We were truncating the image offset within the target image to 16 bits
which again meant that we were potentially overwriting random memory
in the lower 16 bits of the image.
This patch casts the offset to a more reasonable 32bits.
With this applied, I can successfully see Shell.efi assert because it
can't find a protocol it expects to be available.
Signed-off-by: Alexander Graf <agraf@suse.de>
This adds a bunch of unit tests for the "fdt apply" command.
They've all been run successfully in the sandbox. However, as you still
require an out-of-tree dtc with overlay support, this is disabled by
default.
Acked-by: Simon Glass <sjg@chromium.org>
Acked-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
The device tree overlays are a good way to deal with user-modifyable
boards or boards with some kind of an expansion mechanism where we can
easily plug new board in (like the BBB or the raspberry pi).
However, so far, the usual mechanism to deal with it was to have in Linux
some driver detecting the expansion boards plugged in and then request
these overlays using the firmware interface.
That works in most cases, but in some cases, you might want to have the
overlays applied before the userspace comes in. Either because the new
board requires some kind of an early initialization, or because your root
filesystem is accessed through that expansion board.
The easiest solution in such a case is to simply have the component before
Linux applying that overlay, removing all these drawbacks.
Reviewed-by: Stefan Agner <stefan@agner.ch>
Acked-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
The device tree overlays are a good way to deal with user-modifyable
boards or boards with some kind of an expansion mechanism where we can
easily plug new board in (like the BBB, the Raspberry Pi or the CHIP).
Add a new function to merge overlays with a base device tree.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Add a function to modify inplace only a portion of a property..
This is especially useful when the property is an array of values, and you
want to update one of them without changing the DT size.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Acked-by: Simon Glass <sjg@chromium.org>
Add a namelen variant of fdt_path_offset to retrieve the node offset using
only a fixed number of characters.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Add a function to retrieve the highest phandle in a given device tree.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Reviewed-by: Stefan Agner <stefan@agner.ch>
Acked-by: Simon Glass <sjg@chromium.org>
Some code may want to read reg values from DT, but from nodes that aren't
associated with DM devices, so using dev_get_addr_index() isn't
appropriate. In this case, fdtdec_get_addr_size_*() are the functions to
use. However, "translation" (via the chain of ranges properties in parent
nodes) may still be desirable. Add a function parameter to request that,
and implement it. Update all call sites to default to the original
behaviour.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Squashed in build fix from Stephen:
Signed-off-by: Simon Glass <sjg@chromium.org>
When a target device is 0 bytes long, there's no point in exposing it to
the user. Let's just skip them.
Also, when an offset is passed into the efi disk creation, we should
remove this offset from the total number of sectors we can handle.
This patch fixes both things.
Signed-off-by: Alexander Graf <agraf@suse.de>
When using CONFIG_BLK, there were 2 issues:
1) The name we generate the device with has to match the
name we set in efi_set_bootdev()
2) The device we pass into our block functions was wrong,
we should not rediscover it but just use the already known
pointer.
This patch fixes both issues.
Signed-off-by: Alexander Graf <agraf@suse.de>
We can pass all the variables down to the functions that need them, and
then everything is on the stack. This is safer than using the data section.
At least on firefly-rk3288, the code size is the same and the data size is
12 bytes smaller:
before:
18865 2636 40 21541 5425 b/firefly-rk3288/spl/u-boot-spl
after:
18865 2624 40 21529 5419 b/firefly-rk3288/spl/u-boot-spl
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Stefan Roese <sr@denx.de>
This fixes a mismatch between the %zu format and the type used on sandbox.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
[NOTE: I took v1 of these patches in, and then v2 came out, this commit
is squashing the minor deltas from v1 -> v2 of updates to c236ebd and
2b9ec76 into this commit - trini]
- Added an additional NULL check, as suggested by Simon Glass to
fit_image_process_sig
- Re-formatted the comment blocks
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
[For merging the chnages from v2 back onto v1]
Signed-off-by: Tom Rini <trini@konsulko.com>
We already have an SPL driver for the sunxi NAND controller, now add
the normal/standard one.
The source has been copied from Linux 4.6 with a few changes to make
it work in u-boot.
Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Acked-by: Hans de Goede <hdegoede@redhat.com>
When signing images, we repeatedly call fit_add_file_data() with
successively increasing size values to include the keys in the DTB.
Unfortunately, if large keys are used (such as 4096 bit RSA keys), this
process fails sometimes, and mkimage needs to be called repeatedly to
integrate the keys into the DTB.
This is because fit_add_file_data actually returns the wrong error
code, and the loop terminates prematurely, instead of trying again with
a larger size value.
This patch corrects the return value by fixing the return value of
fdt_add_bignum, fixes a case where an error is masked by a unconditional
setting of a return value variable, and also removes a error message,
which is misleading, since we actually allow the function to fail. A
(hopefully helpful) comment is also added to explain the lack of error
message.
This is probably related to 1152a05 ("tools: Correct error handling in
fit_image_process_hash()") and the corresponding error reported here:
https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Tracing the arguments has been helpful for pinpointing overflows.
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
At present assert() is not supported with tiny-printf, so when DEBUG is
enabled a build error is generated for each assert().
Add an __assert_fail() function to correct this. It prints a message and
then hangs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Python version of the libfdt library which contains enough features to
support the dtoc tool. This is only a very bare-bones implementation. It
requires the 'swig' to build.
Signed-off-by: Simon Glass <sjg@chromium.org>
We cannot access the device tree in this case, so avoid compiling in the
various device-tree helper functions.
Signed-off-by: Simon Glass <sjg@chromium.org>
The cros-ec keyboard is always a child of the cros-ec node. Rather than
searching the device tree, looking at the children. Remove the compat string
which is now unused.
Signed-off-by: Simon Glass <sjg@chromium.org>
The 'COMPAT_' part should appear only once so drop the duplicate part. It is
ignored anyway, but let's keep things consistent.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The list is shrinking and we should avoid adding new things. Instead, a
proper driver should be created with driver model.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
A few drivers have moved to driver model, so we can drop these strings.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Jaehoon Chung <jh80.chung@samsung.com>
We have drivers for several more devices now, so drop the strings which are
no-longer used.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
As printf calls may be executed quite early, we should avoid using any
BSS stored variables, since some boards put BSS in DRAM, which may not
have been initialised yet.
Explicitly mark those "static global" variables as belonging to the
.data section, to keep tiny-printf clear of any BSS usage.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
We have driver-model drivers for some of these now, so drop them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Warren <twarren@nvidia.com>
When the input data is not compressed at all,
lzo1x_decompress_safe will fail, so call memcpy()
instead.
Signed-off-by: Joris Lijssens <joris.lijssens@gmail.com>
vprintf is used by panic() which is used in various SPL paths on some
boards.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Acked-by: Ian Campbell <ijc@hellion.org.uk>
Reviewed-by: Simon Glass <sjg@chromium.org>
A number of style fixes across the files in this directory, including:
* Correct invalid kernel-doc content.
* Tidy up massive comment in fdt_region.c.
* Use correct spelling of "U-Boot".
* Replace tests of "! <var>" with "!<var>".
* Replace "libfdt_env.h" with <libfdt_env.h>.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Acked-by: Simon Glass <sjg@chromium.org>
This should return a non-zero value if there is a missing property. Update
the return value accordingly. The only expected error is -FDT_ERR_NOTFOUND.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andreas Bießmann <andreas@biessmann.org>
This allows a board to configure verified boot within the SPL using
a FIT or FIT with external data. It also allows the SPL to perform
signature verification without needing relocation.
The board configuration will need to add the following feature defines:
CONFIG_SPL_CRYPTO_SUPPORT
CONFIG_SPL_HASH_SUPPORT
CONFIG_SPL_SHA256
In this example, SHA256 is the only selected hashing algorithm.
And the following booleans:
CONFIG_SPL=y
CONFIG_SPL_DM=y
CONFIG_SPL_LOAD_FIT=y
CONFIG_SPL_FIT=y
CONFIG_SPL_OF_CONTROL=y
CONFIG_SPL_OF_LIBFDT=y
CONFIG_SPL_FIT_SIGNATURE=y
Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Acked-by: Andreas Dannenberg <dannenberg@ti.com>
Acked-by: Sumit Garg <sumit.garg@nxp.com>
This current code passes the variable arguments list to sprintf(). This is
not correct. Fix it by calling _vprintf() directly.
This makes firefly-rk3288 boot again.
Fixes: abeb272 ("tiny-printf: Support snprintf()")
Reviewed-by: Stefan Roese <sr@denx.de>
Acked-by: Marek Vasut <marex@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
When setting up a DDR controller it is useful to be able to display
frequencies in a readable form. Make the strmhz() function available in
SPL builds provided there is full vsprintf available.
Reviewed-by: Tony O'Brien <tony.obrien@alliedtelesis.co.nz>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Some systems are starting to shift to support DM_VIDEO which exposes
the frame buffer through a slightly different interface.
This is a poor man's effort to support the dm video interface instead
of the lcd one. We still only support a single display device.
Signed-off-by: Alexander Graf <agraf@suse.de>
[trini: Remove fb_size / fb_base as they were not used]
Signed-off-by: Tom Rini <trini@konsulko.com>
When a payload calls our memory allocator with the exact address hint, we
happily allocate memory from completely unpopulated regions. Payloads however
expect this to only succeed if they would be allocating from free conventional
memory.
This patch makes the logic behind those checks a bit more obvious and ensures
that we always allocate from known good free conventional memory regions if we
want to allocate ram.
Reported-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
We introduced special "DEBUG_EFI" defines when the efi loader
support was new. After giving it a bit of thought, turns out
we really didn't have to - the normal #define DEBUG infrastructure
works well enough for efi loader as well.
So this patch switches to the common debug() and #define DEBUG
way of printing debug information.
Signed-off-by: Alexander Graf <agraf@suse.de>
Some times you may want to exit an EFI payload again, for example
to default boot into a PXE installation and decide that you would
rather want to boot from the local disk instead.
This patch adds exit functionality to the EFI implementation, allowing
EFI payloads to exit.
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch decouples U-Boot binary from the toolchain on systems where
private libgcc is available. Instead of pulling in functions provided
by the libgcc from the toolchain, U-Boot will use it's own set of libgcc
functions. These functions are usually imported from Linux kernel, which
also uses it's own libgcc functions instead of the ones provided by the
toolchain.
This patch solves a rather common problem. The toolchain can usually
generate code for many variants of target architecture and often even
different endianness. The libgcc on the other hand is usually compiled
for one particular configuration and the functions provided by it may
or may not be suited for use in U-Boot. This can manifest in two ways,
either the U-Boot fails to compile altogether and linker will complain
or, in the much worse case, the resulting U-Boot will build, but will
misbehave in very subtle and hard to debug ways.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Albert Aribaud <albert.u.boot@aribaud.net>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a simple version of this function for SPL. It does not check the buffer
size as this would add to the code size.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Stefan Roese <sr@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: lesne@alse-fr.com
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Sylvain Lesne <lesne@alse-fr.com>
Tested-by: Sylvain Lesne <lesne@alse-fr.com>
Tegra186's MMC controller needs to be explicitly identified. Add another
compatible value for it.
Tegra186 will use an entirely different clock/reset control mechanism to
existing chips, and will use standard clock/reset APIs rather than the
existing Tegra-specific custom APIs. The driver support for that isn't
ready yet, so simply disable all clock/reset usage if compiling for
Tegra186. This must happen at compile time rather than run-time since the
custom APIs won't even be compiled in on Tegra186. In the long term, the
plan would be to convert the existing custom APIs to standard APIs and get
rid of the ifdefs completely.
The system's main eMMC will work without any clock/reset support, since
the firmware will have already initialized the controller in order to
load U-Boot. Hence the driver is useful even in this apparently crippled
state.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Tom Warren <twarren@nvidia.com>
For odroid-c2 (arch-meson) for now disable designware eth as meson
now needs to do some harder GPIO work.
Signed-off-by: Tom Rini <trini@konsulko.com>
Conflicts:
lib/efi_loader/efi_disk.c
Modified:
configs/odroid-c2_defconfig
Recently Linux is gaining support for efifb on AArch64 and that support actually
tries to make use of the frame buffer address we expose to it via gop.
While this wouldn't be bad in theory, in practice it means a few bad things
1) We expose 16bit frame buffers as 32bit today
2) Linux can't deal with overlapping non-PCI regions between efifb and
a different frame buffer driver
For now, let's just disable exposure of the frame buffer address. Most OSs that
get booted will have a native driver for the GPU anyway.
Signed-off-by: Alexander Graf <agraf@suse.de>
[trini: Remove line_len entirely]
Signed-off-by: Tom Rini <trini@konsulko.com>
We put the system table into our runtime services data section so that
payloads may still access it after exit_boot_services. However, most fields
in it are quite useless once we're in that state, so let's just patch them
out.
With this patch we don't get spurious warnings when running EFI binaries
anymore.
Signed-off-by: Alexander Graf <agraf@suse.de>
Some hardware that is supported by U-Boot can not handle DMA above 32bits.
For these systems, we need to come up with a way to expose the disk interface
in a safe way.
This patch implements EFI specific bounce buffers. For non-EFI cases, this
apparently was no issue so far, since we can just define our environment
variables conveniently.
Signed-off-by: Alexander Graf <agraf@suse.de>
This code does not currently build with driver model enabled for block
devices. Update it to correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
We can now successfully boot EFI applications from disk, but users
may want to also run them from a PXE setup.
This patch implements rudimentary network support, allowing a payload
to send and receive network packets.
With this patch, I was able to successfully run grub2 with network
access inside of QEMU's -M xlnx-ep108.
Signed-off-by: Alexander Graf <agraf@suse.de>
Add a simple version of this function for SPL. It does not check the buffer
size as this would add to the code size.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
- Rename 'w' to 'width' to make it more obvious what it is used for
- Use bool and int types instead of char to avoid register-masking on
32-bit machines
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This file currently requires an LCD. Adjust it to work without one.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
jetson-tk1 has 2 GB of RAM at 0x80000000, causing gd->ram_top to be zero.
Handle this by either avoiding ram_top or by using the same type as
ram_top to reverse the overflow effect.
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
Call blk_dwrite to ensure that the block cache is notified
if enabled and remove build breakage when CONFIG_BLK is enabled.
Signed-off-by: Eric Nelson <eric@nelint.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
The EFI memory map does not need to be in a strict order, but 32bit
grub2 does expect it to be ascending. If it's not, it may try to
allocate memory inside the U-Boot data memory region.
We already sort the memory map in descending order, so let's just
reverse it when we pass it to a payload.
Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Andreas Färber <afaerber@suse.de>
The cache line flush helpers only work properly when they get aligned
start and end addresses. Round our flush range to cache line size. It's
safe because we're guaranteed to flush within a single page which has the
same cache attributes.
Reported-by: Marek Vasut <marex@denx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Tested-by: Andreas Färber <afaerber@suse.de>
Whenever we want to tell our payload about a path, we limit ourselves
to a reasonable amount of characters. So far we only passed in device
names - exceeding 16 chars was unlikely there.
However by now we also pass real file path information, so let's increase
the limit to 32 characters. That way common paths like "boot/efi/bootaa64.efi"
fit just fine.
Signed-off-by: Alexander Graf <agraf@suse.de>
When loading an el torito image, uEFI exposes said image as a raw
block device to the payload.
Let's do the same by creating new block devices with added offsets for
the respective el torito partitions.
Signed-off-by: Alexander Graf <agraf@suse.de>
The snippet of code to add a drive to our drive list needs to
get called from 2 places in the future. Split it into a separate
function.
Signed-off-by: Alexander Graf <agraf@suse.de>
To make the usage of this function more flexible, lets add the CRC start
value as parameter to this function. This way it can be used by other
functions requiring different start values than 0 as well.
For non-zero CRC start values to work, I've reworked the function a bit.
The new implementation is copied from the Linux version in
drivers/i2c/i2c-core.c / i2c_smbus_pec(). Which supports non-zero
CRC stating values.
I've double-checked that the results for zero starting values are
identical to the results from the original version of this function.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Some EFI applications (grub2) expect that an allocation always returns
the highest available memory address for the given size.
Without this, we may run into situations where the initrd gets allocated
at a lower address than the kernel.
This patch fixes booting in such situations for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
We normally use __weak rather than calling it out directly as an alias.
Update this function to the normal method.
Signed-off-by: Tom Rini <trini@konsulko.com>
When switching between EFI context and U-Boot context we need to swap
the register that "gd" resides in.
Some functions slipped through here, with efi_allocate_pool / efi_free_pool
not doing the switch correctly and efi_return_handle switching too often.
Fix them all up to make sure we always have consistent register state.
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI standard defines a simple boot protocol that an EFI payload can use
to access video output.
This patch adds support to expose exactly that one (and the mode already in
use) as possible graphical configuration to an EFI payload.
With this, I can successfully run grub2 with graphical output.
Signed-off-by: Alexander Graf <agraf@suse.de>
Since dhry_per_sec is a u64 we must also use lldiv here when working
with it. Otherwise:
../lib/dhry/cmd_dhry.c:(.text.do_dhry+0xd8): undefined reference to `__udivdi3'
On some platforms.
Signed-off-by: Tom Rini <trini@konsulko.com>
This is not needed now that the memory controller driver has the SPD data
in its own node.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present samus reports about 5600 DMIPS. With the default iteration count
this is OK, but if 10 million runs are performed it overflows. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
We don't need this anymore - we can use device tree and the new pinconfig
driver instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
EFI payloads can query for the device they were booted from. Because
we have a disconnect between loading binaries and running binaries,
we passed in a dummy device path so far.
Unfortunately that breaks grub2's logic to find its configuration
file from the same device it was booted from.
This patch adds logic to have the "load" command call into our efi
code to set the device path to the one we last loaded a binary from.
With this grub2 properly detects where we got booted from and can
find its configuration file, even when searching by-partition.
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that we have all the bits and pieces ready for EFI payload loading
support, hook them up in Makefiles and KConfigs so that we can build.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
[trini: Enable only when we of OF_LIBFDT, disable on kwb and colibri_pxa270]
Signed-off-by: Tom Rini <trini@konsulko.com>
The EFI loader needs to maintain views of memory - general system memory
windows as well as used locations inside those and potential runtime service
MMIO windows.
To manage all of these, add a few helpers that maintain an internal
representation of the map the similar to how the EFI API later on reports
it to the application.
For allocations, the scheme is very simple. We basically allow allocations
to replace chunks of previously done maps, so that a new LOADER_DATA
allocation for example can remove a piece of the RAM map. When no specific
address is given, we just take the highest possible address in the lowest
RAM map that fits the allocation size.
Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Simon Glass <sjg@chromium.org>
A EFI applications usually want to access storage devices to load data from.
This patch adds support for EFI disk interfaces. It loops through all block
storage interfaces known to U-Boot and creates an EFI object for each existing
one. EFI applications can then through these objects call U-Boot's read and
write functions.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
[trini: Update for various DM changes since posting]
Signed-off-by: Tom Rini <trini@konsulko.com>
After booting has finished, EFI allows firmware to still interact with the OS
using the "runtime services". These callbacks live in a separate address space,
since they are available long after U-Boot has been overwritten by the OS.
This patch adds enough framework for arbitrary code inside of U-Boot to become
a runtime service with the right section attributes set. For now, we don't make
use of it yet though.
We could maybe in the future map U-boot environment variables to EFI variables
here.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
One of the basic EFI interfaces is the console interface. Using it an EFI
application can interface with the user. This patch implements an EFI console
interface using getc() and putc().
Today, we only implement text based consoles. We also convert the EFI Unicode
characters to UTF-8 on the fly, hoping that everyone managed to jump on the
train by now.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
When an EFI application runs, it has access to a few descriptor and callback
tables to instruct the EFI compliant firmware to do things for it. The bulk
of those interfaces are "boot time services". They handle all object management,
and memory allocation.
This patch adds support for the boot time services and also exposes a system
table, which is the point of entry descriptor table for EFI payloads.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
EFI uses the PE binary format for its application images. Add support to EFI PE
binaries as well as all necessary bits for the "EFI image loader" interfaces.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
The original name of this function is unclear. This patch renames this
CRC16 function to crc16_ccitt() matching its name with its
implementation.
To make the usage of this function more flexible, lets add the CRC start
value as parameter to this function. This way it can be used by other
functions requiring different start values than 0 as well.
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add an option to enable libfdt in SPL. This can be useful when decoding
FIT files in SPL.
We need to make sure this option is not enabled in SPL by this change.
Also this option needs to be enabled in host builds. Si add a new
IMAGE_USE_LIBFDT #define which can be used in files that are built on the
host but must also build for U-Boot and SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.
Move these options to Kconfig and tidy up board configuration:
CONFIG_FIT
CONFIG_OF_BOARD_SETUP
CONFIG_OF_SYSTEM_SETUP
CONFIG_FIT_SIGNATURE
CONFIG_FIT_BEST_MATCH
CONFIG_FIT_VERBOSE
CONFIG_OF_STDOUT_VIA_ALIAS
CONFIG_RSA
Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.
Note: Masahiro's moveconfig.py script is amazing.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
Use 'struct' instead of a typdef. Also since 'struct block_dev_desc' is long
and causes 80-column violations, rename it to struct blk_desc.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Stephen Warren <swarren@nvidia.com>
The existing function to add a new property to a tree being built requires
that the entire contents of the new property be passed in. For some
applications it is more convenient to be able to add the property contents
later, perhaps by reading from a file. This avoids double-buffering of the
contents.
Add a new function to support this and adust the existing fdt_property() to
use it.
Signed-off-by: Simon Glass <sjg@chromium.org>
In some cases the timer must be accessible before driver model is active.
Examples include when using CONFIG_TRACE to trace U-Boot's execution before
driver model is set up. Enable this option to use an early timer. These
functions must be supported by your timer driver: timer_early_get_count()
and timer_early_get_rate().
Signed-off-by: Simon Glass <sjg@chromium.org>
This function can be called from the timer code on instrumented functions.
Mark it as 'notrace' so that it doesn't cause infinite recursion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Adjust the driver to use driver model. The SOR becomes a bridge device. We
use the normal simple_panel driver to handle the display itself. We also
need to enable some options such as regulators, PWMs and DM_VIDEO itself.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Anatolij Gustschin <agust@denx.de>
Signed-off-by: Tom Warren <twarren@nvidia.com>
If BUILD_TAG is part of KBUILD_CFLAGS, then any time the value changes,
all files get rebuilt. In a continuous integration environment, the value
will change every build. This wastes time, assuming that incremental
builds would otherwise occur.
To solve this, remove BUILD_TAG from KBUILD_CFLAGS and add it to CFLAGS
for just the one file that uses it. This does have the disadvantage that
if any other files want to use the flag, we'll need to duplicate this
custom CFLAGS setup logic. However, it seems unlikely we'll need this.
An alternative would be to add BUILD_TAG to the "local version" and remove
the special case code from display_options.c. However, that would affect
the format of the U-Boot signon message, which may negatively affect
people looking for specific data there. The approach of using
file-specific CFLAGS was suggested by Masahiro Yamada.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Simon Glass <sjg@chromium.org>
Current, the following passes:
./u-boot -d arch/sandbox/dts/test.dtb -c 'ut_image_decomp'
but the following fails:
./u-boot -d arch/sandbox/dts/test.dtb -c 'ut dm; ut_image_decomp'
This is because the gunzip code reads input data beyond the end of its
input buffer. In the first case above, this data just happens to be 0,
which just happens to trigger gzip to signal the error the decompression
unit test expects. In the second case above, the "ut dm" test has written
data to the accidentally-read memory, which causes the gzip code to take a
different path and so return a different value, which triggers the test
failure.
The cause of gunzip reading past its input buffer is the re-calculation of
s.avail_in in zunzip(), since it can underflow. Not only is the formula
non-sensical (it uses the delta between two output buffer pointers to
calculate available input buffer size), it also appears to be unnecessary,
since the gunzip code already maintains this value itself. This patch
removes this re-calculation to avoid the underflow and redundant work.
The loop exit condition is also adjusted so that if inflate() has consumed
the entire input buffer, without indicating returning Z_STREAM_END (i.e.
decompression complete without error), an error is raised. There is still
opportunity to simplify the code here by splitting up the loop exit
condition into separate tests. However, this patch makes the minimum
modifications required to solve the problem at hand, in order to keep the
Acked-by: Kees Cook <keescook@chromium.org>
diff simple.
I am not entirely convinced that the loop in zunzip() is necessary at all.
It could only be useful if inflate() can return Z_BUF_ERROR (which
typically means that it needs more data in the input buffer, or more space
in the output buffer), even though Z_FINISH is set /and/ the full input is
available in the input buffer /and/ there is enough space to store the
decompressed output in the output buffer. The comment in zlib.h after the
prototype of inflate() implies this is never the case. However, I assume
there must have been some reason for introducing this loop in the first
place, as part of commit "Fix gunzip to work for any gziped uImage size".
This patch is similar to the earlier b75650d84d "gzip: correctly
bounds-check output buffer", which corrected a similar issue for
s.avail_out.
Cc: Catalin Radu <Catalin@VirtualMetrix.com>
Cc: Kees Cook <keescook@chromium.org>
Fixes: f039ada5c1 ("Fix gunzip to work for any gziped uImage size")
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Introduce fdtdec_get_child_count for get the number of subnodes
of one parent node.
Signed-off-by: Peng Fan <van.freenix@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Use __maybe_unused which should avoid the Coverity error.
Reported-by: Coverity (CID: 134900)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Correct spelling of "U-Boot" shall be used in all written text
(documentation, comments in source files etc.).
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Minkyu Kang <mk7.kang@samsung.com>
In case CONFIG_DM_TPM was set without any TPM chipset configured a fault
was generated (NULL pointer access).
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
We use driver model for this now, so we don't need this string.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Now that driver model support is available, convert sandbox over to use it.
We can remove a few of the special hooks that sandbox currently has.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Anatolij Gustschin <agust@denx.de>
Add the missing code to allow bzip2 compression to be used. This is useful
for sandbox tests. These files are taken from the bzip2 1.0.6 release.
The license text is copied to the top of each file as is done with other
bzip2 files in U-Boot. The only other change is to squash a compiler warning
with nBytes.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
At present this does not print zero values in numeric format (hex and
decimal). Add a special case for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a check for NULL strings to avoid printing junk to the console.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Adding timer init function in timer-uclass driver to create and
initialize the timer device on platforms where u-boot,dm-pre-reloc
is not used. Since there will be multiple timer devices in the
system, adding a tick-timer node in chosen node to know which
timer device to be used as tick timer in u-boot.
Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com>
In a number of places we had wordings of the GPL (or LGPL in a few
cases) license text that were split in such a way that it wasn't caught
previously. Convert all of these to the correct SPDX-License-Identifier
tag.
Signed-off-by: Tom Rini <trini@konsulko.com>
Only when we have CONFIG_CMD_UNZIP enabled do we have the 'gzwrite'
command. While this command should be separated from CONFIG_CMD_UNZIP
we should also only include the write portion of the gz code in that
case as well.
Signed-off-by: Tom Rini <trini@konsulko.com>
Enabling this function always removes some class of string saftey issues.
The size change here in general is about 400 bytes and this seems a reasonable
trade-off.
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Peter Robinson <pbrobinson@gmail.com>
Cc: Fabio Estevam <fabio.estevam@freescale.com>
Cc: Adrian Alonso <aalonso@freescale.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
This will allow the implementation to make use of data in the block_dev
structure beyond the base device number. This will be useful so that eMMC
block devices can encompass the HW partition ID rather than treating this
out-of-band. Equally, the existence of the priv field is crying out for
this patch to exist.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Use "intel,ivybridge-fsp" for Intel IvyBridge FSP compatible string.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Use the driver model version of the function to find the BAR. This updates
the fdtdec function, of which ns16550 is the only user.
The fdtdec_get_pci_bdf() function is dropped for several reasons:
- with driver model we should use 'struct udevice *' rather than passing the
device tree offset explicitly
- there are no other users in the tree
- the function parses for information which is already available in the PCI
device structure (specifically struct pci_child_platdata which is available
at dev_get_parent_platdata(dev)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
The USB gadget framework does not support DM yet, so add this bit
to let DWC2 UDC probe from OF on platforms which support it.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Chin Liang See <clsee@altera.com>
Cc: Dinh Nguyen <dinguyen@opensource.altera.com>
Cc: Lukasz Majewski <l.majewski@majess.pl>
Cc: Lukasz Majewski <l.majewski@samsung.com>
To allow the various string to number conversion functions to be used
when using tiny-printf,split them out into their own file which gets
build regardless of what printf implementation is used.
Signed-off-by: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
To allow panic and panic_str to still be used when using tiny-printf,
split them out into their own file which gets build regardless of what
printf implementation is used.
Signed-off-by: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
Implement both printf and vprintf for a bit more flexibility, e.g.
allows the panic() function to work with tiny-printf.
Signed-off-by: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
Adjust the Tegra PCI driver to support driver model and move all boards over
at the same time. This can make use of some generic driver model code, such
as the range-decoding logic.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
There are timers with a 64-bit counter value but current timer
uclass driver assumes a 32-bit one. Modify timer_get_count()
to ask timer driver to always return a 64-bit counter value,
and provide an inline helper function timer_conv_64() to handle
the 32-bit/64-bit conversion automatically.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
With this patch now, the tiny printf() function also supports numbers
bigger than 0xffff. Additionally the code is simplified a bit and
some static variables are moved to function parameters. Also the
upper case hex variable output support is removed, as its not really
needed in this simple printf version. And removing it reduces the
complexity and the code size again a bit.
Here the new numbers, again on the db-mv784mp-gp (Armada XP):
Without this patch:
56542 18536 1956 77034 12cea ./spl/u-boot-spl
With this patch:
56446 18536 1936 76918 12c76 ./spl/u-boot-spl
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Hans de Goede <hdegoede@redhat.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Albert Aribaud <albert.u.boot@aribaud.net>
This patch adds a small printf() version that supports all basic formats.
Its intented to be used in U-Boot SPL versions on platforms with very
limited internal RAM sizes.
To enable it, just define CONFIG_USE_TINY_PRINTF in your defconfig. This
will result in the SPL using this tiny function and the main U-Boot
still using the full-blown printf() function.
This code was copied from:
http://www.sparetimelabs.com/printfrevisited
With mostly only coding style related changes so that its checkpatch
clean.
The size reduction is about 2.5KiB. Here a comparison for the db-mv784mp-gp
(Marvell AXP) SPL:
Without this patch:
58963 18536 1928 79427 13643 ./spl/u-boot-spl
With this patch:
56542 18536 1956 77034 12cea ./spl/u-boot-spl
Note:
To make it possible to compile tiny-printf.c instead of vsprintf.c when
CONFIG_USE_TINY_PRINTF is defined, the functions printf() and vprintf() are
moved from common/console.c into vsprintf.c in this patch.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Hans de Goede <hdegoede@redhat.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Albert Aribaud <albert.u.boot@aribaud.net>
This will be used to support console recording. It provides for a circular
buffer which can be written at the head and read from the tail. It supports
avoiding data copying by providing raw access to the data.
Signed-off-by: Simon Glass <sjg@chromium.org>
The console includes a global variable and several functions that are only
used by a small subset of U-Boot files. Before adding more functions, move
the definitions into their own header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Adjust the tegra keyboard driver to support driver model, using the new
uclass. Make this the default for all Tegra boards so that those that use
a keyboard will build correctly with this driver.
Signed-off-by: Simon Glass <sjg@chromium.org>
gcc 4.4.3 (which is the default native compiler on x86-64 Ubuntu 10.04)
doesn't seem to like initializers for sub-fields of anonymous unions.
Solve this by replacing the initialization with an assignment. This
fixes:
lib/lz4_wrapper.c: In function ‘ulz4fn’:
lib/lz4_wrapper.c:97: error: unknown field ‘raw’ specified in initializer
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
short strings can be used in type parameter of gpt command
to replace the guid string for the types known by u-boot
partitions = name=boot,size=0x6bc00,type=data; \
name=root,size=0x7538ba00,type=linux;
gpt write mmc 0 $partitions
and they are also used to display the type of partition
in "part list" command
Partition Map for MMC device 0 -- Partition Type: EFI
Part Start LBA End LBA Name
Attributes
Type GUID
Partition GUID
1 0x00000022 0x0000037f "boot"
attrs: 0x0000000000000000
type: ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
type: data
guid: d117f98e-6f2c-d04b-a5b2-331a19f91cb2
2 0x00000380 0x003a9fdc "root"
attrs: 0x0000000000000000
type: 0fc63daf-8483-4772-8e79-3d69d8477de4
type: linux
guid: 25718777-d0ad-7443-9e60-02cb591c9737
Signed-off-by: Patrick Delaunay <patrick.delaunay73@gmail.com>
This needs a separate compatible value from Tegra124 since the new HW
version has bugs that would prevent a driver for previous HW versions
from operating at all.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Tom Warren <twarren@nvidia.com>
After consulting with some of the SPDX team, the conclusion is that
Makefiles are worth adding SPDX-License-Identifier tags too, and most of
ours have one. This adds tags to ones that lack them and converts a few
that had full (or in one case, very partial) license blobs into the
equivalent tag.
Cc: Kate Stewart <kstewart@linuxfoundation.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Adding fdtdec_get_uint function which is the
unsigned version for fdtdec_get_int
Signed-off-by: Chin Liang See <clsee@altera.com>
Cc: Dinh Nguyen <dinguyen@opensource.altera.com>
Cc: Dinh Nguyen <dinh.linux@gmail.com>
Cc: Marek Vasut <marex@denx.de>
Cc: Stefan Roese <sr@denx.de>
Cc: Vikas Manocha <vikas.manocha@st.com>
Cc: Jagannadh Teki <jteki@openedev.com>
Cc: Pavel Machek <pavel@denx.de>
Cc: Heiko Schocher <hs@denx.de>
At present in SPL we place the device tree immediately after BSS. This
avoids needing to copy it out of the way before BSS can be used. However on
some boards BSS is not placed with the image - e.g. it can be in RAM if
available.
Add an option to tell U-Boot that the device tree should be placed at the
end of the image binary (_image_binary_end) instead of at the end of BSS.
Note: A common reason to place BSS in RAM is to support the FAT filesystem.
We should update the code so that it does not use so much BSS.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
At present the last four bytes of the alias region are dropped in
the case where the last alias is included. This results in a corrupted
device tree. Fix this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
It is sometimes useful to find a property in the chosen node. Add a function
for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
PCI addresses are always represented as 3 cells in DT. (one cell for bus
and device, and two cells for a 64-bit addres). This does not vary based
on either the physical address size of the CPU, nor any #address-cells
property in DT (or more precisely, #address-cells must be set to 3 in any
PCIe controller's node).
Fix fdtdec_get_pci_addr() to use conversion functions that operate on
(fixed) cell-sized data rather than (varying) physical-address-sized
data, so that the function works on 64-bit systems.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Acked-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Thierry Reding <treding@nvidia.com>
Now that all TPM drivers use driver model, we can drop the special driver
model CONFIG option.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Christophe Ricard<christophe-h.ricard@st.com>
As every TPM drivers support UCLASS_TPM, we can only rely on DM_TPM
functions.
This simplify a bit the code.
Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
We want to be able to add other common code to this function. So change the
driver's version to have an underscore before it, just like
_debug_uart_putc(). Define debug_uart_init() to call this version.
Update all drivers to this new method.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This patch adds support for LZ4-compressed FIT image contents. This
algorithm has a slightly worse compression ration than LZO while being
nearly twice as fast to decompress. When loading images from a fast
storage medium this usually results in a boot time win.
Sandbox-tested only since I don't have a U-Boot development system set
up right now. The code was imported unchanged from coreboot where it's
proven to work, though. I'm mostly interested in getting this recognized
by mkImage for use in a downstream project.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
After rework of lib/fdtdec.c by:
commit: 02464e3 fdt: add new fdt address parsing functions
the function fdtdec_get_addr() doesn't work as previous,
because the implementation assumes that properties '#address-cells'
and '#size-cells' are equal to 1, which can be not true sometimes.
The new API introduced fdtdec_get_addr_size_auto_parent() for the 'reg'
property parsing, but the implementation assumes, that #size-cells
can't be less than 1.
This causes that the following children's 'reg' property can't be reached:
parent@0x0 {
#address-cells = <1>;
#size-cells = <0>;
children@0x100 {
reg = < 0x100 >;
};
};
Change the condition value from '1' to '0', which allows parsing property
with at least zero #size-cells, fixes the issue.
Now, fdtdec_get_addr_size_auto_parent() works properly.
Tested on: Odroid U3/X2, Trats, Trats2, Odroid XU3, Snow (by Simon).
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
fdtdec_get_addr_size() may be used in two cases:
a) With sizep supplied, in which case both an address and a size are
parsed from DT. In this case, the DT property must be large enough to
contain both values.
b) With sizep NULL, in which case only an address is parsed from DT.
In this case, the DT property only need be large enough to contain this
address value. Commit 02464e386b "fdt: add new fdt address parsing
functions" broke this relaxed checking, and required the DT property to
contain both an address and a size value in all cases.
Fix fdtdec_get_addr_size() to vary ns based on whether the size value
is being parsed from the DT or not. This is safe since the function only
parses the first entry in the property, so the overall value of (na + ns)
need not be accurate, since it is never used to step through the property
data to find other entries. Besides, this fixed behaviour essentially
matches the original behaviour before the patch this patch fixes. (The
original code validated that the property was exactly the length of
either na or (na + ns), whereas the current code only validates that the
property is at least that long. For non-failure cases, the two behaviours
are identical).
Cc: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Thierry Reding <treding@nvidia.com>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Michal Suchanek <hramrach@gmail.com>
Fixes: 02464e386b ("fdt: add new fdt address parsing functions")
Reported-by: Przemyslaw Marczak <p.marczak@samsung.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Przemyslaw Marczak <p.marczak@samsung.com>
Acked-by: Simon Glass <sjg@chromium.org>
Lets consider following scenario:
- One uses echo -n "key=value" to define environment variable in a file (single variable)
- The file content is "key=value" without any terminating byte (e.g. 0x0a or
0x0d).
- The file is loaded to u-boot non zero'ed RAM buffer (with load command).
- Then "env import -t -r $loadaddr $filesize" is executed.
- Due to lack of proper termination byte we have classical example of buffer
overrun.
This patch prevents from this by allocating one extra byte than size and
explicitly null terminate it.
There should be no change for normal env import operation after applying
this patch.
Signed-off-by: Lukasz Majewski <l.majewski@majess.pl>