When the TCG2 protocol is installed in efi_tcg2_register(),
TPM2 device must be present.
tcg2_measure_pe_image() expects that TCP2 protocol is installed
and TPM device is available. If TCG2 Protocol is installed but
TPM device is not found, tcg2_measure_pe_image() returns
EFI_SECURITY_VIOLATION and efi_load_image() ends with failure.
The same error handling is applied to
efi_tcg2_measure_efi_app_invocation().
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
There are functions that calls tcg2_agile_log_append() outside
of the TCG protocol invocation (e.g tcg2_measure_pe_image).
These functions must to check that TCG2 protocol is installed.
If not, measurement shall be skipped.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This commit modify efi_tcg2_register() to return the
appropriate error.
With this fix, sandbox will not boot because efi_tcg2_register()
fails due to some missing feature in GetCapabilities.
So disable sandbox if EFI_TCG2_PROTOCOL is enabled.
UEFI secure boot variable measurement is not directly related
to TCG2 protocol installation, tcg2_measure_secure_boot_variable()
is moved to the separate function.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Literally adhering to the docs gave this wrong output:
U-Boot> setenv fdtaddr 0x87f00000
U-Boot> fdtaddr $fdtaddr
Unknown command 'fdtaddr' - try 'help'
Fixes: d80162cfc5 ("doc: Document how to apply fdt overlays")
Signed-off-by: Alexander Dahl <ada@thorsis.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This fixes two regressions: eMMC operation on boards with WiFi (so using
three MMC devices), and a repeated wrong error message in USB gadget
mode (fastboot, ums).
The sunxi MUSB glue driver has some code to check for external VBUS
presence when it's going to use the MUSB host mode, and it warns if
there is VBUS provided through the cable (in sunxi_musb_enable()).
This code was apparently copied to the USB gadget detection code
(g_dnl_board_usb_cable_connected()), but here we actually *expect*
external VBUS power, so a warning is wrong and confusing.
So far this message rarely triggered, but a recent patch (6fa41cdd19)
changed this:
===========================
=> ums 0 mmc 2
UMS: LUN 0, dev mmc 2, hwpart 0, sector 0x0, count 0xe90000
A charger is plugged into the OTG
/A charger is plugged into the OTG
\A charger is plugged into the OTG
|A charger is plugged into the OTG
-A charger is plugged into the OTG
....
===========================
Remove the message for the gadget cable detection call, and just return
the status of the VBUS detection, as this is what the callers are after.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Commit 03510bf621 ("sunxi: only include alias for eMMC when mmc2
used") protected the eMMC alias in U-Boot's DT stub the with the
associated Kconfig symbol, but was actually using the wrong name.
Fix the name of the symbol to match what's defined in Kconfig and what
the defconfig files actually use.
Fixes: 03510bf621 ("sunxi: only include alias for eMMC when mmc2 used")
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reported-by: 5kft@5kft.org
Reviewed-by: Icenowy Zheng <icenowy@aosc.io>
QSPI0 has a MX66LM1G45G SPI NOR flash connected.
Enable the controller and describe the flash.
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
sama7g5 embedds an OSPI and a QSPI controller:
1/ OSPI0 Supporting Up to 200 MHz DDR. Octal, TwinQuad, Hyperflash
and OctaFlash Protocols Supported.
2/ QSPI1 Supporting Up to 90 MHz DDR/133 MHz SDR.
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
sama7g5 QSPI has:
1/ One Octal Serial Peripheral Interfaces (QSPI0) Supporting Up to
200 MHz DDR. Octal, TwinQuad, Hyperflash and OctaFlash Protocols Supported
2/ One Quad Serial Peripheral Interfaces (QSPI1) Supporting Up to
90 MHz DDR/133 MHz SDR
The QSPI controller of SAMA7G5 uses different clock domains, hence extra
synchronization operations must be performed before accessing some
registers. Differentiate between the versions of the IP using has_gclk.
Differentiate between QSPI0 and QSPI1 with has_octal.
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
bloblist - allow it to be allocated
sandbox config-header cleanup
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmGtgBARHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZiRggAlOeC1qnl5uEHRwzP/0OHAisek2W2ikZI
aJeNh1CHCfu5a//W6QInoR4knfYJM1nK5RFapKO83L4E3wzHgoL3u0OgikO2gRdt
YTl9rFIp6niSntoeP2MmtT1gBPq0kOGj6tD9KIameNLIOCrWgN0/VwVdiH9eXipc
N/egjGyOkIGoxYnQQaYnujiHMEEf14koFfO+RM9UYIsnm+9jJFiQ5nssm/waTvom
a18dGjHU1P6UIjMbLyq7QkmoDwpHMiHvK6q0C9BvKRLfW6EvhHFQLjsTOm4KXEmI
NoKDTkY9RD9c68wJWT4STEMpg0lGYj9S42Db9qI1g7WacLZlCbb6DA==
=hWWY
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-5dec21a' of https://source.denx.de/u-boot/custodians/u-boot-dm into next
binman refactoring to improve section handling
bloblist - allow it to be allocated
sandbox config-header cleanup
# gpg: Signature made Sun 05 Dec 2021 10:14:24 PM EST
# gpg: using RSA key B25C0022AF86A7CC1655B6277F173A3E9008ADE6
# gpg: issuer "sjg@chromium.org"
# gpg: Good signature from "Simon Glass <sjg@chromium.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B25C 0022 AF86 A7CC 1655 B627 7F17 3A3E 9008 ADE6
This is not needed anymore. Drop it to simplify the code.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
CONFIG_SYS_ATA_PORT_ADDR is not used in the code anymore. Drop it and use
ATA_PORT_ADDR() locally instead.
Drop CONFIG_IDE_RESET_ROUTINE and CONFIG_IDE_SWAP_IO which are also
unused.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not used by sandbox since it uses driver model for the timer.
Drop it.
Also update the tools_only build to avoid build errors, since it does
actually build U-Boot too. Enable DM so we can use CONFIG_TIMER,
disable EFI_LOADER to avoid an error about board_quiesce_devices() and
disable NET to avoid having to define CONFIG_AVB_BUF_ADDR
Signed-off-by: Simon Glass <sjg@chromium.org>
This can go in the related header file. Drop the CONFIG option.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
At present there are Kconfig options for tracing, but sandbox uses
plain #defines to set them. Correct this and make the tracing command
default to enabled so that this is not needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Sometimes it is useful to have a list of related external blobs in a
single entry. An example is the DDR binaries used by meson. There are
9 files in total. Add support for this, so we don't have to have a
separate entry for each.
Signed-off-by: Simon Glass <sjg@chromium.org>
In some cases entries encapsulate other data and it is useful to access
the data within. An example is the fdtmap which consists of a 16-byte
header, followed by a devicetree.
Provide an option to specify an alternative format when extracting files.
In the case of fdtmap, this is 'fdt', which produces an FDT file which can
be viewed with fdtdump.
Signed-off-by: Simon Glass <sjg@chromium.org>
If an older version of binman is used to list images created by a newer
one, it is possible that it will contain entry types that are not
supported. At present this produces an error.
Adjust binman to use a plain 'blob' entry type to cope with this, so the
image can at least be listed.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present it is necessary to symlink files containing external blobs into
the U-Boot tree in order for binman to find them. This is not very
convenient.
Add two new environment/Makefile variables to help with this. Add
documentation as well, fixing a related nit.
Signed-off-by: Simon Glass <sjg@chromium.org>
Typically the bloblist is positioned at a fixed address in memory until
relocation. This is convenient when it is set up in SPL or before
relocation.
But for EFI we want to set it up only when U-Boot proper is running. Add
a way to allocate it using malloc() and update the documentation to cover
this aspect of bloblist.
Note there are no tests of this feature at present, nor any direct testing
of bloblist_init().
This can be added, e.g. by making this option controllable at runtime.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the constructor to work in the recommended way, where the node
properties are read in a separate function. This makes it more similar to
entry_Section.
Signed-off-by: Simon Glass <sjg@chromium.org>
This currently uses _cbfs_entries[] to store entries. Since the entries
are in fact valid etypes, we may as well use the same name as
entry_Section uses, which is _entries. This allows reusing more of the
code there (in a future patch).
Signed-off-by: Simon Glass <sjg@chromium.org>
It is easier to understand this file if reading the entries comes before
obtaining the contents, since that is the order in which Binman proceeds.
Move the function down a bit.
Signed-off-by: Simon Glass <sjg@chromium.org>
Expand this to explain subclassing better and also to tidy up formatting
for rST.
Fix a few pylint warnings to avoid dropping the score.
Signed-off-by: Simon Glass <sjg@chromium.org>
The ObtainContents() and GetEntryContents() methods in this file read
every single entry in the section. This is the common case.
However when one of the entries has had its data updated (e.g. with
'binman replace') we don't want to read it again from the file. Allow
the entry to be skipped, for this purpose. This is currently done in the
CBFS implementation, so adding it here will allow that to use more of
the entry_Section code.
Signed-off-by: Simon Glass <sjg@chromium.org>
This method is currently marked private. However it is useful to be able
to subclass it, since much of the entry_Section code can be reused. Rename
it.
Also document one confusing part of this code, so people can understand
how to add a test for this case.
Fix up a few pylint warnings to avoid regressing the score.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a -V option which shows the version number of binman. For now this
just uses a local 'version' file. Once the tool is packaged in some way
we can figure out an approach that suits.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update this file to improve the pylint score a little. The remaining item
is:
Function name "ParseArgs" doesn't conform to snake_case naming style
which needs some binman-wide renaming.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use the same technique as with binman to load this module from the U-Boot
tree if available. This allows running tests without having to specify
the PYTHONPATH variable.
Signed-off-by: Simon Glass <sjg@chromium.org>
When compiled with -Og for better debugability u-boot ends up in a stack
overflow using
gcc (Ubuntu 11.2.0-7ubuntu2) 11.2.0
GNU Binutils for Ubuntu 2.37
putchar(ch) is defined as a macro which ends up calling U-Boot's putc()
implementation instead of the glibc one, which calls os_putc() ...
Let's use fputc(ch, stdout) instead as fputc() does not exist in U-Boot.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
* fixes the bug in function bind_drivers_pass that for
CONFIG_CC_OPTIMIZE_FOR_SIZE=n and no entries in the driver_info list,
i.e. n_ents == 0, the processor steps into the first loop iteration
despite the loop condition being false.
* the Xilinx Zynq-7000 device would eventually hang due to an attempted
access to an invalid memory address
* the bug is fixed by changing the type of idx from uint to int
Board: zynq-zybo
Target: ARM
Compiler: arm-none-eabi-gcc 9.2.1
Signed-off-by: Alexander Preissner <fpga-garage@preissner-muc.de>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Enable saving environment to SPI flash memory on SiFive
Unmatched.
Signed-off-by: Thomas Skibo <thomas-git@skibo.net>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>