Commit graph

28 commits

Author SHA1 Message Date
Masahisa Kojima
027f8a82ea doc: uefi: add anti-rollback documentation
This commit describe the procedure to configure lowest supported
version in the device tree for anti-rollback protection.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2023-06-08 09:20:36 +02:00
Masahisa Kojima
83be41049b doc: uefi: add firmware versioning documentation
This commit describes the procedure to add the firmware version
into the capsule file.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2023-06-08 09:20:36 +02:00
Vincent Stehlé
ac2ac69080 doc: uefi: fix links
Fix a couple of links so that they are rendered correctly with sphinx.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2023-03-13 13:56:14 +01:00
Vincent Stehlé
63db1561f1 efi: adjust ebbr to v2.1 in conformance profile
The EFI Conformance Profile Table entry for EBBR appears in v2.1.0 of the
EBBR specification[1]. Update naming accordingly.

While at it, update the EBBR version referenced in the documentation.

[1]: https://github.com/ARM-software/ebbr/releases/tag/v2.1.0

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-12-17 13:37:33 +00:00
Sughosh Ganu
75f11c3bfd FWU: doc: Add documentation for the FWU feature
Add documentation for the FWU Multi Bank Update feature. The document
describes the steps needed for setting up the platform for the
feature, as well as steps for enabling the feature on the platform.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-10-31 14:47:33 -04:00
Simon Glass
e33a5c6be5 blk: Switch over to using uclass IDs
We currently have an if_type (interface type) and a uclass id. These are
closely related and we don't need to have both.

Drop the if_type values and use the uclass ones instead.

Maintain the existing, subtle, one-way conversion between UCLASS_USB and
UCLASS_MASS_STORAGE for now, and add a comment.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-16 11:05:16 -04:00
Sughosh Ganu
aad7f1ad60 EFI: Update the documentation to reflect the correct value of OsIndications
The OsIndications is a 64 bit variable, and the current code expects
the value of the variable to be 64 bit. Update the documentation to
reflect this fact.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-06-04 08:43:55 +02:00
Sughosh Ganu
2cc2fa4458 doc: uefi: Update the capsule update related documentation
Update the capsule update functionality related documentation to
refect the additional definitions that need to be made per platform
for supporting the capsule update feature.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
2022-04-15 10:43:18 +02:00
Jan Kiszka
2899296e5c doc: uefi: Fix reference to CONFIG_EFI_SECURE_BOOT
There is no CONFIG_UEFI_SECURE_BOOT, and there was never any.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-03-20 11:03:06 +01:00
AKASHI Takahiro
d9612f4426 tools: mkeficapsule: allow for specifying GUID explicitly
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.

To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
   [--fit <image> | --raw <image>] <capsule file>
NEW:
   [--fit | --raw | --guid <guid-string>] <image> <capsule file>

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-02-11 20:07:55 +01:00
AKASHI Takahiro
a62eb06f7c doc: update UEFI document for usage of mkeficapsule
Now we can use mkeficapsule command instead of EDK-II's script
to create a signed capsule file. So update the instruction for
capsule authentication.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-02-11 20:07:55 +01:00
Tom Rini
0dadad6d7c - disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs
- meson64_android: add board specific env settings, in order to support VIM3/L for android
 - add changes to support VIM3/L android boot by using meson64_android.h config
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEPVPGJshWBf4d9CyLd9zb2sjISdEFAmHYV8MACgkQd9zb2sjI
 SdELkA/+LjyjJB1KI6/KLLg43zyFeeZX/SjQd5BUIx6EfaCgyTkuq2lzQnErGmbi
 HoyMoNLpBxLIL27/5TXPzmKYAeOfKPxA/sXTTtx/l7PG8ncSZIoU0+utqjycdUsK
 tSi7EdFzk7/kDDRkqqA7q9nxsPn/7GQNh/ZC9zstMXKaTO/TEb/sZWCMcvQ0MNoB
 ynZKOCg5t60UkIYIRwZwC/OS/ssn86dovv/Aa/8D6qpL2AbS5DoCXHuAr8Dnz7fJ
 q4rV7oLh7a+WHe/qC7R6ylYFIVVqY5JaIgbLDwuvk1z9o7txchMMQnGgllZ35sN9
 LECD2iSDGjhPaHuGCvQwl3TWtIpvtdcP4sQTyJhsXNPxCG6HHvRz7xY4erUohR1I
 LIddwCCHeCrBiaamXNbCzph2+JhfPSQ5ETCL9M6iBMxNUPunlCxjfjDzlT/pg11p
 EO9PIPjRMR9QhxKtd3gZpyAqPuMBEmIwhDtHI6dL3DNOOsF44ObE4swnzS6qXIDn
 jRZzFCC2f/Vyg11YnzFtV3A5eWwJahGDWAGAnnlg6Y8GCLlLmDJitcgA/rWSALko
 T5fC8L8IFUx2RnHczyitJ/wqJl9FqOAnIaoB3Trpwp8gFQ15dQjbvoXldQnAjSS2
 9bns3zOrx79EF4lbHhwNE9UDLm6OjK5vR3h4bGJvyZBmasVsA90=
 =dLEg
 -----END PGP SIGNATURE-----

Merge tag 'u-boot-amlogic-20220107' of https://source.denx.de/u-boot/custodians/u-boot-amlogic into next

- disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs
- meson64_android: add board specific env settings, in order to support VIM3/L for android
- add changes to support VIM3/L android boot by using meson64_android.h config
2022-01-09 07:56:31 -05:00
Simon Glass
6e7ad4a45f x86: Allow booting a kernel from the EFI app
At present this is disabled, but it should work so long as the kernel does
not need EFI services. Enable it and add a note about remaining work.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-12-31 06:45:01 +01:00
Simon Glass
613cd0c467 efi: Locate all block devices in the app
When starting the app, locate all block devices and make them available
to U-Boot. This allows listing partitions and accessing files in
filesystems.

EFI also has the concept of 'disks', meaning boot media. For now, this
is not obviously useful in U-Boot, but add code to at least locate these.
This can be expanded later as needed.

We cannot use printf() in the early stub or app since it is not compiled
in

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-12-31 06:45:01 +01:00
Ilias Apalodimas
d241d2c879 doc: Fix usage of CFG_RPMB_WRITE_KEY
This is a 'y/n' selection, so fix it.
While at it remove the duplicate usage of CFG_CORE_HEAP_SIZE

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-12-27 11:38:50 +01:00
Simon Glass
2abd8d1c99 efi: Rename UCLASS_EFI and IF_TYPE_EFI
These names are better used for access to devices provided by an EFI
layer. Use EFI_LOADER instead here, since these are only available in
U-Boot's EFI_LOADER layer.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-12-09 11:43:25 -08:00
Simon Glass
1834c081d3 efi: Add video support to the app
The current EFI video driver only works when running in the stub. In that
case the stub calls boot services (before jumping to U-Boot proper) and
copies the graphics info over to the efi table. This is necessary because
the stub exits boot services before jumping to U-Boot.

The app maintains access to boot services throughout its life, so does not
need to do this. Update the driver to support calling boot services
directly.

Enable video output for the app. Note that this uses the
EFI_GRAPHICS_OUTPUT_PROTOCOL protocol, even though it mentions vesa.

A sample qemu command-line for this case is:

   qemu-system-x86_64 -bios /usr/share/edk2.git/ovmf-ia32/OVMF-pure-efi.fd
   -drive id=disk,file=try.img,if=none,format=raw -nic none
   -device ahci,id=ahci -device ide-hd,drive=disk,bus=ahci.0

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Simon Glass
e16c47fa3d efi: Create a 64-bit app
Most modern platforms use 64-bit EFI so it is useful to have a U-Boot app
that runs under that. Add a (non-functional) build for this.

Note that --whole-archive causes the gcc 9.2 linker to crash, so disable
this for now. Once this is resolved, things should work.

For now, avoid mentioning the documentation for the 64-bit app, since it
does not work.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-11-07 18:36:55 +01:00
Simon Glass
6b2f82901e efi: Add a script to build an image for testing on UEFI
It is quite complicated to run U-Boot on QEMU since we have four
different builds and they must use different versions of qemu and the
UEFI binaries.

Add a script to help. It requires U-Boot itself to be built. Once that
is done you can use this script to build an image for use with qemu and
optionally run it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-07 18:36:55 +01:00
Bin Meng
7a0eecb2bd docs: uefi: Update stale U-Boot on EFI doc
The existing intructions in the U-Boot on EFI doc do not work with
the latest QEMU. Update the doc with the correct instructions, as
well as using the new OVMF URL link.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
2021-11-01 09:50:55 +08:00
AKASHI Takahiro
c5e81fddf2 Revert "Revert "doc: Update CapsuleUpdate READMEs""
This reverts commit a7e4f905d2.
The description originally written by Sughosh is still valid
even after the commit 47a25e81d3 ("Revert "efi_capsule: Move signature
from DTB to .rodata"") was applied.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2021-10-25 21:13:06 +02:00
Simon Glass
a7e4f905d2 Revert "doc: Update CapsuleUpdate READMEs"
This reverts commit 316ab801c0.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-18 03:46:56 -06:00
Michal Simek
acbbd98313 doc: Remove information about CAPSULE_FMP_HEADER
This Kconfig symbol was never added to U-Boot but it was mentioned in the
origin commit c35df7c9e4 ("qemu: arm64: Add documentation for capsule
update"). That's why remove it from documentation to be accurate.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-03 09:09:16 +02:00
Ilias Apalodimas
316ab801c0 doc: Update CapsuleUpdate READMEs
Since we removed embeddingg the capsule key into a .dtb and fixed
authenticated capsule updates for all boards, move the relevant
documentation in the efi file and update it accordingly

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-07-18 14:43:56 +02:00
Ilias Apalodimas
bfb5ce4edd doc: Add build instructions for OP-TEE backed EFI variables
Since that invlolves external projects and not only U-Boot, add guidance
for supported platforms

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Ilias Apalodimas
cd64031c16 doc: Update uefi documentation for initrd loading options
Document the command line options for efidebug and initrd loading

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Rewiewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-10 12:00:24 +02:00
Tom Rini
9c7335e4e6 dtoc support for of-platdata-inst
driver model support for of-platdata-inst
 support of-platdata-inst on x86 / coral
 binman support for exapanded entries
 binman convert docs to reST
 ti-sysc fix for duplicate uclass driver
 patman minor improvements
 pylibfdt build only if needed
 correct obscure CI error with OF_PLATDATA_INST
 -----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmBdZYURHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreb2rQgAyr1rufrt1UGjZlVjk0HtqX0sdmcOoE4e
 6NIuatWXPcP2QR93O9zeGgf/yqNIf3lVIa6Cy3baJBfP6fceZ8B24/xgKKEauPFf
 g99sec+q7LPL/oigajXIaWorFXK/NDRtQcSIQFu/EmvCmi0m8Iu0HKFa7YBqa7dc
 YdhGnJZZOdYuQmlKewq9q4cIr6qNtTZczsozt4PNZVgB2lKusBNyKRPZErNEFiN6
 7A56bb8tcfWgGXenKVTUUcyjWRXM2tt4QtrPFedZsF6cLa8D5v4MfWMs0QBRFl/u
 fMzxyeb46x0wsYBNqIBOC7DQWaU/ZeFlr5mQObIH0ypdcsUnEX98sw==
 =Ld3P
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-26mar21-take2' of git://git.denx.de/u-boot-dm into next

dtoc support for of-platdata-inst
driver model support for of-platdata-inst
support of-platdata-inst on x86 / coral
binman support for exapanded entries
binman convert docs to reST
ti-sysc fix for duplicate uclass driver
patman minor improvements
pylibfdt build only if needed
correct obscure CI error with OF_PLATDATA_INST
2021-03-26 12:15:26 -04:00
Simon Glass
d1ceeeff6c doc: Move UEFI under develop/
Much of the content here is useful only for development. Move it under
that section.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-26 17:03:10 +13:00