This fixes CVE-2018-18439 ("insufficient boundary checks in network
image boot") by using lmb to check for a valid range to store
received blocks.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
[trini: Always build lib/lmb.o on LMB and lib/fdtdec.o on OF_LIBFDT]
Signed-off-by: Tom Rini <trini@konsulko.com>
boot_fdt_add_mem_rsv_regions() adds reserved memory sections to an lmb
struct. Currently, it only parses regions described by /memreserve/
entries.
Extend this to the more commonly used scheme of the "reserved-memory"
node.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add the dollar_complete() function to auto-complete arguments starting
with a '$' and use it in the cmd_auto_complete() path such that all
args starting with a $ can be auto-completed based on the available env
vars.
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
[trini: Fix some linking problems]
Signed-off-by: Tom Rini <trini@konsulko.com>
The CRC16-CCITT checksum function is useful for space-constrained
applications (such as obtaining a checksum across a 2KBit or 4KBit
EEPROM) in boot applications. It has not been accessible from boot
scripts until now (due to not having a dedicated command and not being
supported by the hash infrstructure) limiting its applicability
outside of custom commands.
This adds the CRC16-CCITT (poly 0x1021, init 0x0) algorithm to the
list of available hashes and adds a new crc16_ccitt_wd_buf() to make
this possible.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[trini: Fix building crc16.o for SPL/TPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
We should not make anything in lib/efi_selftest if
CONFIG_CMD_BOOTEFI_SELFTEST is not defined.
We can make that test in lib/Makefile
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In some cases U-Boot is compressed and it is useful to be able to
decompress it in SPL. Add a Kconfig and Makefile change to allow this.
Note that this does not actually implement decompression.
Signed-off-by: Simon Glass <sjg@chromium.org>
Introduce CONFIG_IMAGE_SPARSE and CONFIG_CMD_MMC_SWRITE so the "mmc
swrite" command is separated from the fastboot code.
Move image-sparse from common to lib so it's clear it's library code.
Rename CONFIG_FASTBOOT_FLASH_FILLBUF_SIZE to CONFIG_IMAGE_SPARSE_FILLBUF_SIZE
and migrate it to Kconfig.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Acked-by: Jassi Brar <jaswinder.singh@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Choice between v1 and v2 compliant functions is done with the
configuration.
Create the various files that will receive TPMv2-only code on the same
scheme as for the TPMv1 code.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There are no changes in this commit but a new organization of the code
as follow.
* cmd/ directory:
> move existing code from cmd/tpm.c in cmd/tpm-common.c
> move specific code in cmd/tpm-v1.c
> create a specific header file with generic definitions for
commands only called cmd/tpm-user-utils.h
* lib/ directory:
> move existing code from lib/tpm.c in lib/tpm-common.c
> move specific code in lib/tpm-v1.c
> create a specific header file with generic definitions for
the library itself called lib/tpm-utils.h
* include/ directory:
> move existing code from include/tpm.h in include/tpm-common.h
> move specific code in include/tpm-v1.h
Code designated as 'common' is compiled if TPM are used. Code designated
as 'specific' is compiled only if the right specification has been
selected.
All files include tpm-common.h.
Files in cmd/ include tpm-user-utils.h.
Files in lib/ include tpm-utils.h.
Depending on the specification, files may include either (not both)
tpm-v1.h or tpm-v2.h.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Fix a few more cases of tpm.h -> tpm-v1.h, some Kconfig logic]
Signed-off-by: Tom Rini <trini@konsulko.com>
Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a
command or a library function that it is supported by the right
revision.
Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
files by "tpm2_" to make the distinction without moving everything.
The Kconfig menu about TPM drivers is now divided into two sections, one
for each specification. Compliant drivers with one specification will
only show up if this specification _only_ has been selected, otherwise a
comment is displayed.
Once a driver is selected by the user, it selects automatically a
boolean value, that is needed in order to activate the TPM commands.
Selecting the TPM commands will automatically select the right
command/library files.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Rework deps as TPM_V1 and TPM_V2 depend on TPM,
drop TPM_DRIVER_SELECTED]
Signed-off-by: Tom Rini <trini@konsulko.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
When SPL serial is disabled, callers who need sprintf or strtoul fail
because their inclusion is guarded by CONFIG_SPL_SERIAL_SUPPORT/
CONFIG_TPL_SERIAL_SUPPORT.
Split printf, sprintf and strto into their own entries and then select
all of them if SERIAL_SUPPORT is enabled to match the current behaviour.
Include panic.o unconditionally as it can be called from anywhere which
uses BUG_ON().
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
This patch adds code to lib to enable sharing of useful OPTEE code between
board-ports and architectures. The code on lib/optee/optee.c comes from the
TI omap2 port. Eventually the OMAP2 code will be patched to include the
shared code. The intention here is to add more useful OPTEE specific code
as more functionality gets added.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Tested-by: Peng Fan <peng.fan@nxp.com>
This patch provides
* a uclass for EFI drivers
* a EFI driver for block devices
For each EFI driver the uclass
* creates a handle
* adds the driver binding protocol
The uclass provides the bind, start, and stop entry points for the driver
binding protocol.
In bind() and stop() it checks if the controller implements the protocol
supported by the EFI driver. In the start() function it calls the bind()
function of the EFI driver. In the stop() function it destroys the child
controllers.
The EFI block driver binds to controllers implementing the block io
protocol.
When the bind function of the EFI block driver is called it creates a
new U-Boot block device. It installs child handles for all partitions and
installs the simple file protocol on these.
The read and write functions of the EFI block driver delegate calls to the
controller that it is bound to.
A usage example is as following:
U-Boot loads the iPXE snp.efi executable. iPXE connects an iSCSI drive and
exposes a handle with the block IO protocol. It calls ConnectController.
Now the EFI block driver installs the partitions with the simple file
protocol.
iPXE uses the simple file protocol to load Grub or the Linux Kernel.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: add comment on calloc len]
Signed-off-by: Alexander Graf <agraf@suse.de>
A testing framework for the EFI API is provided.
It can be executed with the 'bootefi selftest' command.
It is coded in a way that at a later stage we may turn it
into a standalone EFI application. The current build system
does not allow this yet.
All tests use a driver model and are run in three phases:
setup, execute, teardown.
A test may be setup and executed at boottime,
it may be setup at boottime and executed at runtime,
or it may be setup and executed at runtime.
After executing all tests the system is reset.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In order to display the company's logo via the API of DM_VIDEO,
and add the logo files of both Atmel and Microchip.
Signed-off-by: Wenyou Yang <wenyou.yang@microchip.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add Kconfig option SPL_GZIP and SPL_ZLIB to enable gunzip support for
SPL boot, eg. falcon boot compressed kernel image.
Signed-off-by: York Sun <york.sun@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This splits the compilation of code modules for TPL and SPL for
OF_CONTROL (and related) features between TPL and SPL. The typical
use-case of this is a TPL stage that uses OF_PLATDATA at TPL and
provides full OF_CONTROL at SPL (e.g. on the RK3368).
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
This function converts the flat device tree into a hierarchical one with
C structures and pointers. This is easier to access.
Signed-off-by: Simon Glass <sjg@chromium.org>
Commit 94e3c8c4fd ("crypto/fsl - Add progressive hashing support
using hardware acceleration.") created entries for CONFIG_SHA1,
CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and CONFIG_SHA_PROG_HW_ACCEL.
However, no defconfig has migrated to it. Complete the move by first
adding additional logic to various Kconfig files to select this when
required and then use the moveconfig tool. In many cases we can select
these because they are required to implement other drivers. We also
correct how we include the various hashing algorithms in SPL.
This commit was generated as follows (after Kconfig additions):
[1] tools/moveconfig.py -y SHA1 SHA256 SHA_HW_ACCEL
[2] tools/moveconfig.py -y SHA_PROG_HW_ACCEL
Note:
We cannot move SHA_HW_ACCEL and SHA_PROG_HW_ACCEL simultaneously
because there is dependency between them.
Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Chander Kashyap <k.chander@samsung.com>
Cc: Steve Rae <steve.rae@raedomain.com>
Cc: Dirk Eibach <eibach@gdsys.de>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Akshay Saraswat <akshay.s@samsung.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
We will need the SMBIOS generation function on ARM as well going forward,
so let's move it into a non arch specific location.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We need the checksum function without all the other table functionality
soon, so let's split it out into its own C file.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
By default saveenv option is not supported for SPL. This patch
enable the support for save environment variable for SPL build.
Enable save environment support in SPL after setenv. By default
the saveenv option is not provided in SPL, but some boards need
this support in 'Falcon' boot, where SPL need to boot from
different images based on environment variable set by OS. For
example OS may set "reboot_image" environment variable to
"recovery" inorder to boot recovery image by SPL. The SPL read
"reboot_image" and act accordingly and change the reboot_image
to default mode using setenv and save the environemnt.
Signed-off-by: Ravi Babu <ravibabu@ti.com>
Reviewed-by: Simon Glass <sig@chromium.org>
change in v1:
- dropped SUPPORT, use CONFIG_SPL_SAVEENV
- updates the comments in mmc_private.h
At present TPL uses the same options as SPL support. In a few cases the board
config enables or disables the SPL options depending on whether
CONFIG_TPL_BUILD is defined.
With the move to Kconfig, options are determined for the whole build and
(without a hack like an #undef in a header file) cannot be controlled in this
way.
Create new TPL options for these and update users. This will allow Kconfig
conversion to proceed for these boards.
Signed-off-by: Simon Glass <sjg@chromium.org>
We cannot access the device tree in this case, so avoid compiling in the
various device-tree helper functions.
Signed-off-by: Simon Glass <sjg@chromium.org>
This allows a board to configure verified boot within the SPL using
a FIT or FIT with external data. It also allows the SPL to perform
signature verification without needing relocation.
The board configuration will need to add the following feature defines:
CONFIG_SPL_CRYPTO_SUPPORT
CONFIG_SPL_HASH_SUPPORT
CONFIG_SPL_SHA256
In this example, SHA256 is the only selected hashing algorithm.
And the following booleans:
CONFIG_SPL=y
CONFIG_SPL_DM=y
CONFIG_SPL_LOAD_FIT=y
CONFIG_SPL_FIT=y
CONFIG_SPL_OF_CONTROL=y
CONFIG_SPL_OF_LIBFDT=y
CONFIG_SPL_FIT_SIGNATURE=y
Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Acked-by: Andreas Dannenberg <dannenberg@ti.com>
Acked-by: Sumit Garg <sumit.garg@nxp.com>
When setting up a DDR controller it is useful to be able to display
frequencies in a readable form. Make the strmhz() function available in
SPL builds provided there is full vsprintf available.
Reviewed-by: Tony O'Brien <tony.obrien@alliedtelesis.co.nz>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Now that we have all the bits and pieces ready for EFI payload loading
support, hook them up in Makefiles and KConfigs so that we can build.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
[trini: Enable only when we of OF_LIBFDT, disable on kwb and colibri_pxa270]
Signed-off-by: Tom Rini <trini@konsulko.com>
Add an option to enable libfdt in SPL. This can be useful when decoding
FIT files in SPL.
We need to make sure this option is not enabled in SPL by this change.
Also this option needs to be enabled in host builds. Si add a new
IMAGE_USE_LIBFDT #define which can be used in files that are built on the
host but must also build for U-Boot and SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
If BUILD_TAG is part of KBUILD_CFLAGS, then any time the value changes,
all files get rebuilt. In a continuous integration environment, the value
will change every build. This wastes time, assuming that incremental
builds would otherwise occur.
To solve this, remove BUILD_TAG from KBUILD_CFLAGS and add it to CFLAGS
for just the one file that uses it. This does have the disadvantage that
if any other files want to use the flag, we'll need to duplicate this
custom CFLAGS setup logic. However, it seems unlikely we'll need this.
An alternative would be to add BUILD_TAG to the "local version" and remove
the special case code from display_options.c. However, that would affect
the format of the U-Boot signon message, which may negatively affect
people looking for specific data there. The approach of using
file-specific CFLAGS was suggested by Masahiro Yamada.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Simon Glass <sjg@chromium.org>
To allow the various string to number conversion functions to be used
when using tiny-printf,split them out into their own file which gets
build regardless of what printf implementation is used.
Signed-off-by: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
To allow panic and panic_str to still be used when using tiny-printf,
split them out into their own file which gets build regardless of what
printf implementation is used.
Signed-off-by: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
This patch adds a small printf() version that supports all basic formats.
Its intented to be used in U-Boot SPL versions on platforms with very
limited internal RAM sizes.
To enable it, just define CONFIG_USE_TINY_PRINTF in your defconfig. This
will result in the SPL using this tiny function and the main U-Boot
still using the full-blown printf() function.
This code was copied from:
http://www.sparetimelabs.com/printfrevisited
With mostly only coding style related changes so that its checkpatch
clean.
The size reduction is about 2.5KiB. Here a comparison for the db-mv784mp-gp
(Marvell AXP) SPL:
Without this patch:
58963 18536 1928 79427 13643 ./spl/u-boot-spl
With this patch:
56542 18536 1956 77034 12cea ./spl/u-boot-spl
Note:
To make it possible to compile tiny-printf.c instead of vsprintf.c when
CONFIG_USE_TINY_PRINTF is defined, the functions printf() and vprintf() are
moved from common/console.c into vsprintf.c in this patch.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Hans de Goede <hdegoede@redhat.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Albert Aribaud <albert.u.boot@aribaud.net>
This will be used to support console recording. It provides for a circular
buffer which can be written at the head and read from the tail. It supports
avoiding data copying by providing raw access to the data.
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch adds support for LZ4-compressed FIT image contents. This
algorithm has a slightly worse compression ration than LZO while being
nearly twice as fast to decompress. When loading images from a fast
storage medium this usually results in a boot time win.
Sandbox-tested only since I don't have a U-Boot development system set
up right now. The code was imported unchanged from coreboot where it's
proven to work, though. I'm mostly interested in getting this recognized
by mkImage for use in a downstream project.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
We have flipped CONFIG_SPL_DISABLE_OF_CONTROL. We have cleansing
devices, $(SPL_) and CONFIG_IS_ENABLED(), so we are ready to clear
away the ugly logic in include/fdtdec.h:
#ifdef CONFIG_OF_CONTROL
# if defined(CONFIG_SPL_BUILD) && !defined(SPL_OF_CONTROL)
# define OF_CONTROL 0
# else
# define OF_CONTROL 1
# endif
#else
# define OF_CONTROL 0
#endif
Now CONFIG_IS_ENABLED(OF_CONTROL) is the substitute. It refers to
CONFIG_OF_CONTROL for U-boot proper and CONFIG_SPL_OF_CONTROL for
SPL.
Also, we no longer have to cancel CONFIG_OF_CONTROL in
include/config_uncmd_spl.h and scripts/Makefile.spl.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Linus Walleij <linus.walleij@linaro.org>
As we discussed a couple of times, negative CONFIG options make our
life difficult; CONFIG_SYS_NO_FLASH, CONFIG_SYS_DCACHE_OFF, ...
and here is another one.
Now, there are three boards enabling OF_CONTROL on SPL:
- socfpga_arria5_defconfig
- socfpga_cyclone5_defconfig
- socfpga_socrates_defconfig
This commit adds CONFIG_SPL_OF_CONTROL for them and deletes
CONFIG_SPL_DISABLE_OF_CONTROL from the other boards to invert
the logic.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When running as an EFI application, U-Boot must request memory from EFI,
and provide access to the boot services U-Boot needs.
Add library code to perform these tasks. This includes efi_main() which is
the entry point from EFI. U-Boot is built as a shared library.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add an implementation of RC4. This will be used by Rockchip booting but may
be useful in other situations.
Signed-off-by: Simon Glass <sjg@chromium.org>
This bloats the code size quite a bit and is less useful in SPL where there
is no command line.
Avoid including this code in SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
Drystone provides a convenient sanity check that the CPU is running at full
speed. Add this as a command which can be enabled as needed.
Note: I investigated using Coremark for this but there was a license
agreement and I could not work out if it was GPL-compatible.
Signed-off-by: Simon Glass <sjg@chromium.org>