Setting an alternative signature info node in "pre_load_sig_info_path"
allows verification of an image using the bootm pre-load mechanism with
a different key, e.g.: setenv pre_load_sig_info_path "/alt/sig" ; bootm
preload [addr]
Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Putting these definitions in a header will allow signatures to be
validated independently of bootm.
Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This adds keyword devicetree-overlay as an alias for fdtoverlays in
extlinux (sysboot) and pxe to better follow the Boot Loader Specification
[1], improves documentation around them by adding an example for both
fdtoverlays and devicetree-overlay and the environment variable required
for this feature. The link for the spec is updated to the current one.
[1] https://systemd.io/BOOT_LOADER_SPECIFICATION/
Signed-off-by: Edoardo Tomelleri <e.tomell@gmail.com>
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
This function turns out to be a little confusing since it looks up a path
and also registers the tree. Split it into two, one that gets the root
node and one that looks up a path, so the purpose is clear.
Registering the tree will happen in a function to be added in a later
patch, called oftree_from_fdt().
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not needed and we should avoid typedefs. Use the struct instead
and rename it to indicate that it really is a legacy struct.
Signed-off-by: Simon Glass <sjg@chromium.org>
In a lot of cases kernel resets UART HW. To ensure that U-Boot messages
printed before booting the kernel are not lost, call new U-Boot console
flush() function.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Globally replace all occurances of WATCHDOG_RESET() with schedule(),
which handles the HW_WATCHDOG functionality and the cyclic
infrastructure.
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com> [am335x_evm, mx6cuboxi, rpi_3,dra7xx_evm, pine64_plus, am65x_evm, j721e_evm]
Remove all but a few that are difficult, relying on legacy CONFIG options
or optional global_data fields.
Drop the duplicate function name in the comment for boot_get_cmdline().
Signed-off-by: Simon Glass <sjg@chromium.org>
Finish off the refactoring by correcting the indent levels. Note that this
does not include any functional changes.
Signed-off-by: Simon Glass <sjg@chromium.org>
Drop the last one of these, by using a done_select variable to control
whether to fall back to using 'select' as a hex value.
Note that the indentation is not adjusted, to make this easier to review.
Signed-off-by: Simon Glass <sjg@chromium.org>
Drop the #ifdef from near the end of select_ramdisk(). Move some variables
to the top of the function to make this work.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current switch default is tricky since it relies on #ifdefs to work.
Use a bool instead.
Also fix the comment on @select, since it has a dual purpose.
Signed-off-by: Simon Glass <sjg@chromium.org>
Convert this to an if(), fix the cast from an address to a pointer and
make sure that any error is returned correctly.
Signed-off-by: Simon Glass <sjg@chromium.org>
Several different firmware users have repetitive code to extract the
firmware data from a FIT. Add some helper functions to reduce the amount
of repetition. fit_conf_get_prop_node (eventually) calls
fdt_check_node_offset_, so we can avoid an explicit if. In general, this
version avoids printing on error because the callers are typically
library functions, and because the FIT code generally has (debug)
prints of its own. One difference in these helpers is that they use
fit_image_get_data_and_size instead of fit_image_get_data, as the former
handles external data correctly.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
FTD blob can be put immediately after the OS image.
So use strict inequality for start address check.
Fixes: fbde7589ce ("common: bootm: add checks to verify if ramdisk / fdtimage overlaps OS image")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
fit_image_get_comp() should not set value -1 in case it can't read
the compression node. Instead, leave the value untouched in that case
as it can be absent and a default value previously defined by the
caller of fit_image_get_comp() should be used.
As a result the warning message
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
no longer shows if the compression node is actually absent.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Change variable name 'imape_comp' to the supposedly intended name
'image_comp'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Don't assign a value to a variable if it is not used afterwards.
Move variables to the code fragment where they are used.
Addresses-Coverity: CID 356243 ("Code maintainability issues (UNUSED_VALUE)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
uclass_find_first_device() may return NULL if no device for the uclass
exists. Handle this case gracefully.
Addresses-Coverity: CID 356244 ("Null pointer dereferences (FORWARD_NULL)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add support for VBE simple, which permits firmware update of a single
image stored in MMC or another block device.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present there is a confusing array of functions that handle the
device tree fix-ups needed for booting an OS. We should be able to switch
to using events to clean this up.
As a first step, create a new event type and call it from the standard
place.
Note that this event uses the ofnode interface only, since this can
support live tree which is more efficient when making lots of updates.
Signed-off-by: Simon Glass <sjg@chromium.org>
This was a work-around for the fact that global bootmeths such as EFI
bootmgr and VBE don't use a particular bootdev, or at least select it
themselves so that we don't need to scan all bootdevs when using that
bootmeth.
Drop the system bootdev entirely.
Signed-off-by: Simon Glass <sjg@chromium.org>
Now that we can separate this out from the normal bootmeths, update the
code to create it always.
We cannot rely on the device tree to create this, since the EFI project
is quite opposed to having anything in the device tree that helps U-Boot
with its processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Typically we want to find and use global bootmeths first, since they have
the best idea of how the system should boot. We then use normal bootmeths
as a fallback.
Add the logic for this, putting global bootmeths at the end of the
ordering. We can then easily scan the global bootmeths first, then drop
them from the list for subsequent bootdev-centric scans.
This changes the ordering of global bootmeths, so update the
bootflow_system() accordingly.
Drop the comment from bootmeth_setup_iter_order() since this is an
exported function and it should be in the header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for handling this concept in bootflows. Update the 'bootflow'
command to allow only the normal bootmeths to be used. This alllows
skipping EFI bootmgr and VBE, for example.
Signed-off-by: Simon Glass <sjg@chromium.org>
With global bootmeths we want to scan without a bootdev. Update the logic
to allow this.
Change the bootflow command to show the bootdev only when valid.
Signed-off-by: Simon Glass <sjg@chromium.org>
For most testing we don't want this bootmeth to actually do anything. For
the one test where we do, add a test hook to obtain the correct behaviour.
This will allow us to bind the device always, rather than just doing it
for this test.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current way of handling things like EFI bootmgr is a bit odd, since
that bootmeth handles selection of the bootdev itself. VBE needs to work
the same way, so we should support it properly.
Add a flag that indicates that the bootmeth is global, rather than being
invoked on each bootdev. Provide a helper to read a bootflow from the
bootmeth.
Signed-off-by: Simon Glass <sjg@chromium.org>
Avoid using 'count' to mean either a count or an error, since this is
confusing. In fact, the called function never return 0, since that is an
error.
Use 'ret' instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some bootmeths can provide information about what is available to boot.
For example, VBE simple provides access to the firmware state.
Add a new method for this, along with a sandbox test.
Signed-off-by: Simon Glass <sjg@chromium.org>
If the ordering produces no entries, this is an error. Report it, so that
the caller doesn't try to continue with a NULL bootmeth.
This fixes a crash in the bootflow_iter test when running with the sandbox
'default' device tree, instead of the required 'test' one.
Signed-off-by: Simon Glass <sjg@chromium.org>
Remove the dependency on CMD_PXE from BOOTMETH_DISTRO by introducing a
new hidden kconfig symbol to control whether pxe_utils is compiled,
allowing bootstd's distro method to be compiled without needing
networking support enabled.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Correct build errors when CMD_BOOTM is not enabled:
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not needed now that CONFIG_SYS_TARGET_NAME is correctly determined
when scanning Kconfig.
This reverts commit 25b8acee2e.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
As the only pic32 platform does not enable flash, this is dead code.
Remove it.
Cc: Purna Chandra Mandal <purna.mandal@microchip.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
These flags may be used to check whether an FPGA driver is able to
load a particular FPGA bitstream image.
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Link: https://lore.kernel.org/r/20220722141614.297383-7-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
With commit ce39ee28ec ("zynqmp: Do not place u-boot to reserved memory
location"), the function board_get_usable_ram_top() is allocating
MMU_SECTION_SIZE of about 2MB using lmb_alloc(). But we dont have this
much memory in case of mini U-Boot.
Keep these functions which use lmb under CONFIG_LMB so that they are
compiled and used only when LMB is enabled.
Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/75e52def75f573e554a6b177a78504c128cb0c4a.1657183534.git.michal.simek@amd.com
Coverity CID 131256 indicates a possible buffer overflow in label_boot().
This would only occur if the size of the downloaded file would exceed 4
GiB. But anyway we can simplify the code by using snprintf() and checking
the return value.
Addresses-Coverity-ID: 131256 ("Security best practices violations (STRING_OVERFLOW)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>