Commit graph

75159 commits

Author SHA1 Message Date
Tom Rini
87e8d38a39 arm: Add Kconfig entry for MACH_TYPE
As part of migrating support for ATAGs to Kconfig, add an option for
setting and passing MACH_TYPE.

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-07 16:22:31 -04:00
Tom Rini
9774462e34 arm: Disable ATAGs support
With the exceptions of ds109, ds414, icnova-a20-swac, nokia_rx51 and
stemmy, disable ATAG support.  A large number of platforms had enabled
support but never supported a kernel so old as to require it.  Further,
some platforms are old enough to support both, but are well supported by
devicetree booting, and have been for a number of years.  This is
because some of the ATAGs related functions have been re-used to provide
the same kind of information, but for devicetree or just generally to
inform the user.  When needed still, rename these functions to
get_board_revision() instead, to avoid conflicts.  In other cases, these
functions were simply unused, so drop them.

Cc: Andre Przywara <andre.przywara@arm.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Phil Sutter <phil@nwl.cc>
Cc: Stefan Bosch <stefan_b@posteo.net>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-07 16:22:30 -04:00
Tom Rini
b9d66a061b imx: Convert SERIAL_TAG support to ENV_VARS_UBOOT_RUNTIME_CONFIG
No iMX platforms have supported ATAG-based booting.  They have however
re-used the CONFIG_SERIAL_TAG option as a way to enable support of
reading the OTP fuses and setting the serial# environment variable in
some cases.  Change the warp7 support to use this symbol, use this for
updating the rest of the imx7 code, and update the imx8 conditionals.

Cc: Stefano Babic <sbabic@denx.de>
Cc: Fabio Estevam <festevam@gmail.com>
Cc: NXP i.MX U-Boot Team <uboot-imx@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-07 13:04:52 -04:00
Tom Rini
f84b48a1ba Convert CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG to Kconfig
This converts the following to Kconfig:
   CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-07 13:04:09 -04:00
Tom Rini
1c02fd4686 Merge https://source.denx.de/u-boot/custodians/u-boot-riscv 2021-09-07 07:58:56 -04:00
Zong Li
30fa33dc80 riscv: lib: modify the indent
We usually use a space in function declaration, rather than a tab.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Rick Chen <rick@andestech.com>
2021-09-07 10:34:29 +08:00
Zong Li
835210a125 board: sifive: use ccache driver instead of helper function
Invokes the common cache_init function to initialize ccache.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Rick Chen <rick@andestech.com>
2021-09-07 10:34:29 +08:00
Zong Li
213ed175b0 riscv: lib: implement enable_caches for sifive cache
The enable_caches is a generic hook for architecture-implemented, we
define this function to enable composable cache of sifive platforms.

In sifive_cache, it invokes the generic cache_enable interface of cache
uclass to execute the relative implementation in SiFive ccache driver.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Rick Chen <rick@andestech.com>
2021-09-07 10:34:29 +08:00
Zong Li
4d4222d074 common: board_r: support enable_caches for RISC-V
The enable_caches is a generic hook for architecture-implemented, we
leverage this function to enable caches for RISC-V

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Rick Chen <rick@andestech.com>
2021-09-07 10:34:29 +08:00
Zong Li
43a2183928 cache: add sifive composable cache driver
This driver is currently responsible for enabling all ccache ways.
Composable cache could be configure as RAM or cache, we will use it as
RAM at the beginning to put the u-boot SPL there. In u-boot proper
phrase, we will use the composable cache as cache, and try to enable the
cache ways.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Rick Chen <rick@andestech.com>
2021-09-07 10:34:29 +08:00
Thomas Skibo
9d84795fc5 riscv: Add missing sentinel in ocores_i2c.c
The ocores_i2c.c driver is missing a sentinel at the end of
the compatible strings list.  This causes the "dm compat" command
to spew garbage.

Signed-off-by: Thomas Skibo <thomas-git@skibo.net>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
2021-09-07 10:34:29 +08:00
Heinrich Schuchardt
f6431e8fb3 riscv: show code leading to exception
To make analyzing exceptions easier output the code that leads to it.
We already do the same on the ARM platform.

Here is an example:

    => exception ebreak
    Unhandled exception: Breakpoint
    EPC: 000000008ff5d50e RA: 000000008ff5d62c TVAL: 0000000000000000
    EPC: 000000008020b50e RA: 000000008020b62c reloc adjusted

    Code: 2785 0693 07a0 dce3 fef6 47a5 d563 00e7 (9002)

To disassemble the code we can use the decodecode script:

    $ echo 'Code: 2785 0693 07a0 dce3 fef6 47a5 d563 00e7 (9002)' | \
      CROSS_COMPILE=riscv64-linux-gnu- scripts/decodecode

    Code: 2785 0693 07a0 dce3 fef6 47a5 d563 00e7 (9002)
    All code
    ========
       0:   2785                    addiw   a5,a5,1
       2:   07a00693                li      a3,122
       6:   fef6dce3                bge     a3,a5,0xfffffffffffffffe
       a:   47a5                    li      a5,9
       c:   00e7d563                bge     a5,a4,0x16
      10:*  9002                    ebreak         <-- trapping instruction
            ...

    Code starting with the faulting instruction
    ===========================================
       0:   9002                    ebreak
            ...

As it is not always clear if the first 16 bits are at the start or in the
middle of a 32bit instruction it may become necessary to strip the first
u16 from the output before calling decodecode to get the correct
disassembled code.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
2021-09-07 10:34:29 +08:00
Heinrich Schuchardt
5b2d359d9a configs: qemu-riscvXX_spl_defconfig enable CMD_SBI
Both for 64bit and 32bit at least on one board we should compile the sbi
command. Enabling it on QEMU will allow to write a test for it.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-09-07 10:34:29 +08:00
Heinrich Schuchardt
7383432fa1 riscv: enable booting HiFive Unmatched from SATA
On the HiFive Unmatched a PCI to SATA adapter may be used to install a SATA
drive. Enable booting from it.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
2021-09-07 10:34:28 +08:00
Tom Rini
ad320c237b - fix EFI boot with OP-TEE for STM32MP15 boards
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEE56Yx6b9SnloYCWtD4rK92eCqk3UFAmE157MACgkQ4rK92eCq
 k3WB9wgAv3ReN8rs9wyVSc7SOwXvaJM34a0wX1l8Q4dcT4CnmxuS7u3gT+Uhl5nM
 ACe1eclLEy4VH16XSH99s2HS02pOWXX8s7/d75OlklNdH9Qsj0JxwkDN9cbNFJnL
 bSRTAu37T6aYWW+MojzBQFIrcjDIvj29dc+U71Wv/E5BQ0ck471Sfd6SbhDGBbZf
 AiPAhfkl6mHDhazHzxLxWHpciDSsXkX4h48hhR4efqEH0wk3lJQJp1Wh11JOyJcZ
 5MQqgD13KPMWdR8VCqR4z6TfSy08xabZernFHGN4TeQaF1Y4Dp7OO2DTCLpuJ27R
 gWelkbNHnQEFD4+qV4KiNvVkL8zhlw==
 =KFtm
 -----END PGP SIGNATURE-----

Merge tag 'u-boot-stm32-20210906' of https://source.denx.de/u-boot/custodians/u-boot-stm

- fix EFI boot with OP-TEE for STM32MP15 boards
2021-09-06 10:31:56 -04:00
Patrice Chotard
c8510e397f stm32mp: Fix board_get_usable_ram_top()
When booting in EFI, lib/efi_loader/efi_memory.c calls
board_get_usable_ram_top(0) which returns by default
gd->ram_base + gd->ram_size which is the top of DDR.

In case of OPTEE boot, the top of DDR is currently reserved by OPTEE,
board_get_usable_ram_top(0) must return an address outside OPTEE
reserved memory.

gd->ram_top matches this constraint as it has already been initialized
by substracting all DT reserved-memory (included OPTEE memory area).

Fixes: 92b611e8b0 ("stm32mp: correctly handle board_get_usable_ram_top(0)")

Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2021-09-06 10:00:11 +02:00
Tom Rini
5e893897c6 Pull request for efi-2021-10-rc4
Documentation:
 
     Remove invalid reference to configuration variable in UEFI doc
 
 UEFI:
 
     Parameter checks for the EFI_TCG2_PROTOCOL
     Improve support of preseeding UEFI variables.
     Correct the calculation of the size of loaded images.
     Allow for UEFI images with zero VirtualSize
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmEzRO0ACgkQxIHbvCwF
 GsSXeQ//QkOl49qqDIgySVeq28Q1Ijs0vpqHdNi65Ob12rB2k1Sc8s9bLizmDn8r
 D1uicHCpEKzW+8j2xoDEGjNon8RryFqVrhTuKSvPt6WHDZedpCuCijvEYfj5CWU2
 /M16yLdYCrIlk9lMZrPsCRkrFC70PD7VIfZP51CfIY4WDx749VehVEgzUEEf863f
 etEmXTNL4p+lkMPzfV945OiiszRKx1VGAzM+koNhdi1SJZq+esR+dzZD55d81luT
 4kR3FW4DLjdzKch5tuNli9cvFW0n0Ky+2zfrIBsbYtCXinrvdxrU0RzjaU9PUmHs
 NnWDie0bbsLJJx7fkUIQ0Twk5lZPYxTkGLRi37z67gLl0cRLidgZ0wRLYLjIzBQJ
 4zfgnY2BKoFfCrt1pkKXeGh6Fl8NDSpw3zXvvtxINDfRV7iFY52kTuBNguyZPz/+
 Fz9S31f1o+KW6oD5ltLGIJRX5H+MRWSvzpWR+tYtG/cQf9C6u+SKtOdJNOZZRTZ+
 fPfdszapZiyMgCGcdHdUSYaeG091/0Q7wkrIEMK/w7nkzqlEi6HaM2n7ybNL3SMc
 bSkGno4qecTW+zkLIoRrahV9KpKqXkzkiAwSPkkg6flF4ZnNrvbBXa9T7wbygw1u
 Csb95GXcYf3o4zskSl20MNoY8H0nEDf7FVPauDRwd6Xuqp43sS0=
 =vUWc
 -----END PGP SIGNATURE-----

Merge tag 'efi-2021-10-rc4' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2021-10-rc4

Documentation:

    Remove invalid reference to configuration variable in UEFI doc

UEFI:

    Parameter checks for the EFI_TCG2_PROTOCOL
    Improve support of preseeding UEFI variables.
    Correct the calculation of the size of loaded images.
    Allow for UEFI images with zero VirtualSize
2021-09-04 15:59:00 -04:00
Tom Rini
ec929484ec configs: Resync with savedefconfig
Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-04 15:47:53 -04:00
Tom Rini
21b86803eb Merge branch '2021-09-04-makefile-cleanups-part-b' into next
- Further Makefile/Kconfig namespace cleanups from Simon.  This migrates
  a number of symbols to Kconfig and replaces some inconsistencies
  between CONFIG_FOO and CONFIG_SPL_FOO_SUPPORT/CONFIG_TPL_FOO_SUPPORT.
2021-09-04 15:43:59 -04:00
Simon Glass
9f6649209f net: Move network rules to drivers/net
The code under drivers/net is related to ethernet networking drivers, in
some fashion or another.  Drop these from the top-level Makefile and
also move the phy rule into drivers/net/Makefile which is where it
belongs.  Make the new rule for drivers/net check for the build-stage
relevant ETH symbol.

Fix up some Kconfig dependencies while we're here to mirror how the
Makefile logic now works.

Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Introduce ETH, Kconfig dependency changes, am43xx fix]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-04 12:51:47 -04:00
Simon Glass
5ed16a9511 net: Rename SPL_NET_SUPPORT to SPL_NET
Rename this option so that CONFIG_IS_ENABLED can be used with it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:48:53 -04:00
Simon Glass
a4faf1f563 power: Refactor Makefile rules
Move the power/ rules into drivers/power to avoid clutter in the Makefile
and drivers/Makefile files.

We must select SPL_POWER if SPL_POWER_DOMAIN is used, since the two are
currently independent and boards do not necessarily enable SPL_POWER.

Add a TPL_POWER as well, as that is used by one board.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
2021-09-04 12:26:02 -04:00
Simon Glass
14c251ffe1 power: Add a POWER config
At present we have SPL_POWER but not piain POWER. This works because
there is a special build rule in Makefile that always includes the
drivers/power directory.

It is better to have all driver directories included by drivers/Makefile
and there is already a rule in there for this purpose. It just needs a
Kconfig for U-Boot proper, so add one.

Update the pmic.h header file so that it defines the old pmic struct
always, when driver model is not in use. That will avoid build errors
for boards which enable POWER but not DM_PMIC.

Enable this option always. That seems strange at first sight, but it
actually but mimics the current Makefile behaviour. Once we can drop the
old PMICs it should be easy enough to rename DM_PMIC to POWWER, or
something similar.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
9d8665b709 i2c: Convert CONFIG_POWER_I2C et al to Kconfig
This converts the following to Kconfig:
   CONFIG_POWER_I2C
   CONFIG_POWER_LEGACY

They are handled at the same time due to a dependency between them.
Update the Makefile rule to use legacy power only in U-Boot proper.
Unfortunately a separate rule is needed in SPL to be able to build
legacy power.  Add SPL related symbols for both, to allow for SPL-only
usage.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
[trini: More SPL related cleanups, reword commit message]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-04 12:26:02 -04:00
Simon Glass
29d7153ec3 power: Rename CONFIG_POWER to CONFIG_POWER_LEGACY
This option is used in pre-driver model code and much of it has never
been converted to driver model.

We want to add a new option to enable power support, so we can use a
simple rule in the Makefile. Rename this one, which is really about
a particular implementation of power.

Also update the pmic.h header file so it either includes the legacy
API or the driver model one.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
2021-09-04 12:26:02 -04:00
Simon Glass
7abf178bb8 power: Tidy up #undef of CONFIG_DM_PMIC
Add a proper Kconfig option for SPL so we can remove the hack in some of
the board config files.

This involves adding CONFIG_SPL_DM_PMIC to some of the configs as well
as updateing the Makefile rule for PMIC_RK8XX to exclude SPL.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
[trini: Add SPL_PMIC_RK8XX, enable when needed, handle undef of
        CONFIG_DM_PMIC_PFUZE100 as well]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-04 12:26:02 -04:00
Simon Glass
b2f9bac0e7 gpio: Add a GPIO config
At present we have SPL_GPIO and TPL_GPIO but not piain GPIO. This
works because there is a special build rule in Makefile that always
includes the drivers/gpio directory.

It is better to have all driver directories included by drivers/Makefile
and there is already a rule in there for this purpose. It just needs a
Kconfig for U-Boot proper, so add one.

Enable the option always for now, since this mimics current behaviour.
This can be updated once DM_GPIO is used everywhere.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
80a4876c86 tegra: gpio: Drop use of CONFIG_xxx variables
It is not a good idea to use things called CONFIG_xxx in the source code
since this prefix is reserved for use by Kconfig. Rename these variables.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
39f09140a1 Makefile: Move drivers/dma/ into drivers/Makefile
This rule should not be in the top-level Makefile. Move it, making use
of the new LEGACY_DMA Kconfig.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
a7ebc6925b Convert CONFIG_DMA_LPC32XX to Kconfig
This converts the following to Kconfig:
   CONFIG_DMA_LPC32XX

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
7b278eacc5 ti: Convert CONFIG_TI_EDMA3 to Kconfig
This converts the following to Kconfig:
   CONFIG_TI_EDMA3

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
2021-09-04 12:26:02 -04:00
Simon Glass
70edba0784 dma: Add a Kconfig for legacy DMA
We cannot use the existing DMA config for the MCD driver because it is
not migrated to driver model. In order to move it to drivers/Makefile
we need some sort of option for it. Add a new DMA_LEGACY option, which
also acts as a signal that it should be migrated.

Enable this for devkit3250 which uses CONFIG_DMA_LPC32XX which is not
converted to Kconfig.

For now this is not used in the Makefile. That update happens in a
following patch.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
807cc640ed Makefile: Unify the rules for BOOTCOUNT_LIMIT
Use a single rule that works for all phases.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
f7560376ae sata: Rename SATA_SUPPORT to SATA
Rename this options so that CONFIG_IS_ENABLED can be used with it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
6f004adaf6 ppc: Rename MPC8XXX_INIT_DDR_SUPPORT to MPC8XXX_INIT_DDR
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
de213c71a3 Rename CACHE_SUPPORT to CACHE
Rename this option so that CONFIG_IS_ENABLED can be used with it.

Oddly there is already an SPL_CACHE option. Drop it in favour of this one.

Drop the special SPL Makefile rule which is now superfluous.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
ea2ca7e17e spi: Rename SPI_SUPPORT to SPI
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
52510486c5 serial: Add a SERIAL config
At present we have SPL_SERIAL and TPL_SERIAL but not piain SERIAL. This
works because there is a special build rule in Makefile that always
includes the drivers/serial directory.

It is better to have all driver directories included by drivers/Makefile
and there is already a rule in there for this purpose. It just needs a
Kconfig for U-Boot proper, so add one.

It is always enabled, for now, since that mimics the current behaviour.
It should be possible to drop the strange 'SERIAL_PRESENT' option at some
point and use SERIAL instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:02 -04:00
Simon Glass
2a73606668 serial: Rename SERIAL_SUPPORT to SERIAL
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 12:26:01 -04:00
Simon Glass
73c6ff6aac rtc: Rename RTC_SUPPORT to RTC
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 11:42:41 -04:00
Simon Glass
15042e7b9b pch: Rename PCH_SUPPORT to PCH
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-04 11:42:41 -04:00
Simon Glass
103c5f1806 mmc: Rename MMC_SUPPORT to MMC
Rename these options so that CONFIG_IS_ENABLED can be used with them.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
[trini: Fixup some incorrect renames]
Signed-off-by: Tom Rini <trini@konsulko.com>
2021-09-04 11:42:41 -04:00
Masahisa Kojima
538c0f2d37 efi_loader: fix efi_tcg2_hash_log_extend_event() parameter check
TCG EFI Protocol Specification defines that PCRIndex parameter
passed from caller must be 0 to 23.
TPM2_MAX_PCRS is currently used to check the range of PCRIndex,
but TPM2_MAX_PCRS is tpm2 device dependent and may have larger value.
This commit newly adds EFI_TCG2_MAX_PCR_INDEX macro, it is used to
check the range of PCRIndex parameter.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-09-04 12:03:57 +02:00
Masahisa Kojima
db3ed2cf9c efi_loader: fix boot_service_capability_min calculation
TCG EFI Protocol Specification requires to the input
ProtocolCapability.Size < size of the EFI_TCG2_BOOT_SERVICE_CAPABILITY
up to and including the vendor ID field.
Current implementation does different calculation, let's fix it.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-04 12:03:57 +02:00
Masahisa Kojima
580d7242b1 efi_loader: add missing parameter check for EFI_TCG2_PROTOCOL api
TCG EFI Protocol Specification defines the required parameter
checking and return value for each API.
This commit adds the missing parameter check and
fixes the wrong return value to comply the specification.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
7219856dae efi_loader: correct determination of secure boot state
When U-Boot is started we have to use the existing variables to determine
in which secure boot state we are.

* If a platform key PK is present and DeployedMode=1, we are in deployed
  mode.
* If no platform key PK is present and AuditMode=1, we are in audit mode.
* Otherwise if a platform key is present, we are in user mode.
* Otherwise if no platform key is present, we are in setup mode.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
b191aa429e efi_loader: efi_auth_var_type for AuditMode, DeployedMode
Writing variables AuditMode and DeployedMode serves to switch between
Secure Boot modes. Provide a separate value for these in efi_auth_var_type.

With this patch the variables will not be read from from file even if they
are marked as non-volatile by mistake.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
9ef82e2947 efi_loader: don't load signature database from file
The UEFI specification requires that the signature database may only be
stored in tamper-resistant storage. So these variable may not be read
from an unsigned file.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
f3a343d733 efi_loader: rounding of image size
We should not first allocate memory and then report a rounded up value as
image size. Instead first round up according to section allocation and then
allocate the memory.

Fixes: 82786754b9 ("efi_loader: ImageSize must be multiple of SectionAlignment")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2021-09-04 12:03:57 +02:00
Heinrich Schuchardt
1ea133acd6 efi_loader: sections with zero VirtualSize
In a section header VirtualSize may be zero. This is for instance seen in
the .sbat section of shim. In this case use SizeOfRawData as section size.

Fixes: 9d30a941cc ("efi_loader: don't load beyond VirtualSize")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Asherah Connor <ashe@kivikakk.ee>
2021-09-04 12:03:57 +02:00