The command's name is a misnomer.
The command loads a file but does not run (boot) it.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Calling tftpput with less than 2 arguments must lead to a failure.
If tftpput is called with two arguments, these are the address and
the size of the file to be transferred.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This converts the FIT loading process of the fpga command to use
fit_get_data_node.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Format the KVM implementation number in a human readable form.
With the patch output of the sbi command for Linux 5.19.1 looks like:
=> sbi
SBI 0.3
KVM 5.19.1
Machine:
Vendor ID 0
Architecture ID 7005c
Implementation ID 7005c
Extensions:
SBI Base Functionality
Timer Extension
IPI Extension
RFENCE Extension
Hart State Management Extension
System Reset Extension
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
It is useful to read information about the current TPM state, where
supported, e.g. for debugging purposes when verified boot fails.
Add support for this to the TPM interface as well as Cr50. Add a simple
sandbox test.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This feature is used for measured boot, so we can add a log entry to the
TCPA with some information about where the digest comes from. It is not
currently supported in the TPM drivers, but add it to the API so that
code which expects it can signal its request.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This command is being introduced with the goal of allowing user-friendly
"generic use case" U-Boot builds to pause until user input under some
situations.
The main use case would be when a boot failure happens, to pause until
the user has had time to acknowledge the current state.
Tested using:
make && ./u-boot -v -T -c 'ut lib lib_test_hush_pause'
Signed-off-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
Cc: Simon Glass <sjg@chromium.org>
fit_image_get_comp() should not set value -1 in case it can't read
the compression node. Instead, leave the value untouched in that case
as it can be absent and a default value previously defined by the
caller of fit_image_get_comp() should be used.
As a result the warning message
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
no longer shows if the compression node is actually absent.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This reinstates fix from commit 8f8c04bf1e ("i2c: fix stack buffer
overflow vulnerability in i2c md command") without the changes unrelated
to the actual fix. Avoid the underflow by setting only nbytes and
linebytes as unsigned integers.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Heiko Schocher <hs@denx.de>
Cc: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tim Harvey <tharvey@gateworks.com>
Acked-by: Tim Harvey <tharvey@gateworks.com>
This reverts commit 8f8c04bf1e.
The commit is largely wrong and breaks most of i2c command functionality.
The problem described in the aforementioned commit commit message is valid,
however the commit itself does many more changes unrelated to fixing that
one problem it describes. Those extra changes, namely the handling of i2c
device address length as unsigned instead of signed integer, breaks the
expectation that address length may be negative value. The negative value
is used by DM to indicate that address length of device does not change.
The actual bug documented in commit 8f8c04bf1e
can be fixed by extra sanitization in separate patch.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Heiko Schocher <hs@denx.de>
Cc: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tim Harvey <tharvey@gateworks.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
other minor fixes
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmMJZZ8RHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZ8pggAjYxdCTEtTMJamt67hht8xjeZLom4KX3G
HZJhXHAXHgnw2vku4nYKEZp6B5+if184I34Gbw6AGHJib7tfGBPFHeb0lIg+NHlB
bb7hMSKJwZJAASWB5Txqtmx2iFdnTZVnUUMp5Jl8Fpd0yhd8YxsaDKrt7BUTTZgM
84ht/zv+laFoDvM0Xj81TVkPym8ShIylsUc44Sn8je5KC8kg1lmukqnBHAOj0DKG
cE/hGOmdq5HLu7Ylj3XQ8tl6jpPMn6hltoIMku6ePsJeaTOdsXg2i3RN/Xga835D
7/KW+qasl2+5XwqYyAXjLW6YncbGzxmsLfJ6HrzInLtp9rkOt/z0hA==
=09Bs
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-26aug22' of https://source.denx.de/u-boot/custodians/u-boot-dm
binman/patman documentation improvements
other minor fixes
Avoid enabling this command by default. This saves about 1KB of code
space.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
PCIe config space has address range 0-4095. So do not allow reading from
addresses outside of this range. Lot of U-Boot drivers do not expect that
passed value is not in this range. PCI DM read function is extended to
fill read value to all ones or zeros when it fails as U-Boot callers
ignores return value.
Calling U-Boot command 'pci display.b 0.0.0 0 0x2000' now stops printing
config space at the end (before 0x1000 address).
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Currently message is not intended that prompt end up at the end of debug
line. For example like this:
DFU alt info setting: done
DFU entities configuration failed!
(partition table does not match dfu_alt_info?)
Firmware update failed: <NULL>
Cannot handle a capsule at 10000000Zynq>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add support for handling this concept in bootflows. Update the 'bootflow'
command to allow only the normal bootmeths to be used. This alllows
skipping EFI bootmgr and VBE, for example.
Signed-off-by: Simon Glass <sjg@chromium.org>
With global bootmeths we want to scan without a bootdev. Update the logic
to allow this.
Change the bootflow command to show the bootdev only when valid.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current way of handling things like EFI bootmgr is a bit odd, since
that bootmeth handles selection of the bootdev itself. VBE needs to work
the same way, so we should support it properly.
Add a flag that indicates that the bootmeth is global, rather than being
invoked on each bootdev. Provide a helper to read a bootflow from the
bootmeth.
Signed-off-by: Simon Glass <sjg@chromium.org>
We want to use VBE to mean Verfiied Boot for Embedded in U-Boot. Rename
the existing VBE (Vesa BIOS extensions) to allow this.
Verified Boot for Embedded is documented doc/develop/vbe.rst
Signed-off-by: Simon Glass <sjg@chromium.org>
Remove the dependency on CMD_PXE from BOOTMETH_DISTRO by introducing a
new hidden kconfig symbol to control whether pxe_utils is compiled,
allowing bootstd's distro method to be compiled without needing
networking support enabled.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Correct build errors when CMD_BOOTM is not enabled:
Signed-off-by: Simon Glass <sjg@chromium.org>
A large number of files include <flash.h> as it used to be how various
SPI flash related functions were found, or for other reasons entirely.
In order to migrate some further CONFIG symbols to Kconfig we need to
not include flash.h in cases where we don't have a NOR flash of some
sort enabled. Furthermore, in cases where we are in common code and it
doesn't make sense to try and further refactor the code itself in to new
files we need to guard this inclusion.
Signed-off-by: Tom Rini <trini@konsulko.com>
If 'extension apply all' is executed and no extension is found, the return
value of do_extension_apply() is undefined. Return CMD_RET_FAILURE in this
case.
Fixes: 2f84e9cf06 ("cmd: add support for a new "extension" command")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Kory Maincent <kory.maincent@bootlin.com>
The source code contains an error:
- argv[2] contains <channel> arg, variable for env_set is in argv[3]
- number of args is 4
Revert 54d24d7260
cmd: simplify do_adc_single()
Fixes 9de612ae4d
cmd: adc: Add support for storing ADC result in env variable
Reviewed-by: Simon Glass <sjg@chromium.org>
The 'rng' command dumps a number of random bytes on the console. Add a
set of tests for the 'rng' command. The test function performs basic
sanity testing of the command.
Since a unit test is being added for the command, enable it by default
in the sandbox platforms.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Use a statically allocated buffer on stack instead of using malloc for
reading the random bytes. Using a local array is faster than
allocating heap memory on every initiation of the command.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The 'rng' u-boot command is used for printing a select number of
random bytes on the console. Currently, the RNG device from which the
random bytes are read is fixed. However, a platform can have multiple
RNG devices, one example being qemu, which has a virtio RNG device and
the RNG pseudo device through the TPM chip.
Extend the 'rng' command so that the user can provide the RNG device
number from which the random bytes are to be read. This will be the
device index under the RNG uclass.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Negative return value from cmd main function cause U-Boot to print criplic
error message: exit not allowed from main input shell.
Set return value on error to 1.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Armada 3700 BootROM supports also images with sha512 checksums and
mox-imager tool [1] generates such bootable images. Without sha512 support
U-Boot bubt command just prints error message:
Error: Unsupported hash_algorithm_id = 64
Error: Image header verification failed
This patch adds support for sha512 checksum validation for Armada 3700
images. With it bubt prints:
Image checksum...OK!
[1] - https://gitlab.nic.cz/turris/mox-boot-builder.git
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
net_loop() returns signed int type and negative value represents error.
tftp_read_file() returns unsigned size_t type and zero value represents
error. Casting signed negative value to unsigned size_t type cause losing
information about error and bubt thinks that no error happened, and
continue erasing SPI-NOR which cause malfunction device.
Fix this issue by correctly propagating failure during tftp transport.
With this change when there is no eth link, bubt does not erase SPI-NOR
anymore.
=> bubt
Burning U-Boot image "flash-image.bin" from "tftp" to "spi"
ethernet@30000 Waiting for PHY auto negotiation to complete......... TIMEOUT !
ethernet@30000: No link.
Error: Failed to read file flash-image.bin from tftp
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Current image type verification code is specific to 32-bit Armada SoCs but
used only for Armada 38x. Implement image type verification for Armada 3700
and enable Armada 38x image verification for all 32-bit Armada SoCs.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
add arguments for mmc wp to assign which boot partition to protect.
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
These flags may be used to check whether an FPGA driver is able to
load a particular FPGA bitstream image.
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Link: https://lore.kernel.org/r/20220722141614.297383-7-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
It allows using this feature without enabling the "fpga loads"
command.
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Co-developed-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Signed-off-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Link: https://lore.kernel.org/r/20220722141614.297383-2-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
Fix diacritics in some instances of my name and change my e-mail address
to kabel@kernel.org.
Add corresponding .mailmap entries.
Signed-off-by: Marek Behún <kabel@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Do not suggest successful operation if a flash area to be changed is
actually locked, thus will not execute the request. Rather report an
error and bail out. That's way more user-friendly than asking them to
manually check for this case.
Derived from original patch by Chao Zeng.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Jagan Teki <jagan@amarulasolutions.com>
efi_dp_str() allocates memory which should be released after use.
Use %pD printf code. Adjust message wording.
Fixes: d837cb1e3b ("efi: Add debugging to efi_set_bootdev()")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This converts the following to Kconfig:
CONFIG_SYS_BOOTM_LEN
As part of this, rework error handling in boot/bootm.c so that we pass
the buffer size to handle_decomp_error as CONFIG_SYS_BOOTM_LEN will not
be available to host tools but we do know the size that we passed to
malloc().
Cc: Soeren Moch <smoch@web.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
The "autoload" environment variable is always checked with env_get_yesno
as it can be set to any form of no. The default behavior of
env_get_yesno is to return -1 on variables that are not set, which acts
as true in general (we test for non-zero return). To convert
CONFIG_SYS_AUTOLOAD to Kconfig, given that it was almost always used to
set autoload to no, first rename to CONFIG_SYS_DISABLE_AUTOLOAD for
consistency sake. Then, make it so that if enabled we set autoload=0 in
the default environment. Migrate all platforms which set
CONFIG_SYS_AUTOLOAD to non-true or that set autoload to false in their
default environment to using CONFIG_SYS_DISABLE_AUTOLOAD
Signed-off-by: Tom Rini <trini@konsulko.com>
