Add an option to tell the TPM to commit non-volatile data immediately it
is changed, rather than waiting until later. This is needed in some
situations, since if the device reboots it may not write the data.
Add definitions for the rest of the Cr50 commands while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add a vendor-specific TPM2 command for this and implement it for Cr50.
Note: This is not part of the TPM spec, but is a Cr50 extension.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
It is useful to read information about the current TPM state, where
supported, e.g. for debugging purposes when verified boot fails.
Add support for this to the TPM interface as well as Cr50. Add a simple
sandbox test.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
At present the emulator assumes that the TPM is inited in the same phase
where it is used. But in fact SPL may init the TPM, so we don't want to
complain when U-Boot proper later uses it. Remove this check.
It might be best to save this information into the device state for the
TPM, so that we can make sure the TPM was inited at some point. For now,
this seems good enough.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The message format is incorrect. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The offset here is incorrect. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This feature is used for measured boot, so we can add a log entry to the
TCPA with some information about where the digest comes from. It is not
currently supported in the TPM drivers, but add it to the API so that
code which expects it can signal its request.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
UEFI specification 2.9A requires to display the EUI-64 "in hexadecimal
format with byte 7 first (i.e., on the left) and byte 0 last".
This is in contrast to what the NVMe specification wants.
But it is what EDK II has been implementing.
Here is an example with the patch applied:
qemu-system-aarch64 -machine virt -cpu cortex-a72 -nographic \
-bios denx/u-boot.bin \
-device nvme,id=nvme1,serial=9ff81223 \
-device nvme-ns,bus=nvme1,drive=nvme1n0,eui64=0x123456789ABCDEF0 \
-drive file=arm64.img,if=none,format=raw,id=nvme1n0
=> nvme scan
=> efidebug devices
Device Path
====================
/VenHw(…)/NVMe(0x1,f0-de-bc-9a-78-56-34-12)
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Display the EBBRv2.0 conformance in the ECPT table.
The EBBRv2.0 conformance profile is set in the ECPT if
CONFIG_EFI_EBBR_2_0_CONFORMANCE=y.
Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Add dependencies for CONFIG_EFI_EBBR_2_0_CONFORMANCE.
Enable the setting by default.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The ECPT table will be included in the UEFI specification 2.9+.
The ECPT table was introduced in UEFI following the code-first path. The
acceptance ticket can be viewed at:
https://bugzilla.tianocore.org/show_bug.cgi?id=3591
The Conformance Profiles table is a UEFI configuration table that contains
GUID of the UEFI profiles that the UEFI implementation conforms with.
The ECPT table is created when CONFIG_EFI_ECPT=y.
The config is set by default.
Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The selftest checking the handling of exceptions in UEFI binaries is using
assembly to provide an undefined instruction. On the sandbox the correct
form of the instruction depends on the host architecture.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
In the extended text input protocol support input of control letters
0x1c - 0x1f.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We cannot expect the buffers passed to the input protocols to be zero
filled. If only modifier keys are pressed, we have to return EFI_NOT_READY
but we still have to fill the key structure.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We need to support multiple digits in the parts of the UEFI verision
number. E.g.
EFI_SPECIFICATION_VERSION = (123 << 16) | 456
must be printed as
123.45.6
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
- DM RTC improvements that should help in CI, allow disabling LTO from
the make line, add extension (cape, etc) support to distro bootcmd,
add a pause command and re-enable ARM v4T support.
At present the sandbox timer uses localtime() which can jump around twice
a year when daylight-saving time changes.
It would be tricky to make use of gmtime() since we still need to present
the time in local time, as seems to be required by U-Boot's RTC interface.
The problem can only happen once, so use a loop to detect it and try
again. This should be sufficient to detect either a change in the 'second'
value, or a daylight-saving change. We can assume that the latter also
incorporates a 'second' change, so there is no need to loop more than
twice.
Signed-off-by: Simon Glass <sjg@chromium.org>
It seems that the time can change in between getting it and reading the
offset. Check for this and try again if this happens.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since resetting the RTC on sandbox causes it to read the base time from
the system, we cannot rely on this being unchanged since it was last read.
Allow for a one-second delay.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Fixes: https://source.denx.de/u-boot/u-boot/-/issues/4
Reported-by: Bin Meng <bmeng.cn@gmail.com>
Reported-by: Tom Rini <trini@konsulko.com>
Suggested-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Simon Glass <sjg@chromium.org>
Some tests can have race conditions which are hard to detect on a single
one. Add a way to run tests more than once, to help with this.
Each individual test is run the requested number of times before moving
to the next test. If any runs failed, a message is shown.
This is most useful when running a single test, since running all tests
multiple times can take a while.
Signed-off-by: Simon Glass <sjg@chromium.org>
LTO (Link-Time Optimisation) is an very useful feature which can
significantly reduce the size of U-Boot binaries. So far it has been
made available for selected ARM boards and sandbox.
However, incremental builds are much slower when LTO is used. For example,
an incremental build of sandbox takes 2.1 seconds on my machine, but 6.7
seconds with LTO enabled.
Add a NO_LTO parameter to the build, similar to NO_SDL, so it can be
disabled during development if needed, for faster builds.
Add some documentation about LTO while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
There is currently a problem that U-Boot can not work on ARMv4
because assembly imlementations of memcpy() and some other functions
use "bx lr" instruction that is not available on ARMv4 ("mov pc, lr"
should be used instead).
A working preprocessor-based solution to this problem is found in
arch/arm/lib/relocate.S. Move it to the "ret" macro in
arch/arm/include/asm/assembler.h and change all "bx lr" code
to "ret lr" in functions that may run on ARMv4. Linux source code
deals with this problem in the same manner.
v1 -> v2:
Comment update. Pointed out by Andre Przywara.
Signed-off-by: Sergei Antonov <saproj@gmail.com>
CC: Samuel Holland <samuel@sholland.org>
CC: Ye Li <ye.li@nxp.com>
CC: Simon Glass <sjg@chromium.org>
CC: Andre Przywara <andre.przywara@arm.com>
CC: Marek Vasut <marex@denx.de>
CC: Sean Anderson <sean.anderson@seco.com>
CC: Tom Rini <trini@konsulko.com>
This command is being introduced with the goal of allowing user-friendly
"generic use case" U-Boot builds to pause until user input under some
situations.
The main use case would be when a boot failure happens, to pause until
the user has had time to acknowledge the current state.
Tested using:
make && ./u-boot -v -T -c 'ut lib lib_test_hush_pause'
Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
Cc: Simon Glass <sjg@chromium.org>
Try to load required DTB overlays if the board supports extensions and
CONFIG_CMD_EXTENSION is enabled.
Signed-off-by: Matwey V. Kornilov <matwey.kornilov@gmail.com>
The host will report such error message if the fastboot device work in
full-speed mode: "Duplicate descriptor for config 1 interface 0
altsetting 0, skipping"
Fastboot device ack both full and high speed interface descriptors when
work in full-speed mode, that's will cause this issue.
Fix it.
Signed-off-by: qianfan Zhao <qianfanguijin@163.com>
Reviewed-by: John Keeping <john@metanate.com>
The compatible values used for device nodes representing Renesas Reduced
Pin Count Interfaces were based on preliminary versions of the Device
Tree Bindings.
Correct them in both DTSi files and drivers, to match the final DT
Bindings.
Note that there are no DT bindings for RPC-IF on RZ/A1 yet, hence the
most logical SoC-specific value is used, without specifying a
family-specific value.
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
As the Renesas Reduced Pin Count Interface may be locked by TF-A, it is
disabled by default[1]. When unlocked, TF-A passes a DT fragment to
enable it, which is applied to the U-Boot DT[2].
Unlike the memory layout, the RPC-IF enablement is not propagated to
subsequent software. Hence e.g. Linux cannot know if the RPC-IF is
locked or not, and will lock-up when trying to access the RPC-IF when
locked.
Fix this by checking if the RPC-IF is enabled in the TF-A DT fragment, and
setting the status of the RPC-IF device node in the target DT, if
present, to "okay". Do this only when a "flash" subnode is found, to
avoid errors in subsequent software when the RPC-IF is not intended to
be used.
Note that this requires the status of the RPC-IF node to be set to
"disabled" in the target DT, just like in the U-Boot DT.
[1] commit 3d5f45c95c ("ARM: dts: rmobile: Disable RPC HF by
default")
[2] commit 361377dbdb ("ARM: rmobile: Merge prior-stage firmware
DT fragment into U-Boot DT on Gen3")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
According to the Generic Names Recommendation in the Devicetree
Specification Release v0.3, and the DT Bindings for the Renesas Reduced
Pin Count Interface, the node name for a Renesas RPC-IF device should be
"spi". Especially on R-Car Gen3 and RZ/G2, the node name matters, as
the node is enabled by passing a DT fragment from TF-A to U-Boot, and
from U-Boot to subsequent software.
Fix this by renaming the device nodes from "rpc" to "spi".
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Enable d-cache early in SPL right after DRAM is started up.
This reduces U-Boot proper load time by 650ms when loaded
from SPI NOR.
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Philip Oberfichtner <pro@denx.de>
Introduce the new Kconfig symbol CONFIG_SPL_SYS_L2_PL310 to allow the
SPL to build cache-pl310.c.
Before this commit, the SPL could enable the PL310 L2 cache [1], but the
cache maintenance functions from cache-pl310.c were only useable for
non-SPL builds.
After enabling the cache one must be able to flush it, too. Thus this
commit allows cache-pl310.c to be included in the SPL build.
[1] See for example arch/arm/mach-imx/cache.c: v7_outer_cache_enable()
Signed-off-by: Philip Oberfichtner <pro@denx.de>
This converts CONFIG_SYS_L2_PL310 to Kconfig.
For omap2 and mvebu the 'select SYS_L2_PL310' locations were
determined using ./tools/moveconfig -i CONFIG_SYS_L2_PL310.
For mx6 I manually chose ARCH_MX6 as 'select' location. The
correctness has been verified using
$ ./tools/moveconfig.py -f ARCH_MX6 ~SYS_L2_PL310 ~SYS_L2CACHE_OFF
0 matches
That means whenever an ARCH_MX6 board had SYS_L2_PL310 disabled, this
was correctly reflected in SYS_L2CACHE_OFF. Thus it's safe to insert
the 'select' statement under ARCH_MX6.
Signed-off-by: Philip Oberfichtner <pro@denx.de>
This removes the following symbols:
CONFIG_SYS_I2C_EEPROM_PAGE_WRITE_BITS
CONFIG_SYS_I2C_EEPROM_PAGE_WRITE_DELAY_MS
CONFIG_SYS_I2C_LDI_ADDR
CONFIG_SYS_I2C_DVI_ADDR
CONFIG_SYS_I2C_DVI_BUS_NUM
They are unused by any code in tree at this time.
Signed-off-by: Tom Rini <trini@konsulko.com>
This converts the following to Kconfig:
CONFIG_SYS_I2C_EEPROM_CCID
CONFIG_SYS_I2C_EEPROM_NXID
CONFIG_SYS_EEPROM_BUS_NUM
Signed-off-by: Tom Rini <trini@konsulko.com>
Upstream bzip2 1.0.x actually is stuck when running bzip2 -V and
redirecting the output. This is fixed in Debian for about a decade
already in
https://git.launchpad.net/ubuntu/+source/bzip2/tree/debian/patches/20-legacy.patch?h=ubuntu/jammy
and in bzip2 1.1.x (no release yet, see
65179284ce
).
Fedora notably does not have such a patch.
Since bzip2 --help actually prints the version number too, let's use it
instead so that binman works fine on (hopefully) all distributions.
Fixes: 45aa279800 ("binman: Add bzip2 bintool")
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Bintool.version can now be passed the binary argument to return the
version text, so there's no need to override it in futility anymore.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Bintool.version can now be passed the binary argument to return the
version text, so there's no need to override it in fiptool anymore.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The code to check the version is very similar between binaries, the most
likely only needed variables are the regex to find the version (already
supported) and the args to pass to the binary so that it prints this
version (e.g. --version, -V or similar).
Let's make it a parameter of Bintool so that code duplication can be
avoided for simple changes.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Bintool.version already contains everything required to get the version
out of mkimage binary so let's not override it with its own
implementation.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Bintool.version already contains everything required to get the version
out of lz4 binary so let's not override it with its own implementation.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Version checking has nothing specific to compression/decompression tools
so let's move it to the Bintool class.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The binary is looked on the system by the suffix of the packer class.
This means binman was looking for btool_gzip on the system and not gzip.
Therefore, let's pass "gzip" as the name so that it can be found and
used.
Fixes: 0f369d7992 ("binman: Add gzip bintool")
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add bindings needed for accessing the FWU metadata regions.
These include the compatible string which point to the access
method, the actual device which stores the FWU metadata and
the offsets for both metadata regions.
The current patch adds basic bindings needed for accessing the
metadata structure on non-GPT mtd regions.
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
The old "Patches" wiki page is not available anymore. Now that the
content has been integrated with the submitting_patches document,
reference that instead.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
- Use gender-neutral language to refer to the user, consistently.
- Reference the checkpatch document.
- Move the section on commit message tags to the process document and
reference this in sending_patches.rst.
- Reword the custodian workflow process section to refer to this new
section, integrate some of the wording from there in this new section.
- Update the comment about GPLv2 applying to August 2022, to be clear
this still is correct.
- Reword the section about MAKEALL to talk about local build testing and
link to the CI document.
- Reference the system_configuration document for the note about
modifying existing code.
- Reword the patchwork flow section.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>