"TCG PC Client Platform Firmware Profile Specification"
requires to measure every attempt to load and execute
a OS Loader(a UEFI application) into PCR[4].
This commit adds the PE/COFF image measurement, extends PCR,
and appends measurement into Event Log.
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Replace CONFIG_HASH_CALCULATE by CONFIG_HASH
Fix conversions between pointers and u64.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The hash_calculate() symbol is provided by hash-checksum.c. It depends
on hash_progressive_lookup_algo(), provided when CONFIG_HASH=y.
The issue is that hash_calculate() is used by the efi_loader,
irregardless of CONFIG_FIT_SIGNATURE. As pointed out in
commit 87316da05f ("lib: introduce HASH_CALCULATE option"),
enabling hash_calculate() based on CONFIG_FIT_SIGNATURE is incorrect.
To resolve this, use CONFIG_HASH as the compile switch for
hash-checksum.c. This ensures that all dependencies are compiled, and
is the most natural Kconfig to use.
There is the issue of having to 'select HASH' in a couple of places
that already 'select SHA256'. This is a deeper problem with how hashes
are organized, and fixing it is beyonf the scope of this change.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Acked-by: Masahisa Kojima <masahisa.kojima@linaro.org>
When we think of Kconfig, we usually think of features that we like
to enable or not. Ideally, we wouldn't use Kconfig to fix a build
issue, although sometimes it might make sense. With Kconfig it's hard
to guarantee that the fix is universal. We can only say that it works
for the set of tested configurations. In the majority of cases, it's
preferable to let the linker figure things out for us.
The reverted commit attempted to fix a build issue by adding an
invisible Kconfig option. This is wrong in several ways:
It invents a new Kconfig variable when CONFIG_HASH already
exists for the same purpose.
Second, hash-checksum.c makes use of the hash_progressive_lookup_algo()
symbol, which is only provided with CONFIG_HASH, but this dependency
was not expressed in the reverted patch.
It feels like Kconfig is turning into a listing of all available
source files, and a buffet to 'select' which ones to compile. The
purpose of this revert is to enable the next change to make use of
CONFIG_HASH instead of adding to Kconfig.
This reverts commit 87316da05f.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Acked-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Coverity reported 3 warnings on the current code.
CID 331856, 331855, 331854 on the latest scan.
Fix the rest of the warnings by initializing the variables before
passing them to tpm2_get_pcr_info().
In order to avoid future warnings and errors initialize them to 0 within
the function as well, since the values are always OR'ed after querying the
hardware.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Enable the true random number generator. It can be used, for example, to
generate partition UUIDs when partitioning with the gpt command. The
generator is already enabled in the device trees of several other
STM32MP1‐based boards, like DKx or DHCOM.
Signed-off-by: Grzegorz Szymaszek <gszymaszek@short.pl>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
The CMD_UNZIP provides the 'gzwrite' command, which is convenient
for writing e.g. gz-compressed images to eMMC from U-Boot.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
The CMD_UNZIP provides the 'gzwrite' command, which is convenient
for writing e.g. gz-compressed images to eMMC from U-Boot.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Currently the code sets eth1addr only if /ethernet1 alias exists in DT,
the node pointed to by the alias has "micrel,ks8851-mll" compatible
string, and the KSZ8851 CCR register read indicates programmed EEPROM
is not connected.
This is not sufficient to detect cases where the DT still contains the
KSZ8851 nodes, but the chip itself is not present. Extend the detection
to handle these cases.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Patrice Chotard <patrice.chotard@foss.st.com>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Adding new DH electronics mailing list.
Signed-off-by: Christoph Niedermaier <cniedermaier@dh-electronics.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
BITS_PER_LONG is used to represent register's size which is 32.
But when compiled on arch64, BITS_PER_LONG is then equal to 64.
Fix bank and offset computation to make it work on arch32 and
arch64 and ensure that register's size is always equal to 32.
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Signed-off-by: Pankaj Dev <pankaj.dev@st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Fix the result of DFU_OP_WRITE operation in mtd_block_op function
when mtd_lock is not supported (-EOPNOTSUPP) to avoid DFU stack
error on the DFU manifestation of the MTD device, when
dfu_flush_medium_mtd is called.
Without this patch, dfu-util failed on dfuERROR state at the end
of the write operation on the alternate even if MTD write
opeartion is correctly performed.
$> dfu-util -a 3 -D test.bin
....
DFU mode device DFU version 0110
Device returned transfer size 4096
Copying data from PC to DFU device
....
Download [=========================] 100% 225469 bytes
Download done.
state(10) = dfuERROR, status(14) = Something went wrong,
but the device does not know what it was Done!
Fixes: 65f3fc18fc ("dfu_mtd: Add provision to unlock mtd device")
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org>
MLO has increased to a size greater than the allocated
128 kB in dfu_alt_info_emmc and _mmc.
Therefore, double the allocated size for MLO.raw in
the default environment.
Signed-off-by: Faiz Abbas <faiz_abbas@ti.com>
Signed-off-by: Aswath Govindraju <a-govindraju@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Link: https://lore.kernel.org/r/20210419065027.5834-1-a-govindraju@ti.com
The AM64x SoC uses a central Device Management and Security Controller
(DMSC) processor that manages all the low-level device controls
including the system-wide SoC reset. The system-wide reset is managed
through the system reset driver.
Add a sysreset controller node as a child of the dmsc node to enable
the "reset" command from U-Boot prompt for the K3 AM642 SK.
Signed-off-by: Suman Anna <s-anna@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
The AM64x SoC uses a central Device Management and Security Controller
(DMSC) processor that manages all the low-level device controls
including the system-wide SoC reset. The system-wide reset is managed
through the system reset driver.
Add a sysreset controller node as a child of the dmsc node to enable
the "reset" command from U-Boot prompt for the K3 AM642 EVM.
Signed-off-by: Suman Anna <s-anna@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
The ti_sci_msg_req_reboot message payload has been extended to include a
domain field, but for the purposes of u-boot this should be zero to
reset the entire SoC as it did before. Include domain for completeness
and set to zero to ensure proper operation.
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>
Signed-off-by: Suman Anna <s-anna@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
The default U-Boot environment variables and design are all set up for
both the MAIN R5FSS clusters to be in Split-mode. This is the setting
in v2021.01 U-Boot and the dt nodes are synched with the kernel binding
property names in commit 468ec2f3ef ("remoteproc: k3_r5: Sync to
upstreamed kernel DT property names") merged in v2021.04-rc2.
The modes for both the clusters got switched back to LockStep mode by
mistake in commit 70e167495a ("arm: dts: k3-j721e: Sync Linux v5.11-rc6
dts into U-Boot") also in v2021.04-rc2. This throws the following warning
messages when early-booting the cores using default env variables,
k3_r5f_rproc r5f at 5d00000: Invalid op: Trying to start secondary core 7 in lockstep mode
Load Remote Processor 3 with data at addr=0x82000000 98484 bytes: Failed!
k3_r5f_rproc r5f at 5f00000: Invalid op: Trying to start secondary core 9 in lockstep mode
Load Remote Processor 5 with data at addr=0x82000000 98484 bytes: Failed!
Fix this by switching back both the clusters to the expected Split-mode.
Make this mode change in the u-boot specific dtsi file to avoid such
sync overrides in the future until the kernel dts is also switched to
Split-mode by default.
Fixes: 70e167495a ("arm: dts: k3-j721e: Sync Linux v5.11-rc6 dts into U-Boot")
Reported-by: Minas Hambardzumyan <minas@ti.com>
Signed-off-by: Suman Anna <s-anna@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
AM64x GP and SK EVM have DP83867 PHY connected to CPSW external port0.
Enable the driver in order to use ethernet at U-Boot prompt.
CONFIG_PHY_TI is selected by CONFIG_PHY_TI_DP83867 and thus can be dropped.
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
ut_asserteq_strn is defined twice. Remove one definition.
Fixes: 33d7edfd5f ("test: Add a way to check part of a console line or skip it")
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit 712cc962b7 ("GitLab: Remove "tags" stanzas") removed the 'all'
tag from all the jobs. The sandbox_noinst_test.py test was added in
between the author date and commit date (commit 6c914e4232
("azure/gitlab: Add tests for sandbox_noinst")) which is probably why it
still contains the tags. This commit fixes that so all jobs now don't
require tags on the GitLab runners.
Signed-off-by: Harm Berntsen <harm.berntsen@nedap.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Pratyush Yadav <p.yadav@ti.com>
Commit 1ba21bb06b ("test: Don't unmount not (yet) mounted system")
fixes an issue in the filesystem tests where the test setup may fail
to mount an image and still attempt to unmount it. However, the commit
unintentionally breaks the test setups in two ways.
The newly created unmounted filesystem images are being immediately
deleted due to some cleanup steps being misplaced into finally blocks,
which makes them always run instead of only on failures. The mount calls
always fail since the images never exist, causing the tests to be always
skipped. This patch moves these cleanup calls into the except blocks to
fix this and makes the tests run again.
There are also unmount calls misplaced into finally blocks, making them
run after the tests instead of before the tests. These unmount calls
make the filesystem image file consistent with the changes made to it as
part of the test setup, and this misplacement is making a number of
tests fail unexpectedly.
The unmount calls must be run before the tests use the image, meaning
before the yield call and not in the finally block. They must also be
run as a cleanup step when the filesystem setup fails, so they can't be
placed as the final call in the try blocks since they would be skipped
on such failures. For these reasons, this patch places the unmount calls
both in the except blocks and the else blocks of the final setup step.
This makes the unexpectedly failing tests to succeed again.
Furthermore, this isolates the mount calls to their own try-except
statement to avoid reintroducing the original issue of unmounting a
not-mounted image while fixing the unmount misplacement.
After these fixes, running "make tests" with guestmount available results
in two test failures not related to the mentioned commit. If the
guestmount executables are unavailable, the mounts fallback to using
sudo and result in no failures.
Fixes: 1ba21bb06b ("test: Don't unmount not (yet) mounted system")
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
A lot of entries were using spaces instead of tab for alignment that's why
it is good to fix it to use the same style everywhere.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The superblock buffer must be cache aligned, since it might be used
in DMA context, allocate it using ALLOC_CACHE_ALIGN_BUFFER() just
like it was done in btrfs_read_superblock() and read_tree_node().
This fixes this output on boot and non-working btrfs on iMX53:
CACHE: Misaligned operation at range [ced299d0, ced2a9d0]
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Marek Behún <marek.behun@nic.cz>
Cc: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
When reading directories the UEFI sub-system must supply file attributes
and timestamps. These fields will have to be added to struct fs_dirent.
SquashFS should not fill these fields with random data. Ensure that they
are zeroed out.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
The assembly output of the arch_initr_trap() function differed by a
single byte after common.h was removed from traps.c:
fff49a18 <arch_initr_trap>:
fff49a18: 94 21 ff f0 stwu r1,-16(r1)
fff49a1c: 7c 08 02 a6 mflr r0
fff49a20: 90 01 00 14 stw r0,20(r1)
-fff49a24: 80 62 00 44 lwz r3,68(r2)
+fff49a24: 80 62 00 38 lwz r3,56(r2)
fff49a28: 4b ff 76 19 bl fff41040 <trap_init>
fff49a2c: 80 01 00 14 lwz r0,20(r1)
fff49a30: 38 60 00 00 li r3,0
fff49a34: 38 21 00 10 addi r1,r1,16
fff49a38: 7c 08 03 a6 mtlr r0
This was causing a consistent hard lockup during the MMC read / loading
of the QoriQ FMan firmware on a P2041RDB board.
Re-adding the header causes identical assembly to be emitted and allows
the firmware loading and subsequent boot to succeed.
Fixes: 401d1c4f5d ("common: Drop asm/global_data.h from common header")
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
Some callers (e.g. cmd/fs.c) of fs_set_blk_dev may use a NULL dev_part_str.
While blk_get_device_part_str handles this fine,
part_get_info_by_dev_and_name does not. This fixes commands crashing when
implicitly using bootdevice.
The unit test has also been updated to set bootdevice to a known value and
to restore it after we are done.
Fixes: 7194527b6a ("cmd: fs: Use part_get_info_by_dev_and_name_or_num to parse partitions")
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
If reg property of pinctrl-single node requires address translation then
probe fails with following message:
single-pinctrl pinctrl@4301c000: failed to get base register size
This is because driver uses dev_read_addr_size() to get size which also
tries to fetch untranslated addr and fails.
Fix this by using dev_read_addr_size_index() which takes care of address
translation and also makes following dev_read_addr() call redundant.
This fixes Ethernet failures on TI's AM654 based EVMs due to lack of
pinmux configuration.
Fixes: 9fd8a430f3 ("pinctrl: single: get register area size by device API")
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
With the last user of this driver removed, remove the driver.
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Remove qemu_mips boards because DM migration doesn't make sense.
The board support for qemu_mips is already marked as deprecated
in Qemu in favour of the Malta board. Also qemu_mips support
has been removed from Linux a long time ago.
The official replacement is the Malta board. The same Malta U-Boot
image can be used with Qemu and on physical hardware.
All combinations of Big Endian and Little Endian as well as 32 bit
and 64 bit are supported.
Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
This patch makes the necessary adjustments in the defconfig to fully
support the CFI flash on the Octeon EBB7304.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Aaron Williams <awilliams@marvell.com>
Cc: Chandrakala Chavva <cchavva@marvell.com>
Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Compiling with -Wextra produces a number of (harmless) warnings for the EFI
TCG2 protocol. Let's fix those in case we ever enable the flag on the EFI
subsystem
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Use efi_get_variable_int() instead of EFI_CALL(RT->get_variable()).
Use efi_set_variable_int() instead of EFI_CALL(efi_set_variable()).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Simplify the creation of indexed variable names like 'Boot0000' by using
function efi_create_indexed_name().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To print a UTF-16 string use %ls instead of converting string to UTF-8.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To print a UTF-16 string use %ls instead of converting string to UTF-8.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Before this patch efi_dp_from_name() only accommodated a maximum file path
length of 31 characters. This leads to boot failures due to file name
truncation.
Allow arbitrary path lengths.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This is preparation for PE/COFF measurement support.
PE/COFF image hash calculation is same in both
UEFI Secure Boot image verification and measurement in
measured boot. PE/COFF image parsing functions are
gathered into efi_image_loader.c, and exposed even if
UEFI Secure Boot is not enabled.
This commit also adds the EFI_SIGNATURE_SUPPORT option
to decide if efi_signature.c shall be compiled.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Configuring a system with CONFIG_EFI_CAPSULE_AUTHENTICATE=y but without a
method to retrieve the public key data is a misconfiguration. We should get
a build failure for it. Therefore remove the weak efi_get_public_key_data()
implementation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Add LTO (link time optimization) support to the build system and
enable it on a few boards. This is an alternative to using
-ffunction-sections/-fdata-sections and --gc-sections at link time to
remove unused code. This can result in notable savings, but needs
testing on each platform before use as it can expose problems by
optimizing away various functionally necessary calls.
With better compiler optimizations available, a compiler may see we do
nothing with our buffer after calling memset and omit the call, thus
causing us to not smash the stack. Add a comment to explain why we now
also have a printf call, so that the test will pass as the memset will
not be omitted.
Reported-by: Marek Behún <marek.behun@nic.cz>
Signed-off-by: Tom Rini <trini@konsulko.com>
Enable LTO for some boards that were tested by people on U-Boot Mailing
List.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Tested-by: Adam Ford <aford173@gmail.com>
Tested-by: Pali Rohár <pali@kernel.org>
Tested-by: Tim Harvey <tharvey@gateworks.com>
When using LTO, we can throw away the --gc-sections flag, but only if
using private libgcc.
When using system's libgcc, --gc-sections is still needed, otherwise
linking will fail due to undefined references to libc's symbols.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Simon Glass <sjg@chromium.org>