Commit graph

80243 commits

Author SHA1 Message Date
Tom Rini
31016a5a85 Merge branch '2022-06-23-scmi-optee-and-smccc-updates' into next
This consists of two slightly related series.  For the first, to quote
the author:
This series implements 2 features in driver/firmware/scmi.

First, a single change adds support for SCMI OP-TEE transport to
use OP-TEE native shared memory. See the 1st patch in this series:
"firmware: scmi: optee: use TEE shared memory for SCMI messages".

Then come changes for supporting multi-channel in the SCMI drivers.
I've split the implementation in 11 several small incremental changes
in the hope it helps the review. Few minor fixup commits are also
inserted in the series.

And the second series implements some smccc improvements.
2022-06-23 14:30:27 -04:00
Tom Rini
3e00721b3b Merge branch '2022-06-23-fuzzing-and-asan-for-sandbox' into next
To quote the author:
This series introduces ASAN and a basic fuzzing infrastructure that
works with sandbox. The example fuzz test towards the end of the series
will find something pretty quickly. That something is fixed by the
series "virtio: Harden and test vring" that needs to be applied for the
final patch in this series.

There is some refactoring to stop using '.' prefixed sections. ELF
defines sections with names that contain anything that isn't
alphanumeric or an underscore as being for system use which means
clang's ASAN instrumentation happily add redzones between the contained
objects. That's not what we want for things like linker lists where the
linker script has carefully placed the sections contiguously. By
renaming the sections, clang sees them as user sections and doesn't add
instrumentation.

ASAN is left disabled by default as there are still some tests that it
triggers on and will need some more investigation to fix. It can be
enabled with CONFIG_ASAN or passing `-a ASAN` to buildman.
2022-06-23 14:24:24 -04:00
Etienne Carriere
53355bb86c drivers: rng: add smccc trng driver
Adds random number generator driver using Arm SMCCC TRNG interface to
get entropy bytes from secure monitor. The driver registers as an
Arm SMCCC feature driver to allow PSCI driver to bind a device for
when secure monitor exposes RNG support from Arm SMCCC TRNG interface.

Cc: Sughosh Ganu <sughosh.ganu@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:56 -04:00
Etienne Carriere
2fbe47b7e7 firmware: psci: bind arm smccc features when discovered
Use PSCI device to query Arm SMCCC v1.1 support from secure monitor
and if so, bind drivers for the SMCCC features that monitor supports.

Drivers willing to be bound from Arm SMCCC features discovery can use
macro ARM_SMCCC_FEATURE_DRIVER() to register to smccc feature discovery,
providing target driver name and a callback function that returns
whether or not the SMCCC feature is supported by the system.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:56 -04:00
Etienne Carriere
b1ff399c6e firmware: psci: reorder header files inclusion
Fixes ordering of header files inclusion in PSCI firmware driver.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:56 -04:00
Etienne Carriere
f7f1240015 smccc: define generic IDs for feature discovery
Defines function IDs ARM_SMCCC_ARCH_FEATURES used to query SMCCC feature
support, applicable from Arm SMCCC v1.1 specification.

Defines macro ARM_SMCCC_RET_NOT_SUPPORTED as generic return identifier
for when a SMCCC feature is not supported.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:56 -04:00
Etienne Carriere
c08decd29e firmware: scmi: use multi channel in mailbox, optee and smccc agents
Updates .process_msg operators of the SCMI transport drivers that
supports multi-channel to use it now that drivers do provide
the reference through channel argument. These are the mailbox
agent, the optee agent and the smccc agent.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:56 -04:00
Etienne Carriere
db59fef0f8 power: regulator: scmi: simplify scmi_voltd_set_enable()
Simplify scmi_voltd_set_enable() exit sequence.

Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
2022-06-23 13:12:56 -04:00
Etienne Carriere
ff33ed32b6 power: regulator: scmi: support SCMI multi-channel
Update SCMI regulator controller driver to get its assigned SCMI channel
during initialization. This change allows SCMI voltage domain protocol
to use a dedicated channel when defined in the DT. The reference is
saved in SCMI regulator controller driver private data.

Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
2022-06-23 13:12:55 -04:00
Etienne Carriere
f487a88c64 reset: scmi: support SCMI multi-channel
Update SCMI reset controller driver to get its assigned SCMI channel
during initialization. This change allows SCMI reset domain protocol
to use a dedicated channel when defined in the DT. The reference is
saved in SCMI reset controller driver private data.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
38a905ecf9 clk: scmi: support SCMI multi-channel
Update SCMI clock driver to get its assigned SCMI channel during
initialization. This change allows SCMI clock protocol to use a
dedicated channel when defined in the DT. The reference is saved
in SCMI clock driver private data.

Cc: Lukasz Majewski <lukma@denx.de>
Cc: Sean Anderson <seanga2@gmail.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
965d606d60 firmware: scmi: optee transport: implement multi-channel
Implements multi SCMI channel support in OP-TEE SCMI transport. An
SCMI protocol may use a dedicated channel, specified by the DT.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
57b812fc8f firmware: scmi: smccc transport: implement multi-channel
Updates SCMI SMCCC transport driver to get SCMI channel reference
at initialization and use when posting SCMI messages.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
b5d32ea42b firmware: scmi: mailbox transport: implement multi-channel
Updates SCMI mailbox transport driver to get SCMI channel reference
at initialization and use when posting SCMI messages.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
8e96801aa6 firmware: scmi: add multi-channel support
Adds resources for SCMI protocols to possibly use a dedicated SCMI
channel instead of the default channel allocated by the SCMI agent
during initialization. As per DT binding documentation, some SCMI
transports can define a specific SCMI communication channel for
given SCMI protocols. It allows SCMI protocols to pass messages
concurrently each other.

This change introduces new scmi agent uclass API function
devm_scmi_of_get_channel() for SCMI drivers probe sequences to get
a reference to the SCMI channel assigned to its related SCMI protocol.
The function queries the channel reference to its SCMI transport driver
through new scmi agent uclass operator .of_get_channel that uses Device
Tree information from related SCMI agent node.

Operator .of_get_channel returns a reference to the SCMI channel
assigned to SCMI protocol used by the caller device. SCMI transport
drivers that do not support multi-channel are not mandated to register
this operator. When so, API function devm_scmi_of_get_channel() returns
NULL and SCMI transport driver are expected to retrieve by their own
means the reference to the unique SCMI channel, for example using
platform data as these drivers currently do in U-Boot source tree.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
5a11df381a firmware: scmi: factorize scmi transport look up
Defines local helper function find_scmi_transport_device() with the
instructions to find the SCMI transport device from a SCMI protocol
device.

Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
85dc582892 firmware: scmi: prepare uclass to pass channel reference
Changes SCMI transport operator ::process_msg to pass the SCMI channel
reference provided by caller SCMI protocol device.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
8bcb1b4898 firmware: scmi: prepare scmi uclass API to multi-channel
Changes SCMI driver API function devm_scmi_process_msg() to add
an SCMI channel reference argument for when SCMI agent supports
SCMI protocol specific channels. First argument of devm_scmi_process_msg()
is also change to point to the caller SCMI protocol device rather
than its parent device (the SCMI agent device).

The argument is a pointer to opaque struct scmi_channel known from
the SCMI transport drivers. It is currently unused and caller a pass
NULL value. A later change will enable such support once SCMI protocol
drivers have means to get the channel reference during initialization.

Cc: Lukasz Majewski <lukma@denx.de>
Cc: Sean Anderson <seanga2@gmail.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
5d8eb4ce33 firmware: scmi: optee: fix inline description of PTA_SCMI_CMD_GET_CHANNEL
Removes inaccurate inline description of OP-TEE SCMI PTA command
PTA_SCMI_CMD_GET_CHANNEL.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Etienne Carriere
593eac9805 firmware: scmi: optee: use TEE shared memory for SCMI messages
Changes implementation when using TEE dynamically allocated shared
memory to synchronize with the Linux implementation where the legacy
SMT protocol cannot be used with such memory since it is expected from
device mapped memory whereas OP-TEE shared memory is cached and
hence should not be accessed using memcpy_toio()/memcpy_fromio().

This change implements the MSG shared memory protocol introduced
in Linux [1]. The protocol uses a simplified SMT header of 32bit
named MSG_SMT to carry SCMI protocol information and uses side channel
means to carry exchanged buffer size information, as TEE invocation API
parameters when used in the SCMI OP-TEE transport.

Link: [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f301bba0ca7392d16a6ea4f1d264a91f1fadea1a
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2022-06-23 13:12:55 -04:00
Andrew Scull
a73f3ba91f fuzz: virtio: Add fuzzer for vring
Add a fuzzer to test the vring handling code against unexpected
mutations from the virtio device.

After building the sandbox with CONFIG_FUZZ=y, the fuzzer can be invoked
with by:

   UBOOT_SB_FUZZ_TEST=fuzz_vring ./u-boot

This fuzzer finds unvalidated inputs in the vring driver that allow a
buggy or malicious device to make the driver chase wild pointers.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-06-23 12:58:19 -04:00
Andrew Scull
0518e7a28f sandbox: Implement fuzzing engine driver
Add a fuzzing engine driver for the sandbox to take inputs from
libfuzzer and expose them to the fuzz tests.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-06-23 12:58:19 -04:00
Andrew Scull
d9962b12f2 sandbox: Add libfuzzer integration
Add an implementation of LLVMFuzzerTestOneInput() that starts the
sandbox on a secondary thread and exposes a function to synchronize the
generation of fuzzing inputs with their consumption by the sandbox.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-06-23 12:58:18 -04:00
Andrew Scull
001c39a196 sandbox: Decouple program entry from sandbox init
Move the program's entry point to os.c, in preparation for a separate
fuzzing entry point to be added.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-06-23 12:58:18 -04:00
Andrew Scull
36f641c54e test: fuzz: Add framework for fuzzing
Add the basic infrastructure for declaring fuzz tests and a command to
invoke them.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-06-23 12:58:18 -04:00
Andrew Scull
3f807c6b81 fuzzing_engine: Add fuzzing engine uclass
This new class of device will provide fuzzing inputs from a fuzzing
engine.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-06-23 12:58:18 -04:00
Andrew Scull
eabc4e2980 CI: Azure: Build with ASAN enabled
In order to prevent build regressions with ASAN, add the builds to CI.
The longer term objective will be to enabled test targets with ASAN
enabled, but there are too many at the moment.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-06-23 12:58:18 -04:00
Andrew Scull
791de336b6 test/py: test_stackprotector: Disable for ASAN
The stack protector test intentionally overflows a buffer in order to
corrupt the stack canary so that it can test that the corruption is
detected as expected. However, this is incompatible with ASAN, which
detects the buffer overflow and interrupts the test, so disable the test
for such configurations.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-06-23 12:58:18 -04:00
Andrew Scull
1e578ed20c sandbox: Add support for Address Sanitizer
Add CONFIG_ASAN to build with the Address Sanitizer. This only works
with the sandbox so the config is likewise dependent. The resulting
executable will have ASAN instrumentation, including the leak detector
that can be disabled with the ASAN_OPTIONS environment variable:

   ASAN_OPTIONS=detect_leaks=0 ./u-boot

Since u-boot uses its own dlmalloc, dynamic allocations aren't
automatically instrumented, but stack variables and globals are.

Instrumentation could be added to dlmalloc to poison and unpoison memory
as it is allocated and deallocated, and to introduce redzones between
allocations. Alternatively, the sandbox may be able to play games with
the system allocator and somehow still keep the required memory
abstraction. No effort to address dynamic allocation is made by this
patch.

The config is not yet enabled for any targets by default.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-06-23 12:58:18 -04:00
Andrew Scull
99e2fbcb69 linker_lists: Rename sections to remove . prefix
Rename the sections used to implement linker lists so they begin with
'__u_boot_list' rather than '.u_boot_list'. The double underscore at the
start is still distinct from the single underscore used by the symbol
names.

Having a '.' in the section names conflicts with clang's ASAN
instrumentation which tries to add redzones between the linker list
elements, causing expected accesses to fail. However, clang doesn't try
to add redzones to user sections, which are names with all alphanumeric
and underscore characters.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-06-23 12:58:18 -04:00
Andrew Scull
0648b13269 sandbox: Rename getopt sections
Rename the sections used for defining sandbox command line options so
that they don't start with a '.'. ELF says that sections starting with a
'.' are reserved for system use, but the sandbox runs as a normal user
process so should be using user sections instead.

Clang's ASAN adds redzones to non-user sections and the extra padding
meant that the list of options was being corrupted. Naming the sections
as user sections avoids this issue as clang handles them as we intended.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-06-23 12:58:18 -04:00
Andrew Scull
aac53d3d96 sandbox: Rename EFI runtime sections
Rename the sections used for placing the EFI runtime so that they don't
start with a '.'. ELF says that sections starting with a '.' are
reserved for system use, but the sandbox runs as a normal user process
so should be using user sections instead.

Clang's ASAN adds redzones to non-user sections and the extra padding
meant that the list of options was being corrupted. Naming the sections
as user sections avoids this issue as clang handles them as we intended.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-06-23 12:58:18 -04:00
Andrew Scull
337b26e468 serial: sandbox: Fix buffer underflow in puts
Fix the buffer underflow that would occur if puts is called with length
of zero.

Fixes: efa51f2bd6 ("serial: sandbox: Implement puts")
Cc: Sean Anderson <sean.anderson@seco.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
2022-06-23 12:58:18 -04:00
Tom Rini
9121478ee6 Merge branch '2022-06-22-platform-updates-and-additions' into next
- Add hpe gxp architecture and platform, Arm corstone1000 platform.
- ast2600, devkit8000, NPCM7xx improvements
2022-06-23 08:16:21 -04:00
Tom Rini
929e581a62 corstone1000: Convert to text file environment
Convert this platform to using the text file environment rather than
defining CONFIG_EXTRA_ENV_SETTINGS.

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-06-22 21:30:05 -04:00
Tom Rini
781a144a7a gxp: Convert to text file environment
Convert this platform to using the text file environment rather than
defining CONFIG_EXTRA_ENV_SETTINGS.

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-06-22 21:30:05 -04:00
Jim Liu
0ae1c77199 misc: nuvoton: Add NPCM7xx otp controller driver
Add Nuvoton BMC npcm750 otp driver

Signed-off-by: Jim Liu <JJLIU0@nuvoton.com>
2022-06-22 21:30:05 -04:00
Jim Liu
2eeb4ee97e crypto: nuvoton: Add NPCM7xx SHA driver
add nuvoton BMC npcm750 SHA driver

Signed-off-by: Jim Liu <JJLIU0@nuvoton.com>
2022-06-22 21:30:05 -04:00
Jim Liu
9e03b48dfa crypto: nuvoton: Add NPCM7xx AES driver
add nuvoton BMC npcm750 AES driver

Signed-off-by: Jim Liu <JJLIU0@nuvoton.com>
2022-06-22 21:30:05 -04:00
Chia-Wei Wang
12770d0df0 ast2600: spl: Add boot mode detection
AST2600 supports boot from SPI(mmap), eMMC, and UART.
This patch adds the boot mode detection and return the
corresponding boot device type.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
2022-06-22 21:30:05 -04:00
Chia-Wei Wang
442a69c143 configs: ast2600: Move SPL bss section to DRAM space
The commit b583348ca8 ("image: fit: Align hash output buffers") places
the hash output buffer at the .bss section. However, AST2600 by default
executes SPL in the NOR flash XIP way. This results in the hash output
cannot be written to the buffer as it is located at the R/X only region.

We need to move the .bss section out of the SPL body to the DRAM space,
where hash output can be written to. This patch includes:
 - Define the .bss section base and size
 - A new SPL linker script is added with a separate .bss region specified
 - Enable CONFIG_SPL_SEPARATE_BSS kconfig option

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Reviewed-by: Neal Liu <neal_liu@aspeedtech.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
478c00718d MAINTAINERS: Introduce HPE GXP Architecture
Create a section in MAINTAINERS for the GXP HPE architecture

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
3736faee5b configs: gxp: add gxp_defconfig
This is the initial very basic config that enables the U-Boot console on
the hpe gxp soc.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
79c6c38102 configs: gxp: add core support
Add the include file for the gxp soc.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
2b7a89bc94 ARM: dts: Add device tree files for hpe gxp soc
The HPE SoC is new to linux. A basic device tree layout with minimum
required for linux to boot including a timer and watchdog support has
been created.

The dts file is empty at this point but will be updated in subsequent
updates as board specific features are enabled.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
63ff9d9134 dt-bindings: spi: Add hpe gxp spi
Add support for the HPE GXP SPI Controller.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
e7ea0a2ba3 board: hpe: gxp: add HPE GXP soc support
Add basic support for the HPE GXP SoC. Reset the EHCI controller at
boot.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
4f689b3d86 spi: gxp_spi: Add GXP SPI controller driver
The GXP supports 3 separate SPI interfaces to accommodate the system
flash, core flash, and other functions. The SPI engine supports variable
clock frequency, selectable 3-byte or 4-byte addressing and a
configurable x1, x2, and x4 command/address/data modes. The memory
buffer for reading and writing ranges between 256 bytes and 8KB. This
driver supports access to the core flash.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:05 -04:00
Nick Hawkins
b25913b40e timer: gxp: Add HPE GXP timer support
Add support for the HPE GXP SOC timer. The GXP supports several different
kinds of timers but for the purpose of this driver there is only support
for the General Timer. The timer has a 1us resolution and is 56 bits.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:04 -04:00
Nick Hawkins
4276c9b2aa ARM: hpe: gxp: add core support
The GXP is the HPE BMC SoC that is used in the majority
of current generation HPE servers. Traditionally the asic will
last multiple generations of server before being replaced.

Info about SoC:

HPE GXP is the name of the HPE Soc. This SoC is used to implement many BMC
features at HPE. It supports ARMv7 architecture based on the Cortex A9
core. It is capable of using an AXI bus to whicha memory controller is
attached. It has multiple SPI interfaces to connect boot flash and BIOS
flash. It uses a 10/100/1000 MAC for network connectivity. It has multiple
i2c engines to drive connectivity with a host infrastructure. There
currently are no public specifications but this process is being worked.

Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
2022-06-22 21:30:04 -04:00