Currently, AUTOBOOT_KEYED and its variant AUTOBOOT_ENCRYPTION are
broken when one has an external always-running watchdog device with a
timeout shorter than the configured boot delay (in my case, I have a
gpio-wdt one with a timeout of 1 second), because we fail to call
WATCHDOG_RESET() in the loops where we wait for the bootdelay to
elapse.
This is done implicitly in the !AUTOBOOT_KEYED case,
i.e. abortboot_single_key(), because that loop contains a
udelay(10000), and udelay() does a WATCHDOG_RESET().
To fix this, simply add similar udelay() calls in the other loops.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Stefan Roese <sr@denx.de>
This doesn't really make much sense in the documentation. Add a code
comment instead.
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
The current API is outdated as it requires a devicetree pointer.
Move these functions to use the ofnode API and update this globally. Add
some tests while we are here.
Correct the call in exynos_dsim_config_parse_dt() which is obviously
wrong.
Signed-off-by: Simon Glass <sjg@chromium.org>
The autoboot tests are a recent addition to U-Boot, providing much-needed
coverage in this area.
A side effect of the keyed autoboot test is that this feature is enabled
in sandbox always. This changes the autoboot prompt and confuses the
pytests. Some tests become slower, for example the vboot tests take about
27s now instead of 3s.
We don't actually need this feature enabled to be able to run the tests.
Add a switch to allow sandbox to turn it on and off as needed. Use this
in the one test that needs it.
Add a command-line flag in case this is desired in normal use.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 25c8b9f298 ("test: add first autoboot unit tests")
Reviewed-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
In case crypt-based hashing is enabled this will be the default mechanism
that is used. If a user wants to have support for both, the environment
variable `bootstopusesha256` can be set to `true` to allow plain SHA256
based hashing of the password.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
The key-sequence based unlock mechanisms are sensitive to junk symbols
that could have been sent to stdin and are still waiting to be retrieved.
Enabling this option will read all symbols off stdin before displaying the
autoboot prompt (and starting to read the password from stdin).
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
In case a user has to enter a complicated password it is sometimes
desireable to give the user more time than the default timeout.
Enabling this feature will disable the timeout entirely in case the user
presses the <Enter> key before entering any other character.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
While doing code-review internally this got nitpicked by 2 reviewers, so
I decided to include this here.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Hook into the autoboot flow as an alternative to the existing
mechanisms.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Replace typo CONFIG_USE_AUTOBOOT_MENUKEY with
CONFIG_AUTOBOOT_USE_MENUKEY as when they were introduced initially there
was some mismatch in which name was used where.
Fixes: 8fc31e23aa ("autoboot: Rename CONFIG_MENUKEY to CONFIG_AUTOBOOT_MENUKEY")
Signed-off-by: Da Xue <da@libre.computer>
Move this out of the common header and include it only where needed. In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly. Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
If both stop key and delay key are empty, the length of these
keys is 0. The subtraction operation will cause the u_int type
variable to overflow, will cause illegal memory access in key
input loop.
This commit fixes this bug by using int type instead of u_init.
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Adds an optional SALT value to AUTOBOOT_STOP_STR_SHA256. If a string
followed by a ":" is prepended to the sha256, the portion to the left
of the colon will be used as a salt and the password will be appended
to the salt before the sha256 is computed and compared.
Signed-off-by: Joel Peshkin <joel.peshkin@broadcom.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Patrick Delaunay <patrick.delaunay@st.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Joel Peshkin <joel.peshkin@broadcom.com>
To: u-boot@lists.denx.de
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
The sandbox is built with the SDL2 library with invokes the X11 library
which in turn calls getc(). But getc() in glibc is defined as
int getc(FILE *)
This does not match our definition.
int getc(void)
The sandbox crashes when called with parameter -l.
Rename our library symbol getc() to getchar().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
add back again special case: -2
autoboot with no delay and no check for abort
as described in Kconfig option, see common/Kconfig
help text for option BOOTDELAY.
Signed-off-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move these functions into the command.h header file which is a better fit.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
This function belongs in time.h so move it over and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Move env_set_hex() over to the new header file along with env_set_addr()
which uses it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
if CONFIG_AUTOBOOT_KEYED, CONFIG_AUTOBOOT_ENCRYPTION and
CONFIG_AUTOBOOT_STOP_STR_SHA256 are enabled in conjunction
with CONFIG_SHA_HW_ACCEL and CONFIG_FSL_CAAM, we get the
Error when pressing a key while waiting for bootdelay:
Error: Address arguments are not aligned
CAAM was not setup properly or it is faulty
Reason is, that used variables are not cache aligned,
so malloc this variables cache aligned.
Probably this is also a bugfix for other hw accelerators
than CAAM.
Signed-off-by: Heiko Schocher <hs@denx.de>
Move the variable to the top of the file and adjust the code which uses it
to use if() rather than #ifdef, to make it easier to read.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since this is part of the autoboot functionality, it makes sense to name
it with an AUTOBOOT prefix. No mainline boards use it so this should be
safe, and downstream boards will need to adjust.
Since this option is just an integer value, it really needs another option
to control whether the feature is enabled or not. Add a new
CONFIG_USE_AUTOBOOT_MENUKEY for that. This fits better with how things are
done with Kconfig, avoiding the need to use a specific value to disable
the feature.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not defined by any board. We could use CONFIG_AUTOBOOT_PROMPT
instead perhaps, but this depends on CONFIG_AUTOBOOT_KEYED which is not
used for the single-key case.
So let's just remove CONFIG_MENUPROMPT.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we have two functions named __autoboot() which do different
things. This is confusing. Fix it by using if() instead of #ifdef for
selecting the functions, and renaming them to meaningful names.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use if() instead for this option, renaming the two different
passwd_abort() functions to indicate their purpose.
Signed-off-by: Simon Glass <sjg@chromium.org>
This CONFIG option is only present if CONFIG_AUTOBOOT_ENCRYPTION is
enabled so it cannot be used in code without that #ifdef. But we want to
reduce the use of #ifdef in this file and in particular to avoid having
two different functions both named passwd_abort() but which do different
things.
In preparation for this, create an intermediate value which is set to an
empty string if there is no value for CONFIG_AUTOBOOT_STOP_STR_SHA256.
Signed-off-by: Simon Glass <sjg@chromium.org>
The code has been refactored to use common wrappers from bootcount.h
header.
Signed-off-by: Lukasz Majewski <lukma@denx.de>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Alex Kiernan <alex.kiernan@gmail.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
The call to hash_block in passwd_abort fails with error ENOSPC on some
systems. The reason is that the variable which specifies the size of the
buffer to contain the computed hash does not get initialized.
This patch initializes the variable with the size of the buffer.
Signed-off-by: Martin Etnestad <martin.etnestad@appeartv.com>
We are now using an env_ prefix for environment functions. Rename these
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.
Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
commonly used functions, for consistency. Also add function comments in
common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
Move the bootdelay >= 0 check to the caller, which simplifies
the callees.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Factor out the same code from the callees to the caller.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Because abortboot_keyed() and abortboot_normal() are not compiled
at the same time, we can rename both of them to __abortboot().
This allows to drop #ifdef from the caller.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
As the help message of CONFIG_BOOTDELAY says, CONFIG_BOOTDELAY=-2
means the autoboot with no delay, with no abort check even if
CONFIG_ZERO_BOOTDELAY_CHECK is defined.
To sum up, the autoboot behaves as follows:
[1] CONFIG_BOOTDELAY=0 && CONFIG_ZERO_BOOTDELAY_CHECK=y
autoboot with no delay, but you can abort it by key input
[2] CONFIG_BOOTDELAY=0 && CONFIG_ZERO_BOOTDELAY_CHECK=n
autoboot with no delay, with no check for abort
[3] CONFIG_BOOTDELAY=-1
disable autoboot
[4] CONFIG_BOOTDELAY=-2
autoboot with no delay, with no check for abort
As you notice, [2] and [4] come to the same result, which means we
do not need CONFIG_ZERO_BOOTDELAY_CHECK. We can control all the
cases only by CONFIG_BOOTDELAY, like this:
[1] CONFIG_BOOTDELAY=0
autoboot with no delay, but you can abort it by key input
[2] CONFIG_BOOTDELAY=-1
disable autoboot
[3] CONFIG_BOOTDELAY=-2
autoboot with no delay, with no check for abort
This commit converts the logic as follow:
CONFIG_BOOTDELAY=0 && CONFIG_ZERO_BOOTDELAY_CHECK=n
--> CONFIG_BOOTDELAY=-2
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Acked-by: Igor Grinberg <grinberg@compulab.co.il>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Vladimir Zapolskiy <vz@mleia.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Acked-by: Christian Riesch <christian.riesch@omicronenergy.com>
Acked-by: Hannes Schmelzer <hannes.schmelzer@br-automation.com>
The x86 build target "efi-x86" has no TEXT_BASE configured. And with the
introduction of CONFIG_BOOTDELAY for x86, this function is now called
for this board as well. Resulting in compile errors for this target.
Without TEXT_BASE it makes no sense to fill these values. So lets only
configure the env variable if TEXT_BASE is defined.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The console includes a global variable and several functions that are only
used by a small subset of U-Boot files. Before adding more functions, move
the definitions into their own header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch adds the feature to only stop the autobooting, and therefor
boot into the U-Boot prompt, when the input string / password matches
a values that is encypted via a SHA256 hash and saved in the environment.
This feature is enabled by defined these config options:
CONFIG_AUTOBOOT_KEYED
CONFIG_AUTOBOOT_STOP_STR_SHA256
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
This patch moves the following config options to Kconfig:
CONFIG_AUTOBOOT_KEYED
CONFIG_AUTOBOOT_PROMPT
CONFIG_AUTOBOOT_DELAY_STR
CONFIG_AUTOBOOT_STOP_STR
AUTOBOOT_KEYED_CTRLC
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Drop ip04 and pm9263 configs/ additions, those boards previously
set CONFIG_AUTOBOOT_PROMPT but never used it, re-run savedefconfig over
all boards that did change. Make digsy_mtc_* string include seconds to
match others and not warn. ]
Signed-off-by: Tom Rini <trini@konsulko.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
These defines for a 2nd autoboot stop and delay string are nearly unused. Only
sc3 defines CONFIG_AUTOBOOT_DELAY_STR2. And a patch to remove this most likely
unmaintained board is also posted to the list.
By removing these defines the code will become cleaner and moving the remaining
compile options to Kconfig will get easier.
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Heiko Schocher <hs@denx.de>