It doesn't need to consider start byte address.
If ramdisk size is 0x800000 and start address is 0x2700000, then it's
used until 0x02efffff, not 0x02f00000. But it's detected to overlapt RD
image, when kernel start address is 0x02f00000.
Because it's doing wrong calculation about rd_len.
This patch fixed wrong calculation address position when check
condition.
In addition, it needs to check one more condition about overlapping
entire area.
Fixes: commit fbde7589ce ("common: bootm: add checks to verify if ramdisk / fdtimage overlaps OS image")
Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>
In bootm_load_os() the OS image is decompressed. In later stages of the
boot process we need the decompressed size of the image.
Update images->os.image_len after decompression.
Passing the correct size is necessary if we want to check loaded EFI
binararies for file truncation by comparing the loaded size to the header
field SizeOfImage.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
These cases are typically fatal and are difficult to debug for random
users. Add checks for detecting overlapping images and abort if overlap
is detected.
Signed-off-by: Tero Kristo <t-kristo@ti.com>
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this header out of the common header. Network support is used in
quite a few places but it still does not warrant blanket inclusion.
Note that this net.h header itself has quite a lot in it. It could be
split into the driver-mode support, functions, structures, checksumming,
etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present bootm_host_load_images() is passed the configuration that has
been verified, but ignores it and just uses the default configuration.
This may not be the same.
Update this function to use the selected configuration.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move these two functions into the irq_funcs.h header file. Also move
interrupt_handler_t as this is used by the irq_install_handler() function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
These functions are CPU-related and do not use driver model. Move them to
cpu_func.h
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Move env_set_hex() over to the new header file along with env_set_addr()
which uses it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Upcoming patches want to add decompression to use cases that are no
longer directly related to booting. It makes sense to retain a single
decompression routine, but it should no longer be in bootm.c (which is
not compiled for all configurations). This patch moves
bootm_decomp_image() to image.c and renames it to image_decomp() in
preparation of those upcoming patches.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fix warning around handle_decomp_error being unused]
Signed-off-by: Tom Rini <trini@konsulko.com>
The name CONFIG_LEGACY_IMAGE_FORMAT reads slightly better along with
allowing us to avoid a rather nasty Kbuild/Kconfig issue down the line
with CONFIG_IS_ENABLED(IMAGE_FORMAT_LEGACY). In a few places outside of
cmd/ switch to using CONFIG_IS_ENABLED() to test what is set.
Signed-off-by: Tom Rini <trini@konsulko.com>
Due to some mistakes in the source code, it was not possible to really
turn FIT support off. This commit fixes the problem by means of the
following changes:
- Enclose "bootm_host_load_image" and "bootm_host_load_images" between
checks for CONFIG_FIT_SIGNATURE, in common/bootm.c.
- Enclose the declaration of "bootm_host_load_images" between checks for
CONFIG_FIT_SIGNATURE, in common/bootm.h.
- Condition the compilation and linking of fit_common.o fit_image.o
image-host.o common/image-fit.o to CONFIG_FIT=y, in tools/Makefile.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
[fabio: adapt for 2016.07]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Ricardo: fix conditional compilation and linking of the files mentioned above
for 2016.07]
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Jörg: adapt for 2019.01]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/uboot-tools/0003-Make-FIT-support-really-optional.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
According to Android image format [1], kernel image resides at 1 page
offset from the boot image address. Grab the magic number from there
and allow U-Boot to handle LZ4-compressed KNL binaries instead of
hardcoding compression type to IH_COMP_NONE. Other compression types,
if needed, can be added later.
Tested on H3ULCB-KF using the image detailed in [2].
[1] Excerpt from include/android_image.h
+-----------------+
| boot header | 1 page
+-----------------+
| kernel | n pages
+-----------------+
| ramdisk | m pages
+-----------------+
| second stage | o pages
+-----------------+
[2] => iminfo 4c000000
## Checking Image at 4c000000 ...
Android image found
kernel size: 85b9d1
kernel address: 48080000
ramdisk size: 54ddbc
ramdisk addrress: 4a180000
second size: 0
second address: 48000800
tags address: 48000100
page size: 800
os_version: 1200012a (ver: 0.9.0, level: 2018.10)
name:
cmdline: buildvariant=userdebug
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
The cache flush of the kernel load area needs to be aligned outward to
the DMA cache alignment. The operations are simpler if we think of this
as aligning the start down, ALIGN_DOWN(load, ARCH_DMA_MINALIGN), and
aligning the end up, ALIGN(load_end, ARCH_DMA_MINALIGN), and then find
the length of the flushed region by subtracting the former from the
latter.
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Refactor the switch from supervisor to hypervisor to a new function called
at the beginning of do_bootefi().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This fixes the automatic lmb initialization and reservation for boards
with more than one DRAM bank.
This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load
files into the firs DRAM bank from fs and via tftp.
Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Booting an image currently sets the environment variable "fdtaddr"
by calling into 'cmd/fdt.c'. As a result, linking U-Boot fails if
CMD_FDT is not enabled.
Fix this by adding 'if (CONFIG_IS_ENABLED(CMD_FDT))' to the two
places where 'set_working_fdt_addr()' is called.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
When running sandbox with the new pointer sanitization we just recently
introduced, we're running into a case with FIT images where we end up
interpreting pointers as addresses.
What happened is that most callers of set_working_fdt_addr() simply
convert pointers into addresses without taking into account that they
might be 2 separate address spaces. Fix the callers up to map their
pointers into addresses.
This makes sandbox tests pass for me again.
Signed-off-by: Alexander Graf <agraf@suse.de>
The ARM64 has 2 MiB alignment requirement for the kernel. When using
fitImage, this requirement may by violated, the kernel will thus be
executed from unaligned address and fail to boot. Do what booti does
and run booti_setup() for kernel_noload images on arm64 to obtain a
suitable aligned address to which the image shall be relocated.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Bin Chen <bin.chen@linaro.org>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Tom Rini <trini@konsulko.com>
This undocumented function relies on arch-specific code to declare a nop
weak version. Add the weak function in common code instead to avoid having
to duplicate the same function in each arch.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
In do_bootm_states when doing BOOTM_STATE_LOADOS we use load_end
uninitialized and Coverity notes this now. This however leads down
another interesting path. We pass this pointer to bootm_load_os and
that in turn uses this uninitialized value immediately to calculate the
flush length, and is wrong. We do not know what load_end will be until
after bootm_decomp_image is called, so we must only set flush_len after
that. All of this also makes it clear that the only reason we pass a
pointer for load_end to bootm_load_os is so that we can call lmb_reserve
on success. Rather than initialize load_end to 0 in do_bootm_states we
can just call lmb_reserve ourself.
Reported-by: Coverity (CID: 175572)
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
commit b4d956f6bc ("bootm: Align cache flush end address correctly")
aligns the end address of the cache flush operation to a cache-line size to
ensure lower-layers in the code accept the range provided and flush.
A similar action should be taken for the begin address of a cache flush
operation. The load address may not be aligned to a cache-line boundary, so
ensure the passed address is aligned.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reported-by: Breno Matheus Lima <brenomatheus@gmail.com>
Suggested-by: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Tested-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This drops the limit that fpga is only loaded from FIT images for Xilinx.
This is done by moving the 'partial' check from 'common/image.c' to
'drivers/fpga/xilinx.c' (the only driver supporting partial images yet)
and supplies a weak default implementation in 'drivers/fpga/fpga.c'.
Signed-off-by: Simon Goldschmidt <sgoldschmidt@de.pepperl-fuchs.com>
Tested-by: Michal Simek <michal.simek@xilinx.com> (On zcu102)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Removal of the legacy DataFlash code turned genimg_get_image() into a
no-op. Drop all calls to it and the function itself.
Signed-off-by: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
We are now using an env_ prefix for environment functions. Rename these
other functions as well, for consistency:
getenv_vlan()
getenv_bootm_size()
getenv_bootm_low()
getenv_bootm_mapsize()
env_get_default()
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.
Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename these
commonly used functions, for consistency. Also add function comments in
common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
This bug appears in b6396403 which makes u-boot unable to pass
arguments via bootm to a standalone application without this patch.
Steps to reproduce.
Compile a u-boot. Use mkimage to package the standalone hello_world.bin
file.
e.g. For the MIPS Boston platform
mkimage -n "hello" -A mips -O u-boot -C none -T standalone \
-a 0xffffffff80200000 -d hello_world.bin \
-ep 0xffffffff80200000 hello_out
Then tftp hello_out and run it using
boston # dhcp 192.168.154.45:hello_out
...
boston # bootm $loadaddr 123 321
Without the patch the following output is observed.
boston # bootm $loadaddr 123 321
Image Name: hello
Image Type: MIPS U-Boot Standalone Program (uncompressed)
Data Size: 1240 Bytes = 1.2 KiB
Load Address: 80200000
Entry Point: 80200000
Verifying Checksum ... OK
Loading Standalone Program ... OK
Example expects ABI version 8
Actual U-Boot ABI version 8
Hello World
argc = 0
argv[0] = "0xffffffff88000000"
With the patch, you see the following.
boston # bootm $loadaddr 123 321
Image Name: hello
Image Type: MIPS U-Boot Standalone Program (uncompressed)
Data Size: 1240 Bytes = 1.2 KiB
Load Address: 80200000
Entry Point: 80200000
Verifying Checksum ... OK
Loading Standalone Program ... OK
Example expects ABI version 8
Actual U-Boot ABI version 8
Hello World
argc = 3
argv[0] = "0xffffffff88000000"
argv[1] = "123"
argv[2] = "321"
argv[3] = "<NULL>"
Without the patch, the go command at the entry point seems to work.
boston # go 0xffffffff80200000 123 321
Example expects ABI version 8
Actual U-Boot ABI version 8
Hello World
argc = 3
argv[0] = "0xffffffff80200000"
argv[1] = "123"
argv[2] = "321"
argv[3] = "<NULL>"
Hit any key to exit ...
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The bootz and booti commands rely on common functionality that is found
in common/bootm.c and common/bootm_os.c. They do not however rely on
the rest of cmd/bootm.c to be implemented so split them into their own
files. Have various Makefiles include the required infrastructure for
CONFIG_CMD_BOOT[IZ] as well as CONFIG_CMD_BOOTM. Move the declaration
of 'images' over to common/bootm.c.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
The function fixup_silent_linux() is called in status BOOTM_STATE_LOADOS
to silence Linux if variable 'silent' is set.
Currently only the 'bootm' command state machine contains
BOOTM_STATE_LOADOS, but others like 'booti' or 'bootz' commands do not.
This means silent Linux does not work with these commands.
This patch moves the fixup_silent_linux() call out of the
BOOTM_STATE_LOADOS state and into BOOTM_STATE_OS_PREP, to silence Linux
independently of the used command (booti, bootm or bootz).
Signed-off-by: Hector Palacios <hector.palacios@digi.com>
Flushing part of the cache should be done on cache boundaries. Trying to
flush part of a cache line is not supported and the request may be ignored
or print warnings.
Adjust the bootm code to align the end address to prevent this problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Tested-on: smartweb, corvus, taurus, axm
Tested-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Andreas Bießmann <andreas@biessmann.org>
Add function boot_get_fpga() which find and load bitstream to
programmable logic if fpga entry is present.
Function is supported on Xilinx devices for full and partial bitstreams
in BIN and BIT format.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Remove additional blankline in image.h
Add an option to enable libfdt in SPL. This can be useful when decoding
FIT files in SPL.
We need to make sure this option is not enabled in SPL by this change.
Also this option needs to be enabled in host builds. Si add a new
IMAGE_USE_LIBFDT #define which can be used in files that are built on the
host but must also build for U-Boot and SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.
Move these options to Kconfig and tidy up board configuration:
CONFIG_FIT
CONFIG_OF_BOARD_SETUP
CONFIG_OF_SYSTEM_SETUP
CONFIG_FIT_SIGNATURE
CONFIG_FIT_BEST_MATCH
CONFIG_FIT_VERBOSE
CONFIG_OF_STDOUT_VIA_ALIAS
CONFIG_RSA
Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.
Note: Masahiro's moveconfig.py script is amazing.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
A recent change broke the 'bootm' command on sandbox. The root cause is
using a pointer as an address. Conversion from pointer to address needs to
use map_to_sysmem() so that sandbox can do the right thing. The problem was
pre-existing but uncovered by a recent commit.
Fix this. Also move fit_get_end() to the C file to avoid needing to include
mapmem.h (and thus asm/io.h) everywhere.
Fixes: 1fec3c5d (common/image.c: Make boot_get_ramdisk() perform a check for Android images)
Signed-off-by: Simon Glass <sjg@chromium.org>
Variable _load_end_ points to end address of uncompressed buffer
(*not* uncomress_buffer_end / sizeof(ulong)), so multipling uncompressed
size with sizeof(ulong) is grossly incorrect in flush_cache().
It might lead to access of address beyond valid memory range and hang the CPU.
Tested on MIPS architecture by using compressed(gzip, lzma)
and uncompressed uImage.
Signed-off-by: Purna Chandra Mandal <purna.mandal@microchip.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
This patch adds support for LZ4-compressed FIT image contents. This
algorithm has a slightly worse compression ration than LZO while being
nearly twice as fast to decompress. When loading images from a fast
storage medium this usually results in a boot time win.
Sandbox-tested only since I don't have a U-Boot development system set
up right now. The code was imported unchanged from coreboot where it's
proven to work, though. I'm mostly interested in getting this recognized
by mkImage for use in a downstream project.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
CONFIG_NETCONSOLE causes common/bootm.c to call eth_unregister()
for network device shutdown. However, with CONFIG_DM_ETH this
function is no longer defined.
This is a workaround to avoid the call in that case, and solely
rely on eth_halt(). In case this is insufficient, a proper way
to unregister / remove network devices needs to be implemented.
Signed-off-by: Bernhard Nortmann <bernhard.nortmann@web.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
bootm_find_ramdisk_fdt() renamed to bootm_find_images() for readability.
The function bootm_find_ramdisk_fdt() appears to be a simple wrapper for
bootm_find_ramdisk(), bootm_find_fdt(), and now bootm_find_loadables().
I didn't see any other callers entering a bootm_find<thing>, so removing
the wrapper, and condensing these together hopefully makes the code a
little simpler.
Signed-off-by: Karl Apsite <Karl.Apsite@dornerworks.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Added a trimmed down instance of boot_get_<thing>() to satisfy the
minimum requierments of the added feature. The function follows the
normal patterns set by other boot_get<thing>'s, which should make it a
bit easier to combine them all together into one boot_get_image()
function in a later refactor.
Documentation for the new function can be found in source:
include/image.h
Signed-off-by: Karl Apsite <Karl.Apsite@dornerworks.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In the case where the arch defines a custom map_sysmem(), make sure that
including just mapmem.h is sufficient to have these functions as they
are when the arch does not override it.
Also split the non-arch specific functions out of common.h
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit 90bac29a76 claims to fix this bug
that was introduced in commit a92fd6577e
but doesn't actually make the change that the commit message describes.
Actually fix the bug this time.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Acked-by: Simon Glass <sjg@chromium.org>
Adjust the code so that the error reporting can all be done at the end,
and is the same for each decompression method. Try to detect when
decompression fails due to lack of space. Keep the behaviour of
resetting on failure even though there should be no memory corruption
now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Refactor to allow this function to be used to announce the image being
loaded regardless of compression type and even when there is no
decompression.
Signed-off-by: Simon Glass <sjg@chromium.org>
Export this function for testing. Also add a parameter so that values other
than CONFIG_SYS_BOOTM_LEN can be used for the maximum uncompressed size.
Signed-off-by: Simon Glass <sjg@chromium.org>