.
CONFIG_SYS_LOAD_ADDR for x86 is 0x20000000 (512 MiB).
This causes 'bootefi hello' to fail.
We should use the environment variable loadaddr if available.
It defaults to 0x1000000 (16 MiB) on qemu_x86.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
There is already a macro LBAFU to aid formatted print with lbaint_t
variables. Let's use it in the common block command codes.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
All these places seem to inherit the codes from the MMC driver where
a FIXME was put in the comment. However the correct operation after
read should be cache invalidate, not flush.
The underlying drivers should be responsible for the cache operation.
Remove these codes completely.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: York Sun <york.sun@nxp.com>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: York Sun <york.sun@nxp.com>
The verbose overlay application method prints out more helpful
messages, so switch to it.
Signed-off-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
After a successful read of a UBI volume, the variable filesize is set
to the number of read bytes. To boot linux with a raw initramfs/initrd,
you must specify the exact size of the initramfs/initrd image in boot
command. If the initramfs/inird is read from UBI volume, $filesize is
required to access the number of read bytes.
Example:
ubi read ${loadaddr} kernelvol
ubi read ${fdtaddr} dtbvol
ubi read ${initrd_addr} initrdvol
bootz ${loadaddr} ${initrd_addr}:${filesize} ${fdt_addr}
Signed-off-by: Holger Dengler <dengler@linutronix.de>
Reviewed-by: Heiko Schocher <hs@denx.de>
At present the IDE device number is initialized to -1, which means
we cannot type "ide read" command before setting the device number
via "ide device #".
For convenience, let's set the first device as the default one.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit brings things back to the well known working state of the
command.
-
With commit 9620d87259
(cmd/fdt: support single value replacement within an array)
there was an error introduced modifying (inserting) a property to a
device-tree node.
fdt_getprop(...) returnes a len with -1 for a non-existing property, but
a memcpy with len -1 isn't a good idea and things went wrong (crash).
-
Some times later Tom did repair this
with commit 99bb38e2cc
(fdt: Check for NULL return from fdt_getprop in 'fdt set')
This repairs the crash but the behaviour of the command isn't like
before, it makes it impossible to insert a property.
-
Signed-off-by: Hannes Schmelzer <oe5hpm@oevsv.at>
Acked-by: Simon Glass <sjg@chromium.org>
- Move ANDROID_IMAGE_SUPPORT to top level Kconfig under images as it's
not strictly part of fastboot.
- Add some defaults for the fastboot buffer location and size
- Migrate all options listed in cmd/fastboot/Kconfig
- Cleanup the README
Signed-off-by: Tom Rini <trini@konsulko.com>
In order to be able to reliably use fdt_totalsize, we must have
<libfdt.h> included.
Fixes: 767cb74a00 ("cmd: spl: provide address and size of prepared FDT ...")
Signed-off-by: Tom Rini <trini@konsulko.com>
When reworking this code to fix other issues found by Coverity, I forgot
to ensure tmp_ep was always cleared before use.
Reported-by: Coverity (CID: 166612)
Fixes: bc028345ac ("mtdparts: Fix final outstanding issue reported by Coverity")
Signed-off-by: Tom Rini <trini@konsulko.com>
As part of fixing the previously reported issues, it was missed that in
the case of mtdparts_init() we need to make sure that tmp_ep is long
enough to contain PARTITION_MAXLEN and a NULL termination. Then, to be
sure the buffer is NULL terminated, zero the entire buffer rather than
just ensuring the first character is NULL.
Cc: Lothar Waßmann <LW@KARO-electronics.de>
Cc: Maxime Ripard <maxime.ripard@free-electrons.com>
Reported-by: Coverity (CID: 166329)
Signed-off-by: Tom Rini <trini@konsulko.com>
Writing prepared FDT to persistent storage should be possible in
scripts. Create environment variables containing address and size
of the updated FDT. Scripts can use these variables after running
'spl export fdt ...' command to write the new blob to persistent
storage.
Signed-off-by: Anatolij Gustschin <agust@denx.de>
Add a new command to start USB Serial Download Protocol (SDP)
state machine.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Reviewed-by: Łukasz Majewski <lukma@denx.de>
Reviewed-by: Stefano Babic <sbabic@denx.de>
The function blk_dread will return -ENOSYS on failure or on success the
number of blocks read, which must be the number asked to read (otherwise
it failed somewhere). Correct this check.
Reported-by: Coverity (CID: 166335)
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Now that sandbox is building cmd/mtdparts.c Coverity has looked at the
code and found a number of issues. In index_partitions() it is possible
that part will be NULL, so re-work the checks and debug statements to
take this into account. We have a number of string buffers that we
print to in the exact size of, and use string functions on, so we need
to ensure they are large enough to be NULL terminated. In
device_parse() it is not possible for num_partitions to be 0 (we would
have hit a different error first) so remove logically dead code.
Finally, in parse_mtdparts() if we have an error we need to free the
memory allocated to dev.
Cc: Lothar Waßmann <LW@KARO-electronics.de>
Cc: Maxime Ripard <maxime.ripard@free-electrons.com>
Reported-by: Coverity (CID: 166334, 166333, 166332, 166329, 166328)
Signed-off-by: Tom Rini <trini@konsulko.com>
This patch allows to show the EXT_CSD[179] partition_config
register info, just by specifying the dev param:
U-Boot> mmc partconf 0
EXT_CSD[179], PARTITION_CONFIG:
BOOT_ACK: 0x0
BOOT_PARTITION_ENABLE: 0x0
PARTITION_ACCESS: 0x0
Signed-off-by: Angelo Dureghello <angelo@sysam.it>
Signed-off-by: Anatolij Gustschin <agust@denx.de>
Instead of having separate code in the 'usb' command, adjust it to use
the common function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Instead of having separate code in the 'ide' command, adjust it to use
the common function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Instead of having separate code in the 'scsi' command, adjust it to use
the common function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Instead of having separate code in the 'sata' command, adjust it to use
the common function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Most block devices provide a command (e.g. 'sata', 'scsi', 'ide') and
these commands generally do the same thing. This makes it harder to
maintain this code and keep it consistent.
We now have a block device interface which is either implemented by driver
model (when CONFIG_BLK is enabled) or with a legacy interface. Therefore
it is possible to handle most of what these commands do with generic code.
Add a new generic function to process block-device commands using the
interface type and the current device number for that type.
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
other functions as well, for consistency:
getenv_vlan()
getenv_bootm_size()
getenv_bootm_low()
getenv_bootm_mapsize()
env_get_default()
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
