After updating libavb to most recent version from AOSP/master, two new
warnings appear:
Warning #1:
lib/libavb/avb_cmdline.c: In function 'avb_append_options':
lib/libavb/avb_cmdline.c:365:15: warning: 'dm_verity_mode' may be
used uninitialized in this function
[-Wmaybe-uninitialized]
new_ret = avb_replace(
^~~~~~~~~~~~
slot_data->cmdline, "$(ANDROID_VERITY_MODE)", dm_verity_mode);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/libavb/avb_cmdline.c:374:8: warning: 'verity_mode' may be used
uninitialized in this function
[-Wmaybe-uninitialized]
if (!cmdline_append_option(
^~~~~~~~~~~~~~~~~~~~~~
slot_data, "androidboot.veritymode", verity_mode)) {
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Warning #2:
lib/libavb/avb_slot_verify.c: In function 'avb_slot_verify':
lib/libavb/avb_slot_verify.c:1349:23: warning: 'ret' may be used
uninitialized in this function
[-Wmaybe-uninitialized]
AvbSlotVerifyResult ret;
^~~
Fix those by providing default return values to affected functions.
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Update libavb to commit 5fbb42a189aa in AOSP/master, because new version
has support for super partition [1], which we need for implementing
Android dynamic partitions. All changes from previous patches for libavb
in U-Boot are accounted for in this commit:
- commit ecc6f6bea6 ("libavb: Handle wrong hashtree_error_mode in
avb_append_options()")
- commit 897a1d947e ("libavb: Update SPDX tag style")
- commit d8f9d2af96 ("avb2.0: add Android Verified Boot 2.0 library")
Tested on X15:
## Android Verified Boot 2.0 version 1.1.0
read_is_device_unlocked not supported yet
read_rollback_index not supported yet
read_is_device_unlocked not supported yet
Verification passed successfully
AVB verification OK.
Unit test passes:
$ ./test/py/test.py --bd sandbox --build -k test_avb
test/py/tests/test_android/test_avb.py ss..s.
[1] 49936b4c01
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Eugeniu Rosca <rosca.eugeniu@gmail.com>
Acked-by: Igor Opaniuk <igor.opaniuk@gmail.com>
When running the following command
mkimage -f auto -A arm -O linux -T kernel -C none -a 0x8000 -e 0x8000 \
-d zImage -b zynq-microzed.dtb -i initramfs.cpio image.ub
the type of fdt subimage is the same as of the main kernel image and
the architecture of the initramfs image is not set. Such an image is
refused by U-Boot when booting. This commits sets the mentioned
attributes, allowing to use the "-f auto" mode in this case instead of
writing full .its file.
Following is the diff of mkimage output without and with this commit:
FIT description: Kernel Image image with one or more FDT blobs
Created: Thu Sep 12 23:23:16 2019
Image 0 (kernel-1)
Description:
Created: Thu Sep 12 23:23:16 2019
Type: Kernel Image
Compression: uncompressed
Data Size: 4192744 Bytes = 4094.48 KiB = 4.00 MiB
Architecture: ARM
OS: Linux
Load Address: 0x00008000
Entry Point: 0x00008000
Image 1 (fdt-1)
Description: zynq-microzed
Created: Thu Sep 12 23:23:16 2019
- Type: Kernel Image
+ Type: Flat Device Tree
Compression: uncompressed
Data Size: 9398 Bytes = 9.18 KiB = 0.01 MiB
Architecture: ARM
- OS: Unknown OS
- Load Address: unavailable
- Entry Point: unavailable
Image 2 (ramdisk-1)
Description: unavailable
Created: Thu Sep 12 23:23:16 2019
Type: RAMDisk Image
Compression: Unknown Compression
Data Size: 760672 Bytes = 742.84 KiB = 0.73 MiB
- Architecture: Unknown Architecture
+ Architecture: ARM
OS: Linux
Load Address: unavailable
Entry Point: unavailable
Default Configuration: 'conf-1'
Configuration 0 (conf-1)
Description: zynq-microzed
Kernel: kernel-1
Init Ramdisk: ramdisk-1
FDT: fdt-1
Loadables: kernel-1
Signed-off-by: Michal Sojka <michal.sojka@cvut.cz>
For some controllers PHYs can be optional. Handling NULL pointers without
crashing nor failing, makes it easy to handle optional PHYs.
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
malloc_cache_aligned() might return zero, so fix potential NULL pointer
access if __GFP_ZERO flag is set.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Add a simple implementation of this function, to allow logging to be
enabled in the SPL or TPL for systems that rely on the tiny printf()
implementation.
To keep the code size small,
- The function is built only when logging is enabled, as it
(currently) is not needed otherwise; and
- Like the existing implementation of snprintf(), its buffer-size
parameter is ignored.
Signed-off-by: Simon South <simon@simonsouth.net>
In cmd/regulator.c an error occurs with GCC 9.2.1 if CONFIG_ERRNO_STR is
not defined:
cmd/regulator.c: In function ‘failure’:
cmd/regulator.c:20:2: error: ‘%s’ directive argument is null
[-Werror=format-overflow=]
20 | printf("Error: %d (%s)\n", ret, errno_str(ret));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘constraint’,
inlined from ‘constraint’ at cmd/regulator.c:111:12:
cmd/regulator.c:115:3: error: ‘%s’ directive argument is null
[-Werror=format-overflow=]
115 | printf(" %s (err: %d)\n", errno_str(val), val);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
errno_str() should return a valid string instead of NULL if
CONFIG_ERRNO_STR is not defined.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Macro ERRNO_MSG() ignores the error number but we should still use the same
constants as in include/linux/errno.h.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This choice is not about SPL for which we have a separate choice.
Fixes: 95f4bbd581 ("lib: fdt: Allow LZO and GZIP DT compression in U-Boot")
Cc: Marek Vasut <marek.vasut+renesas@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
The signature 0x55 0xAA in bytes 510 and 511 of the first sector can either
indicate a DOS partition table of the first sector of a FAT file system.
The current code tries to check if the partition table is valid by looking
at the boot indicator of the partition entries. But first of all it does
not count from 0 to 3 but only from 0 to 2. And second it misses to
increment the pointer for the partition entry.
If it is a FAT file system can be discovered by looking for the text 'FAT'
at offset 0x36 or 'FAT32' at offset 0x52. In a DOS PBR there are no
partition entries, so those bytes are undefined. Don't require the byte at
offset 0x1BE to differ from 0x00 and 0x80.
With the patch the logic is changed as follows:
If the partition table has either an invalid boot flag for any partition or
has no partition at all, check if the first sector is a DOS PBR by looking
at the FAT* signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Provide a unit test for errno_str(). Test that known and unknown error
numbers are handled correctly.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
If errno_str() is called with an unsupported error number, do not return a
random pointer but a reasonable text.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add get_timer_us(), which is useful e.g. when we need higher
precision timestamps.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
[trini: Fixup arch/arm/mach-bcm283x/include/mach/timer.h]
Signed-off-by: Tom Rini <trini@konsulko.com>
Make sure that the PCI busses are enumerated before trying to
find a NVMe device.
Signed-off-by: Patrick Wildt <patrick@blueri.se>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Change the stack-allocated buffer for the identification command
to explicitly allocate page-aligned buffers. Even though the spec
seems to allow having admin queue commands on non page-aligned
buffers, it seems to not be possible on my i.MX8MQ board with a
a Silicon Power P34A80. Since all of the NVMe drivers I have seen
always do admin commands on a page-aligned buffer, which does work
on my system, it makes sense for us to do that as well.
Signed-off-by: Patrick Wildt <patrick@blueri.se>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
It's possible that the data cache for the buffer still holds data
to be flushed to memory, since the buffer was probably used as stack
before. Thus we need to make sure to flush it also on reads, since
it's possible that the cache is automatically flused to memory after
the NVMe DMA transfer happened, thus overwriting the NVMe transfer's
data. Also add a missing dcache flush for the prp list.
Signed-off-by: Patrick Wildt <patrick@blueri.se>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Update from upstream.
Just minor changes like checking that the author has also done a sign-off.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Profiling the EHCI driver shows a significant performance problem in
ehci_submit_async(). Specifically, this function keeps enabling and
disabling async schedule back and forth for every single transaction.
However, enabling/disabling the async schedule does not take effect
immediatelly, but instead may take up to 1 mS (8 uFrames) to complete.
This impacts USB storage significantly, esp. since the recent reduction
of maximum transfer size to support more USB storage devices. This in
turn results in sharp increase in the number of ehci_submit_async()
calls. Since one USB storage BBB transfer does three such calls and
the maximum transfer size is 120 kiB, the overhead is 6 mS per 120 kiB,
which is unacceptable.
However, this overhead can be removed simply by keeping the async
schedule running. Specifically, the first transfer starts the async
schedule and then each and every subsequent transfer only adds a new
QH into that schedule, waits until the QH is completed and does NOT
disable the async schedule. The async schedule is stopped only by
shutting down the controller, which must happen before moving out
of U-Boot, otherwise the controller will corrupt memory.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Clear the USB_READY flag in the storage driver only in case there
is an error, otherwise usb_stor_BBB_transport() waits 5 mS before
doing anything every single time.
This is because the USB_READY flag is only ever set in
usb_test_unit_ready(), which is called only upon storage device
probe, not between each and every request. However, the device
cannot move out of USB_READY state once it was initialized.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Due to constant influx of more and more weird and broken USB sticks,
do as Linux does in commit 779b457f66e10de3471479373463b27fd308dc85
usb: storage: scsiglue: further describe our 240 sector limit
Just so we have some sort of documentation as to why
we limit our Mass Storage transfers to 240 sectors,
let's update the comment to make clearer that
devices were found that would choke with larger
transfers.
While at that, also make sure to clarify that other
operating systems have similar, albeit different,
limits on mass storage transfers.
And reduce the maximum transfer length of USB storage to 120 kiB.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Add weak callback to allow board specific behavior
- flush
- initiated
This patch prepare usage of DFU back end for communication with
STM32CubeProgrammer on stm32mp1 platform with stm32prog command.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Add a virtual DFU backend to allow board specific read and write
(for OTP update for example).
Acked-by: Lukasz Majewski <lukma@denx.de>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Add the support of MTD partition for the MTD backend.
The expected dfu_alt_info for one alternate on the mtd device :
<name> part <part_id>
<name> partubi <part_id>
"partubi" also erase up to the end of the partition after write operation.
For example: dfu_alt_info = "spl part 1;u-boot part 2; UBI partubi 3"
U-Boot> dfu 0 mtd nand0
Acked-by: Lukasz Majewski <lukma@denx.de>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Add DFU backend for MTD device: allow to read
and write on all MTD device (NAND, SPI-NOR,
SPI-NAND,...)
For example :
> set dfu_alt_info "nand_raw raw 0x0 0x100000"
> dfu 0 mtd nand0
This MTD backend provides the same level than dfu nand
backend for NAND and dfu sf backend for SPI-NOR;
So it can replace booth of them but it also
add support of spi-nand.
> set dfu_alt_info "nand_raw raw 0x0 0x100000"
> dfu 0 mtd spi-nand0
The backend code is based on the "mtd" command
introduced by commit 5db66b3aee ("cmd: mtd:
add 'mtd' command")
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
This patch allows the DFU backend to indicate that that it can't
provide no more data to fill the DFU buffer, by setting b_left =0
without error, even if the size of received data is lower of the
expected total size indicated by get_medium_size.
For USB DFU stack point of view, it is acceptable:
the read length < requested size in DFU_UPLOAD and the
transaction is stopped.
That avoid infinite loop issue in dfu_read_buffer_fill because the
size for the DFU read is limited by get_medium_size = r_left
and the DFU stack expects that read is allowed up to this size.
This issue never occurs for current flash device (where chunk are
always completely read, and b_left will be never 0) but it is useful for
virtual partition when the backend only know the max size of this
alternate, the real size of the data are only known in the read
treatment.
PS: for file access on mmc, EOF is never reached as
dfu_get_medium_size_mmc returns the exact size of the file.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Add support of DFU for several interface/device
with one command.
The format for "dfu_alt_info" in this case is :
- <interface> <dev>'='alternate list (';' separated)
- each interface is separated by '&'
The previous behavior is always supported.
One example for NOR (bootloaders) + NAND (rootfs in UBI):
U-Boot> env set dfu_alt_info \
"sf 0:0:10000000:0=spl part 0 1;u-boot part 0 2; \
u-boot-env part 0 3&nand 0=UBI partubi 0,3"
U-Boot> dfu 0 list
DFU alt settings list:
dev: SF alt: 0 name: spl layout: RAW_ADDR
dev: SF alt: 1 name: ssbl layout: RAW_ADDR
dev: SF alt: 2 name: u-boot-env layout: RAW_ADDR
dev: NAND alt: 3 name: UBI layout: RAW_ADDR
U-Boot> dfu 0
$> dfu-util -l
Found DFU: [0483:5720] ver=9999, devnum=96, cfg=1,\
intf=0, alt=3, name="UBI", serial="002700333338511934383330"
Found DFU: [0483:5720] ver=9999, devnum=96, cfg=1,\
intf=0, alt=2, name="u-boot-env", serial="002700333338511934383330"
Found DFU: [0483:5720] ver=9999, devnum=96, cfg=1,\
intf=0, alt=1, name="u-boot", serial="002700333338511934383330"
Found DFU: [0483:5720] ver=9999, devnum=96, cfg=1,\
intf=0, alt=0, name="spl", serial="002700333338511934383330"
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Copy the partition support from NAND backend to SF,
support part and partubi option.
In case of ubi partition, erase the rest of the
partition as it is mandatory for UBI.
The added code is under compilation flag CONFIG_DFU_SF_PART
activated by default.
for example:
U-Boot> env set dfu_alt_info "spl part 0 1;\
u-boot part 0 2;u-boot-env part 0 3;UBI partubi 0 4"
U-Boot> dfu 0 sf 0:0:10000000:0
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Calling cache flush on invalid buffer, even with zero length might cause
an exception on certain platforms.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Add possibility to define a part of partition as a separate DFU entity.
This allows to have more than one items on the given partition.
The real use case for this option is TM2 board. It can use u-boot stored
as Linux kernel on the defined partition (as RAW data) and load the real
kernel from the same partition, but stored under the certain offset.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Acked-by: Lukasz Majewski <lukma@denx.de>
'THOR' download command requires DFU infrastructure to properly flash
board images. It can be used without enabling DFU command, so add such
dependency to Kconfig.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Acked-by: Lukasz Majewski <lukma@denx.de>
This is needed to make Windows THOR flash tool happy, because it
starts sending data only when interrupt packet is received on the 3rd
endpoint.
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Acked-by: Lukasz Majewski <lukma@denx.de>
In combination with multiple partitions in NAND, this printf() ends up
being more noise than helpful. Change it to debug() instead.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Acked-by: Lukasz Majewski <lukma@denx.de>
Some boards don't populate clk/reset entries as these are are optional
as per binding documentation. Therefore, don't fail driver probe if
clk/reset entries are absent in DT.
This fixes fastboot failures seen due to enabling of CONFIG_CLK on AM57xx
Fixes: e8e683d33b ("board: ti: am57xx-idk: Configure the CDCE913 clock synthesizer")
Reported-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Some configurations (i.e. sandbox) result in unused
splash_display_banner() and we get build errors like:
common/splash.c:148:20: error: unused function 'splash_display_banner' [-Werror,-Wunused-function]
static inline void splash_display_banner(void) { }
Drop empty inline function and add guards around the call.
Fixes: d2a8271c88 ("splash: fix splash banner output")
Signed-off-by: Anatolij Gustschin <agust@denx.de>
Reported-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
As initially this feature was implemented as a negative CONFIG and
later it was redesigned to be positive the help text should be
updated to reflect this change.
This commit updates the help text to match the current implementation.
Signed-off-by: Walter Lozano <wlozano@collabora.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When we have an excess size growth, fix the "limit" printf call to pass
in just the limit variable rather than the string bytes to the format
character.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
_gpio_direction_output function currently calls gpio_set_value
with the wrong gpio number. gpio_set_value in the uclass driver
expects a different gpio number and the _gpio_direction_output
is currently providing the number specific to the bank.
Hence fix it by calling the _gpio_set_value function instead.
Reported-by: Faiz Abbas <faiz_abbas@ti.com>
Fixes: 8e51c0f254 ("dm: gpio: Add DM compatibility to GPIO driver for Davinci")
Signed-off-by: Keerthy <j-keerthy@ti.com>
We have two further uses of raw string usage in the test/py codebase
that are used under CI. The first of which is under the bind test and
is a direct update. The second of which is to strip VT100 codes from
the match buffer. While switching this to a raw string is also a direct
update, the comment it notes that problems were encountered on Ubuntu
14.04 (and whatever Python 2 version that was) that required slight
tweaks to the regex. Replace that now that we're saying Python 3.5 is
the minimum.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
As things stand today, we have tools that CI requires where "python"
must be "python2". We need to use a virtualenv and pip in order to
ensure that our pytest tests can be run. Rework things slightly so
that:
- On Travis-CI, we install python-pyelftools for the platforms that
require pyelftools to be installed.
- On GitLab-CI, we move to a newer base image that includes python3-pip
and continue to use a virtualenv per job that needs it, for the
correct set of packages.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
To be more closely aligned with Python community best practices, we need
to better document our usage of pip and make use of a requirements.txt
file that shows the versions of the tools that we are using. This will
aide in ensuring reproducibility of our tests as well.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
Now that we have moved to being based on pytest for python3 we need to
make our test.py wrapper more robust in terms of only calling python3
rather than possibly finding and using python2. To do this, change from
execvp()'ing pytest to invoking the package itself via python. In the
event that pytest is unavailable we still get a user-friendly error:
pkg_resources.DistributionNotFound: The 'pytest' distribution was not found and is required by the application
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
The check_output function from the subprocess Python module by default
returns data as encoded bytes and leaves decoding to the application.
Given our uses of the call, it makes the most sense to immediately
decode the results.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
- In python 3 you must use raw strings for regex as other forms are
deprecated and would require further changes to the pattern here.
In one case this lets us have a simpler match pattern.
- As strings are now Unicode our complex tests (Euro symbol,
SHIFT+ALT+FN 5) we need to declare that as a bytes string and then
decode it for use.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>