-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEgWII69YpahbL5iK5gS8AYozs+qIFAmU7j50ACgkQgS8AYozs
+qIh8w/+O4UjT0sG1NLwmyV7U1Ypk+EyYaE6wmSWzpsJLfH/YvtObBJOYRuXxRVh
J9lkgCsw8Ct1ZNCrp8iVO+Dz1DtV8+QvTecrUHZqcOhTYDaqxXnlvEH2/EUhgo5T
9a/ZaDtOP1mKz754C4G6G363+iRCvbcqDECeKg9VYxfWCo1cINOmqyQCqlGxFT+h
PKiB5VzUpN/K/yiie+Hr42/+6XaykAUjUvEWeyKOsRmYY4lNiK22vG/puE42bFTh
catXwTE2a7x+yzPKkdhR0UGvDUlIKET2kF6mi+pYN2h/cSUxWTzbP/OxcU9yJOnm
qJiRZ+Woez1I7ul6ln4ci2kiWc3CTYFXfctwrBJPuJ/EO+2EEb3oHqG2S3Fc9VBZ
N17flHW7XZHEQbNexlUhk9cRpCwRuSA5OJXwW+IZIuydgNeo3xF0iYvipbjkEGgW
BBkt8PH+ivTLjEz6Gcmquvo1fHGJLHRIPg7DNb0phGHviuC0zlDJ7N5DZk0CpkiT
36siV9xK4X6qvWkOTa6Ldw60e4tN9nv3VG30uXtPHi3XdOkKfNkyIuqO/5BkkQPt
6yEc9IYXYoWNKDVUGme5+xszZp1sSvqltajG9VVNupt958dFyOSgS5aNa6B4UsWX
3XfndP1/s2bezUHoQx5zjraapKVrqBFLkGeTlCDUD+mEgP440G8=
=gvDs
-----END PGP SIGNATURE-----
Merge tag 'tpm-next-27102023' of https://source.denx.de/u-boot/custodians/u-boot-tpm
bootX measurements and measurement API moved to u-boot core:
Up to now, U-Boot could perform measurements and EventLog creation as
described by the TCG spec when booting via EFI.
The EFI code was residing in lib/efi_loader/efi_tcg2.c and contained
both EFI specific code + the API needed to access the TPM, extend PCRs
and create an EventLog. The non-EFI part proved modular enough and
moving it around to the TPM subsystem was straightforward.
With that in place we can have a common API for measuring binaries
regardless of the boot command, EFI or boot(m|i|z), and contructing an
EventLog.
I've tested all of the EFI cases -- booting with an empty EventLog and
booting with a previous stage loader providing one and found no
regressions. Eddie tested the bootX part.
Eddie also fixed the sandbox TPM which couldn't be used for the EFI code
and it now supports all the required capabilities. This had a slight
sideeffect in our testing since the EFI subsystem initializes the TPM
early and 'tpm2 init' failed during some python tests. That code only
opens the device though, so we can replace it with 'tpm2 autostart'
which doesn't error out and still allows you to perfom the rest of the
tests but doesn't report an error if the device is already opened.
There's a few minor issues with this PR as well but since testing and
verifying the changes takes a considerable amount of time, I prefer
merging it now.
Heinrich has already sent a PR for -master containing "efi_loader: fix
EFI_ENTRY point on get_active_pcr_banks" and I am not sure if that will
cause any conflicts, but in any case they should be trivial to resolve.
Both the EFI and non-EFI code have a Kconfig for measuring the loaded
Device Tree. The reason this is optional is that we can't reason
when/if devices add random info like kaslr-seed, mac addresses etc in
the DT. In that case measurements are random, board specific and
eventually useless. The reason it was difficult to fix it prior to this
patchset is because the EFI subsystem and thus measurements was brought
up late and DT fixups might have already been applied. With this
patchset we can measure the DT really early in the future.
Heinrich also pointed out that the two Kconfigs for the DTB measurements
can be squashed in a single one and that the documentation only explains
the non-EFI case. I agree on both but as I said this is a sane working
version, so let's pull this first it's aleady big enough and painful to
test.
Use the sandbox TPM driver to measure some boot images in a unit
test case.
Signed-off-by: Eddie James <eajames@linux.ibm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
When the boot_targets environment variable is used with the distro-boot
scripts, each device is included individually. For example, if there
are three mmc devices, then we will have something like:
boot_targets="mmc0 mmc1 mmc2"
In contrast, standard boot supports specifying just the uclass, i.e.:
boot_targets="mmc"
The intention is that this should scan all MMC devices, but in fact it
currently only scans the first.
Update the logic to handle this case, without required BOOTSTD_FULL to
be enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Date Huang <tjjh89017@hotmail.com>
Reported-by: Vincent Stehlé <vincent.stehle@arm.com>
Reported-by: Ivan Ivanov <ivan.ivanov@suse.com>
Tested-by: Ivan T.Ivanov <iivanov@suse.de>
The current logic for "bootflow mmc" is flawed since it checks the
uclass of the bootdev instead of its parent, the media device. Correct
this and add a test that covers this scenario.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Ivan T.Ivanov <iivanov@suse.de>
Scan the USB bus as well, so we can check that different uclasses work
correctly in boot_targets
update the function comment with more detail.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Ivan T.Ivanov <iivanov@suse.de>
This commit was intended to allow all bootdevs in each boot_targets
entry to be scanned. However it causes bad ordering with bootdevs, e.g.
scanning Ethernet bootdevs when it should be keeping to mmc.
Revert it so we can try another approach.
This reverts commit e824d0d0c2.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Ivan T.Ivanov <iivanov@suse.de>
When the boot_targets environment variable is used with the distro-boot
scripts, each device is included individually. For example, if there
are three mmc devices, then we will have something like:
boot_targets="mmc0 mmc1 mmc2"
In contrast, standard boot supports specifying just the uclass, i.e.:
boot_targets="mmc"
The intention is that this should scan all MMC devices, but in fact it
currently only scans the first.
Update the logic to handle this case, without required BOOTSTD_FULL to
be enabled.
I believe at least three people reported this, but I found two.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Date Huang <tjjh89017@hotmail.com>
Reported-by: Vincent Stehlé <vincent.stehle@arm.com>
The existing distro scripts check extlinux and scripts before EFI. Adjust
the default ordering to do the same, to avoid breaking existing flows.
Add some documentation, mentioning that this order will likely change in
future.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Da Xue <da@libre.computer>
The existing ChromiumOS bootmeth only supports reading a single kernel
partition, either 2 or 4. In fact there are normally two options
available.
Use the GUID to detect kernel partitions, with the BOOTMETHF_ANY_PART
flag, so that bootstd does not require a valid filesystem before calling
the bootmeth.
Tidy up and improve the logging while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
[trini: Add missing select of PARTITION_TYPE_GUID]
Signed-off-by: Tom Rini <trini@konsulko.com>
The ChromiumOS bootmeth has no tests at present. Before adding more
features. add a basic test.
This creates a disk which can be scanned by the bootmeth, so make sure
things work. It is quite rudimentary, since the kernel is faked, the root
disk is missing and there is no cmdline stored.
Enable the bootmeth for snow so it can build the unit test.
Signed-off-by: Simon Glass <sjg@chromium.org>
We currently use mmc4 for tests. Update the function which sets this up
so that it can handle any device.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present 'bootflow list' shows <NULL> for the filename when it is not
present. Show an empty string instead, since that is more user-friendly.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a command to read edit settings from CMOS RAM, using the cedit
definition to indicate which registers and bits are used.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a command to write cedit settings to CMOS RAM so that it can be
preserved across a reboot. This uses a simple bit-encoding, where each
field has a 'bit position' and a 'bit length' in the schema.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a command to read cedit settings from environment variables so that
they can be restored as part of the environment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a command to write cedit settings to environment variables so that
they can be stored with 'saveenv'.
Signed-off-by: Simon Glass <sjg@chromium.org>
Support writing settings from an expo into a file in FDT format. It
consists of a single node with a two properties for each sceneitem,
one with tag ID chosen by the user and another for its text value.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tidy up this tool a little:
- define which arguments are needed
- split the enum values out into a header file
- warn if no enum values are found
- display the dtc error if something goes wrong
- avoid a Python traceback on error
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this test out so it can have its own file. Rename the test to use
a cedit_ prefix.
This allows us to drop the check for CONFIG_CMD_CEDIT in the test.
Also we don't need driver model objects for this test, so drop them.
Signed-off-by: Simon Glass <sjg@chromium.org>
For some operations it is necessary to process all objects in an expo.
Provide an iterator to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a bootflow command to update the command line more easily. This allows
changing a particular parameter rather than editing a very long strings.
It is also easier to handle with scripting.
The new 'bootflow cmdline' command allows getting and setting single
parameters.
Fix up the example output while we are here, since there are a few new
items.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The Linux command line consists of a number of words with optional values.
At present U-Boot allows this to be changed using the bootargs environment
variable.
But this is quite painful, since the command line can be very long.
Add a function which can adjust a single field in the command line, so
that it is easier to make changes before booting.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Some operating systems have a command line which can be adjusted before
booting. Store this in the bootflow so it can be controlled within
U-Boot.
Fix up the example output while we are here, since there are a few new
items.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The only way to create an expo at present is by calling the functions to
create each object. It is useful to have more data-driven approach, where
the objects can be specified in a suitable file format and created from
that. This makes testing easier as well.
Add support for describing an expo in a devicetree node. This allows more
complex tests to be set up, as well as providing an easier format for
users. It also provides a better basis for the upcoming configuration
editor.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we only support a single menu, so all that can be pointed to
is the current menu item. Rename this action so that we can also add
an action for pointing to an object. This will allow cycling through
the objects in a scene.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current implementation supports a 'pointer' object which points to
the currently highlighted menu item. We want to support highlighting the
label of the menu item instead, e.g. with inverse video. In this case we
will need to 'unhighlight' the old item and highlight the new one.
As a first step, move the pointer logic into a function. This fixes a
bug where the item is hidden when it should not be.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is a pain to manually set the fonts of all objects to be consistent.
Some spacing settings are also better set globally than by manually
positioning each object.
Add a 'theme' to the expo, to hold this information. For now it includes
only the font size.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a way to set the full dimensions of objects, i.e. including the
width and height.
For menus, calculate the bounding box of all objects in the menu. Set all
labels to be the same size, so that highlighting works correct, once
implemented.
Signed-off-by: Simon Glass <sjg@chromium.org>
We currently have just a 'hide' property for each object. In preparation
for adding more properties, convert the struct to use a flags value,
instead of individual booleans. This is more extensible.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present objects only have a position so it is not possible to determine
the amount of space they take up on the display.
Add width and height properties, using a struct to keep all the dimensions
together.
For now this is not used. Future work will set up these new properties.
Signed-off-by: Simon Glass <sjg@chromium.org>
This should ideally be done once after all scene changes have been made.
Require an explicit call when everything is ready.
Always arrange after a key it sent, just for convenience.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is easier to deal with if it uses the existing string handling,
since we will be able to use translations, etc. in the future.
Update it to use an ID instead of a string.
Signed-off-by: Simon Glass <sjg@chromium.org>
We use the terms 'distro' to mean extlinux but they are not really the
same. 'Distro' could refer to any method of booting a distribution,
whereas extlinux is a particular method.
Also we sometimes use syslinux, but it is better to use the same term in
all cases.
Rename distro to syslinux and also update bootstd uses of syslinux to use
extlinux instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
In a few cases the error handling is not quite right. Make sure we
return the actual error in distro_efi_read_bootflow_file() rather than
-EINVAL. Return -IO when a file cannot be read. Also show the error name
if available.
This does not change operation, but does make it easier to diagnose
problems.
Signed-off-by: Simon Glass <sjg@chromium.org>
This causes crashes on some boards, e.g. rockpro64. In any case, we
should not do it.
Check the usb_started flag to avoid this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Jonas Karlman <jonas@kwiboo.se>
Tested-by: Tom Rini <trini@konsulko.com>
This should be declared in a header file so that type-checking works
correctly.
Add a single declaration to usb.h and remove the others.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
At present the code does ide_init() as a separate operation, then calls
device_probe() to copy over the information. We can call ide_init() from
probe just as easily.
The only difference is that using 'ide init' twice will do nothing.
However it already fails to copy over the new data in that case, so the
effect is the same. For now, unbind the block devices and remove the IDE
device, which causes the bus to be probed again. Later patches will fix
this up fully, so that all blk_desc data is copied across.
Since ide_reset() is only called from ide_init(), there is no need to init
the ide_dev_desc[] array. This is already done at the end of ide_init() so
drop this code.
The call to uclass_first_device() is now within the probe() function of
the same device, so does nothing. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use the -l flag to indicate whether to report missing uclasses.
Also try to be more helpful when no devices are found. For example, when
we see something 'scsi0' requested and nothing was found, this indicates
that there are no SCSI devices, so show a suitable message.
Move messages out of the low-level functions so that silent operation
is possible.
This means they are never reported unless BOOTSTD_FULL is enabled, since
the -l flag cannot otherwise be set.
Suggested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
This test will block compilation of the entire test suite
on platforms without USB support. Make the extern
"usb_started" conditional on USB host or gadget and
define a dummy flag if neither is enabled.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a way to record the bootdevs used when scanning for bootflows. This is
useful for testing.
Enable this only with BOOTSTD_FULL and do the same for the progress
reporting.
Re-enable and update the affected tests now that we have this feature.
For bootdev_test_order_default() there is no-longer any support for using
the bootdev aliases to specify an ordering, so drop that part of the test.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is not used outside tests. Drop it and rename
bootflow_scan_dev() since it is how we start a scan now.
Signed-off-by: Simon Glass <sjg@chromium.org>
We want to support scanning a single label, like 'mmc' or 'usb0'. Add
this feature by plumbing the label through to the iterator, setting a
flag to indicate that only siblings of the initial device should be used.
This means that scanning a bootdev by its name is not supported anymore.
That feature doesn't seem very useful in practice, so it is no great loss.
Add a test for bootdev_find_by_any() while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we set up the bootdev order at the start, then scan the
bootdevs one by one.
However this approach cannot be used with hunters, since the bootdevs may
not exist until the hunter is used. Nor can we just run all the hunters at
the start, since that violate's U-Boot's 'lazy init' requirement. It also
increases boot time.
So we need to adjust the algorithm to scan by labels instead. As a first
step, drop the dev_order[] array in favour of a list of labels. Update the
name of bootdev_setup_iter_order() to better reflect what it does.
Update some related comments and log messages. Also disable a few tests
until a later commit where we can use them.
Signed-off-by: Simon Glass <sjg@chromium.org>
