Documentation:
* Provide page with links to talks on U-Boot
UEFI:
* Enable CTRL+S to save the boot order in eficonfig command
* Run attribute check for QueryVariableInfo() only for the file store
* Bug fixes
Others:
* Improve output formatting of the coninfo command
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmPme8EACgkQxIHbvCwF
GsTJ6RAAiDVG2OFTodxLFVhzxoorrIf/piMZDxtc1ClRxF7CPe5CET18bHp0hvvw
qKJW+dk3aCUSr+E1Ma9ndAHI+/mKmEXudZj/XuUyxlVhm9P8Fw2EQRGZFeogdp0v
/tMB8c7DjW5kTg39/U3z3F7qo6ifs1I8rGcxAhvU38iuOmmIai6AZH1cEq2P2zY9
JdHPzSCVz4TOGzmhJD3wxYMn+DjsLxIT0tggGPRJzXGaAdZdLS7cl/X52rabV/Tq
aJXhjpWNl7RUiNiQbKMtltbmkJQ2MpHkhLGDj2/3H2W5sbpIx0GwDs7r0GSKJ0Ba
6ycn5NBjP3C3gcl91oWJXrzux6LN2aWqe45lgOLpL2H2pPaRlDebBEdDA+oNQKoo
mqX8pMbLfpb3nhg/fOXo/YDZ5Uug42fmpjj3Vu5+imjq9jL+tr5lxZ2oDpsUyT51
MvQXohYTfsYNHQm7M4BzGIuA66WwCJ5TJ3D/YmwdDWPnCCN+QAUMI2/d8Osbct6W
OBGaoZQoRpPZV62+mrHloXW9j8sapcQfJGejdby7S1bxagF/KG/BLXGCWH/HdWCc
TsnW+bOOF4N9gIyyyu3yRfHyE7pIyszWlNwRAuPzjwG0dxEbkboA/JdLIFic3Qsj
fk/65FSvvAeOuvNYEgsEA5VYXJzhD4oNtcNQZHIHjhSTGKBrJF4=
=HVHT
-----END PGP SIGNATURE-----
Merge tag 'efi-2023-04-rc2' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2023-04-rc2
Documentation:
* Provide page with links to talks on U-Boot
UEFI:
* Enable CTRL+S to save the boot order in eficonfig command
* Run attribute check for QueryVariableInfo() only for the file store
* Bug fixes
Others:
* Improve output formatting of the coninfo command
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 10 Feb 2023 12:15:45 PM EST
# gpg: using RSA key 6DC4F9C71F29A6FA06B76D33C481DBBC2C051AC4
# gpg: Good signature from "Heinrich Schuchardt <xypron.glpk@gmx.de>" [unknown]
# gpg: aka "[jpeg image of size 1389]" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6DC4 F9C7 1F29 A6FA 06B7 6D33 C481 DBBC 2C05 1AC4
num_entries should be unsigned to avoid warnings. As the target field is
u16 we should use this type.
lib/efi_loader/efi_conformance.c: In function ‘efi_ecpt_register’:
lib/efi_loader/efi_conformance.c:30:33: warning:
conversion to ‘long unsigned int’ from ‘int’ may change
the sign of the result [-Wsign-conversion]
30 | ecpt_size = num_entries * sizeof(efi_guid_t)
| ^
lib/efi_loader/efi_conformance.c:46:36: warning:
conversion from ‘int’ to ‘u16’ {aka ‘short unsigned int’}
may change value [-Wconversion]
46 | ecpt->number_of_profiles = num_entries;
| ^~~~~~~~~~~
Fixes: 6b92c17352 ("efi: Create ECPT table")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
In program initrddump.efi function get_load_options() can be static.
This avoids a warning when building with 'make W=1':
lib/efi_loader/initrddump.c:442:6: warning:
no previous prototype for ‘get_load_options’ [-Wmissing-prototypes]
442 | u16 *get_load_options(void)
| ^~~~~~~~~~~~~~~~
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Current U-Boot supports two EFI variable service, U-Boot own
implementation and op-tee based StMM variable service.
With ACS Security Interface Extension(SIE) v22.10_SIE_REL1.1.0,
there are several failure items of QueryVariableInfo().
Current attribute check for QueryVariableInfo() was implemented
based on the Self Certification Test (SCT) II Case Specification,
June 2017, chapter 4.1.4 QueryVariableInfo().
This test case specification is outdated and don't align at all
with the SCT test case code, and UEFI specification v2.10 does
not clearly define the priority of the attribute check.
For U-Boot standard case that EFI variables are stored in a file
in the ESP, this commit modifies the attribute check to get align
to the EDK2 implementation.
For latter case(op-tee based StMM variable service), parameter check
should be delegated to StMM.
Now all ACS SIE QueryVariableInfo() test cases passed both EFI variable
storage implementations.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_ENV_WRITEABLE_LIST defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_UNICODE_COLLATION_PROTOCOL2 defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_TCG2_PROTOCOL defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_LOADER_HII defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_DEVICE_PATH_UTIL defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_EFI_APP defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
Since commit 06d514d77c ("lmb: consider EFI memory map") the EFI regions
are also pushed into the lmb if EFI_LOADER is enabled (which is by
default on most system). Which can cause the number of entries to go
over the maximum as it's default is only 8.
Specifically i ran into this case on an TI am62 which has an fdt with
4 reserved regions (in practice 3 lmb entries due to adjecent ranges).
As this is likely to impact more devices bump the default max
regions to 16 so there is a bit more slack.
Fixes: 06d514d77c ("lmb: consider EFI memory map")
Link: https://bugzilla.opensuse.org/show_bug.cgi?id=1207562
Reviewed-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
[trini: collect tags from the other equivalent patch]
As explained by Philippe Schenker, I was misinterpreting what happened
in the case where we do not set LMB_USE_MAX_REGIONS and so had
re-introduced the problem I was attempting to more widely resolve.
This reverts commit 007ae5d108.
Reported-by: Philippe Schenker <philippe.schenker@toradex.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
When adding reserved memory areas from the EFI memory map set the NOMAP
flag when applicable. When this isn't done adding "no-map" flagged entries
from the fdt after receiving the same from the EFI memory map fails due
to non-matching flags.
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
The LMB code allows for picking a hard limit on the number of regions it
can know of, or to dynamically allocate these regions. The reason for
this choice is to allow for the compiler to perform a size optimization
in the common case. This optimization however, is very small, ranging
from 196 bytes to 15 bytes saved, or in some cases, being larger. Now
that we also have more regions covered by LMB (in order to protect
various parts of our self at run time), the default of 8 is also much
easier to hit and leads to non-obvious error messages (which imply that
an area is protected, not that we're out of areas to add to the list).
Switch to the dynamic use as the default.
Signed-off-by: Tom Rini <trini@konsulko.com>
HandleProtocol() is deprecrated. According to the UEFI specification it
should be implemented as a call to OpenProtocolInterface() with a hard
coded agent handle. This implies that we would have to call
CloseProtocolInterfaces() after usage with the same handle.
Getting rid of an EFI_CALL() is also appreciated.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
There is no variable num_pages in function efi_esrt_allocate_install().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
When this fails it can be time-consuming to debug. Add some debugging
to help with this. Also try to return error codes instead of just using
-1.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is often useful to show an error code to give the user a clue as to
what went wrong. When error strings are compiled into U-Boot it is
possible to show a message as well.
But at present it is not very convenient, since code must check if the
error strings are present, then obtain the error string and use it in
a printf() string.
Add a %dE option which shows an error code along with an error string,
if available. This makes it easy to show one or both.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some environment variables provide a space-separated list of strings. It
is easier to process these when they are broken out into an array of
strings.
Add a utility function to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
At this point, the remaining places where we have a symbol that is
defined as CONFIG_... are in fairly odd locations. While as much dead
code has been removed as possible, some of these locations are simply
less obvious at first. In other cases, this code is used, but was
defined in such a way as to have been missed by earlier checks. Perform
a rename of all such remaining symbols to be CFG_... rather than
CONFIG_...
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently the code that adds the CapsuleMax variable is under a
Kconfig named 'EFI_HAVE_CAPSULE_UPDATE. Git history only shows a
single occurrence of that. The IS_ENABLED should be checking for
EFI_HAVE_CAPSULE_SUPPORT
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
"Unable to find TPMv2 device" doesn't explain much with regards to the
error origin. Update it to match what we have in the RNG protocol
installation.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Currently file ubootefi.var is only created if the user sets a non-volatile
EFI variable. If the file is missing, a warning is written.
With the change PlatformLang is always persisted. So the file will exist on
second boot.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Before clearing the screen, ensure that no previous output of firmware
or UEFI programs will be overwritten on serial devices or other
streaming consoles. This helps generating complete boot logs.
Tested regarding multi-output against qemu-x86_defconfig. Still, there
were remaining concerns about side effects, so this is provided as an
opt-in feature.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Ensures a consistent background color of the whole screen for succeeding
outputs as both demanded by the spec and implemented in EDK2 as well.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
patman fix for checkpatch
binman optional entries, improved support for ELF symbols
trace improvements
minor fdt refactoring
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmPIpV4RHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZuqwgA0UpYQEX6/MegzHSCIx3AMT4rCF1Ytitr
LS4Cbvj1Q09Rt9jriW7wAV5AobVPwGf2L5SVcnWv2I9+MmypDIXEe8HIrt2fRFu9
bzn/2GOzXczuXqPFa/CWOUwjvCzTb8Sl9NtRszrP5NvOzuN15x00ZUYaXFO7fgsB
zZMzOKxemwjdtLaox+x+VIJ95HMDEkYrWTAqTPg74CNVSjRbbLNqNq0zqkHB8SnH
ubgphtIKYItTeIXcfIa9V4LeQp0ZitkzSfAibX+nIPCMPg9jbG9MrQQ+VvSZDjnM
y8wa8gFj47Ek+gGNFXMHIpO6tBd83uHRgtf2x+zhcovLELYnZ6fDGw==
=1K6m
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-18jan23' of https://source.denx.de/u-boot/custodians/u-boot-dm
convert rockchip to use binman
patman fix for checkpatch
binman optional entries, improved support for ELF symbols
trace improvements
minor fdt refactoring
Update the zstd implementation to match Linux zstd 1.5.2 from commit
2aa14b1ab2.
This was motivated by running into decompression corruption issues when
trying to uncompress files compressed with newer versions of zstd. zstd
users also claim significantly improved decompression times with newer
zstd versions which is a side benefit.
Original zstd code was copied from Linux commit 2aa14b1ab2 which is a
custom-built implementation based on zstd 1.3.1. Linux switched to an
implementation that is a copy of the upstream zstd code in Linux commit
e0c1b49f5b, this results in a large code diff. However this should make
future updates easier along with other benefits[1].
This commit is a straight mirror of the Linux zstd code, except to:
- update a few #include that do not translate cleanly
- linux/swab.h -> asm/byteorder.h
- linux/limits.h -> linux/kernel.h
- linux/module.h -> linux/compat.h
- remove assert() from debug.h so it doesn't conflict with u-boot's
assert()
- strip out the compressor code as was done in the previous u-boot zstd
- update existing zstd users to the new Linux zstd API
- change the #define for MEM_STATIC to use INLINE_KEYWORD for codesize
- add a new KConfig option that sets zstd build options to minify code
based on zstd's ZSTD_LIB_MINIFY[2].
These changes were tested by booting a zstd 1.5.2 compressed kernel inside a
FIT. And the squashfs changes by loading a file from zstd compressed squashfs
with sqfsload. buildman was used to compile test other boards and check for
binary bloat, as follows:
> $ buildman -b zstd2 --boards dh_imx6,m53menlo,mvebu_espressobin-88f3720,sandbox,sandbox64,stm32mp15_dhcom_basic,stm32mp15_dhcor_basic,turris_mox,turris_omnia -sS
> Summary of 6 commits for 9 boards (8 threads, 1 job per thread)
> 01: Merge branch '2023-01-10-platform-updates'
> arm: w+ m53menlo dh_imx6
> 02: lib: zstd: update to latest Linux zstd 1.5.2
> aarch64: (for 2/2 boards) all -3186.0 rodata +920.0 text -4106.0
> arm: (for 5/5 boards) all +1254.4 rodata +940.0 text +314.4
> sandbox: (for 2/2 boards) all -4452.0 data -16.0 rodata +640.0 text -5076.0
[1] e0c1b49f5b
[2] f302ad8811/lib/libzstd.mk (L31)
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
[trini: Set ret to -EINVAL for the error of "failed to detect
compressed" to fix warning, drop ZSTD_SRCSIZEHINT_MAX for non-Linux host
tool builds]
Signed-off-by: Tom Rini <trini@konsulko.com>
The fdt_path_offset() function is slow since it must scan the tree.
This substantial overhead now applies to all boards.
The original code may not be ideal but it is fit for purpose and is only
needed on a few boards.
Reverting this reduces time to set up driver model by about 30ms.
Before revert:
Accumulated time:
47,170 dm_r
53,237 dm_spl
572,986 dm_f
Accumulated time:
44,598 dm_r
50,347 dm_spl
549,133 dm_f
This reverts commit 26f981f295.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some platforms cannot honour this and don't need trace before relocation.
Use 'imply' instead, so boards can disable this.
Signed-off-by: Simon Glass <sjg@chromium.org>
This can be written before relocation. Move it to the data section, since
accessing BSS before relocation is not permitted.
Signed-off-by: Simon Glass <sjg@chromium.org>
If the FDT overlaps with the data region of the image, or with the stack,
it can become corrupted before relocation. Add a check for this, behind a
debug flag, as it can be very confusing and time-consuming to debug.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function uses gd->fdt_blob a lot and cannot be used to check any
other device tree. Use a parameter instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is a bit messy with several #ifdefs. Convert them to use C
for the conditions.
Rewrite the function comment since most of it is stale.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current approach is a bit of a hack and only works for the tpm
subsystem. Add a Kconfig so that crc8 can be enabled in SPL for other
purposes.
Signed-off-by: Simon Glass <sjg@chromium.org>
The event framework is just that, a framework. Enabling it by itself
does nothing, so we shouldn't ask the user about it. Reword (and correct
typos) around this the option and help text. This also applies to
DM_EVENT and EVENT_DYNAMIC. Only EVENT_DEBUG and CMD_EVENT should be
visible to the user to select, when EVENT is selected.
With this, it's time to address the larger problems. When functionality
uses events, typically via EVENT_SPY, the appropriate framework then
must be select'd and NOT imply'd. As the functionality will cease to
work (and so, platforms will fail to boot) this is non-optional and
where select is appropriate. Audit the current users of EVENT_SPY to
have a more fine-grained approach to select'ing the framework where
used. Also ensure the current users of event_register and also select
EVENT_DYNAMIC.
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reported-by: Oliver Graute <Oliver.Graute@kococonnector.com>
Reported-by: Francesco Dolcini <francesco.dolcini@toradex.com>
Fixes: 7fe32b3442 ("event: Convert arch_cpu_init_dm() to use events")
Fixes: 42fdcebf85 ("event: Convert misc_init_f() to use events")
Fixes: c5ef202557 ("dm: fix DM_EVENT dependencies")
Signed-off-by: Tom Rini <trini@konsulko.com>
Tested-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Fabio Estevam <festevam@denx.de>
Key data is never written so the parameter can be const, which allows
putting fixed keys in .rodata.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@vrull.eu>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
In efi_disk_add_dev() we have to open protocols with BY_DRIVER and
BY_CHILD_CONTROLLER. Provide the handle of the EFI block driver. The actual
usage of the value will follow in a later patch.
Change function descriptions to Sphinx style.
Remove a TODO: tag.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add a test for the case when the HII database protocol
set_keyboard_layout() function is called with a NULL key_guid argument.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
As per the EFI specification, the HII database protocol function
set_keyboard_layout() must return EFI_INVALID_PARAMETER when it is called
with a NULL key_guid argument. Modify the function accordingly to improve
conformance.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
After calling EFI_ENTRY we have to call EFI_EXIT before returning.
Add a missing EFI_EXIT().
Fixes: 1ccf87165e ("efi_loader: Enable RISCV_EFI_BOOT_PROTOCOL support")
Reported-by: Dave Jones <dave.jones@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
This reverts commit 65ba7add0d.
A weak extern is a nasty sight to behold: If the symbol is never
defined, on ARM, the linker will replace the function call with a NOP.
This behavior isn't well documented but there are at least some hints
to it [1].
When timer_read_counter() is not defined, this obviously does the wrong
thing here and it does so silently. The consequence is that a board
without timer_read_counter() will sleep for random amounts and generally
have erratic get_ticks() values.
Drop the __weak annotation of the extern so a linker error is raised
when timer_read_counter() is not defined. This is okay, the original
reason for the reverted change - breaking the sandbox build - no longer
applies.
Final sidenote: This was the only weak extern in the entire tree at
this time as far as I can tell. I guess we should avoid introduction of
them again as they are obviously a very big footgun.
[1]: https://stackoverflow.com/questions/31203402/gcc-behavior-for-unresolved-weak-functions
Fixes: 65ba7add0d ("time: add weak annotation to timer_read_counter declaration")
Reported-by: Serge Bazanski <q3k@q3k.org>
Signed-off-by: Harald Seiler <hws@denx.de>
add initialization of variable 'node',this can aviod the building
warning:
'node' may be used uninitialized [-Wmaybe-uninitialized]
Signed-off-by: Haijun Qin <qinhaijun@eswincomputing.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The fields ConsoleInHandle, ConsoleOutHandle, ConsoleErrHandle must point
to the handles with the respective console protocols. Failure to do so
leads to an error in the EFI Shell:
No SimpleTextInputEx was found. CTRL-based features are not usable.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Up to now we only compared the first letter of the capsule name to sort
them alphabetically. Properly sort by the Unicode alphabet.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
When the efi subsystem starts we restore variables that are both in a
file or stored into the .efi_runtime section of U-Boot. However once
a variable gets created or changed the preseeded entries will end up in
the file. As a consequence on the next boot we will end up adding
identical variable entries twice.
Fix this by checking if the to be inserted variable already exists.
Also swap the restoration order and start with the file instead of the
builtin variables, so a user can replace the preseeded ones if needed.
Tested-by: Leo Yan <leo.yan@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
It is volatile variables that we do not allow to be restored from file.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
When the HII protocol function get_package_list_handle() is called with an
invalid package list handle, it returns EFI_NOT_FOUND but this is not in
its list of possible status codes as per the EFI specification.
Return EFI_INVALID_PARAMETER instead to fix conformance.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
While we do not want to use CONFIG_RSA_VERIFY_WITH_PKEY on the host, we
cannot undef the symbol in this manner. As this ends up being a test
within another function we can use !tools_build() as a test here.
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Test that GetNextVariableName() checks the parameters.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The VariableNameSize parameter is in bytes but u16_strnlen() counts u16.
Fix the parameter check for null termination.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To retrieve the EFI variable name by efi_get_next_variable_name_int(),
the sequence of alloc -> efi_get_next_variable_name_int ->
realloc -> efi_get_next_variable_name_int is required.
In current code, this sequence repeatedly appears in
the several functions. It should be curved out a common function.
This commit also fixes the missing free() of var_name16
in eficonfig_delete_invalid_boot_option().
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The EFI Conformance Profile Table entry for EBBR appears in v2.1.0 of the
EBBR specification[1]. Update naming accordingly.
While at it, update the EBBR version referenced in the documentation.
[1]: https://github.com/ARM-software/ebbr/releases/tag/v2.1.0
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
We add RISC-V semihosting based serial console for JTAG based early
debugging.
The RISC-V semihosting specification is available at:
https://github.com/riscv/riscv-semihosting-spec/blob/main/riscv-semihosting-spec.adoc
Signed-off-by: Anup Patel <apatel@ventanamicro.com>
Signed-off-by: Kautuk Consul <kconsul@ventanamicro.com>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
We factor out the arch-independent parts of the ARM semihosting
implementation as a common library so that it can be shared
with RISC-V.
Signed-off-by: Kautuk Consul <kconsul@ventanamicro.com>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
The rest of the unmigrated CONFIG symbols in the CONFIG_SYS namespace do
not easily transition to Kconfig. In many cases they likely should come
from the device tree instead. Move these out of CONFIG namespace and in
to CFG namespace.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This converts the following to Kconfig:
CONFIG_SYS_TIMER_COUNTS_DOWN
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add the possibility to recognize IPv6 address in print function.
To output IPv6 address use %pI6 specifier.
Series-changes: 3
- Substituted #if (...) for if (...) to get better readability
Signed-off-by: Viacheslav Mitrofanov <v.v.mitrofanov@yadro.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This functions is used as a converter from IPv6 address string notation
to struct ip6_addr that is used everywhere in IPv6 implementation. For
example it is used to parse and convert IPv6 address from tftpboot
command. Conversion algorithm uses two passes, first to verify syntax and
locate colons and second pass to read the address. In case of valid IPv6
address it returns 0.
Examples of valid strings:
2001:db8::0:1234:1
2001:0db8:0000:0000:0000:0000:1234:0001
::1
::ffff:192.168.1.1
Examples of invalid strings
2001:db8::0::0 (:: can only appear once)
2001:db8:192.168.1.1::1 (v4 part can only appear at the end)
192.168.1.1 (we don't implicity map v4)
Series-changes: 3
- Added function description
- Added length parameter to string_to_ip6()
Series-changes: 4
- Fixed function description style
Signed-off-by: Viacheslav Mitrofanov <v.v.mitrofanov@yadro.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Some commands need to enumerate the existing UEFI load
option variable("Boot####"). This commit transfers some code
from cmd/efidebug.c to lib/efi_loder/, then exposes
efi_varname_is_load_option() function to check whether
the UEFI variable name is "Boot####".
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
EFI_LOADER_DATA/CODE is reserved for EFI applications.
Memory allocated by U-Boot for internal usage should be
EFI_BOOT_SERVICES_DATA or _CODE or EFI_RUNTIME_SERVICES_DATA or _CODE.
Reported-by: François-Frédéric Ozog <ff@ozog.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: François-Frédéric Ozog <ff@ozog.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The dhcp command may be executed after the first UEFI command.
We should still update the EFI_PXE_BASE_CODE_PROTOCOL.
Don't leak content of prior acknowledge packages.
Handle failing allocation when calling malloc().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Provide an EFI binary that prints the boot hart ID as found in the
device-tree as /chosen/boot-hartid property and as provided by the
RISCV_EFI_BOOT_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Use unsigned char for the parameter of efi_st_strcmp_16_8. This allows
comparing characters 0x80 - 0xff.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
If the array index 'i' < 128, the 'codepage' array is accessed using
[-128...-1] in efi_unicode_collation.c:262. This can lead to a buffer
overflow.
Negative index in efi_unicode_collation.c:262.
The index of the 'codepage' array should be c - 0x80 instead of i - 0x80.
Fixes: 0bc4b0da7b ("efi_loader: EFI_UNICODE_COLLATION_PROTOCOL")
Signed-off-by: Mikhail Ilin <ilin.mikhail.ol@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Heinrich reports that on RISC-V unaligned access is emulated by OpenSBI
which is very slow. Performance wise it's better if we skip the calls
to u16_strdup() -- which in turn calls u16_strsize() and just allocate/copy the
memory directly. The access to dp.length may still be unaligned, but that's
way less than what u16_strsize() would do
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Use malloc() instead of calloc().
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Closing the files uses the EFI protocol and specifically it's .close
callback. This needs to be wrapped on an EFI_CALL()
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
UEFI specification requires pointers that are passed to protocol member
functions to be aligned. There's a u16_strdup in that function which
doesn't make sense otherwise Add a comment so no one removes it
accidentally
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Provide a description of the function's logic.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
If the va_list we got handed over contains no protocols we must return
EFI_SUCCESS. However in that case the current code just returns
an unintialized value.
Fix that by setting the return value in the variable definition
Addresses-Coverity: CID 376195: ("Uninitialized variables (UNINIT)")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Update the sandbox implementation to use UCLASS_HOST and adjust all
the pieces to continue to work:
- Update the 'host' command to use the new API
- Replace various uses of UCLASS_ROOT with UCLASS_HOST
- Disable test_eficonfig since it doesn't work (this should have a unit
test to allow this to be debugged)
- Update the blk test to use the new API
- Drop the old header file
Unfortunately it does not seem to be possible to split this change up
further.
Signed-off-by: Simon Glass <sjg@chromium.org>
AllocatePages() can be called with Type=AllocateAddress. Such a call can
only succeed if *Memory points to the address of an unallocated page range.
A call with *Memory being an address that is not page aligned must not
succeed. The UEFI specification requires returning EFI_OUT_OF_RESOURCES
if the requested pages cannot be allocated.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Variable efi_system_partition holds the efi_system_partition. Currently it
is initialized as:
{
.uclass_id = 0 = UCLASS_ROOT,
.denum = 0,
.part = 0,
}
This indicates that host 0:0 is the efi_system_partition and we see output
like:
=> bootefi hello
** Bad device specification host 0 **
Couldn't find partition host 0:0
To identify that no EFI system partition has been set use UCLASS_INVALID.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Since the commit a9bf024b29 ("efi_loader: disk: a helper function to
create efi_disk objects from udevice"), CONFIG_EFI_SETUP_EARLY option is
by default on and will never be turned off.
So just remove this option.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CONFIG_NET does not imply that there are actually network devices
available, only CONFIG_NETDEVICES does. Changing to this dependency
obsoletes the check in Kconfig because NETDEVICES means DM_ETH.
Fixes: 0efe1bcf5c ("efi_loader: Add network access support")
Suggested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add test cases for accessing the FWU Metadata on the sandbox
platform. The sandbox platform also uses the metadata access driver
for GPT partitioned block devices.
The FWU feature will be tested on the sandbox64 variant with a raw
capsule. Remove the FIT capsule testing from sandbox64 defconfig --
the FIT capsule test will be run on the sandbox_flattree variant.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The FWU Multi Bank Update feature supports updating firmware images
to one of multiple sets(also called banks) of images. The firmware
images are clubbed together in banks, with the system booting images
from the active bank. Information on the images such as which bank
they belong to is stored as part of the metadata structure, which is
stored on the same storage media as the firmware images on a dedicated
partition.
At the time of update, the metadata is read to identify the bank to
which the images need to be flashed(update bank). On a successful
update, the metadata is modified to set the updated bank as active
bank to subsequently boot from.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The FWU Multi Bank Update specification requires the Update Agent to
carry out certain checks at the time of platform boot. The Update
Agent is the component which is responsible for updating the firmware
components and maintaining and keeping the metadata in sync.
The spec requires that the Update Agent perform the following checks
at the time of boot
* Sanity check of both the metadata copies maintained by the platform.
* Get the boot index passed to U-Boot by the prior stage bootloader
and use this value for metadata bookkeeping.
* Check if the system is booting in Trial State. If the system boots
in the Trial State for more than a specified number of boot counts,
change the Active Bank to be booting the platform from.
Call these checks through the main loop event at the time of platform
boot.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add weak functions for getting the update index value and dfu
alternate number needed for FWU Multi Bank update
functionality.
The current implementation for getting the update index value is for
platforms with 2 banks. If a platform supports more than 2 banks, it
can implement it's own function. The function to get the dfu alternate
number has been added for platforms with GPT partitioned storage
devices. Platforms with other storage partition scheme need to
implement their own function.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
In the FWU Multi Bank Update feature, the information about the
updatable images is stored as part of the metadata, which is stored on
a dedicated partition. Add the metadata structure, and a driver model
uclass which provides functions to access the metadata. These are
generic API's, and implementations can be added based on parameters
like how the metadata partition is accessed and what type of storage
device houses the metadata.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>