Commit graph

124 commits

Author SHA1 Message Date
Steven Lawrance
05b0f241f2 boot: image-pre-load: Check environment for location of signature info
Setting an alternative signature info node in "pre_load_sig_info_path"
allows verification of an image using the bootm pre-load mechanism with
a different key, e.g.: setenv pre_load_sig_info_path "/alt/sig" ; bootm
preload [addr]

Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-10-11 15:40:48 -04:00
Steven Lawrance
7c5eeb8309 image-pre-load: Move macros/definitions to image.h
Putting these definitions in a header will allow signatures to be
validated independently of bootm.

Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-10-11 15:40:48 -04:00
Edoardo Tomelleri
35821a25c1 cmd: pxe: add alias devicetree-overlay for fdtoverlays
This adds keyword devicetree-overlay as an alias for fdtoverlays in
extlinux (sysboot) and pxe to better follow the Boot Loader Specification
[1], improves documentation around them by adding an example for both
fdtoverlays and devicetree-overlay and the environment variable required
for this feature. The link for the spec is updated to the current one.

[1] https://systemd.io/BOOT_LOADER_SPECIFICATION/

Signed-off-by: Edoardo Tomelleri <e.tomell@gmail.com>
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
2022-10-11 15:40:48 -04:00
Simon Glass
b7bd94f1a8 dm: core: Split ofnode_path_root() into two functions
This function turns out to be a little confusing since it looks up a path
and also registers the tree. Split it into two, one that gets the root
node and one that looks up a path, so the purpose is clear.

Registering the tree will happen in a function to be added in a later
patch, called oftree_from_fdt().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 22:43:43 -04:00
Simon Glass
b215b6034c event: Pass the images to EVT_FT_FIXUP
Pass the boot images along as well, in case the fixups need to look at
them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:58 -04:00
Simon Glass
f3543e6944 treewide: Drop image_header_t typedef
This is not needed and we should avoid typedefs. Use the struct instead
and rename it to indicate that it really is a legacy struct.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Simon Glass
da79b2f25e treewide: Drop image_info_t typedef
This is not needed and we should avoid typedefs. Use the struct instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Simon Glass
d9d7c20b73 treewide: Drop bootm_headers_t typedef
This is not needed and we should avoid typedefs. Use the struct instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Pali Rohár
efc3f9526f boot: Call flush() before booting
In a lot of cases kernel resets UART HW. To ensure that U-Boot messages
printed before booting the kernel are not lost, call new U-Boot console
flush() function.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-09-24 11:34:38 -04:00
Tom Rini
e9a1ff9724 Merge branch 'master' into next
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-09-19 16:07:12 -04:00
Stefan Roese
29caf9305b cyclic: Use schedule() instead of WATCHDOG_RESET()
Globally replace all occurances of WATCHDOG_RESET() with schedule(),
which handles the HW_WATCHDOG functionality and the cyclic
infrastructure.

Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com> [am335x_evm, mx6cuboxi, rpi_3,dra7xx_evm, pine64_plus, am65x_evm, j721e_evm]
2022-09-18 10:26:33 +02:00
Simon Glass
9c2e9128f3 image: Drop some other #ifdefs in image-board.c
Remove all but a few that are difficult, relying on legacy CONFIG options
or optional global_data fields.

Drop the duplicate function name in the comment for boot_get_cmdline().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:07 -04:00
Simon Glass
20f5d83fb1 image: Correct indentation in select_ramdisk()
Finish off the refactoring by correcting the indent levels. Note that this
does not include any functional changes.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:07 -04:00
Simon Glass
ca78883fdc image: Drop remaining FIT #ifdef
Drop the last one of these, by using a done_select variable to control
whether to fall back to using 'select' as a hex value.

Note that the indentation is not adjusted, to make this easier to review.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:07 -04:00
Simon Glass
1a68c039c5 image: Drop another #ifdef for FIT
Drop the prenultimate one of these from select_ramdisk().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
f7659f69f7 image: Drop one #ifdef for FIT
Drop the #ifdef from near the end of select_ramdisk(). Move some variables
to the top of the function to make this work.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
0f81af4897 image: Drop #ifdefs for LEGACY_IMAGE_FORMAT
Use if() instead of the #ifdef in select_ramdisk().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
4f2d94129d image: Track when ramdisk processing is completed
The current switch default is tricky since it relies on #ifdefs to work.
Use a bool instead.

Also fix the comment on @select, since it has a dual purpose.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
1ce8e10f3b image: Fix up ANDROID_BOOT_IMAGE ramdisk code
Convert this to an if(), fix the cast from an address to a pointer and
make sure that any error is returned correctly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Sean Anderson
37feaf2f72 image: fit: Add some helpers for getting data
Several different firmware users have repetitive code to extract the
firmware data from a FIT. Add some helper functions to reduce the amount
of repetition. fit_conf_get_prop_node (eventually) calls
fdt_check_node_offset_, so we can avoid an explicit if. In general, this
version avoids printing on error because the callers are typically
library functions, and because the FIT code generally has (debug)
prints of its own. One difference in these helpers is that they use
fit_image_get_data_and_size instead of fit_image_get_data, as the former
handles external data correctly.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:44 +08:00
Pali Rohár
5acfdfbd43 bootm: Fix upper bound of FDT overlap checks
FTD blob can be put immediately after the OS image.
So use strict inequality for start address check.

Fixes: fbde7589ce ("common: bootm: add checks to verify if ramdisk / fdtimage overlaps OS image")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31 12:21:47 -04:00
Daniel Golle
88de6c5127 image-fit: don't set compression if it can't be read
fit_image_get_comp() should not set value -1 in case it can't read
the compression node. Instead, leave the value untouched in that case
as it can be absent and a default value previously defined by the
caller of fit_image_get_comp() should be used.

As a result the warning message
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
no longer shows if the compression node is actually absent.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31 12:21:47 -04:00
Daniel Golle
0cd57f29e4 bootm: fix typo imape_comp -> image_comp
Change variable name 'imape_comp' to the supposedly intended name
'image_comp'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31 12:21:47 -04:00
Dario Binacchi
c2ee5ee7b3 Rename disto_[pxe_]getfile to distro_[pxe_]getfile
Replace 'disto' with 'distro' since they are all functions about distro
booting.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
2022-08-26 16:33:48 -06:00
Heinrich Schuchardt
49740e0255 boot: simplify bootmeth_vbe_simple_ft_fixup()
Don't assign a value to a variable if it is not used afterwards.
Move variables to the code fragment where they are used.

Addresses-Coverity: CID 356243 ("Code maintainability issues (UNUSED_VALUE)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-26 16:32:59 -06:00
Heinrich Schuchardt
d81eeacd48 boot: fix vbe_find_first_device()
uclass_find_first_device() may return NULL if no device for the uclass
exists. Handle this case gracefully.

Addresses-Coverity: CID 356244 ("Null pointer dereferences (FORWARD_NULL)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-26 16:32:59 -06:00
Tom Rini
40ed7be4af Convert CONFIG_SYS_FDT_PAD to Kconfig
This converts the following to Kconfig:
   CONFIG_SYS_FDT_PAD

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-12 16:10:50 -04:00
Simon Glass
cb47e21acb vbe: Support VBE simple
Add support for VBE simple, which permits firmware update of a single
image stored in MMC or another block device.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
4c7418f3ef vbe: Add initial support for VBE
Create a new bootmeth for VBE along with a library to handle finding the
VBE methods.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
98887ab802 event: Add an event for device tree fixups
At present there is a confusing array of functions that handle the
device tree fix-ups needed for booting an OS. We should be able to switch
to using events to clean this up.

As a first step, create a new event type and call it from the standard
place.

Note that this event uses the ofnode interface only, since this can
support live tree which is more efficient when making lots of updates.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
2ff5490d7d bootstd: Drop the system bootdev
This was a work-around for the fact that global bootmeths such as EFI
bootmgr and VBE don't use a particular bootdev, or at least select it
themselves so that we don't need to scan all bootdevs when using that
bootmeth.

Drop the system bootdev entirely.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
bd18b69de1 bootstd: Always create the EFI bootmgr bootmeth
Now that we can separate this out from the normal bootmeths, update the
code to create it always.

We cannot rely on the device tree to create this, since the EFI project
is quite opposed to having anything in the device tree that helps U-Boot
with its processing.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
c627cfc14c bootstd: Allow scanning for global bootmeths separately
Typically we want to find and use global bootmeths first, since they have
the best idea of how the system should boot. We then use normal bootmeths
as a fallback.

Add the logic for this, putting global bootmeths at the end of the
ordering. We can then easily scan the global bootmeths first, then drop
them from the list for subsequent bootdev-centric scans.

This changes the ordering of global bootmeths, so update the
bootflow_system() accordingly.

Drop the comment from bootmeth_setup_iter_order() since this is an
exported function and it should be in the header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
2b80bc1eee bootstd: Support bootflows with global bootmeths
Add support for handling this concept in bootflows. Update the 'bootflow'
command to allow only the normal bootmeths to be used. This alllows
skipping EFI bootmgr and VBE, for example.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
eccb25cd59 bootstd: Allow the bootdev to be optional in bootflows
With global bootmeths we want to scan without a bootdev. Update the logic
to allow this.

Change the bootflow command to show the bootdev only when valid.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:11 -04:00
Simon Glass
2662b54d70 bootstd: Allow EFI bootmgr to support an invalid bootflow
For most testing we don't want this bootmeth to actually do anything. For
the one test where we do, add a test hook to obtain the correct behaviour.
This will allow us to bind the device always, rather than just doing it
for this test.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:10 -04:00
Simon Glass
bc06aa035d bootstd: Allow bootmeths to be marked as global
The current way of handling things like EFI bootmgr is a bit odd, since
that bootmeth handles selection of the bootdev itself. VBE needs to work
the same way, so we should support it properly.

Add a flag that indicates that the bootmeth is global, rather than being
invoked on each bootdev. Provide a helper to read a bootflow from the
bootmeth.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:17:10 -04:00
Simon Glass
a18686cda1 bootstd: Tidy up var naming in bootdev_setup_iter_order()
Avoid using 'count' to mean either a count or an error, since this is
confusing. In fact, the called function never return 0, since that is an
error.

Use 'ret' instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:14:24 -04:00
Simon Glass
988cacaeed bootstd: Provide a bootmeth method to obtain state info
Some bootmeths can provide information about what is available to boot.
For example, VBE simple provides access to the firmware state.

Add a new method for this, along with a sandbox test.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:14:24 -04:00
Simon Glass
10d16faa43 bootstd: Detect empty bootmeth ordering
If the ordering produces no entries, this is an error. Report it, so that
the caller doesn't try to continue with a NULL bootmeth.

This fixes a crash in the bootflow_iter test when running with the sandbox
'default' device tree, instead of the required 'test' one.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-12 08:14:24 -04:00
Tom Rini
157861e6af dtoc fixes with pylint, tests
-----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCAAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmL0CnERHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreYWvAf/UvHP3sFOjXdmP8Y9fV7dnRuFXl0NxGyt
 PBEUoueVncnMSstAXq+yEz9JgMHF/Xl2k5tbwUXqJ8v8DUN8s2N6eqcHxr6nXy6F
 X1M9pIwtzJYtP4O/fgDLgxvZDue6FVORkteJkS1BOB6Y361ILsdXrhLSuoXT4xBd
 PXptUBdn7z+mF1F1Uj3ar+MJVd7gcdfVNwr49Zh6C/+6VRj6dcQj5rQrOMKDHJvn
 qTI74nzG+wmvf+cCiOlrMrqQYnBBy8p4wds6WRhXsffWv1Yk/jZBSUO7a2Z+WjAn
 tT5fxGyVwaDPi4OnH6cQvfKr5rlqPfDKotqkbyHZZs4PXOmqpF9pDQ==
 =kaqt
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-9aug22-take2' of https://source.denx.de/u-boot/custodians/u-boot-dm

dtoc fixes with pylint, tests
2022-08-11 08:47:20 -04:00
John Keeping
be43a35bff boot: allow bootmeth-distro without CONFIG_NET
Remove the dependency on CMD_PXE from BOOTMETH_DISTRO by introducing a
new hidden kconfig symbol to control whether pxe_utils is compiled,
allowing bootstd's distro method to be compiled without needing
networking support enabled.

Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Correct build errors when CMD_BOOTM is not enabled:
Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-10 13:42:56 -06:00
Simon Glass
4e4bf9449b common: Drop display_options.h from common header
Move this out of the common header and include it only where needed.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-08-10 13:46:55 -04:00
Simon Glass
5579ce747d Revert "Revert "global: Remove CONFIG_SYS_EXTRA_OPTIONS support""
This is not needed now that CONFIG_SYS_TARGET_NAME is correctly determined
when scanning Kconfig.

This reverts commit 25b8acee2e.

Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2022-08-05 11:47:56 -04:00
Tom Rini
cc1015f4a9 flash: Remove pic32_flash.c
As the only pic32 platform does not enable flash, this is dead code.
Remove it.

Cc: Purna Chandra Mandal <purna.mandal@microchip.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-08-04 16:18:47 -04:00
Oleksandr Suvorov
a3a1afb747 fpga: zynqmp: support loading authenticated images
Add supporting new compatible string "u-boot,zynqmp-fpga-ddrauth" to
handle loading authenticated images (DDR).

Based on solution by Jorge Ramirez-Ortiz <jorge@foundries.io>

Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Link: https://lore.kernel.org/r/20220722141614.297383-13-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-07-26 09:34:21 +02:00
Oleksandr Suvorov
282eed50ec fpga: pass compatible flags to fpga_load()
These flags may be used to check whether an FPGA driver is able to
load a particular FPGA bitstream image.

Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com>
Link: https://lore.kernel.org/r/20220722141614.297383-7-oleksandr.suvorov@foundries.io
Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-07-26 09:34:21 +02:00
Ashok Reddy Soma
65168910ad zynqmp: Run board_get_usable_ram_top() only on main U-Boot
With commit ce39ee28ec ("zynqmp: Do not place u-boot to reserved memory
location"), the function board_get_usable_ram_top() is allocating
MMU_SECTION_SIZE of about 2MB using lmb_alloc(). But we dont have this
much memory in case of mini U-Boot.

Keep these functions which use lmb under CONFIG_LMB so that they are
compiled and used only when LMB is enabled.

Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>

Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/75e52def75f573e554a6b177a78504c128cb0c4a.1657183534.git.michal.simek@amd.com
2022-07-26 08:23:54 +02:00
Heinrich Schuchardt
085cbdafca pxe: simplify label_boot()
Coverity CID 131256 indicates a possible buffer overflow in label_boot().
This would only occur if the size of the downloaded file would exceed 4
GiB. But anyway we can simplify the code by using snprintf() and checking
the return value.

Addresses-Coverity-ID: 131256 ("Security best practices violations (STRING_OVERFLOW)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
2022-07-18 17:21:49 +02:00
Tom Rini
36b661dc91 Merge branch 'next' 2022-07-11 14:58:57 -04:00