Implements multi SCMI channel support in OP-TEE SCMI transport. An
SCMI protocol may use a dedicated channel, specified by the DT.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Updates SCMI SMCCC transport driver to get SCMI channel reference
at initialization and use when posting SCMI messages.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Updates SCMI mailbox transport driver to get SCMI channel reference
at initialization and use when posting SCMI messages.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Adds resources for SCMI protocols to possibly use a dedicated SCMI
channel instead of the default channel allocated by the SCMI agent
during initialization. As per DT binding documentation, some SCMI
transports can define a specific SCMI communication channel for
given SCMI protocols. It allows SCMI protocols to pass messages
concurrently each other.
This change introduces new scmi agent uclass API function
devm_scmi_of_get_channel() for SCMI drivers probe sequences to get
a reference to the SCMI channel assigned to its related SCMI protocol.
The function queries the channel reference to its SCMI transport driver
through new scmi agent uclass operator .of_get_channel that uses Device
Tree information from related SCMI agent node.
Operator .of_get_channel returns a reference to the SCMI channel
assigned to SCMI protocol used by the caller device. SCMI transport
drivers that do not support multi-channel are not mandated to register
this operator. When so, API function devm_scmi_of_get_channel() returns
NULL and SCMI transport driver are expected to retrieve by their own
means the reference to the unique SCMI channel, for example using
platform data as these drivers currently do in U-Boot source tree.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Defines local helper function find_scmi_transport_device() with the
instructions to find the SCMI transport device from a SCMI protocol
device.
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Changes SCMI driver API function devm_scmi_process_msg() to add
an SCMI channel reference argument for when SCMI agent supports
SCMI protocol specific channels. First argument of devm_scmi_process_msg()
is also change to point to the caller SCMI protocol device rather
than its parent device (the SCMI agent device).
The argument is a pointer to opaque struct scmi_channel known from
the SCMI transport drivers. It is currently unused and caller a pass
NULL value. A later change will enable such support once SCMI protocol
drivers have means to get the channel reference during initialization.
Cc: Lukasz Majewski <lukma@denx.de>
Cc: Sean Anderson <seanga2@gmail.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Changes implementation when using TEE dynamically allocated shared
memory to synchronize with the Linux implementation where the legacy
SMT protocol cannot be used with such memory since it is expected from
device mapped memory whereas OP-TEE shared memory is cached and
hence should not be accessed using memcpy_toio()/memcpy_fromio().
This change implements the MSG shared memory protocol introduced
in Linux [1]. The protocol uses a simplified SMT header of 32bit
named MSG_SMT to carry SCMI protocol information and uses side channel
means to carry exchanged buffer size information, as TEE invocation API
parameters when used in the SCMI OP-TEE transport.
Link: [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f301bba0ca7392d16a6ea4f1d264a91f1fadea1a
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Add a fuzzer to test the vring handling code against unexpected
mutations from the virtio device.
After building the sandbox with CONFIG_FUZZ=y, the fuzzer can be invoked
with by:
UBOOT_SB_FUZZ_TEST=fuzz_vring ./u-boot
This fuzzer finds unvalidated inputs in the vring driver that allow a
buggy or malicious device to make the driver chase wild pointers.
Signed-off-by: Andrew Scull <ascull@google.com>
Add a fuzzing engine driver for the sandbox to take inputs from
libfuzzer and expose them to the fuzz tests.
Signed-off-by: Andrew Scull <ascull@google.com>
Add an implementation of LLVMFuzzerTestOneInput() that starts the
sandbox on a secondary thread and exposes a function to synchronize the
generation of fuzzing inputs with their consumption by the sandbox.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move the program's entry point to os.c, in preparation for a separate
fuzzing entry point to be added.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add the basic infrastructure for declaring fuzz tests and a command to
invoke them.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This new class of device will provide fuzzing inputs from a fuzzing
engine.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In order to prevent build regressions with ASAN, add the builds to CI.
The longer term objective will be to enabled test targets with ASAN
enabled, but there are too many at the moment.
Signed-off-by: Andrew Scull <ascull@google.com>
The stack protector test intentionally overflows a buffer in order to
corrupt the stack canary so that it can test that the corruption is
detected as expected. However, this is incompatible with ASAN, which
detects the buffer overflow and interrupts the test, so disable the test
for such configurations.
Signed-off-by: Andrew Scull <ascull@google.com>
Add CONFIG_ASAN to build with the Address Sanitizer. This only works
with the sandbox so the config is likewise dependent. The resulting
executable will have ASAN instrumentation, including the leak detector
that can be disabled with the ASAN_OPTIONS environment variable:
ASAN_OPTIONS=detect_leaks=0 ./u-boot
Since u-boot uses its own dlmalloc, dynamic allocations aren't
automatically instrumented, but stack variables and globals are.
Instrumentation could be added to dlmalloc to poison and unpoison memory
as it is allocated and deallocated, and to introduce redzones between
allocations. Alternatively, the sandbox may be able to play games with
the system allocator and somehow still keep the required memory
abstraction. No effort to address dynamic allocation is made by this
patch.
The config is not yet enabled for any targets by default.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rename the sections used to implement linker lists so they begin with
'__u_boot_list' rather than '.u_boot_list'. The double underscore at the
start is still distinct from the single underscore used by the symbol
names.
Having a '.' in the section names conflicts with clang's ASAN
instrumentation which tries to add redzones between the linker list
elements, causing expected accesses to fail. However, clang doesn't try
to add redzones to user sections, which are names with all alphanumeric
and underscore characters.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rename the sections used for defining sandbox command line options so
that they don't start with a '.'. ELF says that sections starting with a
'.' are reserved for system use, but the sandbox runs as a normal user
process so should be using user sections instead.
Clang's ASAN adds redzones to non-user sections and the extra padding
meant that the list of options was being corrupted. Naming the sections
as user sections avoids this issue as clang handles them as we intended.
Signed-off-by: Andrew Scull <ascull@google.com>
Rename the sections used for placing the EFI runtime so that they don't
start with a '.'. ELF says that sections starting with a '.' are
reserved for system use, but the sandbox runs as a normal user process
so should be using user sections instead.
Clang's ASAN adds redzones to non-user sections and the extra padding
meant that the list of options was being corrupted. Naming the sections
as user sections avoids this issue as clang handles them as we intended.
Signed-off-by: Andrew Scull <ascull@google.com>
Fix the buffer underflow that would occur if puts is called with length
of zero.
Fixes: efa51f2bd6 ("serial: sandbox: Implement puts")
Cc: Sean Anderson <sean.anderson@seco.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
This was previously needed, but U-Boot is now capable of parsing
the new "phy-connection-type" property that is already used in
the main devicetree.
Signed-off-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Reviewed-by: Fabio Estevam <festevam@denx.de>
This syncs the devicetree files with the latest Linux kernel (5.19-rc2).
This also fixes the currently broken ethernet support:
Before:
Net: Could not get PHY for FEC0: addr 0
After:
Net: eth0: ethernet@30be0000
Signed-off-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Reviewed-by: Fabio Estevam <festevam@denx.de>
Timeouts are not expected to happen and are handled as fatal errors.
Increase all timeouts to 1 second as defensive measure to avoid relying
on the timing behaviour of certain firmware versions or configurations.
Signed-off-by: Janne Grunau <j@jannau.net>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Tested-by: Mark Kettenis <kettenis@openbsd.org>
The NVMe firmware in the macOS 13 beta blocks or crashes with u-boot's
current minimal RTKit implementation. It does not provide buffers for
the firmware's buffer requests. The ANS2 firmware included in macOS 11
and 12 tolerates this. The firmware included in the first macOS 13 beta
requires buffers for the crashlog and ioreport endpoints to function.
In the case of the NVMe the buffers are physical memory. Access to
physical memory is guarded by what Apple calls SART.
Import m1n1's SART driver (exclusively used for the NVMe controller).
Implement buffer management helpers for RTKit. These are generic since
other devices (none in u-boot so far) require different handling.
Signed-off-by: Janne Grunau <j@jannau.net>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Tested-by: Mark Kettenis <kettenis@openbsd.org>
AST2600 supports boot from SPI(mmap), eMMC, and UART.
This patch adds the boot mode detection and return the
corresponding boot device type.
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
The commit b583348ca8 ("image: fit: Align hash output buffers") places
the hash output buffer at the .bss section. However, AST2600 by default
executes SPL in the NOR flash XIP way. This results in the hash output
cannot be written to the buffer as it is located at the R/X only region.
We need to move the .bss section out of the SPL body to the DRAM space,
where hash output can be written to. This patch includes:
- Define the .bss section base and size
- A new SPL linker script is added with a separate .bss region specified
- Enable CONFIG_SPL_SEPARATE_BSS kconfig option
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Reviewed-by: Neal Liu <neal_liu@aspeedtech.com>
The HPE SoC is new to linux. A basic device tree layout with minimum
required for linux to boot including a timer and watchdog support has
been created.
The dts file is empty at this point but will be updated in subsequent
updates as board specific features are enabled.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
The GXP supports 3 separate SPI interfaces to accommodate the system
flash, core flash, and other functions. The SPI engine supports variable
clock frequency, selectable 3-byte or 4-byte addressing and a
configurable x1, x2, and x4 command/address/data modes. The memory
buffer for reading and writing ranges between 256 bytes and 8KB. This
driver supports access to the core flash.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
Add support for the HPE GXP SOC timer. The GXP supports several different
kinds of timers but for the purpose of this driver there is only support
for the General Timer. The timer has a 1us resolution and is 56 bits.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
The GXP is the HPE BMC SoC that is used in the majority
of current generation HPE servers. Traditionally the asic will
last multiple generations of server before being replaced.
Info about SoC:
HPE GXP is the name of the HPE Soc. This SoC is used to implement many BMC
features at HPE. It supports ARMv7 architecture based on the Cortex A9
core. It is capable of using an AXI bus to whicha memory controller is
attached. It has multiple SPI interfaces to connect boot flash and BIOS
flash. It uses a 10/100/1000 MAC for network connectivity. It has multiple
i2c engines to drive connectivity with a host infrastructure. There
currently are no public specifications but this process is being worked.
Signed-off-by: Nick Hawkins <nick.hawkins@hpe.com>
Currently, enabling CMD_MISC gives:
cmd/misc.c:67:25: warning: assignment to 'int (*)(struct udevice *, int, void *, int)' from incompatible pointer type 'int (*)(struct udevice *, int, const void *, int)' [-Wincompatible-pointer-types]
Because 'misc_read' takes a void * and 'misc_write' takes a const void
*, both of which make sense for their operation. Given there's one
place we make use of the function pointer, just call read or write
directly for the operation we're called with.
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
cp.b is used a lot as a way to load binaries to memory and execute
them, however we may need to integrate this with the efi subsystem to
set it up as a bootdev.
So, introduce a loadm command that will be consistent with the other
loadX commands and will call the efi API's.
ex: loadm $kernel_addr $kernel_addr_r $kernel_size
with this a kernel with CONFIG_EFI_STUB enabled will be loaded and
then subsequently booted with bootefi command.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Seems that u-boot can't probe i2c bus at 2.6Mhz speed, so lower
the speed to the default value 100Khz.
v2: fix i2c1 frequency in the root omap3-u-boot.dtsi include.
Signed-off-by: Anthoine Bourgeois <anthoine.bourgeois@gmail.com>