The check testing the string result of get_string() returned the wrong
result. The result was ignored.
Use efi_st_strcmp_16_8() for the string comparison.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
printf("%ls", ..) expects u16 * as argument to print. There is not need for
a conversion to wchar_t *.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
It does not make any sense to check if a pointer is NULL if we have
dereferenced it before.
Reported-by: Coverity (CID 185827)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add a missing return statement in efi_get_next_variable_name().
Reported-by: Coverity (CID 185834)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_allocate_pages() expects a (uint64_t *) pointer to pass the address of
the assigned memory. If we pass the address of a pointer here, an illegal
memory access occurs on 32bit systems.
Fixes: 282a06cbca ("efi_loader: Expose U-Boot addresses in memory map
for sandbox")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Since commit f51a226436 ("efi_loader: provide freestanding library") in
parallel builds errors
lib/efi_selftest/../efi_loader/efi_freestanding.o:
file not recognized: File truncated
occur. Obviously make cannot correctly sequence parallel builds with a
dependency like ../efi_loader/efi_freestanding.o.
Fixes: f51a226436 ("efi_loader: provide freestanding library")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Function term_read_reply tries to read from the serial console until
the end_char was read. This can hang forever if we are, for some reason,
not able to read the full response (e.g. serial buffer too small,
frame error). This patch moves the timeout detection into
term_read_reply() to assure we will make progress.
Fixes: 6bb591f704 ("efi_loader: query serial console size reliably")
Signed-off-by: Matthias Brugger <mbrugger@suse.com>
Throw missing error when an incomplete reply for the cursor position is
received.
Change type of argument of term_get_char() *s32. This renders the function
reusable in efi_cin_read_key().
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When package types are not supported by our implementation of the HII
database protocol supported error messages are displayed.
Essentially the output is only needed for debugging. By using EFI_PRINT()
the messages are only written for in debug mode and with correct
indentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In new_package_list() we call new_packagelist() to create a new package
list. Next we try to add the packages which fails for form packages. Due
to this error we call free_packagelist(). Now in free_packagelist()
list_del() is called for an uninitialized field hii->link. This leads to
changing random memory addresses.
To solve the problem move the initialization of hii->link to
new_packagelist().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In the `efidebug boot add` command we do not want an unsolicited leading
backslash added to the file name.
There is no good reason to mark a loaded file with a backslash as absolute.
Anyway when reading files the file name will be interpreted as relative to
root directory of the device.
So let's get rid of this backslash.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Since commit 914df75b0c ("efi_loader: fix EFI entry counting")
entry_count is already set to 1 before efi_bootmgr_load() is called. So we
should not increment it when entering the function.
Without the patch an assert error occurs in efi_get_variable() if DEBUG is
defined.
Fixes: 914df75b0c ("efi_loader: fix EFI entry counting")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For booting via `bootefi bootmgr` it is necessary that the EFI variable
BootOrder is defined. Provide a diagnostic message if the variable is
missing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When in pack_byte_string() memcpy() is called for size 0 the source buffer
address has no relevance. So we can use NULL here.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
If the last block in the relocation table contains only a single
relocation, the current coding ignores it.
Fix the determination of the end of the relocation table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Add missing function descriptions.
- Update existing function descriptions to match Sphinx style.
- Add lib/efi_loader/efi_image_loader.c to the input files for Sphinx
generated documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
`bootefi selftest` fails on qemu-x86_defconfig if efi_selftest() is not
invoked using EFI_CALL().
Likewise we call the entry point of EFI payloads with
EFI_CALL(efi_start_image()).
entry_count indicates if we are in U-Boot (1) or in EFI payload code (0).
As we start in U-Boot code the initial value has to be 1.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Remove the duplicate code in efi_do_enter() and use efi_start_image() to
start the image invoked by the bootefi command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Up to now efi_load_pe() returns the entry point or NULL in case of an
error. This does not allow to return correct error codes from LoadImage().
Let efi_load_pe() return a status code and fill in the entry point in the
corresponding field of the image object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If we want to properly unload images in Exit() the memory should always be
allocated in the same way. As we allocate memory when reading from file we
should do the same when the original image is in memory.
A further patch will be needed to free the memory when Exit() is called.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In case of an error we should set the returned pointers to NULL. This
ensures that an illegal free does not occur even if the caller calls
free() for the handles.
If protocols cannot be installed, release all resources.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit 0e66c10a7d ("lib: vsprintf: avoid overflow printing UTF16
strings") broke the Unicode unit tests: an illegal UTF16 code point
should be printed as '?'.
Fixes: 0e66c10a7d ("lib: vsprintf: avoid overflow printing UTF16 strings")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Provide a unit test that calls LoadImage() with a file device path and
executes the application via StartImage().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If the path passed to efi_dp_split_file_path() does not contain a
reference to a file it returns EFI_OUT_OF_RESOURCES. This does not properly
indicate the kind of the problem that occurred. Return
EFI_INVALID_PARAMETER instead.
Update function description.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In efi_selftest we are in EFI land. We cannot call U-Boot library
functions malloc() and free() but should use the boot time services
instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
In efi_selftest we are in EFI land. We should not use U-Boot library
functions but boot time services for memory management.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
We check the existence of files with fs_exist(). This function calls
fs_close(). If we do not set the active block device again fs_opendir()
fails and we do not set the flag EFI_FILE_DIRECTORY. Due to this error the
`cd` command in the EFI shell fails.
So let's add the missing set_blk_dev(fh) call.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We have to ensure while printing UTF16 strings that we do not exceed the
end of the print buffer.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Heinrich ran into issues with HII and iPXE which lead to #SErrors on
his Odroid-C2 system. We definitely do not want to regress just yet,
so let's not expose the HII protocols by default.
Instead, let's make it a config option that people can play with
This way, we can stabilize the code in tree without breaking any
users.
Once someone figures out, why this breaks iPXE (probably a NULL
dereference), we can enable it by default.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Remove HII selftest as well
v2 -> v3:
- Make config option
For correct indention use EFI_PRINT() instead of debug().
For printing efi_uintn_t or size_t use the %zu or %zx format code.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_st_printf() does not support format code %ld. Anyway the format code
for size_t would be %zu which isn't supported either.
We do not want any divisions to avoid invalid references to integer
arithmetic routines, cf.
https://gcc.gnu.org/onlinedocs/gccint/Integer-library-routines.html.
As a simple remedy remove the noisy messages from the output.
They are not relevant for automated testing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This efi_selftest tests HII database protocol and HII string protocol.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch is a place holder for HII configuration routing protocol and
HII configuration access protocol.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow for handling keyboard layout package in HII database protocol.
A package can be added or deleted in HII database protocol, but
we don't set 'current' keyboard layout as there is no driver that
requests a keyboard layout.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow for handling GUID package in HII database protocol.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch provides enough implementation of the following protocols to
run EDKII's Shell.efi and UEFI SCT:
* EfiHiiDatabaseProtocol
* EfiHiiStringProtocol
Not implemented are:
* ExportPackageLists()
* RegisterPackageNotify()/UnregisterPackageNotify()
* SetKeyboardLayout() (i.e. *current* keyboard layout)
HII database protocol in this patch series can handle only:
* GUID package
* string package
* keyboard layout package
(The other packages, except Device path package, will be necessary
for interactive and graphical UI.)
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Our implementation of GetNextVariableName() relies on
CONFIG_REGEX=y. So EFI_LOADER has to select it.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Our current implementation of GetNextVariableName() first collects all EFI
variables. If none is found at all hexport_r() returns a zero length string
terminated by \0 and the value 1 as number of bytes in the returned buffer.
In this case GetNextVariableName() has to return EFI_NOT_FOUND.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Symbolic links are not supported on all file systems, e.g. not on FAT. So
it is not wise to use them in our source tree.
Use a qualified path to refer to lib/efi_loader/efi_freestanding.c in
scripts/Makefile.lib instead.
Reported-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: Fix build with O=]
Signed-off-by: Alexander Graf <agraf@suse.de>
Helloworld does not need its own memcpy() implementation anymore. Use the
one provided in efi_freestanding.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
GCC requires that freestanding programs provide memcpy(), memmove(),
memset(), and memcmp().
Add the library functions when building a *.efi files.
The EFI selftests might use other compilation flags. So use a symbolic
link to provide lib/efi_selftest/efi_freestanding.c and compile it
separately.
Reported-by: Alexander Graf <agraf@suse.de>
Fixes: 5be444d14b38 ("efi_loader: consistent build flags for EFI applications")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
GCC requires that freestanding programs provide memcpy(), memmove(),
memset(), and memcmp().
Provide the required library functions.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
There is a bug in efi variables test.
Fix it with some cosmetic improvements.
Please note that efi variables test still fails at QueryVariableInfo()
and GetVariable(), but this is not due to a change in this patch.
==8<==
Testing EFI API implementation
Selected test: 'variables'
Setting up 'variables'
Setting up 'variables' succeeded
Executing 'variables'
.../u-boot/lib/efi_selftest/efi_selftest_variables.c(60):
TODO: QueryVariableInfo failed
.../u-boot/lib/efi_selftest/efi_selftest_variables.c(131):
TODO: GetVariable returned wrong length 7
.../u-boot/lib/efi_selftest/efi_selftest_variables.c(133):
TODO: GetVariable returned wrong value
Executing 'variables' succeeded
Boot services terminated
Summary: 0 failures
==>8==
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The current GetNextVariableName() is a placeholder.
With this patch, it works well as expected.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
rebased on efi-next
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Comment the functions implementing the runtime variable services.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Replace duplicate function mem2hex() by inline function bin2hex().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use existing inline function hex2bin() instead of defining a new one.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At the same time adding and removing the -Os flag does not make any sense.
Actually it leads to -Os not being used.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
UTF-16 strings in our code should all be u16 *. Fix an inconsistency for
file names which may lead to a warning for printf("%ls", ).
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
CopyMem() must support overlapping buffers. So replace memcpy() by
memmove().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Stating the function module is sufficient. We don't need file and line
number. Anyway the format code for the line number was incorrect (should
be %d).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For some API calls checks for the return values are missing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For some API calls checks for the return values are missing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Running the simple network protocol test on the sandbox requires setting
the environment variable ethact to a network interface connected to a DHCP
server and ethrotate to 'no'. So let's make it an on-request test on the
sandbox (selectable by setting environment variable efi_selftest).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The SetVariable() runtime service does not change the data passed to it.
So mark the parameter as constant.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The runtime variable services never change GUIDs. So we should declare
the GUID parameters as constant.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function, efi_init_obj_list(), can be shared in different pseudo efi
applications, like bootefi/bootmgr as well as my efishell. Moreover, it
will be utilized to extend efi initialization, for example, my "removable
disk support" patch and "capsule-on-disk support" patch in the future.
So with this patch, it will be moved to a new file, efi_setup.c, under
lib/efi_loader and exported, making no changes in functionality.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Remove lines deactivated by #if 1 #else
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
ARMv7-M only supports the Thumb instruction set. Our current crt0 code does
not support it. With the patch we can build all unit tests of the EFI
subsystem that do not require crt0.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We use u16* for Unicode strings and efi_uintn_t for UINTN. Correct the
signature of efi_exit() and efi_start_image().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Commit 7b78d6438a ("efi_loader: Reserve unaccessible memory") introduced
a comparison between RAM top and RAM start that was not known at the time
when the patch of commit 49759743bf ("efi_loader: eliminate sandbox
addresses") was written.
The sandbox uses an address space that is only relevant in the sandbox
context. We have to map ram_top from the sandbox address space to the
physical address space before using it in the EFI subsystem.
Fixes: 49759743bf ("efi_loader: eliminate sandbox addresses")
Fixes: 7b78d6438a ("efi_loader: Reserve unaccessible memory")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
EFI_ENTRY in efi_connect_controller() should use %pD to print the remaining
device path.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The first parameter of efi_add_runtime_mmio() is a pointer to a
pointer. This should be reflected in the documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add u16_strcpy() and u16_strdup(). The latter function will be
used later in implementing efi HII database protocol.
Signed-off-by: Akashi Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Common sound support
buildman environment support
of-platdata documentation improvements
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAlxf7igRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYKfggApQiL0Gv6NdGAQN+zfpjKY5a2QyjKsAxa
KLm3q8XyXIQXufMWOEPoW1iWm0iixpIFgChy8ff3m/OPDzsx99UXDTyvjitsSxtQ
5tFu8K78nUZT6OOE3HNhhlyW/xK442oKBzGt4MUt3kUZOELsCNuftgbJUWksHuO3
6pPrgt36E0uRGbUA4ioYCU336viJRPOOCdqb8hHViEihFj/IEv5T82RdE5y97YxG
dT7BZxjPkBH5ZN1uD/tdxG1k6IZBagZiYoDAsYp4YqNwmVsm5sLrZ9QVSf7EcH/y
qX8butZesiMd7xm7RROlrIImh7fb36N3zsoRiUWZDo1Al3IRkmZyVA==
=tdut
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-10feb19' of git://git.denx.de/u-boot-dm
Samsung sound patches (applied for Samsung maintainer)
Common sound support
buildman environment support
of-platdata documentation improvements
This enum still exists but we can shrink it a little based on recent
driver-model conversions with samsung. Update it to remove unused items.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
The board_r init function was complaining that we are looping through
an array, calling all our tiny init stubs sequentially via indirect
function calls (which can't be speculated, so they are slow).
The solution to that is pretty easy though. All we need to do is inline
the function that loops through the functions and the compiler will
automatically convert almost all indirect calls into direct inlined code.
With this patch, the overall code size drops (by 40 bytes on riscv64)
and boot time should become measurably faster for every target.
Signed-off-by: Alexander Graf <agraf@suse.de>
Only first previously deleted entry was recognized, leading hsearch_r
to think that there was no previously deleted entry. It then conluded
that a free entry was found, even if there were no free entries and it
overwrote a random entry.
This patch makes sure all deleted or free entries are always found and
also introduces constants for the 0 and -1 numbers. Unit tests to excersise a
simple hash table usage and catch the corruption were added.
To trash your environment, simply run this loop:
setenv i 0
while true; do
setenv v_$i $i
setenv v_$i
setexpr i $i + 1
done
Signed-off-by: Roman Kapl <rka@sysgo.com>
Find out the highest alias ID used for certain subsystem.
This call will be used for alocating IDs for i2c buses which are not
described in DT.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
* support for Chromebook Bob
* full pinctrl driver using DTS properties
* documentation improvements
* I2S support for some Rockchip SoCs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJcVG0IAAoJECaAFcEOcohNKVAIAJd3DN/qudcVQdkuvAGK6WIk
Umxkm6rxHwur7oU+wxvK1p1l/0YTFBeCfo15quH1DkSc/WIUnmBlLmDvqpGVmPmh
ydZNE9ZChn0OKRIaM6pKJr+3p155cQDe6Mgg2j/5CnNx28KxT+vu7EqZbZvbQPag
wcZEK6Z6E5jMVHVn2lbLgmsBPmY7ksX168IqpvzTxIj0a4J3n0DcJUnO4RBBS0Q2
PGEvFhTvigVWs6r6GL0gLn3VwnQX30xQlIuKKORPcdhjk97cJcS4+bRxdTENTKD9
j3+pgyl1n04O8sPONZS7pH3fvJwtC6SwnoxTYxGrvjedw1LxbyHG3cqcGDg/TJ8=
=ik3X
-----END PGP SIGNATURE-----
Merge tag 'for-master-20190201' of git://git.denx.de/u-boot-rockchip
u-boot-rockchip changes for 2019.04-rc1:
* support for Chromebook Bob
* full pinctrl driver using DTS properties
* documentation improvements
* I2S support for some Rockchip SoCs
This fixes the automatic lmb initialization and reservation for boards
with more than one DRAM bank.
This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load
files into the firs DRAM bank from fs and via tftp.
Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present this function uses printf() format strings that are not
supported in SPL, so the output just consists of %llx strings on 64-bit.
machines. Fix this by adding a special case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
slre_match() checks if caps == NULL. In this case it does not try to
update it. So there is no need to create a buffer caps which we do not
evaluate.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Change multiple usages of 'j' into 'rgn'; fix whitespace/coding style
reported by patman.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
As a follow-up, change the name of the newly introduced function
'lmb_get_unreserved_size' to 'lmb_get_free_size', which is more
appropriate.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fix test/lib/lmb.c]
Signed-off-by: Tom Rini <trini@konsulko.com>
This fixes CVE-2018-18439 ("insufficient boundary checks in network
image boot") by using lmb to check for a valid range to store
received blocks.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
[trini: Always build lib/lmb.o on LMB and lib/fdtdec.o on OF_LIBFDT]
Signed-off-by: Tom Rini <trini@konsulko.com>
This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
image load") by using lmb to check the load size of a file against
reserved memory addresses.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This adds two new functions, lmb_alloc_addr and
lmb_get_unreserved_size.
lmb_alloc_addr behaves like lmb_alloc, but it tries to allocate a
pre-specified address range. Unlike lmb_reserve, this address range
must be inside one of the memory ranges that has been set up with
lmb_add.
lmb_get_unreserved_size returns the number of bytes that can be
used up to the next reserved region or the end of valid ram. This
can be 0 if the address passed is reserved.
Added test for these new functions.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
boot_fdt_add_mem_rsv_regions() adds reserved memory sections to an lmb
struct. Currently, it only parses regions described by /memreserve/
entries.
Extend this to the more commonly used scheme of the "reserved-memory"
node.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
lmb_add_region handles overlapping regions wrong: instead of merging
or rejecting to add a new reserved region that overlaps an existing
one, it just adds the new region.
Since internally the same function is used for lmb_alloc, change
lmb_add_region to reject overlapping regions.
Also, to keep reserved memory correct after 'free', reserved entries
created by allocating memory must not set their size to a multiple
of alignment but to the original size. This ensures the reserved
region is completely removed when the caller calls 'lmb_free', as
this one takes the same size as passed to 'lmb_alloc' etc.
Add test to assert this.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
The lmb code fails if base + size of RAM overflows to zero.
Fix this by calculating end as 'base + size - 1' instead of 'base + size'
where appropriate.
Added tests to assert this is fixed.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Buildman clang support and a few fixes
Small fixes to 'dm tree' and regmap test
Improve sandbox build compatibility
A few other minor fixes
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAlw+AlIACgkQfxc6PpAI
reYchAf+L/P5JsLoCKAY84v11eWQkCS44idAYStD8Q023dyuyNC/W6G3qEQVGkHu
SXBzNrZ5wSJanN5I3h3ktJ7yfMOYIvSO2qLHphxDstPaZbCY4Zac6NywHrHxQpA9
fbSilQRbcVWrPo5rsjjZhXmMdQRZVOmGD6CYZj1AihWAiHfYth7f6laNWNTWQA8C
z+aoiF70t/PbvwFbgdzzYOjoGdXI9XML0xTqdLWRlsBKjf3z54pCV6LmN2xrsrDZ
k7lr+x7ajJUFhivxzjowf4aOjhDB+/+I3sr+hJ5vkMM0Kqg14bbEU+xJRGpDc18K
QPvVHT5JGe/nq1cZXuCqzrYxTrrA7A==
=w9ln
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-15jan19' of git://git.denx.de/u-boot-dm
Fix recent changes to serial API for driver model
Buildman clang support and a few fixes
Small fixes to 'dm tree' and regmap test
Improve sandbox build compatibility
A few other minor fixes
Add the dollar_complete() function to auto-complete arguments starting
with a '$' and use it in the cmd_auto_complete() path such that all
args starting with a $ can be auto-completed based on the available env
vars.
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
[trini: Fix some linking problems]
Signed-off-by: Tom Rini <trini@konsulko.com>
The uuid command is only really useful in U-Boot, but it's useless in
SPL. Worse yet, it pulls in various environment manipulation functions
as it call env_set(). Do not compile the command in in SPL.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
With 8 bytes addressing even on 32 bit machines these checks
are no longer valid. Remove them.
Signed-off-by: Keerthy <j-keerthy@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The printf() string here is not actually correct. Add a cast to avoid
a warning when checking is enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
While changing the RTS alignment to 64KB in commit 7a82c3051c
("efi_loader: Align runtime section to 64kb") the relocation code
started to break.
The reason for that is that we didn't actually look at the real
relocation data. We merely took the RUNTIME_CODE section as a
hint and started to relocate based on self calculated data from
that point on. That calculation was now out of sync though.
To ensure we're not running into such a situation again, this patch
makes the runtime relocation code a bit more robust. We can just
trust the phys/virt hints from the payload. We also should check that
we really only have a single section, as the code doesn't handle
multiple code relocations yet.
Fixes: 7a82c3051c ("efi_loader: Align runtime section to 64kb")
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reported-by: Loic Devulder <ldevulder@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Loic Devulder <ldevulder@suse.de>
Tested-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
In commit 483dbab9f9 ("lib: crc32: mark function crc32() as
__efi_runtime") one local static variable was missed. It did not end up in
the __efi_runtime_data section as it should.
If CONFIG_DYNAMIC_CRC_TABLE=y a data abort execption may occur when the
UEFI payload calls the SetVirtualAddressMap() runtime service.
Reported-by: Dominik Adamski <dominik.adamski@northerntech.community>
Fixes: 483dbab9f9 ("lib: crc32: mark function crc32() as __efi_runtime")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reading the position in a file after closing the same results in a read
after free.
Correct the sequence in the test.
Reported-by: Marek Vasut <marek.vasut@gmail.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The commit below incorrectly fixed hexport_r();
> size = totlen + 1;
One extra byte is necessary to NULL-terminate a whole buffer, "resp."
Fixes: f1b20acb4a ("hashtable: Fix length calculation in hexport_r")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Building U-Boot with CONFIG_PCI and CONFIG_DM_PCI enabled, but
CONFIG_SPL_PCI_SUPPORT disabled, results in following linker
error:
lib/built-in.o: In function `fdtdec_get_pci_bar32':
lib/fdtdec.c:305: undefined reference to `dm_pci_read_bar32'
fdtdec.c:305:(.text.fdtdec_get_pci_bar32+0x24): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol `dm_pci_read_bar32'
This is because reference to dm_pci_read_bar32() remains in lib/fdtdec.c
while SPL build does not descend into drivers/pci directory in
drivers/Makefile if CONFIG_SPL_PCI_SUPPORT is not enabled.
Fix this by applying appropriate #define guards in lib/fdtdec.c.
It looks like ns16550.c has the same problem, so fixed that too.
To simplify this, CONFIG_SPL_PCI_SUPPORT is renamed to CONFIG_SPL_PCI
(enables use of CONFIG_IS_ENABLED() macro).
Suggested-by: Vignesh R <vigneshr@ti.com>
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
In some cases it may be useful to be able to change the fdt we have been
using and use another one instead. For example, the TI platforms uses an
EEPROM to store board information and, based on the type of board,
different dtbs are used by the SPL. When DM_I2C is used, a first dtb must
be used before the I2C is initialized and only then the final dtb can be
selected.
To speed up the process and reduce memory usage, introduce a new function
fdtdec_setup_best_match() that re-use the DTBs loaded in memory by
fdtdec_setup() to select the best match.
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
The CRC16-CCITT checksum function is useful for space-constrained
applications (such as obtaining a checksum across a 2KBit or 4KBit
EEPROM) in boot applications. It has not been accessible from boot
scripts until now (due to not having a dedicated command and not being
supported by the hash infrstructure) limiting its applicability
outside of custom commands.
This adds the CRC16-CCITT (poly 0x1021, init 0x0) algorithm to the
list of available hashes and adds a new crc16_ccitt_wd_buf() to make
this possible.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[trini: Fix building crc16.o for SPL/TPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
This merges the CRC16-CCITT headers into u-boot/crc.h to prepare for
rolling CRC16 into the hash infrastructure. Given that CRC8, CRC32
and CRC32-C already have their prototypes in a single header file, it
seems a good idea to also include CRC16-CCITT in the same.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
There is only one place in the code which assumes at build-time that we
are using either a v1 or a v2 TPM. Fix this up and add a new function to
return the version of a TPM.
Supported TPM versions (v1 and v2) can be enabled independently and it is
possible to use both versions at once. This is useful for sandbox when
running tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
