We want to avoid allocating platform data twice. This could happen if
device_probe() is called after device_ofdata_to_platdata() for the same
device.
Add a flag to track whether device_ofdata_to_platdata() has been called on
a device. Check the flag to make sure it doesn't happen twice, and clear
the flag when the data is freed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new internal function, device_ofdata_to_platdata() to handle
allocating private space associated with each device and reading the
platform data from the device tree.
Call this new function from device_probe().
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the parent is probed before the child's ofdata_to_platdata()
method is called. Adjust the logic slightly so that probing parents is
not done until afterwards.
Signed-off-by: Simon Glass <sjg@chromium.org>
This method is supposed to extract platform data from the device tree. It
should be done before the device itself is probed. Move it earlier in the
device_probe() function.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the clock driver reads its ofdata in the probe() method. This
is not correct although it is often harmless.
However in this case it causes a problem, something like this:
- ast_get_scu() is called (from somewhere) to get the SCI address
- this probes the clock
- first sets up ofdata (which does nothing at present)
- DM marks clock device as active
- DM calls pinctrl
- pinctrl probes and calls ast_get_scu() in ast2500_pinctrl_probe()
- ast_get_scu() probes the clock, but sees it already marked as
probed
- ast_get_scu() accesses the clock's private data, with scu as NULL
- DM calls clock probe function ast2500_clk_probe() which reads scu
By putting the read of scu into the correct method, scu is read as part of
ofdata setup, and everything is OK.
Note: This problem did not matter until now since DM always probed all
parents before reading a child's ofdata. The fact that pinctrl is a child
of clock seems to trigger this strange bug.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
It is not possible to access a device on a PCI bus that has not yet been
probed, since the bus number is not known. Add a warning to catch this
error.
Signed-off-by: Simon Glass <sjg@chromium.org>
The PCI bus is not actually probed by the time the ofdata_to_platdata()
method is called since that happens in the uclass's post_probe() method.
Update the PMC and P2SB drivers to access the bus in its probe() method.
Signed-off-by: Simon Glass <sjg@chromium.org>
These macros use __FILE__ which inserts the full path of the object file
into U-Boot, thus increasing file size. Drop these usages.
An older version of this patch was submitted here:
http://patchwork.ozlabs.org/patch/1205784/
Signed-off-by: Simon Glass <sjg@chromium.org>
Some U-Boot code uses BUG_ON() and WARN_ON() macros. These use __FILE__
which can include quite a large path, depending on how U-Boot is built.
The existing assert() is only checked if DEBUG is enabled. Add a new one
which is always checked, and prints a (smaller) error in that case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a unit test for the EFI_RNG_PROTOCOL.
The list of algorithms is read. Two random numbers are generated. The test
checks that the two numbers differ.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Install the EFI_RNG_PROTOCOL implementation for it's subsequent use by
the kernel for features like kaslr.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add support for the EFI_RNG_PROTOCOL routines for the qemu arm64
platform. EFI_RNG_PROTOCOL is an uefi boottime service which is
invoked by the efi stub in the kernel for getting random seed for
kaslr.
The routines are platform specific, and use the virtio-rng device on
the platform to get random data.
The feature can be enabled through the following config
CONFIG_EFI_RNG_PROTOCOL
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Changed SPDX header to use /* instead of //.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For the RNG uclass we currently only have a test working on the sandbox.
Provide a command to test the hardware random number generator on
non-sandbox systems.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add a driver for the virtio-rng device on the qemu platform. The
device uses pci as a transport medium. The driver can be enabled with
the following configs
CONFIG_VIRTIO
CONFIG_DM_RNG
CONFIG_VIRTIO_PCI
CONFIG_VIRTIO_RNG
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add a unit test for testing the rng uclass functionality using the
sandbox rng driver.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Enable support for random number generator on sandbox configs. This is
aimed primarily at adding unit test support for rng uclass.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a sandbox driver for random number generation. Mostly aimed at
providing a unit test for rng uclass.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Enable support for the rng device on the stm32mp15 configs.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Acked-by: Patrick Delaunay <patrick.delaunay@st.com>
Add a driver for the rng device found on stm32mp1 platforms. The
driver provides a routine for reading the random number seed from the
hardware device.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Acked-by: Patrick Delaunay <patrick.delaunay@st.com>
Remove a superfluous blank line
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add an entry for allowing clock enablement for the random number
generator peripheral, RNG1.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Acked-by: Patrick Delaunay <patrick.delaunay@st.com>
Add a uclass for reading a random number seed from a random number
generator device.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
This test verifies the implementation of the 'bootm' extension that
handles UEFI binaries inside FIT images (enabled via CONFIG_BOOTM_EFI).
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This patch adds a new section "Launching a UEFI binary from a FIT image"
documenting the usage of the CONFIG_BOOTM_EFI extension to bootm command
that offers a verified boot alternative for UEFI binaries such as GRUB2.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This patch adds an example FIT image description file demonstrating
the usage of bootm command to securely launch UEFI binaries.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add support for booting EFI binaries contained in FIT images.
A typical usage scenario is chain-loading GRUB2 in a verified
boot environment.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add a new OS type to be used for chain-loading an EFI compatible
firmware or boot loader like GRUB2, possibly in a verified boot
scenario.
Bellow is sample ITS file that generates a FIT image supporting
secure boot. Please note the presence of 'os = "efi";' line, which
identifies the currently introduced OS type:
/ {
#address-cells = <1>;
images {
efi-grub {
description = "GRUB EFI";
data = /incbin/("bootarm.efi");
type = "kernel_noload";
arch = "arm";
os = "efi";
compression = "none";
load = <0x0>;
entry = <0x0>;
hash-1 {
algo = "sha256";
};
};
};
configurations {
default = "config-grub";
config-grub {
kernel = "efi-grub";
signature-1 {
algo = "sha256,rsa2048";
sign-images = "kernel";
};
};
};
};
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When we hit a matching GUID we can directly return the text. There is no
need for a check after the loop.
efi_guid_t is defined as 8 byte aligned but GUIDs in packed structures do
not follow this alignment. Do not require the argument of get_guid_text()
to be correctly aligned.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Of all warning status codes up to now only EFI_WARN_DELETE_FAILURE is
defined.
The patch adds the missing definitions for later usage.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When be launch a binary via bootefi the bootargs environment variable is
used to set the load options in the loaded image protocol.
Free memory allocated for load options when the UEFI binary exits.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add guidcpy function to copy the source guid to the destination
guid. Use this function instead of memcpy for copying to the
destination guid.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Use void * instead of efi_guid_t * for arguments to allow copying unaligned
GUIDs. The GUIDs of configuration tables are __packed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
U-Boot can be compiled with function tracing enabled.
When compiling with FTRACE __cyg_profile_func_enter() is called when a
function is entered and __cyg_profile_func_exit() when the function is
left.
To avoid a crash we have to define these function for the free-standing
UEFI binaries.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add a comment indicating that the value of GPT_HEADER_SIGNATURE_UBOOT
equals the ASCII string 'EFI PART'.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
On a VT100 terminal <ESC>[2J should be enough to both clear the whole
screen and set the cursor to position (1, 1). But the Linux console does
not behave like this. So send an extra <ESC>[H. For reference see the
console_codes(4) man page.
Add a function description.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add the following file to .gitignore
efi_miniapp_file_image_exception.h
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Use efi_miniapp_*.h instead of file enumeration.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Use a pointer to addressable memory instead of a "physical" address in the
virtual address space of the sandbox to efi_install_fdt().
Export the efi_install_fdt() function.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If the bootefi command is called without passing the address of a device
tree, the internal device tree is used. For devices with a hardware device
tree it is preferable to used the hardware device tree in this case.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
As part of moving the parsing of command line arguments to do_bootefi()
call efi_install_fdt() with the address of the device tree instead of a
string.
If the address is EFI_FDT_USE_INTERNAL (= 0), the internal device tree
is used.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When the GetInfo() method of the EFI_FILE_PROTOCOL is called to retrieve
the file system info we claim that the volume is read only and has no free
space. This leads to failures in programs that check this information
before writing to the volume like SCT's InstallSct.efi.
Currently there is no function to determine these parameters in U-Boot. So
let's return optimistic values:
Return that the volume is writable.
Return the volume size as free space.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
UEFI applications like GRUB and SCT assume that function keys are enabled
on the keyboard.
Let EFI_LOADER imply USB_KEYBOARD_FN_KEYS.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The index (IMAGE_DIRECTORY_ENTRY_SECURITY) in a table points to
a region containing authentication information (image's signature)
in PE format.
WIN_CERTIFICATE structure defines an embedded signature format.
Those definitions will be used in my UEFI secure boot patch.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Consider the following test sample:
@pytest.mark.buildconfigspec('fit')
@pytest.mark.notbuildconfigspec('generate_acpi_table')
def test_sample(u_boot_console):
Whatever the argument of the 'notbuildconfigspec' is,
the test ends up being skipped with the message:
('/uboot/test/py/conftest.py', 463,
'Skipped: .config feature "fit" enabled')
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>