CID 316361 says:
> Passing argument "count * 8UL /* sizeof (*files) */" to
> function "dlmalloc" and then casting the return value to "u16 **" is
> suspicious. In this particular case "sizeof (u16 **)" happens to be equal
> to "sizeof (u16 *)", but this is not a portable assumption.
> > 767 tmp_files = malloc(count * sizeof(*files));
The change in this patch fixes the ambiguity.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: CID 316361
For readability use *tmp_files instead of tmp_files[0]
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
CID 316364 says:
> Null pointer dereferences (FORWARD_NULL)
> printf("Result total size: 0x%x\n", result->variable_total_size);
at do_efi_capsule_res().
The code is basically safe because a buffer for "result" is allocated
by malloc() and filled up by the second get_variable(), which fails any way
if the allocation has failed.
But the first (and second) get_variable() possibly returns an error other
than EFI_SUCCESS. We always need to check the return code from
get_variable() before accessing the data in "result".
While this change won't suppress CID 316364, the resulting code is much
safer.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Use the correct GUID when closing the file load protocol.
Remove an unnecessary check (Coverity CID 316363).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The short name and extension of FAT files are stored in adjacent fields of
the directory entry. For some operations like calculating a checksum or
copying both fields it is preferable to treat both as one structure.
Change the definition of the directory entry structure to include a
structure comprising the name and the extension field.
This resolves Coverity CID 316357, CID 316350, CID 316348.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Provide function description for flush_dir().
Move all error messages for flush_dir() from the callers to the function.
Move mapping of errors to -EIO to the function.
Always check return value of flush_dir() (Coverity CID 316362).
In fat_unlink() return -EIO if flush_dirty_fat_buffer() fails.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UBI_IOCVOLUP ioctl can fail if exclusive access to the volume isn't
obtained. If this happens, the flush operation doesn't return error,
leaving the caller without knowledge of missing flush.
Fix this by forwarding the error (-1) from ubi_update_start().
Fixes: 34255b92e6 ("tools: env: Add support for direct read/write UBI volumes")
Signed-off-by: Martin Hundebøll <martin@geanix.com>
These commands were disabled when CONFIG_FIT_SIGNATURE is disabled, but
they do not depend on crypto support so they can be unconditionally
enabled.
Signed-off-by: Joel Stanley <joel@jms.id.au>
When CONFIG_FIT_CIPHER=y and CONFIG_FIT_SIGNATURE=n is there is no
implementation of image_get_host_blob for mkimage/dumpimage:
/usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
Move the implementation to a common file so it can be shaed between
image-cipher.c and image-fit-sig.c.
Signed-off-by: Joel Stanley <joel@jms.id.au>
If CONFIG_FIT_CIPHER is enabled without CONFIG_FIT_SIGNATURE then
mkimage/dumpimage will fail to link:
/usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x10): undefined reference to `EVP_aes_128_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x40): undefined reference to `EVP_aes_192_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x70): undefined reference to `EVP_aes_256_cbc'
/usr/bin/ld: tools/lib/aes/aes-encrypt.o: in function `image_aes_encrypt':
aes-encrypt.c:(.text+0x22): undefined reference to `EVP_CIPHER_CTX_new'
/usr/bin/ld: aes-encrypt.c:(.text+0x6f): undefined reference to `EVP_EncryptInit_ex'
/usr/bin/ld: aes-encrypt.c:(.text+0x8d): undefined reference to `EVP_EncryptUpdate'
/usr/bin/ld: aes-encrypt.c:(.text+0xac): undefined reference to `EVP_CIPHER_CTX_free'
/usr/bin/ld: aes-encrypt.c:(.text+0xf2): undefined reference to `EVP_EncryptFinal_ex'
collect2: error: ld returned 1 exit status
Signed-off-by: Joel Stanley <joel@jms.id.au>
The propoerty sign-images points to images in the configuration
node. But thoses images may references severals "sub-images" (for
example for images loadable). This commit adds the support of
severals sub-images.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit creates a function fit_config_add_hash that will be
used in the next commit to support several 'sub-images'.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
The dm root node is needed early in the spl to allow the timer to be
used. This change calls spl_early_init to initialize the dm root node.
Signed-off-by: Greg Gallagher <greg@embeddedgreg.com>
Giant board is a tiny SBC based on the Adafruit Feather form factor,
created by groboards it contains a SAMA5D2 processor (SAMA5D27),
128 MB of RAM and a microSD card for storage.
Signed-off-by: Greg Gallagher <greg@embeddedgreg.com>
Take into account all RGMII interface types. Depending on it
the RGMII PHY's timings are setup.
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
clk_set_rate() returns the set rate in case of success and a
negative number in case of failure. Consider failure only the
negative numbers.
Fixes: 3ef64444de ("dm: net: macb: Implement link speed change callback")
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Different implementation of USER IO register needs different
mapping for bit fields of this register. Add implementation
for this and, since clken is part of USER IO and it needs to
be activated based on per SoC capabilities, add caps in
macb_config where clken specific information needs to be filled.
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Because ATMEL_BASE_ROM is defined to 0x100000, it already points
to the begin of the index table for 512 byte sectors correction.
Thus its offset must be zero and the index of the table for 1024
byte sectors must start at offset 0x8000.
Signed-off-by: Kai Stuhlemmer (ebee Engineering) <kai.stuhlemmer@ebee.de>
[ta: update commit message]
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Offsets are described in the datasheet at section:
"11.4.4.2 NAND Flash Boot: PMECC Error Detection and Correction".
For testing I "injected" bit flips into u-boot NAND memory area,
and then read back. PMECC could not correct the errors. With the
offsets updated everything is fine.
Fixes: 3225f34e5c ("ARM: atmel: add sama5d3xek support")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
When CONFIG_ATMEL_NAND_HW_PMECC is set, CONFIG_PMECC_CAP defaults
to the value of 2. At the conversion to Kconfig for the PMECC config
values, some boards/defconfigs were wrongly configured.
Update CONFIG_PMECC_CAP to the PMECC_CAP value before the conversion.
Fixes: 49ad40298c ("ARM: at91: Convert SPL_GENERATE_ATMEL_PMECC_HEADER to Kconfig")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
SPL_GENERATE_ATMEL_PMECC_HEADER selects:
ATMEL_NAND_HWECC [=y] && ATMEL_NAND_HW_PMECC [=y].
With the removal of SPL_GENERATE_ATMEL_PMECC_HEADER,
ATMEL_NAND_HW_PMECC and ATMEL_NAND_HWECC were no longer
selected. Also, when the SPL_GENERATE_ATMEL_PMECC_HEADER was removed,
the configs were not updated using savedefconfig, thus the
'commit d168bcb6fe ("configs: Resync with savedefconfig")'
further removes the CONFIG_PMECC_CAP value.
Update defconfigs and add CONFIG_ATMEL_NAND_HW_PMECC,
which selects ATMEL_NAND_HWECC, in order to restore NAND PMECC
support. Restore CONFIG_PMECC_CAP value.
Fixes: 57f76c2a47 ("configs: at91: remove SPL_GENERATE_ATMEL_PMECC_HEADER from non-nand configs")
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Use dev_read_prop instead of using the fdt_read_property which
reads from the GD struct's fdt.
This way the node is accessed via the device config instead of the
global struct, which makes code more portable and GD independent.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
- New board: rk3328 NanoPi R2S board;
- Fix init voltage for some rk3399 boards;
- enable rng for rk3399 by default;
- set default to SPI bus 1 for SPI-flash for some board;
- add dwc PCIe controller driver on rockchip platform;
Add Rockchip dwc based PCIe controller driver for rk356x platform.
Driver support Gen3 by operating as a Root complex.
Signed-off-by: Shawn Lin <shawn.lin@rock-chips.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
Add the Rockchip Synopsys based PCIe 3.0 PHY driver as
part of Generic PHY framework.
Signed-off-by: Shawn Lin <shawn.lin@rock-chips.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
This adds support for the NanoPi R2S from FriendlyArm.
Rockchip RK3328 SoC
1GB DDR4 RAM
Gigabit Ethernet (WAN)
Gigabit Ethernet (USB3) (LAN)
USB 2.0 Host Port
MicroSD slot
Reset button
WAN - LAN - SYS LED
Signed-off-by: David Bauer <mail@david-bauer.net>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
Enable the RNG on the Firefly, rock960 and RockPro64 devices
to enable KASLR on devices that support it.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
Cc: Akash Gajjar <akash@openedev.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
The rng is embedded in the SoC so enable it in the device tree
universally, the use of it can be controlled by enabling/disabling
at the device config level.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
SPI flash on this machine is located on bus 1, default to using bus 1
for SPI flash and stop aliasing it to bus 0. Formerly the alias spi1
pointed to &spi5, use an alias spi5 for this instead.
Signed-off-by: Hugh Cole-Baker <sigmaris@gmail.com>
Suggested-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
SPI flash on this board is located on bus 1, default to using bus 1 for
SPI flash on both rk3399-roc-pc and -mezzanine, and stop aliasing it to
bus 0.
Signed-off-by: Hugh Cole-Baker <sigmaris@gmail.com>
Suggested-by: Simon Glass <sjg@chromium.org>
Fixes: c4cea2bb ("rockchip: Enable building a SPI ROM image on bob")
Reviewed-by: Kever Yang<kever.yang@rock-chips.com>
Before 'if (err)' we have to initialize the variable otherwise we use a
random value from the stack.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
At the beginning of close_ctree_fs_info() the value 0 is assigned to err
and never changed before testing it.
Let's get rid of the superfluous variable.
Fixes: f06bfcf54d ("fs: btrfs: Crossport open_ctree_fs_info() from btrfs-progs")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Qu Wenruo <wqu@suse.com>
SquashFS supports sprase blocks in files - that is, if a given block is
composed only of zeros, it's not written to the output file to save
space and it's on-disk length field is set to zero to indicate that.
Previously the squashfs driver did not recognise that, and would attempt
to read and decompress a zero-sized block, which obviously failed.
The following command may be used to create a file for testing:
cat <(dd if=/dev/urandom of=/dev/stdout bs=1M count=1) \
<(dd if=/dev/zero of=/dev/stdout bs=1M count=1) \
<(dd if=/dev/urandom of=/dev/stdout bs=1k count=200) >test_file
Signed-off-by: Campbell Suter <campbell@snapit.group>
In __btrfs_map_block() we do a int * int and assign it to u64.
This is not safe as the result (int * int) is still evaluated as (int)
thus it can overflow.
Convert one of the multiplier to u64 to prevent such problem.
In real world, this should not cause problem as we have device number
limit thus it won't go beyond 4G for a single stripe.
But it's harder to teach coverity about all these hidden limits, so just
fix the possible overflow.
Reported-by: Coverity CID 312957
Reported-by: Coverity CID 312948
Signed-off-by: Qu Wenruo <wqu@suse.com>
* Provide a test tool for initial RAM disk provided via load file2 protocol.
* Make more items configurable to reduce code size:
* Boot manager
* EFI_DT_FIXUP_PROTOCOL
* EFI_DEVICE_PATH_UTILITIES_PROTOCOL
* Bug fixes
* avoid EFI runtime symbols in global symbol table
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmAIHfIACgkQxIHbvCwF
GsSz8g/+No9xNYiAK1pY0Fjus6ZSfBhMCY9NGwkEkyzFwXZG+ckmlWwMd+auk8Oz
noU5vVBkr4JdrdpACdgiCdCeAfsYwxPy7/GulgVMLpptMlrLfbOhA/n7uOzhAilV
QDt3BouOuvW+sVlxoxD2FNkpw4vFS6CasFgBj1+tWunARoXqIRxD4MbFp1zwApHb
qC67jomsDS6MvQtrebZ3Erqkp67W0RVtD6X4KGq8+6g+8akVAan5zl7/gPj9Z8h6
M1AXG/pLqDMrG+3RFGMyqncPOlxPVL85BQAAJVB8/SQcAQ726R4z/ia+3VBFBWWf
N9rmzNJ9KnbAr3OHZnfqYITe/E2xgiRVqTYl5IL8701E41qhEjRiBWFF+U+QG/8b
3IByp4FZXVbVxjsjK8dIi5aTmBvznwb0HcrlcbwJRonTvBCBOZCVIoAn2PalZUFW
4zc4hGaoWVTdwRXaiiQKQuAfA52B3tfPqfWyUsm1E+crf/JYngstQe4A88FDorV6
ozISWNXb5RzYdNluewJl2c1rfWcUiWHbbnKMt+YbDvE4OTy6lbJC9oY0mNfPE7nK
7cq/Tk8WNhrMIv95nqzDBCv78naa0iQF5P+tHk6/r3IJ/wFFyD6f4ZvGijvCK+9o
vgnmK0kz9Qd53m+g4L54xpTsyoCXaU2N9zzD1QgwV3HjW2JyjxY=
=yVF7
-----END PGP SIGNATURE-----
Merge tag 'efi-2021-04-rc1-2' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2021-04-rc1-2
* Provide a test tool for initial RAM disk provided via load file2 protocol.
* Make more items configurable to reduce code size:
* Boot manager
* EFI_DT_FIXUP_PROTOCOL
* EFI_DEVICE_PATH_UTILITIES_PROTOCOL
* Bug fixes
* avoid EFI runtime symbols in global symbol table
CONFIG_SYS_REDUNDAND_ENVIRONMENT is changing in env_internal.h how u-boot
works with variables. struct environment_s has one byte flags property
which also affects ENV_SIZE macro.
I have reached the case where CONFIG_ENV_IS_NOWHERE is default setup
but custom scripts can be designed in a way that u-boot is asked to
import/export variables from/to file which can be in certain format.
That's why also for this configuration make sense to enable
CONFIG_SYS_REDUNDAND_ENVIRONMENT because it depends on environment file
format.
The patch is removing dependency on this configuration to support selecting
environment file format without any specific dependency where variables are
stored.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This hook is used in full U-Boot that's why there is no reason to touch
this location from SPL. The hook was introduced for QEMU usage but none is
really running SPL on QEMU that's why it shouldn't break any usecase.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Remove ifdef logic which is handled by preprocessor and move it link time
optimization to get full compile code coverage.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>