Since ut_asserteq_mem() uses bin2hex() we should include this header in
ut.h to avoid errors. Add it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
The DMA Remapping Reporting (DMAR) table contains information about DMA
remapping.
Add a version simple version of this table with only the minimum fields
filled out. i.e. no entries.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Each ACPI table has its own version number. Add the version numbers in a
single function so we can keep them consistent and easily see what
versions are supported.
Start a new acpi_table file in a generic directory to house this function.
We can move things over to this file from x86 as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The ASL compiler cannot handle C structures and the like so needs some
sort of header guard around these.
We already have an __ASSEMBLY__ #define but it seems best to create a new
one for ACPI since the rules may be different.
Add the check to a few files that ACPI always includes.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
This file is potentially useful to other architectures saddled with ACPI
so move most of its contents to a common location.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
This header relates to ACPI and we are about to add some more ACPI
headers. Move this one into a new directory so they are together.
The header inclusion in pci_rom.c is not specific to x86 anymore, so drop
the #ifdef CONFIG_X86.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add a sandbox test for the basic ACPI functionality we have so far.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
ACPI (Advanced Configuration and Power Interface) is a standard for
specifying information about a platform. It is a little like device
tree but the bindings are part of the specification and it supports an
interpreted bytecode language.
Driver model does not use ACPI for U-Boot's configuration, but it is
convenient to have it support generation of ACPI tables for passing to
Linux, etc.
As a starting point, add an optional set of ACPI operations to each
device. Initially only a single operation is available, to obtain the
ACPI name for the device. More operations are added later.
Enable ACPI for sandbox to ensure build coverage and so that we can add
tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Add the C version of this header. It includes a few Chrome OS bits which
are disabled for a normal build.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolgang.wallner@br-automation.com>
At present if reading a BAR returns 0xffffffff then the value is masked
and a different value is returned. This makes it harder to detect the
problem when debugging.
Update the function to avoid masking in this case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
With P2SB the initial BAR (base-address register) is set up by TPL and
this is used unchanged right through U-Boot.
At present the reading of this address is split between the ofdata() and
probe() methods. There are a few problems that are unique to the p2sb.
One is that its children need to call pcr_read32(), etc. which needs to
have the p2sb address correct. Also some of its children are pinctrl
devices and pinctrl is used when any device is probed. So p2sb really
needs to get its base address set up in ofdata_to_platdata(), before it is
probed.
Another point is that reading the p2sb BAR will not work if the p2sb is
hidden. The FSP-S seems to hide it, presumably to avoid confusing PCI
enumeration.
Reading ofdata in ofdata_to_platdata() is the correct place anyway, so
this is easy to fix.
Move the code into one place and use the early-regs property in all cases
for simplicity and to avoid needing to probe any PCI devices just to read
the BAR.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Tested-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Some files are taken or modified from coreboot, but the files are
no-longer part of the coreboot project. Fix the wording in a few places.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Add a means to avoid configuring a device when needed. Add an explanation
of why this is useful to the binding file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present the cleanup() method is called on every transfer. It should
only be called on failing transfers. Fix this and tidy up the error
handling a little.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This device should use ready-gpios rather than ready-gpio. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present the cr50 driver claims the locality and does not release it for
Linux. This causes problems. Fix this by tracking what is claimed, and
adding a 'remove' method.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
With ACPI we need to describe the settings of the SPI bus. Add enums to
handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Different CPUs may support different address widths, meaning the amount of
memory they can address. Add a property for this to the cpu_info struct.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
SPCR has no clue if the UART base clock speed is different to
the default one. However, the SPCR 1.04 defines baud rate 0 as
a preconfigured state of UART and OS is supposed not to touch
the configuration of the serial device.
Linux kernel supports that starting from v5.0, see commit
b413b1abeb21 ("ACPI: SPCR: Consider baud rate 0 as preconfigured state")
for the details.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Some callers may need the UART base clock speed value.
Provide it in the ->getinfo() callback.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Some callers of serial_getinfo() would like to know the UART base
clock speed in order to make decision what to pass to OS in some
cases. In particular, ACPI SPCR table expects only certain base
clock speed and thus we have to act accordingly.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
A small text in docs/uefi/uefi.rst was added to explain how we can
configure and utilise UEFI secure boot feature on U-Boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Pytest for UEFI secure boot will use several host commands.
In particular, Test setup relies on efitools, whose version must be v1.5.2
or later. So fetch a new version of deb package directly.
Please note it has a dependency on mtools, which must also be installed
along wih efitools.
In addition, the path, '/sbin', is added to PATH for use of sgdisk and
mkfs.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Adding those extra configurations allows us to successfully run UEFI
secure boot pytest on Travis CI.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Provide test cases for
* image authentication for signed images
(test_efi_secboot/test_signed.py)
* image authentication for unsigned images
(test_efi_secboot/test_unsigned.py)
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
A fixture for UEFI secure boot tests (image authentication and variable
authentication) is defined. A small file system with test data in a single
partition formatted in fat is created.
This test requires efitools v1.5.2 or later. If the system's efitools
is older, you have to build it on your own and define EFITOOLS_PATH.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
This sub-command will be used to test image authentication,
in particular, a case where efi_load_image() failed with
EFI_SECURITY_VIOLATION but we still want to try efi_start_image().
We won't run such a case under normal bootmgr because it simply
refuses to call efi_start_image() if anything but EFI_SUCCESS
is returned when loading an image.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
With "-at" option, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
will be passed to SetVariable() to authenticate the variable.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
A signature database variable is associated with a specific guid.
For convenience, if user doesn't supply any guid info, "env set|print -e"
should complement it.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
The following variable is exported as UEFI specification defines:
SignatureSupport: array of GUIDs representing the type of signatures
supported by the platform firmware
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
With this commit, image validation can be enforced, as UEFI specification
section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled.
Currently we support
* authentication based on db and dbx,
so dbx-validated image will always be rejected.
* following signature types:
EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images)
EFI_CERT_X509_GUID (x509 certificate for signed images)
Timestamp-based certificate revocation is not supported here.
Internally, authentication data is stored in one of certificates tables
of PE image (See efi_image_parse()) and will be verified by
efi_image_authenticate() before loading a given image.
It seems that UEFI specification defines the verification process
in a bit ambiguous way. I tried to implement it as closely to as
EDK2 does.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
The following variable is exported as UEFI specification defines:
VendorKeys: whether the system is configured to use only vendor-provided
keys or not
The value will have to be modified if a platform has its own way of
initializing signature database, in particular, PK.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
UEFI specification defines several global variables which are related to
the current secure boot state. In this commit, those values will be
maintained according to operations. Currently, AuditMode and DeployedMode
are defined but not implemented.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
is supported for authenticated variables and the system secure state
will transfer between setup mode and user mode as UEFI specification
section 32.3 describes.
Internally, authentication data is stored as part of authenticated
variable's value. It is nothing but a pkcs7 message (but we need some
wrapper, see efi_variable_parse_signature()) and will be validated by
efi_variable_authenticate(), hence efi_signature_verify_with_db().
Associated time value will be encoded in "{...,time=...}" along with
other UEFI variable's attributes.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
efi_signature_parse_sigdb() is a helper function will be used to parse
signature database variable and instantiate a signature store structure
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In this commit, implemented are a couple of helper functions which will be
used to materialize variable authentication as well as image authentication
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Function rsa_verify_key() is not called before relocation. So there is no
need to load the UCLASS_MOD_EXP drivers before relocation.
This avoid a failure to boot for pine64-lts_defconfig with CONFIG_RSA=y.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Correct function descriptions in efi_watchdog.c.
Add the descriptions to the generated HTML documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Correct function descriptions in efi_unicode_collation.c
Add the Unicode collation protocol to the generated HTML documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Enable EFI_RNG_PROTOCOL by default if DM_RNG is set.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Remove superfluous 'if DM_RNG'
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Enable bootd, iminfo, imxtract on ST defconfig
- Rename LEDs to match silkscreen on AV96
- Add KS8851-16MLL ethernet on FMC2
- Define FMC2 base address
- net: dwc_eth_qos: implement reset-gpios for stm32
- net: dwc_eth_qos: implement phy reg and max-speed for stm32
-----BEGIN PGP SIGNATURE-----
iQJLBAABCgA1FiEEXyrViUccKBz9c35Jysd4L3sz/6YFAl6WzDIXHHBhdHJpY2Uu
Y2hvdGFyZEBzdC5jb20ACgkQysd4L3sz/6axxQ//eMrpWRXJN312XzPo9aj9Pxnn
GOdYtIiRrV3hFHi5vtzhJ66OwLA3KSuFCL13u2rCeQpeF1gswsbKSQTAIAMp9OTk
lG/4uSYpbjALI5dq3QdjQjCyx9TjRUtKjzd+amF6DSeTd2LJzbkh0JG70zfDgmh0
OO4I/m9sDJ3qa/rsirxUu+LrhoCUcDFdPjfvUnvLYlE3WqH2bu+GP41nkDAKwrFG
JEp0mVm8pmwU0e0OHmCDydUxz9WxOAybQjHl8JicWpqPfmkwdv2gPgWZQ5+h3NuR
CRLclp5fmgxj096bttMDts9g4rOh+9PyWQWbQ3W+jZohCsnlZRXOkmowCsEAafoJ
Anc2B4dODTiD5L1QNtRQID9LSMaAA3HGa1Yd2p72nYCAtZ0sBFgO8kfVKT7VhF7s
dp6JQBPry1C6EWBujHcEPlMSj4nKgrlQJPtPyTu6r2tYzIHvz1TnpJ42k24NM7Vl
ov2w16qSUsAKN8Hn69djF1VgUpVHDxlGAktfbhS5eXWUlZovBFk4UnhULt2w6pAW
0HUbIFXLh2TgurtL3N/f7fJQBTYFGmaCZ/G7HiHEATZdcita9BRBuy7ipPIieXXP
rbYn/5g+C6AOfUWLM2wMkN3eEVlgwF/cGB7TH1BZ052CBYL+TD7OINdbF3HBk3Lg
F+G5GaDcL+bkyHGJh/A=
=FNeD
-----END PGP SIGNATURE-----
Merge tag 'u-boot-stm32-20200415' of https://gitlab.denx.de/u-boot/custodians/u-boot-stm
- Replace STM32MP1_TRUSTED by TFABOOT flag
- Enable bootd, iminfo, imxtract on ST defconfig
- Rename LEDs to match silkscreen on AV96
- Add KS8851-16MLL ethernet on FMC2
- Define FMC2 base address
- net: dwc_eth_qos: implement reset-gpios for stm32
- net: dwc_eth_qos: implement phy reg and max-speed for stm32
Use the correct macro to test presence CONFIG_LED:
replace CONFIG_IS_ENABLED(CONFIG_LED) by CONFIG_IS_ENABLED(LED)
Issue see during review unrelated patch
"board: stm32mp1: update management of boot-led"
http://patchwork.ozlabs.org/patch/1264823/
Cc: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Marek Vasut <marex@denx.de>
Reviewed-by: Patrice Chotard <patrice.chotard@st.com>
Enable these standard U-Boot commands for image manipulation and for
starting the default boot command using 'boot' command in U-Boot shell.
Cc: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
The LED labels do not match the silkscreen on the board, fix it.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Cc: Patrick Delaunay <patrick.delaunay@st.com>
Cc: Patrice Chotard <patrice.chotard@st.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>