Add TPM2 functions to support boot measurement. This includes
starting up the TPM, initializing/appending the event log, and
measuring the U-Boot version. Much of the code was used in the
EFI subsystem, so remove it there and use the common functions.
Signed-off-by: Eddie James <eajames@linux.ibm.com>
For the API moving around from EFI -> u-boot core
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
For EFI testing
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The driver needs to support getting the PCRs in the capabilities
command. Fix various other things and support the max number
of PCRs for TPM2.
Remove the !SANDBOX dependency for EFI TCG2 as well.
Signed-off-by: Eddie James <eajames@linux.ibm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Commit 65cc0e2a65 ("global: Move remaining CONFIG_SYS_* to CFG_SYS_*")
renamed CONFIG_SYS_UBOOT_START to CFG_SYS_UBOOT_START. Unfortunately,
this meant that the value was no longer available to the Makefile. This
caused imxrt to fail to boot. All the other boards that used this
variable were unaffected because they were using the default value
which is CONFIG_TEXT_BASE.
This commit converts CFG_SYS_UBOOT_START to Kconfig and sets the default
value to CONFIG_TEXT_BASE.
Suggested-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Suggested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Jesse Taube <Mr.Bossman075@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Out-of-tree users could run an out-of-tree CI with limited coverage,
however it is convenient to be able to run the upstream CI from time
to time. To enable that we would need to change job rules to be able
to run on any GitLab event. Excerpt from GitLab documentation:
> Jobs with no rules default to except: merge_requests
Signed-off-by: Andrejs Cainikovs <andrejs.cainikovs@toradex.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The test_event_base and test_event_probe unit tests use function
event_register() which depends on CONFIG_EVENT_DYNAMIC=y.
Fixes: 7d02645fe4 ("event: Add a simple test")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
dm tree enhancement
adjust meaning of bootph-pre-ram/sram
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmUPQXURHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreY1TAf+LeDzKKMhJmyo5ImQWlKPdFt9UGlWqthL
PBngUWV7GdQ5Kn+dLmKmySAmnQC4XNid565nJt8okmMfpHYUBhOnrnJmrXTZdDPJ
lYrpEAR7fTyTTTwjSVFcIXJ56bIT07AUX6jQATh383+Plm0U15tRBMguNsrTy1wL
EmJBVdeT0BZkpSkJyqAIkVuwjOYP+KSuVCectL5LRIpKtjOA+HmMGmELUirjuL00
uN2h/uucuSGFnjCmKW4l9sYrxxYgd/zN2Y8SOJwBebKyHxSgyvNdbjZxeG5o3gSS
ruUSEx4DHYVIRHeDBAnwB4wLdCOqfC2dy0ACReTg0Li+iSQN9qYtEg==
=Sl3P
-----END PGP SIGNATURE-----
Merge tag 'dm-next-23sep23' of https://source.denx.de/u-boot/custodians/u-boot-dm into next
buildman file-keeping and build-progress improvements
dm tree enhancement
adjust meaning of bootph-pre-ram/sram
This old patch was marked as deferred. Bring it back to life, to continue
towards the removal of common.h
Move this out of the common header and include it only where needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
A '.update' extension does not get preserved by buildman, so change it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Michael Walle <michael@walle.cc>
The Kconfig and maintainer processing can take a while, sometimes 5
seconds or more. This skews the timing printed by buildmand when the build
completes. Start the clock when the threads start to avoid this problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Make a list of common output extensions and use it to ensure that the -k
option preserves all of these.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The output from "dm tree" or "dm uclass" is a bit annoying
if the number of devices available on the system is huge.
(This is especially true on sandbox when I debug some DM code.)
With this patch, we can specify the uclass name or the device
name that we are interested in in order to limit the output.
For instance,
=> dm uclass usb
uclass 121: usb
0 usb@1 @ 0bcff8b0, seq 1
uclass 124: usb
=> dm tree usb:usb@1
Class Index Probed Driver Name
-----------------------------------------------------------
usb 0 [ ] usb_sandbox usb@1
usb_hub 0 [ ] usb_hub `-- hub
usb_emul 0 [ ] usb_sandbox_hub `-- hub-emul
usb_emul 1 [ ] usb_sandbox_flash |-- flash-stick@0
usb_emul 2 [ ] usb_sandbox_flash |-- flash-stick@1
usb_emul 3 [ ] usb_sandbox_flash |-- flash-stick@2
usb_emul 4 [ ] usb_sandbox_keyb `-- keyb@3
If you want forward-matching against a uclass or udevice name,
you can specify "-e" option.
=> dm uclass -e usb
uclass 15: usb_emul
0 hub-emul @ 0bcffb00, seq 0
1 flash-stick@0 @ 0bcffc30, seq 1
2 flash-stick@1 @ 0bcffdc0, seq 2
3 flash-stick@2 @ 0bcfff50, seq 3
4 keyb@3 @ 0bd000e0, seq 4
uclass 64: usb_mass_storage
uclass 121: usb
0 usb@1 @ 0bcff8b0, seq 1
uclass 122: usb_dev_generic
uclass 123: usb_hub
0 hub @ 0bcff9b0, seq 0
uclass 124: usb
=> dm tree -e usb
Class Index Probed Driver Name
-----------------------------------------------------------
usb 0 [ ] usb_sandbox usb@1
usb_hub 0 [ ] usb_hub `-- hub
usb_emul 0 [ ] usb_sandbox_hub `-- hub-emul
usb_emul 1 [ ] usb_sandbox_flash |-- flash-stick@0
usb_emul 2 [ ] usb_sandbox_flash |-- flash-stick@1
usb_emul 3 [ ] usb_sandbox_flash |-- flash-stick@2
usb_emul 4 [ ] usb_sandbox_keyb `-- keyb@3
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Nodes with bootph-pre-sram/ram props are bound in multiple phases:
1. At TPL (bootph-pre-sram) or SPL (bootph-pre-ram) phase
2. At U-Boot proper pre-relocation phase
3. At U-Boot proper normal phase
However the binding and U-Boot Driver Model documentation indicate that
only nodes marked with bootph-all or bootph-some-ram should be bound in
the U-Boot proper pre-relocation phase.
Change ofnode_pre_reloc to report a node with bootph-pre-ram/sram prop
with a pre-reloc status only after U-Boot proper pre-relocation phase.
Also update the ofnode_pre_reloc documentation to closer reflect the
binding and driver model documentation.
This changes behavior of what nodes are bound in the U-Boot proper
pre-relocation phase. Change to bootph-all or add bootph-some-ram prop
to restore prior behavior.
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
- Fix a bug of missing setting size of initrd in pxeboot
- Allow Python packages to be dropped
- Reland "x86: Move FACP table into separate functions"
- Fixes for chromebook_link64 and chromebook_samus_tpl
- Fixes and improvements for coreboot
- x86 documentation updates
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEUEWE0gAMrH0ckwrwqSElQ6ZwxhQFAmUNq6sACgkQqSElQ6Zw
xhRG5RAAiWIJOcZLQNRM/+B2DiFxYBD284vO9azN2tWYmBntKLNp3xB7EkACovQ+
1L5qTTSBIlg2bN6GezwZvcKVSnjcwuZ2tM/cqbWvRJfRUJdFygpW2Ufi2lP/8XCO
UgMBTGjXBwT2mhwG6FE9Ecyau7//8xpChCL1Yhli5Xk5YDASt7GFuB2uhsDtyL8p
HgCkPQj3YkbEkOpNeO3QOVS47wFNH85uAkIIqnkp3DKMcjNgQhY64LmFJrSLXxWg
TbKt3Cc3NJ1GRdDJnNE5KB4JQNL+6TrxzXFzIzU/Z7fBu3qB3gMoikNt7d8+61e9
+lXHjaeZ5qopL0xinKqCDZcK+1Sn3yEo0Ri1W1LWY3ReJkh/6axQn2Pj0HawRENk
ccY1lQ4TqO6R1OI3/FqdTB8+HDZ9kRM+xTxpnlXoVgK3ahgEIJvH/v/tWqDb/ld5
hheADW10b5+D8vy82XOzgg78CDG937UxGhEDxAJep6v5kKl2zijL7bMFDlbauS7y
FcndGRqY95uzEMrfiAD6nj9YkdG70ourOhakuV24ed6sgCA+xhs04pk9MWFa8lY8
sY7ZJnCZE0FXebA40j/ubV5n7WZ5CRBNw08j+/m5f77tb1/4/8SSZZ7L3RT4H3xx
/BF6rVbP/zGrv4WXZ8vw3Y78R/JD5JicuATe4vvv20hgvuFmLE8=
=+q36
-----END PGP SIGNATURE-----
Merge tag 'x86-pull-20230922' of https://source.denx.de/u-boot/custodians/u-boot-x86 into next
- Add bootstd support to 64-bit efi payload
- Fix a bug of missing setting size of initrd in pxeboot
- Allow Python packages to be dropped
- Reland "x86: Move FACP table into separate functions"
- Fixes for chromebook_link64 and chromebook_samus_tpl
- Fixes and improvements for coreboot
- x86 documentation updates
Add a little more detail as to why coreboot64 is preferred for booting
Linux distros.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Move this out of the main file since for simple users it is easier to
rely on standard boot.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Refresh the summary information so it is more up-to-date. Add links to
the coreboot and slimbootloader docs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
There is enough material that it makes sense to split this up into
several files. Create an x86/ directory for this purpose.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Make a note of where coreboot installed the SMBIOS tables so that we can
pass this on to EFI.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
U-Boot should set up the SMBIOS tables during startup, as it does on x86.
Ensure that it does this correctly on non-x86 machines too, by creating
an event spy for last-stage init.
Tidy up the installation-condition code while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Remember where these end up so that we can pass this information on to
the EFI layer.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
When 'usb stop' is run, doing 'bootflow scan' does not run the USB hunter
again so does not see any devices. Fix this by telling bootstd about the
state of USB.
Signed-off-by: Simon Glass <sjg@chromium.org>
When booted from coreboot, U-Boot does not build the SMBIOS tables, but
it should still pass them on to the OS. Add a new option which indicates
whether SMBIOS tables are present, however they were built.
Flip the ordering so that the dependency is listed first, which is less
confusing.
Adjust GENERATE_SMBIOS_TABLE to depend on this new symbol.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
It is not always the case that U-Boot builds the ACPI tables itself. For
example, when booting from coreboot, the ACPI tables are built by
coreboot.
Correct the Makefile condition so that U-Boot can pass on tables built
by a previous firmware stage.
Tidy up the installation-condition code while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At least on modern machines the write-back mechanism for the frame buffer
is quite slow when scrolling, since it must read the entire frame buffer
and write it back.
Enable the VIDEO_COPY feature to resolve this problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
These two builds are similar but have some different options for not good
reason. Line them up to be as similar as possible.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This is very annoying as it is quite slow on many machines. Also, U-Boot
has an existing 'preboot' mechanism to enable this feature if desired.
Drop this code so that it is possible to choose whether to init USB or
not.
Use the existing USE_PREBOOT mechanism instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The debug UART on modern machines uses a 32-bit wide transfer. Without
this, setting debug output causes a hang or no output. It is not obvious
(when enabling CONFIG_DEBUG_UART) that this is needed.
Enable 32-bit access to avoid this trap.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
If coreboot does not set up sysinfo for the UART, SPL currently hangs.
Use the DBG2 technique there as well. This allows coreboot64 to boot from
coreboot even if the console info is missing from sysinfo
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This is needed so we can find the DBG2 table provided by coreboot. Add a
Kconfig so it can be enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
We don't read this information in 64-bit mode, since we don't have the
macros for doing it. Set it to Intel by default. This allows the TSC timer
to work correctly.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Init errors in SPL are currently ignored by this function.
Change the code to init the CPU, reporting an error if something is wrong.
After that, look for the coreboot table.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Enable bootstd options and provide instructions on how to boot a linux
distro using coreboot.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add these options to permit access to more disk types.
Add some documentation as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This driver is not actually built since a Kconfig was never created for
it.
Add a Kconfig (which is already implied by COREBOOT) and update the
implementation to avoid using unnecessary memory. Drop the #ifdef at the
top since we can rely on Kconfig to get that right.
To enable it (in addition to serial and video), use:
setenv stdout serial,vidconsole,cbmem
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
[Modified the comment about overflow a little bit]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Coreboot changed a few years ago to include an overflow flag. Update the
structure to match this.
This comes from coreboot commit:
6f5ead14b4 ("mb/google/nissa/var/joxer: Update eMMC DLL settings")
Note: There are several implementations of this in coreboot. I have chosen
to follow the one in src/lib/cbmem_console.c
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
When turning off CAR, set the flag to make sure that nothing tries to use
driver model in SPL before jumping to U-Bot proper, since its tables are
in CAR.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The current condition does not handle the samus_tpl case where it sets
up the RAM in SPL but needs to commit the MTRRs in U-Boot proper.
Add another case to handle this and update the comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
When TPL has already set up the CPU, don't do it again. This existing
code actually has this backwards, so fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Make this depend on whether the address matches the offset, rather than
a particular board build. For samus_tpl we don't need to copy, for
example.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Make sure that CONFIG_X86_OFFSET_U_BOOT is the same as CONFIG_TEXT_BASE
as it is changing CONFIG_X86_OFFSET_U_BOOT
Samus boots into U-Boot proper in flash, not RAM. Also expand the SPL
malloc() size a little, to avoid an error.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Samus only takes 7 seconds but it is long enough to think it has hung. Add
a message about what it is doing, similar to the approach on coral.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>