Commit graph

5589 commits

Author SHA1 Message Date
Andy Shevchenko
eb5fd9e46c usb: kbd: destroy device after console is stopped
In case of IOMUX enabled it assumes that console devices in the list
are available to get them stopped properly via ->stop() callback.
However, the USB keyboard driver violates this assumption and tries
to play tricks so the device get destroyed while being listed as
an active console.

Swap the order of device deregistration and IOMUX update along with
converting to use iomux_replace_device() jelper to avoid the use-after-free.

Fixes: 3cbcb28928 ("usb: Fix usb_kbd_deregister when console-muxing is used")
Fixes: 8a83487030 ("dm: usb: Add a remove() method for USB keyboards")
Reported-by: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:08 -05:00
Andy Shevchenko
694cd5618c IOMUX: Introduce iomux_replace_device()
Some console devices may appear or disappear at run time. In order to
support such a hotplug mechanism introduce a new iomux_replace_device()
helper to update the list of devices without altering environment.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:08 -05:00
Andy Shevchenko
400797cad3 IOMUX: Split out for_each_console_dev() helper macro
It is not only less lines of code, but also better readability
when new macro is being in use. Introduce for_each_console_dev()
helper macro and convert current users to it.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:08 -05:00
Andy Shevchenko
b672c1619b IOMUX: Split out iomux_match_device() helper
Deduplicate the code used in a few places by splitting out a common helper.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:08 -05:00
Andy Shevchenko
658d6c5836 IOMUX: Switch to use stdio_file_to_flags()
Deduplicate code by replacing with stdio_file_to_flags() helper.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:08 -05:00
Andy Shevchenko
09d8f07762 console: Set file and devices at one go
Logical continuation of the change that brought console_devices_set() is
to unify console_setfile() with it and replace in the callers.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:07 -05:00
Andy Shevchenko
20a7d35148 console: Set console device counter in console_devices_set()
console_devices_set() missed the console device counter to be set correctly.

Fixes: 45375adc97 ("console: add function console_devices_set")
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:07 -05:00
Andy Shevchenko
7b9ca3f89c console: Switch to use stdio_file_to_flags()
Deduplicate code by replacing with stdio_file_to_flags() helper.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:07 -05:00
Andy Shevchenko
d9b0ac90ba stdio: Introduce a new helper stdio_file_to_flags()
Let's deduplicate existing copies by splitting off to a new helper.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:07 -05:00
Andy Shevchenko
99cb2b996b stdio: Split out nulldev_register() and move it under #if
It's possible that NULLDEV can be disabled while it makes leftovers,
move entire device under #if.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:07 -05:00
Andy Shevchenko
c090e8f236 stdio: Get rid of dead code, i.e. stdio_deregister()
Nobody is using stdio_deregister(), remove for good.

Note, even its parameters are not consistent with stdio_register().
So, if anyone want to introduce this again, better with some consistency.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
2021-02-16 11:16:07 -05:00
Simon Glass
3f04db891a image: Check for unit addresses in FITs
Using unit addresses in a FIT is a security risk. Add a check for this
and disallow it.

CVE-2021-27138

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 22:31:54 -05:00
Simon Glass
6f3c2d8aa5 image: Add an option to do a full check of the FIT
Some strange modifications of the FIT can introduce security risks. Add an
option to check it thoroughly, using libfdt's fdt_check_full() function.

Enable this by default if signature verification is enabled.

CVE-2021-27097

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 22:31:53 -05:00
Simon Glass
c5819701a3 image: Adjust the workings of fit_check_format()
At present this function does not accept a size for the FIT. This means
that it must be read from the FIT itself, introducing potential security
risk. Update the function to include a size parameter, which can be
invalid, in which case fit_check_format() calculates it.

For now no callers pass the size, but this can be updated later.

Also adjust the return value to an error code so that all the different
types of problems can be distinguished by the user.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 22:31:52 -05:00
Simon Glass
79af75f777 fit: Don't allow verification of images with @ nodes
When searching for a node called 'fred', any unit address appended to the
name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This
means that we cannot be sure that the node originally intended is the one
that is used.

Disallow use of nodes with unit addresses.

Update the forge test also, since it uses @ addresses.

CVE-2021-27138

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 19:17:25 -05:00
Simon Glass
8a7d4cf982 fdt_region: Check for a single root node of the correct name
At present fdt_find_regions() assumes that the FIT is a valid devicetree.
If the FIT has two root nodes this is currently not detected in this
function, nor does libfdt's fdt_check_full() notice. Also it is possible
for the root node to have a name even though it should not.

Add checks for these and return -FDT_ERR_BADSTRUCTURE if a problem is
detected.

CVE-2021-27097

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 19:17:18 -05:00
Simon Glass
401d1c4f5d common: Drop asm/global_data.h from common header
Move this out of the common header and include it only where needed.  In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly.   Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-02-02 15:33:42 -05:00
Ravik Hasija
7a01882eb3 common: Kconfig.boot: Add FIT_PRINT config option
Config allows to disable printing contents of fitImage to optimize boottime.

Signed-off-by: Ravik Hasija <rahasij@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-02-01 16:32:06 -05:00
Simon Glass
86c372af1a x86: spl: Add a function to find the text base
It is useful to know the TEXT_BASE value for the image being loaded in
TPL/SPL. Add a new spl_get_image_text_base() function to handle this.

Make use of this in the x86 SPL handler, instead of having the logic
there.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-02-01 15:11:41 +08:00
Marek Szyprowski
9129f2f164 dfu: add support for the dfu_alt_info reintialization from the flashed script
Reinitialize DFU USB gadget after flashing the 'SCRIPT' entity to ensure
that the potential changes to the 'dfu_alt_info' environment variable are
applied.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
[lukma - I've moved the bool retry to avoid build (CI) errors]
2021-01-31 14:08:56 +01:00
Heinrich Schuchardt
9c3808deba avb: AVB_VERIFY depends on MMC
AVB Verified Boot uses functions related to MMC.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io>
2021-01-29 10:36:48 -05:00
Yuezhang.Mo@sony.com
e088f0c3d8 autoboot: fix illegal memory access when stop key and delay key are empty
If both stop key and delay key are empty, the length of these
keys is 0. The subtraction operation will cause the u_int type
variable to overflow, will cause illegal memory access in key
input loop.

This commit fixes this bug by using int type instead of u_init.
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-27 17:07:48 -05:00
Simon Glass
02d7a53ce6 bloblist: Add missing tag names
Add tag names for recently added types.

Fixes: d2cb7a22da (x86: Allow putting some tables in the bloblist)
Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
9fe064646d bloblist: Support relocating to a larger space
Typically in TPL/SPL the bloblist is quite small. But U-Boot proper may
want to add a lot more to it, such as ACPI tables.

Add a way to expand the bloblist by relocating it in U-Boot proper, along
with the other relocation activities.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Simon Glass
09d9ba9097 spl: Add functions for next and previous phase
It is useful to be able to figure out which phase we are loading next and
which phase we came from. Add some functions to handle this as well as
returning the name of a phase. This allows messages like "Booting to x"
where x is the next phase.

At present, TPL says 'Jumping to U-Boot' at the end, when in fact it is
jumping to SPL. This is confusing, so use the new functions to correct
this.

Tests for this will come with an upcoming minor SPL test refactor.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Alexandru Gagniuc
76c78a5481 common: fit-sig: Fix error message in fit_config_verify_sig()
In fit_config_verify_sig(), when no 'signature*' subnode exists in
the configuration node, the fdt_for_each_subnode() loop is a no-op.
Therefore, no error flags are set, and 'err_,sg' is not populated
with an error string. This is incorrect behavior.

Populate err_msg to indicate that no 'signature' is found, before
entering the loop. The first call to fit_image_verify_sig() will
override clear err_msg, or set it to a more specific message.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-27 17:03:16 -05:00
Philippe Reynes
4d145f26dd bootcount: allow to use this feature on TPL
This commit add an option TPL_BOOTCOUNT_LIMIT to
use bootcount on TPL.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-27 16:58:57 -05:00
Andre Przywara
c0b417b2f1 sunxi: support loading with SPL > 32KB
H616 supports and needs bigger SPL than 32 KiB, mostly due to big DRAM
driver and need for PMIC configuration, which pulls several drivers which
are not needed otherwise.

spl_mmc_get_uboot_raw_sector() will now compare pre-configured size with
that, reported in SPL header. If size in header is bigger, it will use
that value instead.

In the process of function rework, also add missing function argument.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Jernej Skrabec <jernej.skrabec@siol.net>
Reviewed-by: Samuel Holland <samuel@sholland.org>
2021-01-25 21:52:00 +00:00
Jernej Skrabec
44726096cf sunxi: Introduce common symbol for H6 like SoCs
It turns out that there are at least 2 other SoCs which have basically
the same memory map, similar clocks and other features as H6. It's very
likely that we'll see more such SoCs in the future. In order to ease
porting to new SoCs and lower ifdef clutter, introduce common symbol for
them.

Signed-off-by: Jernej Skrabec <jernej.skrabec@siol.net>
Reviewed-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2021-01-25 21:52:00 +00:00
Joel Stanley
93af80f3e8 image-fit: Fix FIT_CIPHER linking
When CONFIG_FIT_CIPHER=y and CONFIG_FIT_SIGNATURE=n is there is no
implementation of image_get_host_blob for mkimage/dumpimage:

 /usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
 image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'

Move the implementation to a common file so it can be shaed between
image-cipher.c and image-fit-sig.c.

Signed-off-by: Joel Stanley <joel@jms.id.au>
2021-01-22 16:17:52 -05:00
Peng Fan
52e77726ef common: Makefile: drop duplicated line
obj-$(CONFIG_$(SPL_TPL_)YMODEM_SUPPORT) += xyzModem.o is there,
no need obj-$(CONFIG_SPL_YMODEM_SUPPORT) += xyzModem.o

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-16 14:49:09 -05:00
Patrick Delaunay
449efce69a console: cosmetics: remove #if 0
Remove the #if 0 present since the first version of console.c

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-16 14:49:09 -05:00
Heinrich Schuchardt
7cf5b4053b common: always compile fixup_cmdtable()
With our optimization settings the linker eliminates unused functions.

But for debugging it is better to compile with -Og or -O0. With -O0
compiling the sandbox fails due to the missing function fixup_cmdtable()
called by dm_reloc() and others.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-16 14:49:09 -05:00
Philippe Reynes
c61b2bf30c common: spl: spl_fit.c: report an error on hash check fail
When the hash check fails on a loadable image, the SPL/TPL simply
jump to the next one. This commit changes this behaviour, when the
hash check fails on a loadable image, the function spl_load_simple_fit
stops and report an error.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-16 14:49:09 -05:00
Steve Bennett
d2e64d29c4 cli_readline: Only insert printable chars
There should be no need to insert non-printable characters
and this prevents line editing getting confused.

Signed-off-by: Steve Bennett <steveb@workware.net.au>
2021-01-16 14:49:09 -05:00
Joel Peshkin
652b504ff2 Add optional salt to AUTOBOOT_STOP_STR_SHA256
Adds an optional SALT value to AUTOBOOT_STOP_STR_SHA256.   If a string
followed by a ":" is prepended to the sha256, the portion to the left
of the colon will be used as a salt and the password will be appended
to the salt before the sha256 is computed and compared.

Signed-off-by: Joel Peshkin <joel.peshkin@broadcom.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Patrick Delaunay <patrick.delaunay@st.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Joel Peshkin <joel.peshkin@broadcom.com>
To: u-boot@lists.denx.de
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
2021-01-16 14:49:09 -05:00
Andy Shevchenko
70c2525c0d IOMUX: Stop dropped consoles
When at some point environment shrinks we need to stop dropped devices.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:38:00 -05:00
Andy Shevchenko
420782c45b IOMUX: Drop indentation level by removing redundant 'else'
Obviously the following has unnecessary indentation level in 'else' branch.

	if (foo) {
		...
		return;
	} else {
		...
	}

Drop indentation level by removing redundant 'else'.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:38:00 -05:00
Andy Shevchenko
c939e1ca5d IOMUX: Refactor iomux_doenv() in order to increase readability
Refactor iomux_doenv() a bit in order to increase readability.
There is no change in code generation on x86.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:38:00 -05:00
Andy Shevchenko
1f8e6985db IOMUX: Preserve console list if realloc() fails
It's realloc() 101 to avoid `foo = realloc(foo, ...);` call
due to getting a memory leak.

Actually it's not clear why realloc() has been used here.
If we shrink the array, the memcpy() overwrites it anyway
with the contents of a new array. If it becomes bigger,
same story.

Drop useless realloc() for good and thus preserve console list
in case of failed allocation.

Fixes: 16a28ef219 ("IOMUX: Add console multiplexing support.")
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:38:00 -05:00
Andy Shevchenko
3232487daf console: rename search_device() to console_search_dev()
Rename search_device() to console_search_dev() since it's in console.h.

Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:38:00 -05:00
Andy Shevchenko
95aaf40254 console: Keep ->start() and ->stop() balanced
There is no need to call ->start() for already started device. All the same,
there is no need to call ->stop() for devices still in use.

For now enforce this only for IOMUX case.

Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:37:03 -05:00
Andy Shevchenko
41f668b97c console: Introduce console_start() and console_stop()
In the future we would like to stop unused consoles and
also add a reference counting to avoid imbalanced calls
to ->start() and ->stop() in some cases.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Patrick Delaunay
a17b38ce39 console: add console_has_tstc helper function for CONSOLE_MUX
Add the helper function console_has_tstc() and replace the test
#if CONFIG_IS_ENABLED(CONSOLE_MUX) to a simple 'if' test to
respect the U-Boot coding rule.

No functional change.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Patrick Delaunay
1e993710e8 console: remove #ifdef CONFIG_CONSOLE_RECORD
Add helper functions to access to gd->console_out and gd->console_in
with membuff API and replace the #ifdef CONFIG_CONSOLE_RECORD test
by if (IS_ENABLED(CONFIG_CONSOLE_RECORD)) to respect the U-Boot
coding rule.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Patrick Delaunay
45375adc97 console: add function console_devices_set
Add a new function to access to console_devices only defined if
CONFIG_IS_ENABLED(CONSOLE_MUX).

This path allows to remove #if CONFIG_IS_ENABLED(CONSOLE_MUX)
in console_getc function.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-01-15 14:36:12 -05:00
Patrick Delaunay
c04f856822 console: remove #ifdef CONFIG when it is possible
Remove #ifdef or #ifndef for CONFIG when it is possible to simplify
the console.c code and respect the U-Boot coding rules.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
2a7c9ab479 spl: Kconfig: Add SPL dependency to CONFIG_HANDOFF
CONFIG_HANDOFF is used in u-boot proper to locate handoff info from SPL
during pre-relocation init (in setup_spl_handoff). Add explicit dependency
on CONFIG_SPL, to fix the following build error when CONFIG_HANDOFF &&
!CONFIG_SPL:

common/board_f.c: In function ‘setup_spl_handoff’:
common/board_f.c:283:4: error: ‘gd_t {aka struct global_data}’
has no member named ‘spl_handoff’
  gd->spl_handoff = bloblist_find(BLOBLISTT_SPL_HANDOFF,
    ^~

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
130845bac1 common: board_r: Drop arch-specific ifdefs around initr_trap
In order to remove the arch-specific ifdefs around initr_trap, introduce
arch_initr_trap weak initcall. Implementations for ppc/m68k/mips have
been moved to arch/<arch>/lib/traps.c

Default implementation is a nop stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
c65abc70fb common: board_r: Drop initr_bbmii wrapper
Add a return value to bb_miiphy_init and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
ce41e73523 common: board_r: Drop initr_api wrapper
Add a return value to api_init and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
0154858039 common: board_r: Drop initr_jumptable wrapper
Add a return value to jumptable_init and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
eb2825b79d common: board_r: Drop initr_xen wrapper
Add a return value to xen_init and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
42d0d4223f common: board_r: Drop initr_noncached wrapper
Add a return value to noncached_init and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
b9f6d0f7db common: board_r: Drop initr_pci wrapper
Add a return value to pci_init and use it directly in the post-relocation
init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
c343e8c0bf common: board_r: Drop initr_pci_ep wrapper
Add a return value to pci_ep_init and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:12 -05:00
Ovidiu Panait
7addd3c6df common: board_r: Drop initr_post_backlog wrapper
Add a return value to post_output_backlog and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
fb504b2c08 common: board_r: Drop initr_secondary_cpu wrapper
Add a return value to cpu_secondary_init_r and use it directly in the
post-relocation init sequence, rather than using a wrapper stub.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
51c5a2c5e4 common: board_r: Drop initr_console_record wrapper
Drop initr_console_record wrapper and call console_record_init directly.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
19b18daa29 common: board_f: Use IS_ENABLED(CONFIG_OF_EMBED) in reserve_fdt, reloc_fdt
Use IS_ENABLED(CONFIG_OF_EMBED) in instead of #ifdefs in reserve_fdt,
reloc_fdt functions.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
3671668676 common: board_f: Move setup_machine code to setup_bdinfo
setup_bdinfo is used to populate various bdinfo fields, so move
setup_machine code there, as all it does is setting
gd->bd->bi_arch_number.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
4b9a121fc6 common: board_f: Use IS_ENABLED(CONFIG_TIMER_EARLY) in initf_dm
Use IS_ENABLED(CONFIG_TIMER_EARLY) instead of #ifdef in initf_dm. Also,
move timer code to the main ifdef, so that ret is defined.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
8e8d45ee02 common: board_f: Drop initf_console_record wrapper
Drop initf_console_record wrapper and call console_record_init directly.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Ovidiu Panait
4e81920ba8 common: Kconfig: Introduce CONFIG_CONSOLE_RECORD_INIT_F
Currently, the following #ifdef construct is used to check whether to run
console_record_init() during pre-relocation init:
 defined(CONFIG_CONSOLE_RECORD) && CONFIG_VAL(SYS_MALLOC_F_LEN)

Introduce CONFIG_CONSOLE_RECORD_INIT_F Kconfig option to get rid of the
complex ifdef check. Also, use IS_ENABLED() instead of #ifdef.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Patrick Delaunay
c698b998bb log: call vsnprintf only when it is needed to emit trace
Reduce the log overhead when the traces are filtered,
by moving the vsnprintf call from _log() to log_dispatch().

This patch avoids the printf treatment when LOG features is
activated, but trace is filtered, for example when
MAX_LOG_LEVEL=8 and LOG_DEFAULT_LEVEL=6.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
2021-01-15 14:36:11 -05:00
Patrick Delaunay
bf80edb91a console: allow to record console output before ready
Allow to record the console output before before U-Boot
has a console ready.

This patch allows to test the console output in sandbox test
based on console record.

It is possible because GD_FLG_RECORD and GD_FLG_SERIAL_READY
are 2 independent flags.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Patrick Delaunay
93cdb52b2a console: remove duplicated test on gd value
Reorder test on gd value and remove the duplicated test (!gd)
in putc and puts function.

This patch is a preliminary step for rework of this function.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Patrick Delaunay
dd500134a4 log: use console puts to output trace before LOG init
Use the console puts functions to output the traces before
the log initialization (when CONFIG_LOG is not activated).

This patch allows to display the first U-Boot traces
(with macro debug) when CONFIG_DEBUG_UART is activated
and not only drop them.

For example for traces in board_f.c requested by the macro debug,
when LOG_DEBUG is defined and CONFIG_LOG is activated.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
2021-01-15 14:36:11 -05:00
Patrick Delaunay
f0e90e0ead log: don't build the trace buffer when log is not ready
Update _log function to drop any traces when log is yet initialized:
vsnprintf is no more executed in this case.

This patch allows to reduce the cost for the dropped early debug trace.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
2021-01-15 14:36:11 -05:00
Heinrich Schuchardt
ea1a9ec5f4 image-fit: fit_check_format check for valid FDT
fit_check_format() must check that the buffer contains a flattened device
tree before calling any device tree library functions.

Failure to do may cause segmentation faults.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-01-13 02:38:00 +01:00
Tom Rini
ee6726be4f Merge tag 'ti-v2021.04-rc1' of https://gitlab.denx.de/u-boot/custodians/u-boot-ti
- DM support for OMAP PWM backlight
- USB host mode support for AM654
- Minor SPI fixes
- Add support k2g ice board with 1GHz silicon
- Fix GTC programming for K3 devices
2021-01-12 09:32:48 -05:00
Dario Binacchi
d64b9cdcd4 fdt: translate address if #size-cells = <0>
The __of_translate_address routine translates an address from the
device tree into a CPU physical address. A note in the description of
the routine explains that the crossing of any level with
since inherited from IBM. This does not happen for Texas Instruments, or
at least for the beaglebone device tree. Without this patch, in fact,
the translation into physical addresses of the registers contained in the
am33xx-clocks.dtsi nodes would not be possible. They all have a parent
with #size-cells = <0>.

The CONFIG_OF_TRANSLATE_ZERO_SIZE_CELLS symbol makes translation
possible even in the case of crossing levels with #size-cells = <0>.

The patch acts conservatively on address translation, except for
removing a check within the of_translate_one function in the
drivers/core/of_addr.c file:

+
        ranges = of_get_property(parent, rprop, &rlen);
-       if (ranges == NULL && !of_empty_ranges_quirk(parent)) {
-               debug("no ranges; cannot translate\n");
-               return 1;
-       }
        if (ranges == NULL || rlen == 0) {
                offset = of_read_number(addr, na);
                memset(addr, 0, pna * 4);
		debug("empty ranges; 1:1 translation\n");

There are two reasons:
1 The function of_empty_ranges_quirk always returns false, invalidating
  the following if statement in case of null ranges. Therefore one of
  the two checks is useless.

2 The implementation of the of_translate_one function found in the
  common/fdt_support.c file has removed this check while keeping the one
  about the 1:1 translation.

The patch adds a test and modifies a check for the correctness of an
address in the case of enabling translation also for zero size cells.
The added test checks translations of addresses generated by nodes of
a device tree similar to those you can find in the files am33xx.dtsi
and am33xx-clocks.dtsi for which the patch was created.

The patch was also tested on a beaglebone black board. The addresses
generated for the registers of the loaded drivers are those specified
by the AM335x reference manual.

Signed-off-by: Dario Binacchi <dariobin@libero.it>
Tested-by: Dario Binacchi <dariobin@libero.it>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-12 10:58:05 +05:30
Andre Przywara
6d295099cc tools: mkimage: Add Allwinner eGON support
So far we used the separate mksunxiboot tool for generating a bootable
image for Allwinner SPLs, probably just for historical reasons.

Use the mkimage framework to generate a so called eGON image the
Allwinner BROM expects.
The new image type is called "sunxi_egon", to differentiate it
from the (still to be implemented) secure boot TOC0 image.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jernej Skrabec <jernej.skrabec@siol.net>
Reviewed-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-11 23:19:33 +00:00
Tom Rini
d71be19902 Merge branch 'next'
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-01-11 13:55:03 -05:00
Tom Rini
bc0b99bd8b Xilinx changes for v2021.04
arm64:
 - DT updates
 
 microblaze:
 - Add support for NOR device support
 
 spi:
 - Fix unaligned data write issue
 
 nand:
 - Minor code change
 
 xilinx:
 - Fru fix in limit calculation
 - Fill git repo link for all Xilinx boards
 
 video:
 - Add support for seps525 spi display
 
 tools:
 - Minor Vitis file support
 
 cmd/common
 - Minor code indentation fixes
 
 serial:
 - Uartlite debug uart initialization fix
 -----BEGIN PGP SIGNATURE-----
 
 iFsEABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCX/ROlgAKCRDKSWXLKUoM
 IRC5AIkBzg4Sz8fQgdCiOK89k7tdFKMAnA9SYhgm4TSCzffZCJwnm78QoGAC
 =4FnY
 -----END PGP SIGNATURE-----

Merge tag 'xilinx-for-v2021.04' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next

Xilinx changes for v2021.04

arm64:
- DT updates

microblaze:
- Add support for NOR device support

spi:
- Fix unaligned data write issue

nand:
- Minor code change

xilinx:
- Fru fix in limit calculation
- Fill git repo link for all Xilinx boards

video:
- Add support for seps525 spi display

tools:
- Minor Vitis file support

cmd/common
- Minor code indentation fixes

serial:
- Uartlite debug uart initialization fix
2021-01-06 07:57:33 -05:00
Simon Glass
38d6b7ebda spl: Drop bd_info in the data section
This uses up space in the SPL binary but it always starts as zero. Also
some boards cannot support data in TPL (e.g. Intel Apollo Lake).

Use malloc() to allocate this structure instead, by moving the init a
little later, after malloc() is inited. Make this function optional since
it pulls in malloc().

This reduces the TPL binary size on coral by about 64 bytes

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-05 12:24:40 -07:00
Sebastian Reichel
d8ab0fe5b5 image: support board_fit_config_name_match
Support reusing board_fit_config_name_match() to automatically
select a sensible default configuration for booting fitImages
using 'bootm'.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>
2021-01-05 08:21:48 -05:00
Sebastian Reichel
f14e6eec6c image: cleanup pre-processor usage
Replace most #ifdef checks for USE_HOSTCC and CONFIG_*
with normal if instructions.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>
2021-01-05 08:21:48 -05:00
Michal Simek
d91a652cfd common: usb_storage: Fix code indentation
Reported by smatch like:
common/usb_storage.c:430 us_one_transfer() warn: inconsistent indenting

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2021-01-04 10:51:26 +01:00
Hongwei Zhang
9883df1bbb Common:fdt: Check for error return value
Check for negative return value of fdt_noffset from calling
boot_get_fdt_fit().

Signed-off-by: Hongwei Zhang <hongweiz@ami.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-22 20:39:25 -07:00
Simon Glass
8a8d24bdf1 dm: treewide: Rename ..._platdata variables to just ..._plat
Try to maintain some consistency between these variables by using _plat as
a suffix for them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 16:51:09 -07:00
Simon Glass
c69cda25c9 dm: treewide: Rename dev_get_platdata() to dev_get_plat()
Rename this to be consistent with the change from 'platdata'.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 16:51:09 -07:00
Simon Glass
caa4daa2ae dm: treewide: Rename 'platdata' variables to just 'plat'
We use 'priv' for private data but often use 'platdata' for platform data.
We can't really use 'pdata' since that is ambiguous (it could mean private
or platform data).

Rename some of the latter variables to end with 'plat' for consistency.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 16:51:08 -07:00
Simon Glass
41575d8e4c dm: treewide: Rename auto_alloc_size members to be shorter
This construct is quite long-winded. In earlier days it made some sense
since auto-allocation was a strange concept. But with driver model now
used pretty universally, we can shorten this to 'auto'. This reduces
verbosity and makes it easier to read.

Coincidentally it also ensures that every declaration is on one line,
thus making dtoc's job easier.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-13 08:00:25 -07:00
Alexandru Gagniuc
03f1f78a9b spl: fit: Prefer a malloc()'d buffer for loading images
Fit images were loaded to a buffer provided by spl_get_load_buffer().
This may work when the FIT image is small and fits between the start
of DRAM and SYS_TEXT_BASE.

One problem with this approach is that the location of the buffer may
be manipulated by changing the 'size' field of the FIT. A maliciously
crafted FIT image could place the buffer over executable code and be
able to take control of SPL. This is unacceptable for secure boot of
signed FIT images.

Another problem is with larger FIT images, usually containing one or
more linux kernels. In such cases the buffer be be large enough so as
to start before DRAM (Figure I). Trying to load an image in this case
has undefined behavior.
For example, on stm32mp1, the MMC controller hits a RX overrun error,
and aborts loading.
    _________________
   |    FIT Image    |
   |                 |
  /===================\                        /=====================\
  ||      DRAM       ||                        |        DRAM         |
  ||                 ||                        |                     |
  ||_________________||  SYS_TEXT_BASE         | ___________________ |
  |                   |                        ||     FIT Image     ||
  |                   |                        ||                   ||
  | _________________ |  SYS_SPL_MALLOC_START  || _________________ ||
  ||  malloc() data  ||                        |||  malloc() data  |||
  ||_________________||                        |||_________________|||
  |                   |                        ||___________________||
  |                   |                        |                     |

        Figure I                                       Figure II

One possibility that was analyzed was to remove the negative offset,
such that the buffer starts at SYS_TEXT_BASE. This is not a proper
solution because on a number of platforms, the malloc buffer() is
placed at a fixed address, usually after SYS_TEXT_BASE. A large
enough FIT image could cause the malloc()'d data to be overwritten
(Figure II) when loading.

          /======================\
          |        DRAM          |
          |                      |
          |                      |   CONFIG_SYS_TEXT_BASE
          |                      |
          |                      |
          | ____________________ |   CONFIG_SYS_SPL_MALLOC_START
          ||   malloc() data    ||
          ||                    ||
          || __________________ ||
          |||    FIT Image     |||
          |||                  |||
          |||                  |||

                 Figure III

The solution proposed here is to replace the ad-hoc heuristics of
spl_get_load_buffer() with malloc(). This provides two advantages:
    * Bounds checking of the buffer region
    * Guarantees the buffer does not conflict with other memory

The first problem is solved by constraining the buffer such that it
will not overlap currently executing code. This eliminates the chance
of a malicious FIT being able to replace the executing SPL code prior
to signature checking.

The second problem is solved in conjunction with increasing
CONFIG_SYS_SPL_MALLOC_SIZE. Since the SPL malloc() region is
carefully crafted on a per-platform basis, the chances of memory
conflicts are virtually eliminated.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2020-12-07 17:40:34 -05:00
Simon Glass
51bb33846a bootm: Support string substitution in bootargs
In some cases it is necessary to pass parameters to Linux so that it will
boot correctly. For example, the rootdev parameter is often used to
specify the root device. However the root device may change depending on
whence U-Boot loads the kernel. At present it is necessary to build up
the command line by adding device strings to it one by one.

It is often more convenient to provide a template for bootargs, with
U-Boot doing the substitution from other environment variables.

Add a way to substitute strings in the bootargs variable. This allows
things like "rootdev=${rootdev}" to be used in bootargs, with the
${rootdev} substitution providing the UUID of the root device.

For example, to substitute the GUID of the kernel partition:

  setenv bootargs "console=/dev/ttyS0 rootdev=${uuid}/PARTNROFF=1
		kern_guid=${uuid}"
  part uuid mmc 2:2 uuid
  bootm

This is particularly useful when the command line from another place. For
example, Chrome OS stores the command line next to the kernel itself. It
depends on the kernel version being used as well as the hardware features,
so it is extremely difficult to devise a U-Boot script that works on all
boards and kernel versions. With this feature, the command line can be
read from disk and used directly, with a few substitutions set up.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 19:48:29 -05:00
Simon Glass
1a62d64c7d cli: Support macro processing with a fixed-size buffer
At present cli_simple_process_macros() requires that the caller provide
an output buffer that is exactly CONFIG_SYS_CBSIZE bytes in length. This
makes sense since it is designed to be used from the command line. But we
also want to use it for bootargs substitution.

Update the function to allow the caller to specify the buffer size. Also
return an error if the buffer is exhausted. The caller can ignore that if
preferred.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:10:01 -05:00
Simon Glass
4448fe8e4e bootm: Allow updating the bootargs in a buffer
At present we only support updating the 'bootargs' environment
variable. Add another function to update a buffer instead. This will
allow zimage to use this feature.

Also add a lot more tests to cover various cases.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
b3c01678fd bootm: Update bootm_process_cmdline_env() to use flags
At present only one transformation is supported: making the Linux console
silent. To prepare for adding more, convert the boolean parameter into a
flag value.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
b6386f3841 bootm: Split out bootargs environment reading / writing
At present bootm_process_cmdline_env() reads the 'bootargs' variable and
then writes it back afterwards. This is painful for tests, which would
rather use a simple buffer.

It is also useful for zimage to use a buffer, since it does not actually
put the Linux command line in the bootargs variable.

Refactor the existing code into two pieces. One handles reading and
writing the environment variable, as well as allocating a buffer for use
by the rest of the code, which now operates on a buffer.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
6cd92b1a7c bootm: Use size rather than length for CONSOLE_ARG
Use the size (including terminator) for in this function, rather than
the length. This is arguably easier to follow, with the coming
refactor.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
d9477a0a4d bootm: Add a bool parameter to bootm_process_cmdline_env()
This function will soon do more than just handle the 'silent linux'
feature. As a first step, update it to take a boolean parameter,
indicating whether or not the processing is required.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
4dcb81545a bootm: Rename fixup_silent_linux()
We want to add more processing to this function. Before doing so, rename
it to bootm_process_cmdline_env(), which is more generic.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
4ae42643d0 bootm: Update fixup_silent_linux() to return an error
At present this function fails silently on error. Update it to produce
an error code. Report this error to the user and abort the boot, since it
likely will prevent a successful start.

No tests are added at this stage, since additional refactoring is taking
place in subsequent patches.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Simon Glass
f158ba15ee bootm: Add tests for fixup_silent_linux()
This function currently has no tests. Export it so that we can implement
a simple test on sandbox. Use IS_ENABLED() to remove the unused code,
instead #ifdef.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-12-04 16:09:26 -05:00
Michael Walle
7b866825cd spl: atf: add support for LOAD_IMAGE_V2
Newer platforms use the LOAD_IMAGE_V2 parameter passing method. Add
support for it.

Signed-off-by: Michael Walle <michael@walle.cc>
2020-12-04 16:09:06 -05:00
Michael Walle
553825c109 spl: atf: remove helper structure from common header
bl2_to_bl31_params_mem is just an implementation detail of the SPL ATF
support and is not needed anywhere else. Move it from the header to the
actual module.

Signed-off-by: Michael Walle <michael@walle.cc>
Acked-by: Michal Simek <michal.simek@xilinx.com>
2020-12-04 16:09:05 -05:00
Michael Walle
d2cb0c8f75 spl: atf: provide a bl2_plat_get_bl31_params_default()
Move the actual implementation of the bl2_plat_get_bl31_params() to its
own function. The weak function will just call the default
implementation. This has the advantage that board code can still call
the original implementation if it just want to modify minor things.

Signed-off-by: Michael Walle <michael@walle.cc>
2020-12-04 16:09:05 -05:00
Michael Walle
37c218a06e spl: atf: move storage for bl31_params into function
There is no need to have the storage available globally. This is also a
preparation for LOAD_IMAGE_V2 support. That will introduce a similar
generator function which also has its own storage.

Signed-off-by: Michael Walle <michael@walle.cc>
Acked-by: Michal Simek <michal.simek@xilinx.com>
2020-12-04 16:09:05 -05:00
AKASHI Takahiro
c74cd8bd08 efi_loader: capsule: add capsule_on_disk support
Capsule data can be loaded into the system either via UpdateCapsule
runtime service or files on a file system (of boot device).
The latter case is called "capsules on disk", and actual updates will
take place at the next boot time.

In this commit, we will support capsule on disk mechanism.

Please note that U-Boot itself has no notion of "boot device" and
all the capsule files to be executed will be detected only if they
are located in a specific directory, \EFI\UpdateCapsule, on a device
that is identified as a boot device by "BootXXXX" variables.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03 21:22:49 +01:00