Function memcmp() is available in efi_freestanding.c. So we do not remove a
further implementation.
Replace all usages of efi_st_memcmp() by memcmp().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Implement unloading of images in the Exit() boot services:
* unload images that are not yet started,
* unload started applications,
* unload drivers returning an error.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In UnloadImage() we need to know if an image is already started.
Add a field to the handle structure identifying loaded and started images.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If LocateHandle() does not find an entry EFI_NOT_FOUND has to be returned
even if BufferSize is NULL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
CreateEventEx() does not allow the following event types:
* EVT_SIGNAL_EXIT_BOOT_SERVICES
* EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE
This check is needed to pass the UEFI SCT conformance test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Alexander Graf <agraf@csgraf.de>
allow_unaligned(), switch_to_non_secure_mode(), and efi_init_obj_list() are
called in sequence in multiple places.
Move calls to allow_unaligned() and switch_to_non_secure_mode() to
efi_init_obj_list().
Remove unused includes.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add the zstd library from Linux kernel (only decompression support).
There are minimal changes to build with U-Boot, otherwise the files are
identical to Linux commit dc35da16 from March 2018, the files had not
been touched since in kernel. Also SPDX lincese tags were added.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
This adds the xxhash support from Linux. Files are almost identical to
those added to Linux in commit 5d240522 ("lib: Add xxhash module") (they
haven't been touched since in Linux). The only difference is to add some
includes to be compatible with U-Boot. Also SPDX lincese tags were
added.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
display_options_get_banner_priv() overwrites bytes before the start of the
buffer if the buffer size is less then 3. This case occurs in the Sandbox
when executing the `ut_print` command.
Correctly handle small buffer sizes. Adjust the print unit test to catch
when bytes before the buffer are overwritten.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
commit 95f4bbd581 ("lib: fdt: Allow LZO and GZIP DT compression in U-Boot")
introduced Kconfig option for gzip in U-Boot, but help text
says gzip for SPL, which is wrong. Fix this.
Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Marek Vasut <marex@denx.de>
The random uuid values (enabled via CONFIG_RANDOM_UUID=y) on our
platform are always the same. Below is consistent on each cold boot:
=> ### interrupt autoboot
=> env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
...
uuid_gpt_misc=d117f98e-6f2c-d04b-a5b2-331a19f91cb2
=> env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
...
uuid_gpt_misc=ad5ec4b6-2d9f-8544-9417-fe3bd1c9b1b3
=> env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
...
uuid_gpt_misc=cceb0b18-39cb-d547-9db7-03b405fa77d4
=> env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
...
uuid_gpt_misc=d4981a2b-0478-544e-9607-7fd3c651068d
=> env default -a; gpt write mmc 1 $partitions; print uuid_gpt_misc
...
uuid_gpt_misc=6d6c9a36-e919-264d-a9ee-bd00379686c7
While the uuids do change on every 'gpt write' command, the values
appear to be taken from the same pool, in the same order.
Assuming U-Boot with RANDOM_UUID=y is deployed on a large number of
devices, all those devices would essentially expose the same UUID,
breaking the assumption of system/RFS/application designers who rely
on UUID as being globally unique (e.g. a database using UUID as key
would alias/mix up entries/records due to duplicated UUID).
The root cause seems to be simply _not_ seeding PRNG before generating
a random value. It turns out this belongs to an established class of
PRNG-specific problems, commonly known as "unseeded randomness", for
which I am able to find below bugs/CVE/CWE:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0285
("CVE-2015-0285 openssl: handshake with unseeded PRNG")
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-9019
("CVE-2015-9019 libxslt: math.random() in xslt uses unseeded
randomness")
- https://cwe.mitre.org/data/definitions/336.html
("CWE-336: Same Seed in Pseudo-Random Number Generator (PRNG)")
The first revision [1] of this patch updated the seed based on the
output of get_timer(), similar to [4].
There are two problems with this approach:
- get_timer() has a poor _ms_ resolution
- when gen_rand_uuid() is called in a loop, get_timer() returns the
same result, leading to the same seed being passed to srand(),
leading to the same uuid being generated for several partitions
with different names
The above drawbacks have been addressed in the second version [2].
In its third revision (current), the patch reworded the description
and summary line to emphasize it is a *fix* rather than an improvement.
Testing [3] consisted of running 'gpt write mmc 1 $partitions' in a
loop on R-Car3 for several minutes, collecting 8844 randomly generated
UUIDS. Two consecutive cold boots are concatenated in the log.
As a result, all uuid values are unique (scripted check).
Thanks to Roman, who reported the issue and provided support in fixing.
[1] https://patchwork.ozlabs.org/patch/1091802/
[2] https://patchwork.ozlabs.org/patch/1092945/
[3] https://gist.github.com/erosca/2820be9d554f76b982edd48474d0e7ca
[4] commit da384a9d76 ("net: rename and refactor eth_rand_ethaddr() function")
Reported-by: Roman Stratiienko <roman.stratiienko@globallogic.com>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In case of a failure exit data may be passed to Exit() which in turn is
returned by StartImage().
Let the `bootefi` command print the exit data string in case of an error.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The field boot OptionalData in structure _EFI_LOAD_OPTIONS is for binary
data.
When we use `efidebug boot add` we should convert the 5th argument from
UTF-8 to UTF-16 before putting it into the BootXXXX variable.
When printing boot variables with `efidebug boot dump` we should support
the OptionalData being arbitrary binary data. So let's dump the data as
hexadecimal values.
Here is an example session protocol:
=> efidebug boot add 00a1 label1 scsi 0:1 doit1 'my option'
=> efidebug boot add 00a2 label2 scsi 0:1 doit2
=> efidebug boot dump
Boot00A0:
attributes: A-- (0x00000001)
label: label1
file_path: .../HD(1,MBR,0xeac4e18b,0x800,0x3fffe)/doit1
data:
00000000: 6d 00 79 00 20 00 6f 00 70 00 74 00 69 00 6f 00 m.y. .o.p.t.i.o.
00000010: 6e 00 00 00 n...
Boot00A1:
attributes: A-- (0x00000001)
label: label2
file_path: .../HD(1,MBR,0xeac4e18b,0x800,0x3fffe)/doit2
data:
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
UEFI variables should be installed using well-defined API.
Currently we don't support much, but the value of OsIndicationsSupported
will be updated once some features are added in the future.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Add comments. Rename a variable.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI spec requires that freeing of pages fails if the number of pages
to be freed is 'invalid'. Check that it is not zero.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
CreateEvent() and CreateEventEx() should check that a notify function is
provided for either of EVT_NOTIFY_SIGNAL or EVT_NOTIFY_WAIT.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Fixes for tracing with sandbox
Refactoring for boot_get_fdt()
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAlzAfvkACgkQfxc6PpAI
reYu9AgAjaFmydXjE8DxkSB3rR7DHZFTs1erVKAAL2v+Tdf7LDmz+j6u1M3v55WY
6r54f/gZ1UX5TEmQgEAKLa7QvvRO/lNvSGQnLHhZhv2IVWo7uWCKAUPdQ6XVZnUK
zO5v+ucs9Ne4HxQJHMC509HUIIBbydiRvUm8W0SeBZy4kEyJDuub4L+rpARkXNks
IZfKuY+VS4FK73D4M9PIhoXSubZgVS4AEcapakU1DvEz0kjsN4wr4idGrp3lutPC
455imz83JBq2+mx1oxclOGedkIDzTCq+nWQAwSftMehrJpGrp7RLNo0v4QZZUf4V
LIXRqObIYse9yQLkYPpeBdePMc8/tQ==
=0NJ2
-----END PGP SIGNATURE-----
Merge tag 'pull-24apr19' of git://git.denx.de/u-boot-dm
Various minor sandbox iumprovements
Fixes for tracing with sandbox
Refactoring for boot_get_fdt()
This patch series reworks the implementation of the `bootefi` command to
remove code duplication by using the LoadImage() boot service to load
binaries.
Missing short texts for UEFI protocols are added for display by the
`efidebug dh` command.
Missing parameter checks for AllocatePages() and CreateDeviceNode() are
implemented.
The constants for protocol GUIDs are changed to match the names in the UEFI
specification.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAly/PhwACgkQxIHbvCwF
GsRlbA/+JeegsUbV0fYFvdTi4JNPRlKqkzwyo2DoWN76M2MPb+l6d4quxhOdAOaf
3MpnCHb2z0567b7Ma5+KmAFYEBNJZrxAHthmtRnYhAbJMpE1ei6HzwJ29p+IYQKB
usc6eOH7ybb99v0KtxLRr1CMpvxK6zud5Zxcyym5nzoAaNP4AplaQDUM1mfYOHox
sRbEuoNpPkn50ejUtldb0Oh63vJ/bBBLojwQyGnGtBcRDf5bFehHzw5spD0oHPJv
7E1kze2679kOEsjPa39rFhh/8YaUd+giJW137V2cyFeEyw6ydNKXuWo9Zg0ahLOy
e+ddRjDCbi0edHbOjL6hdNTgGzdcKwy9bHqYJEacP+OLczmzimNQaALCDUzXcH1C
lGLHrhbMpV+Do4mFIFdIqPyW+rfRDsz9Sp84Y02M6TBzCK3XPmPXDRVpiTcWmfbb
ixD4HSQjvPDcmm98iJQIZrfcasnWbBInITqcGDDTIRg0snrYUsIoUNmQPpBDsuwD
O1hPV8iOpFA/a/8GLJpIgta34YIPZzjlaU38c5+qV7Tsx0ODsdpTVx8JCWeJPeK+
uhOXTWMlokgH//2ypHzIS9cUEBkoA6I9r4/fWpIjZe3iuxtV8ct2P5dHYcmrRFjY
lF1WpX3gNeWCgPbGa3Yg/crtpVW+M6hDEgknOPqTAOTjx/g7jpg=
=caQ+
-----END PGP SIGNATURE-----
Merge tag 'efi-2019-07-rc1-3' of git://git.denx.de/u-boot-efi
Pull request for UEFI sub-system for v2019.07-rc1 (3)
This patch series reworks the implementation of the `bootefi` command to
remove code duplication by using the LoadImage() boot service to load
binaries.
Missing short texts for UEFI protocols are added for display by the
`efidebug dh` command.
Missing parameter checks for AllocatePages() and CreateDeviceNode() are
implemented.
The constants for protocol GUIDs are changed to match the names in the UEFI
specification.
According to Android image format [1], kernel image resides at 1 page
offset from the boot image address. Grab the magic number from there
and allow U-Boot to handle LZ4-compressed KNL binaries instead of
hardcoding compression type to IH_COMP_NONE. Other compression types,
if needed, can be added later.
Tested on H3ULCB-KF using the image detailed in [2].
[1] Excerpt from include/android_image.h
+-----------------+
| boot header | 1 page
+-----------------+
| kernel | n pages
+-----------------+
| ramdisk | m pages
+-----------------+
| second stage | o pages
+-----------------+
[2] => iminfo 4c000000
## Checking Image at 4c000000 ...
Android image found
kernel size: 85b9d1
kernel address: 48080000
ramdisk size: 54ddbc
ramdisk addrress: 4a180000
second size: 0
second address: 48000800
tags address: 48000100
page size: 800
os_version: 1200012a (ver: 0.9.0, level: 2018.10)
name:
cmdline: buildvariant=userdebug
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
The fdt_setprop_u32() function does everything that we need, so we
really only use the function as a convenience wrapper, in which case it
can simply be a static inline function.
Signed-off-by: Thierry Reding <treding@nvidia.com>
This converts the following to Kconfig:
CONFIG_TRACE_BUFFER_SIZE
CONFIG_TRACE_EARLY_SIZE
CONFIG_TRACE_EARLY
CONFIG_TRACE_EARLY_ADDR
Signed-off-by: Simon Glass <sjg@chromium.org>
At present many functions in this file return -1. Update them to return a
valid error code. Also tidy up the 'return' statements at the same time,
since these should have a blank line before them.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function may be called from tracing code, since that code needs to
read the timer and this often requires calling do_div(), which calls
__div64_32(). If this function is instrumented it causes an infinite loop,
since emitting a trace record requests the time, which in turn emits a
trace record, etc.
Update the prototype to prevent instrumentation code being added.
Signed-off-by: Simon Glass <sjg@chromium.org>
These functions still use uint32_t and uint64_t but checkpatch now
requests that the kernel types be used instead. Update them as well as a
few resulting checkpatch errors.
Signed-off-by: Simon Glass <sjg@chromium.org>
When creating a device path node ensure that the size of the allocated
memory at lest matches the size of the node header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The EBBR specification prescribes that we should have either an ACPI table
or a device tree but not both. Let us enforce this condition in the
`bootefi` command.
If the bootefi command is called without a device tree parameter use a
previously device tree or fall back to the internal device tree.
The fdt unit test should not be run on boards with an ACPI table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The EBBR specification prescribes that we should have either an ACPI table
or a device tree but not both.
So do not run the device tree unit test on boards with an ACPI table.
Hence there is no need any longer to make it 'on request' only.
Do not pass $fdtcontroladdr to `bootefi selftest`.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In the current implementation, bootefi command and EFI boot manager
don't use load_image API, instead, use more primitive and internal
functions. This will introduce duplicated code and potentially
unknown bugs as well as inconsistent behaviours.
With this patch, do_efibootmgr() and do_boot_efi() are completely
overhauled and re-implemented using load_image API.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Use efi_root as parent handle for the loaded image.
LoadImage() should be called with BootPolicy = true by the boot manager.
Avoid duplicate free_pool().
Eliminate variable memdp which is not needed after anymore due to
"efi_loader: correctly split device path of loaded image".
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When the LoadImage() service is called for an image that is already loaded
to memory the file path may be NULL or it will contain both a device path
as well as a media path. We should not assume that there is no media path.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We should consistently use the same name for protocol GUIDs as defined in
the UEFI specification. Not adhering to this rule has led to duplicate
definitions for the EFI_LOADED_IMAGE_PROTOCOL_GUID.
Adjust misnamed protocol GUIDs.
Adjust the text for the graphics output protocol in the output of the
`efidebug dh` command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This is a preparatory patch.
The root node handle will be used as a dummy parent handle when invoking
an EFI image from bootefi/bootmgr command.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Rebased.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This is a preparatory patch.
efi_dp_split_file_path() is used to create device_path and file_path
from file_path for efi_setup_loaded_image().
In a special case, however, of HARDWARE_DEVICE/MEMORY, it doesn't
work expectedly since this path doesn't contain any FILE_PATH sub-type.
This patch makes a workaround.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Adjust the logic such that for all paths that do no end on a media file
path we return NULL as file_path.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In the aarch64 crash dump information about the loaded EFI images is added.
In README.uefi the development target is for the UEFI subsystem is
described as "Embedded Base Boot Requirements (EBBR) Specification"
compliance.
Several bug fixes are supplied.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAlyyzHEACgkQxIHbvCwF
GsS+9Q/9HahVvxHFljI8ymxznml7AlFCrxWwcVo5HhftbGuQIgF3NMXRlsxmsSPM
Z+Cc3EFni4EWWWe9yDMLqXV4NCd6bnfWYWP4UvbqAKCfeX8jScRyMypPnxZ3rNrg
oe/8zDT9qXQnEah4sB+AQhar2VRTS1p97wKDObt3mj9c2g5pGL1zdejS/4SfnCd0
a1BymV7p7fpykDjW8S0GQM56QAkbB9CJ4Q7nlPCDlspqJlQB318lWs46FfUn2Aue
DNLm0uscrMZtEr/aAdT+r/96GIq4AVkexy7b5MZ0v/NDNAtmIqO1ORUmLSNSDfcM
/cbtxq53VbeztMzMoYDdU0zNR//N4dL3GbSRKJulksvxeIExCp3dRV7gfTOwWq7J
Lg/b43WJI1f2vgXDgEPddTO3E3SPjCGQcnCNOcVNNfTkyrtVaCmRYh69lV2BpKKF
oQCYQyzS8yYLxj16YXixK9seyQYxh/vPYVT78ed5A8B1dmyxSQMnEJjY93jngj1g
k5DRH9nnx12aeEqkhsWvVdHT0OBNj/+oZlzT3KGDcxhrDeZXAgqxAO1oPG85Wqnx
kPeadyVD0T5Dd8fpMqF+tToB+GCbvyUVJsVlNqDSC7NslJ3AbxBKNDuEsMJlXgwL
Yh4/lusg/YXzZ4ACWHgUnckZDVZGNj+58QRgEU+3mZinMjDS38E=
=QdJl
-----END PGP SIGNATURE-----
Merge tag 'efi-2019-07-rc1-2' of git://git.denx.de/u-boot-efi
Pull request for UEFI sub-system for v2019.07-rc1 (2)
In the aarch64 crash dump information about the loaded EFI images is added.
In README.uefi the development target is for the UEFI subsystem is
described as "Embedded Base Boot Requirements (EBBR) Specification"
compliance.
Several bug fixes are supplied.
In a previous patch the memory type used for the FDT has been changed to
boot services data. We have to adjust the test.
Correct an incorrect comment. The tested services are boot services.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
By using InstallMultipleProtocolInterfaces() the coding for installing
protocol interfaces on the root node can be simplified.
Suggested-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Export function efi_install_multiple_protocol_interfaces() so that we can
call it in others parts of the UEFI subsystem.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
At boottime physical and virtual addresses must match. Add a corresponding
check to the memory unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Handle virtual address in efi_mem_carve_out() function
when a new region is created to avoid issue in EFI memory map.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
At boottime physical and virtual addressed have to be the same.
This allowed to simplify the proposed logic.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Check the value of block_dev before to use this pointer.
This patch solves problem for the command "load" when ubifs
is previously mounted: in this case the function
blk_get_device_part_str("ubi 0") don't return error but return
block_dev = NULL and then data abort.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI variables PlatformLang and PlatformLangCodes specify the current
firmware language and the list of all available languages.
Currently their values are hard coded. With the patch a new configuration
variable EFI_PLATFORM_LANG_CODES is provided.
When initializing the UEFI subsystem this configuration variable is used to
initialize PlatformLangCodes. The value of variable PlatformLang is read.
If it is not set, the first language specified in EFI_PLATFORM_LANG_CODES
is used to initialize PlatformLang.
Suggested-by: Takahiro Akashi <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The first functions of the UEFI sub-system are invoked before reaching the
U-Boot shell, e.g. efi_set_bootdev(), efi_dp_from_name(),
efi_dp_from_file(). We should be able to print out device paths for
debugging purposes here.
When printing device paths via printf("%pD\n", dp) this invokes functions
defined as EFIAPI. So efi_save_gd() must be called beforehand.
So let's move the efi_save_gd() call to function initr_reloc_global_data(()
in board_r.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The statement '#define LOG_CATEGORY LOGL_ERR' makes not sense. LOGL_ERR is
not a LOG_CATEGORY. Remove the statement.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We should not install the HII protocols on every loaded image. It is
sufficient to install them once on the root node.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The x86 code and DT uses "spi-flash" to detect a flash node, switch to
"jedec,spi-nor" in the DTS files and in fdtdec by switching the
GENERIC_SPI_FLASH value to to jedec,spi-nor.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
This eliminates the need for intermediate helper functions and allow the
macros to return a value so that it can be used subsequently.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Hide the declaration of the "fd" variable When not building a DEBUG
configuration, to avoid the variable being unused.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Runtime tests are provided as a test_fdtdec command implementation. Add
a Kconfig symbol that allows this command to be built so that the tests
can be used.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The fdtdec_get_carveout() and fdtdec_set_carveout() function can be used
to read a carveout from a given node or add a carveout to a given node
using the standard device tree bindings (involving reserved-memory nodes
and the memory-region property).
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Thierry Reding <treding@nvidia.com>
This function can be used to add subnodes in the /reserved-memory node.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Thierry Reding <treding@nvidia.com>
The new fdt_generate_phandle() function can be used to generate a new,
unused phandle given a specific device tree blob. The implementation is
somewhat naive in that it simply walks the entire device tree to find
the highest phandle value and then returns a phandle value one higher
than that. A more clever implementation might try to find holes in the
current set of phandle values and fill them. But this implementation is
relatively simple and works reliably.
Also add a test that validates that phandles generated by this new API
are indeed unique.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When phys_addr_t printf specifier support was first introduced in commit
1eebd14b79 ("vsprintf: Add modifier for phys_addr_t"), it was enabled
only if CONFIG_CMD_NET was selected. Since physical addresses are not
unique to networking support it doesn't make sense to conditionally add
it in those cases only. Move support for it outside of the CMD_NET guard
so that the specifier is always supported.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add required Kconfig symbols, Makefile bits and macro fixes in a
few places to support LZO and DT compression in U-Boot. This can
save a lot of space with multi-DTB fitImages.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Allow enabling both LZO and GZIP DT compression in SPL and fix a
bug where if the GZIP decompression failed, the LZO decompression
would not even be attempted.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Split fdtdec_setup_memory_banksize() into fdtdec_setup_memory_banksize_fdt(),
which allows the caller to pass custom blob into the function and the
original fdtdec_setup_memory_banksize(), which uses the gd->fdt_blob. This
is useful when configuring the DRAM properties from a FDT blob fragment
passed in by the firmware.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Split fdtdec_setup_mem_size_base() into fdtdec_setup_mem_size_base_fdt(),
which allows the caller to pass custom blob into the function and the
original fdtdec_setup_mem_size_base(), which uses the gd->fdt_blob. This
is useful when configuring the DRAM properties from a FDT blob fragment
passed in by the firmware.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In the extended text input protocol CTRL-A - CTRL-Z have to be signaled as
Unicode characters a-z or A-Z depending on the shift state and not as 0x01
to 0x1a.
Update Python unit test.
This patch is required for using the EFI shell `edit` command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
EFI shell command edit uses the SetInfo() methods to unset the read only
attribute of the file to be edited. So let efi_file_setinfo() return
success in this case.
Return an error if the function is called for to rename or resize a file
as we do not support this yet.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The EFI shell expects that after opening a file with EFI_FILE_MODE_CREATE
GetInfo() succeeds. Up to now we do not actually create the file when
method Open() of the EFI_FILE_PROTOCOL is called.
If method Open() of the EFI_FILE_PROTOCOL is called with
EFI_FILE_MODE_CREATE and the file does not yet exist, call fs_write() with
a buffer size of zero to actually create the file.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For debugging it is helpful to know the address of the file handle created
by the Open() method of the EFI file protocol. So let's write it with
EFI_PRINT().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Those two functions will be used later to re-implement do_bootefi_exec().
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
To meet UEFI spec v2.7a section 9.2, we should add
EFI_LOADED_IMAGE_DEVICE_PATH_PROTOCOL to image handle,
instead of EFI_DEVICE_PATH_PROTOCOL.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Since TianoCore EDK2 commit d65f2cea36d1 ("ShellPkg/CommandLib: Locate
proper UnicodeCollation instance") in edk2 the UEFI Shell crashes if EFI
variable PlatformLang is not defined.
As this variable is anyway prescribed in the UEFI 2.7 spec let's define it
to L"en-US". Use the same value for PlatformLangCodes that defines the list
of all supported languages.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For debug messages inside EFI API functions we should use the EFI_PRINT
macro which gives us well aligned output like:
EFI: Entry efi_allocate_pool_ext(4, 14, 000000007edd7718)
EFI: efi_add_memory_map: 0x7dcfa000 0x1 4 yes
EFI: Exit: efi_allocate_pool_ext: 0
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For debug messages inside EFI API functions we should use the EFI_PRINT
macro which gives us well aligned output like:
EFI: Entry efi_get_variable("PlatformLang" ...)
EFI: get 'efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_PlatformLang'
EFI: Exit: efi_get_variable: 14
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add parameter checks in the StartImage() and Exit() boottime services:
- check that the image handle is valid and has the loaded image protocol
installed
- in StartImage() record the current image
- in Exit() check that the image is the current image
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Use a checksum to validate that efi_free_pool() is only called for memory
allocated by efi_allocated_pool().
Add a plausibility check to efi_free_pages() checking that the address
passed is page aligned.
Update related function comments to match Sphinx style.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In efi_selftest_start_image_exit.c test the image_base and image_size are
correctly set in the loaded image protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Currently, image's image_base points to an address where the image was
temporarily uploaded for further loading. Since efi_loader relocates
the image to final destination, image_base and image_size should reflect
that.
This bug was detected in UEFI SCT, "Loaded Image Protocol Test - test 2,"
which shows that 'Unload' function doesn't fit into a range suggested by
image_base and image_size.
TestCase/UEFI/EFI/Protocol/LoadedImage/BlackBoxTest/
LoadedImageBBTestMain.c:1002
Changes in this patch also includes:
* reverts a patch, "efi_loader: save image relocation address
and size" since newly added fields are no longer needed.
* copy PE headers as well since those information will be needed
for module loading, in particular, at gurb.
(This bug was reported by Heinrich.)
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Rebase patch.
Remove unused fields from struct efi_loaded_image_obj.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit 0e18f584de ("efi_loader: LoadImage: always allocate new pages")
ensured that whether we load an image from file or from memory we end up
with the same number of newly allocated buffers. But essentially we ended
up with one buffer too many in both cases:
efi_load_pe() copies and rebases the UEFI image.
We do not need the buffer with the file contents afterwards.
Fixes: 0e18f584de ("efi_loader: LoadImage: always allocate new pages")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We'd better use correct way to check if module has enabled.
for we have 3 timer MACRO:
- CONFIG_TIMER
- CONFIG_SPL_TIMER
- CONFIG_TPL_TIMER
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
We currently only support EFI_FILE_PROTOCOL_REVISION while
UEFI specs 2.4 - 2.7 prescribe EFI_FILE_PROTOCOL_REVISION2.
Add a todo.
Add missing constants for the EFI file protocol revision.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The pointer checksum were used before checking that it
isn't NULL. We move the code that use it after the check.
Reported-by: Coverity (CID: 185835)
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The check testing the string result of get_string() returned the wrong
result. The result was ignored.
Use efi_st_strcmp_16_8() for the string comparison.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
printf("%ls", ..) expects u16 * as argument to print. There is not need for
a conversion to wchar_t *.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
It does not make any sense to check if a pointer is NULL if we have
dereferenced it before.
Reported-by: Coverity (CID 185827)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add a missing return statement in efi_get_next_variable_name().
Reported-by: Coverity (CID 185834)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_allocate_pages() expects a (uint64_t *) pointer to pass the address of
the assigned memory. If we pass the address of a pointer here, an illegal
memory access occurs on 32bit systems.
Fixes: 282a06cbca ("efi_loader: Expose U-Boot addresses in memory map
for sandbox")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Since commit f51a226436 ("efi_loader: provide freestanding library") in
parallel builds errors
lib/efi_selftest/../efi_loader/efi_freestanding.o:
file not recognized: File truncated
occur. Obviously make cannot correctly sequence parallel builds with a
dependency like ../efi_loader/efi_freestanding.o.
Fixes: f51a226436 ("efi_loader: provide freestanding library")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Function term_read_reply tries to read from the serial console until
the end_char was read. This can hang forever if we are, for some reason,
not able to read the full response (e.g. serial buffer too small,
frame error). This patch moves the timeout detection into
term_read_reply() to assure we will make progress.
Fixes: 6bb591f704 ("efi_loader: query serial console size reliably")
Signed-off-by: Matthias Brugger <mbrugger@suse.com>
Throw missing error when an incomplete reply for the cursor position is
received.
Change type of argument of term_get_char() *s32. This renders the function
reusable in efi_cin_read_key().
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When package types are not supported by our implementation of the HII
database protocol supported error messages are displayed.
Essentially the output is only needed for debugging. By using EFI_PRINT()
the messages are only written for in debug mode and with correct
indentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In new_package_list() we call new_packagelist() to create a new package
list. Next we try to add the packages which fails for form packages. Due
to this error we call free_packagelist(). Now in free_packagelist()
list_del() is called for an uninitialized field hii->link. This leads to
changing random memory addresses.
To solve the problem move the initialization of hii->link to
new_packagelist().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In the `efidebug boot add` command we do not want an unsolicited leading
backslash added to the file name.
There is no good reason to mark a loaded file with a backslash as absolute.
Anyway when reading files the file name will be interpreted as relative to
root directory of the device.
So let's get rid of this backslash.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Since commit 914df75b0c ("efi_loader: fix EFI entry counting")
entry_count is already set to 1 before efi_bootmgr_load() is called. So we
should not increment it when entering the function.
Without the patch an assert error occurs in efi_get_variable() if DEBUG is
defined.
Fixes: 914df75b0c ("efi_loader: fix EFI entry counting")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For booting via `bootefi bootmgr` it is necessary that the EFI variable
BootOrder is defined. Provide a diagnostic message if the variable is
missing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When in pack_byte_string() memcpy() is called for size 0 the source buffer
address has no relevance. So we can use NULL here.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
If the last block in the relocation table contains only a single
relocation, the current coding ignores it.
Fix the determination of the end of the relocation table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- Add missing function descriptions.
- Update existing function descriptions to match Sphinx style.
- Add lib/efi_loader/efi_image_loader.c to the input files for Sphinx
generated documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
`bootefi selftest` fails on qemu-x86_defconfig if efi_selftest() is not
invoked using EFI_CALL().
Likewise we call the entry point of EFI payloads with
EFI_CALL(efi_start_image()).
entry_count indicates if we are in U-Boot (1) or in EFI payload code (0).
As we start in U-Boot code the initial value has to be 1.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Remove the duplicate code in efi_do_enter() and use efi_start_image() to
start the image invoked by the bootefi command.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Up to now efi_load_pe() returns the entry point or NULL in case of an
error. This does not allow to return correct error codes from LoadImage().
Let efi_load_pe() return a status code and fill in the entry point in the
corresponding field of the image object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If we want to properly unload images in Exit() the memory should always be
allocated in the same way. As we allocate memory when reading from file we
should do the same when the original image is in memory.
A further patch will be needed to free the memory when Exit() is called.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In case of an error we should set the returned pointers to NULL. This
ensures that an illegal free does not occur even if the caller calls
free() for the handles.
If protocols cannot be installed, release all resources.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit 0e66c10a7d ("lib: vsprintf: avoid overflow printing UTF16
strings") broke the Unicode unit tests: an illegal UTF16 code point
should be printed as '?'.
Fixes: 0e66c10a7d ("lib: vsprintf: avoid overflow printing UTF16 strings")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Provide a unit test that calls LoadImage() with a file device path and
executes the application via StartImage().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If the path passed to efi_dp_split_file_path() does not contain a
reference to a file it returns EFI_OUT_OF_RESOURCES. This does not properly
indicate the kind of the problem that occurred. Return
EFI_INVALID_PARAMETER instead.
Update function description.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In efi_selftest we are in EFI land. We cannot call U-Boot library
functions malloc() and free() but should use the boot time services
instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
In efi_selftest we are in EFI land. We should not use U-Boot library
functions but boot time services for memory management.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Alexander Graf <agraf@suse.de>
We check the existence of files with fs_exist(). This function calls
fs_close(). If we do not set the active block device again fs_opendir()
fails and we do not set the flag EFI_FILE_DIRECTORY. Due to this error the
`cd` command in the EFI shell fails.
So let's add the missing set_blk_dev(fh) call.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We have to ensure while printing UTF16 strings that we do not exceed the
end of the print buffer.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Heinrich ran into issues with HII and iPXE which lead to #SErrors on
his Odroid-C2 system. We definitely do not want to regress just yet,
so let's not expose the HII protocols by default.
Instead, let's make it a config option that people can play with
This way, we can stabilize the code in tree without breaking any
users.
Once someone figures out, why this breaks iPXE (probably a NULL
dereference), we can enable it by default.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- Remove HII selftest as well
v2 -> v3:
- Make config option
For correct indention use EFI_PRINT() instead of debug().
For printing efi_uintn_t or size_t use the %zu or %zx format code.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_st_printf() does not support format code %ld. Anyway the format code
for size_t would be %zu which isn't supported either.
We do not want any divisions to avoid invalid references to integer
arithmetic routines, cf.
https://gcc.gnu.org/onlinedocs/gccint/Integer-library-routines.html.
As a simple remedy remove the noisy messages from the output.
They are not relevant for automated testing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This efi_selftest tests HII database protocol and HII string protocol.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch is a place holder for HII configuration routing protocol and
HII configuration access protocol.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow for handling keyboard layout package in HII database protocol.
A package can be added or deleted in HII database protocol, but
we don't set 'current' keyboard layout as there is no driver that
requests a keyboard layout.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow for handling GUID package in HII database protocol.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch provides enough implementation of the following protocols to
run EDKII's Shell.efi and UEFI SCT:
* EfiHiiDatabaseProtocol
* EfiHiiStringProtocol
Not implemented are:
* ExportPackageLists()
* RegisterPackageNotify()/UnregisterPackageNotify()
* SetKeyboardLayout() (i.e. *current* keyboard layout)
HII database protocol in this patch series can handle only:
* GUID package
* string package
* keyboard layout package
(The other packages, except Device path package, will be necessary
for interactive and graphical UI.)
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Our implementation of GetNextVariableName() relies on
CONFIG_REGEX=y. So EFI_LOADER has to select it.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Our current implementation of GetNextVariableName() first collects all EFI
variables. If none is found at all hexport_r() returns a zero length string
terminated by \0 and the value 1 as number of bytes in the returned buffer.
In this case GetNextVariableName() has to return EFI_NOT_FOUND.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Symbolic links are not supported on all file systems, e.g. not on FAT. So
it is not wise to use them in our source tree.
Use a qualified path to refer to lib/efi_loader/efi_freestanding.c in
scripts/Makefile.lib instead.
Reported-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: Fix build with O=]
Signed-off-by: Alexander Graf <agraf@suse.de>
Helloworld does not need its own memcpy() implementation anymore. Use the
one provided in efi_freestanding.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
GCC requires that freestanding programs provide memcpy(), memmove(),
memset(), and memcmp().
Add the library functions when building a *.efi files.
The EFI selftests might use other compilation flags. So use a symbolic
link to provide lib/efi_selftest/efi_freestanding.c and compile it
separately.
Reported-by: Alexander Graf <agraf@suse.de>
Fixes: 5be444d14b38 ("efi_loader: consistent build flags for EFI applications")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
GCC requires that freestanding programs provide memcpy(), memmove(),
memset(), and memcmp().
Provide the required library functions.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
There is a bug in efi variables test.
Fix it with some cosmetic improvements.
Please note that efi variables test still fails at QueryVariableInfo()
and GetVariable(), but this is not due to a change in this patch.
==8<==
Testing EFI API implementation
Selected test: 'variables'
Setting up 'variables'
Setting up 'variables' succeeded
Executing 'variables'
.../u-boot/lib/efi_selftest/efi_selftest_variables.c(60):
TODO: QueryVariableInfo failed
.../u-boot/lib/efi_selftest/efi_selftest_variables.c(131):
TODO: GetVariable returned wrong length 7
.../u-boot/lib/efi_selftest/efi_selftest_variables.c(133):
TODO: GetVariable returned wrong value
Executing 'variables' succeeded
Boot services terminated
Summary: 0 failures
==>8==
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The current GetNextVariableName() is a placeholder.
With this patch, it works well as expected.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
rebased on efi-next
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Comment the functions implementing the runtime variable services.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Replace duplicate function mem2hex() by inline function bin2hex().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use existing inline function hex2bin() instead of defining a new one.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At the same time adding and removing the -Os flag does not make any sense.
Actually it leads to -Os not being used.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
UTF-16 strings in our code should all be u16 *. Fix an inconsistency for
file names which may lead to a warning for printf("%ls", ).
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
CopyMem() must support overlapping buffers. So replace memcpy() by
memmove().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Stating the function module is sufficient. We don't need file and line
number. Anyway the format code for the line number was incorrect (should
be %d).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For some API calls checks for the return values are missing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For some API calls checks for the return values are missing.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Running the simple network protocol test on the sandbox requires setting
the environment variable ethact to a network interface connected to a DHCP
server and ethrotate to 'no'. So let's make it an on-request test on the
sandbox (selectable by setting environment variable efi_selftest).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The SetVariable() runtime service does not change the data passed to it.
So mark the parameter as constant.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The runtime variable services never change GUIDs. So we should declare
the GUID parameters as constant.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function, efi_init_obj_list(), can be shared in different pseudo efi
applications, like bootefi/bootmgr as well as my efishell. Moreover, it
will be utilized to extend efi initialization, for example, my "removable
disk support" patch and "capsule-on-disk support" patch in the future.
So with this patch, it will be moved to a new file, efi_setup.c, under
lib/efi_loader and exported, making no changes in functionality.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Remove lines deactivated by #if 1 #else
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
ARMv7-M only supports the Thumb instruction set. Our current crt0 code does
not support it. With the patch we can build all unit tests of the EFI
subsystem that do not require crt0.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We use u16* for Unicode strings and efi_uintn_t for UINTN. Correct the
signature of efi_exit() and efi_start_image().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Commit 7b78d6438a ("efi_loader: Reserve unaccessible memory") introduced
a comparison between RAM top and RAM start that was not known at the time
when the patch of commit 49759743bf ("efi_loader: eliminate sandbox
addresses") was written.
The sandbox uses an address space that is only relevant in the sandbox
context. We have to map ram_top from the sandbox address space to the
physical address space before using it in the EFI subsystem.
Fixes: 49759743bf ("efi_loader: eliminate sandbox addresses")
Fixes: 7b78d6438a ("efi_loader: Reserve unaccessible memory")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
EFI_ENTRY in efi_connect_controller() should use %pD to print the remaining
device path.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The first parameter of efi_add_runtime_mmio() is a pointer to a
pointer. This should be reflected in the documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add u16_strcpy() and u16_strdup(). The latter function will be
used later in implementing efi HII database protocol.
Signed-off-by: Akashi Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Common sound support
buildman environment support
of-platdata documentation improvements
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAlxf7igRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYKfggApQiL0Gv6NdGAQN+zfpjKY5a2QyjKsAxa
KLm3q8XyXIQXufMWOEPoW1iWm0iixpIFgChy8ff3m/OPDzsx99UXDTyvjitsSxtQ
5tFu8K78nUZT6OOE3HNhhlyW/xK442oKBzGt4MUt3kUZOELsCNuftgbJUWksHuO3
6pPrgt36E0uRGbUA4ioYCU336viJRPOOCdqb8hHViEihFj/IEv5T82RdE5y97YxG
dT7BZxjPkBH5ZN1uD/tdxG1k6IZBagZiYoDAsYp4YqNwmVsm5sLrZ9QVSf7EcH/y
qX8butZesiMd7xm7RROlrIImh7fb36N3zsoRiUWZDo1Al3IRkmZyVA==
=tdut
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-10feb19' of git://git.denx.de/u-boot-dm
Samsung sound patches (applied for Samsung maintainer)
Common sound support
buildman environment support
of-platdata documentation improvements
This enum still exists but we can shrink it a little based on recent
driver-model conversions with samsung. Update it to remove unused items.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
The board_r init function was complaining that we are looping through
an array, calling all our tiny init stubs sequentially via indirect
function calls (which can't be speculated, so they are slow).
The solution to that is pretty easy though. All we need to do is inline
the function that loops through the functions and the compiler will
automatically convert almost all indirect calls into direct inlined code.
With this patch, the overall code size drops (by 40 bytes on riscv64)
and boot time should become measurably faster for every target.
Signed-off-by: Alexander Graf <agraf@suse.de>
Only first previously deleted entry was recognized, leading hsearch_r
to think that there was no previously deleted entry. It then conluded
that a free entry was found, even if there were no free entries and it
overwrote a random entry.
This patch makes sure all deleted or free entries are always found and
also introduces constants for the 0 and -1 numbers. Unit tests to excersise a
simple hash table usage and catch the corruption were added.
To trash your environment, simply run this loop:
setenv i 0
while true; do
setenv v_$i $i
setenv v_$i
setexpr i $i + 1
done
Signed-off-by: Roman Kapl <rka@sysgo.com>
Find out the highest alias ID used for certain subsystem.
This call will be used for alocating IDs for i2c buses which are not
described in DT.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
* support for Chromebook Bob
* full pinctrl driver using DTS properties
* documentation improvements
* I2S support for some Rockchip SoCs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJcVG0IAAoJECaAFcEOcohNKVAIAJd3DN/qudcVQdkuvAGK6WIk
Umxkm6rxHwur7oU+wxvK1p1l/0YTFBeCfo15quH1DkSc/WIUnmBlLmDvqpGVmPmh
ydZNE9ZChn0OKRIaM6pKJr+3p155cQDe6Mgg2j/5CnNx28KxT+vu7EqZbZvbQPag
wcZEK6Z6E5jMVHVn2lbLgmsBPmY7ksX168IqpvzTxIj0a4J3n0DcJUnO4RBBS0Q2
PGEvFhTvigVWs6r6GL0gLn3VwnQX30xQlIuKKORPcdhjk97cJcS4+bRxdTENTKD9
j3+pgyl1n04O8sPONZS7pH3fvJwtC6SwnoxTYxGrvjedw1LxbyHG3cqcGDg/TJ8=
=ik3X
-----END PGP SIGNATURE-----
Merge tag 'for-master-20190201' of git://git.denx.de/u-boot-rockchip
u-boot-rockchip changes for 2019.04-rc1:
* support for Chromebook Bob
* full pinctrl driver using DTS properties
* documentation improvements
* I2S support for some Rockchip SoCs
This fixes the automatic lmb initialization and reservation for boards
with more than one DRAM bank.
This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load
files into the firs DRAM bank from fs and via tftp.
Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present this function uses printf() format strings that are not
supported in SPL, so the output just consists of %llx strings on 64-bit.
machines. Fix this by adding a special case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
slre_match() checks if caps == NULL. In this case it does not try to
update it. So there is no need to create a buffer caps which we do not
evaluate.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Change multiple usages of 'j' into 'rgn'; fix whitespace/coding style
reported by patman.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
As a follow-up, change the name of the newly introduced function
'lmb_get_unreserved_size' to 'lmb_get_free_size', which is more
appropriate.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fix test/lib/lmb.c]
Signed-off-by: Tom Rini <trini@konsulko.com>
This fixes CVE-2018-18439 ("insufficient boundary checks in network
image boot") by using lmb to check for a valid range to store
received blocks.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
[trini: Always build lib/lmb.o on LMB and lib/fdtdec.o on OF_LIBFDT]
Signed-off-by: Tom Rini <trini@konsulko.com>
This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
image load") by using lmb to check the load size of a file against
reserved memory addresses.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This adds two new functions, lmb_alloc_addr and
lmb_get_unreserved_size.
lmb_alloc_addr behaves like lmb_alloc, but it tries to allocate a
pre-specified address range. Unlike lmb_reserve, this address range
must be inside one of the memory ranges that has been set up with
lmb_add.
lmb_get_unreserved_size returns the number of bytes that can be
used up to the next reserved region or the end of valid ram. This
can be 0 if the address passed is reserved.
Added test for these new functions.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
boot_fdt_add_mem_rsv_regions() adds reserved memory sections to an lmb
struct. Currently, it only parses regions described by /memreserve/
entries.
Extend this to the more commonly used scheme of the "reserved-memory"
node.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
lmb_add_region handles overlapping regions wrong: instead of merging
or rejecting to add a new reserved region that overlaps an existing
one, it just adds the new region.
Since internally the same function is used for lmb_alloc, change
lmb_add_region to reject overlapping regions.
Also, to keep reserved memory correct after 'free', reserved entries
created by allocating memory must not set their size to a multiple
of alignment but to the original size. This ensures the reserved
region is completely removed when the caller calls 'lmb_free', as
this one takes the same size as passed to 'lmb_alloc' etc.
Add test to assert this.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
The lmb code fails if base + size of RAM overflows to zero.
Fix this by calculating end as 'base + size - 1' instead of 'base + size'
where appropriate.
Added tests to assert this is fixed.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Buildman clang support and a few fixes
Small fixes to 'dm tree' and regmap test
Improve sandbox build compatibility
A few other minor fixes
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAlw+AlIACgkQfxc6PpAI
reYchAf+L/P5JsLoCKAY84v11eWQkCS44idAYStD8Q023dyuyNC/W6G3qEQVGkHu
SXBzNrZ5wSJanN5I3h3ktJ7yfMOYIvSO2qLHphxDstPaZbCY4Zac6NywHrHxQpA9
fbSilQRbcVWrPo5rsjjZhXmMdQRZVOmGD6CYZj1AihWAiHfYth7f6laNWNTWQA8C
z+aoiF70t/PbvwFbgdzzYOjoGdXI9XML0xTqdLWRlsBKjf3z54pCV6LmN2xrsrDZ
k7lr+x7ajJUFhivxzjowf4aOjhDB+/+I3sr+hJ5vkMM0Kqg14bbEU+xJRGpDc18K
QPvVHT5JGe/nq1cZXuCqzrYxTrrA7A==
=w9ln
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-15jan19' of git://git.denx.de/u-boot-dm
Fix recent changes to serial API for driver model
Buildman clang support and a few fixes
Small fixes to 'dm tree' and regmap test
Improve sandbox build compatibility
A few other minor fixes
Add the dollar_complete() function to auto-complete arguments starting
with a '$' and use it in the cmd_auto_complete() path such that all
args starting with a $ can be auto-completed based on the available env
vars.
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
[trini: Fix some linking problems]
Signed-off-by: Tom Rini <trini@konsulko.com>
The uuid command is only really useful in U-Boot, but it's useless in
SPL. Worse yet, it pulls in various environment manipulation functions
as it call env_set(). Do not compile the command in in SPL.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Tom Rini <trini@konsulko.com>
With 8 bytes addressing even on 32 bit machines these checks
are no longer valid. Remove them.
Signed-off-by: Keerthy <j-keerthy@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The printf() string here is not actually correct. Add a cast to avoid
a warning when checking is enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
While changing the RTS alignment to 64KB in commit 7a82c3051c
("efi_loader: Align runtime section to 64kb") the relocation code
started to break.
The reason for that is that we didn't actually look at the real
relocation data. We merely took the RUNTIME_CODE section as a
hint and started to relocate based on self calculated data from
that point on. That calculation was now out of sync though.
To ensure we're not running into such a situation again, this patch
makes the runtime relocation code a bit more robust. We can just
trust the phys/virt hints from the payload. We also should check that
we really only have a single section, as the code doesn't handle
multiple code relocations yet.
Fixes: 7a82c3051c ("efi_loader: Align runtime section to 64kb")
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reported-by: Loic Devulder <ldevulder@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Loic Devulder <ldevulder@suse.de>
Tested-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
In commit 483dbab9f9 ("lib: crc32: mark function crc32() as
__efi_runtime") one local static variable was missed. It did not end up in
the __efi_runtime_data section as it should.
If CONFIG_DYNAMIC_CRC_TABLE=y a data abort execption may occur when the
UEFI payload calls the SetVirtualAddressMap() runtime service.
Reported-by: Dominik Adamski <dominik.adamski@northerntech.community>
Fixes: 483dbab9f9 ("lib: crc32: mark function crc32() as __efi_runtime")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reading the position in a file after closing the same results in a read
after free.
Correct the sequence in the test.
Reported-by: Marek Vasut <marek.vasut@gmail.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The commit below incorrectly fixed hexport_r();
> size = totlen + 1;
One extra byte is necessary to NULL-terminate a whole buffer, "resp."
Fixes: f1b20acb4a ("hashtable: Fix length calculation in hexport_r")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Building U-Boot with CONFIG_PCI and CONFIG_DM_PCI enabled, but
CONFIG_SPL_PCI_SUPPORT disabled, results in following linker
error:
lib/built-in.o: In function `fdtdec_get_pci_bar32':
lib/fdtdec.c:305: undefined reference to `dm_pci_read_bar32'
fdtdec.c:305:(.text.fdtdec_get_pci_bar32+0x24): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol `dm_pci_read_bar32'
This is because reference to dm_pci_read_bar32() remains in lib/fdtdec.c
while SPL build does not descend into drivers/pci directory in
drivers/Makefile if CONFIG_SPL_PCI_SUPPORT is not enabled.
Fix this by applying appropriate #define guards in lib/fdtdec.c.
It looks like ns16550.c has the same problem, so fixed that too.
To simplify this, CONFIG_SPL_PCI_SUPPORT is renamed to CONFIG_SPL_PCI
(enables use of CONFIG_IS_ENABLED() macro).
Suggested-by: Vignesh R <vigneshr@ti.com>
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
In some cases it may be useful to be able to change the fdt we have been
using and use another one instead. For example, the TI platforms uses an
EEPROM to store board information and, based on the type of board,
different dtbs are used by the SPL. When DM_I2C is used, a first dtb must
be used before the I2C is initialized and only then the final dtb can be
selected.
To speed up the process and reduce memory usage, introduce a new function
fdtdec_setup_best_match() that re-use the DTBs loaded in memory by
fdtdec_setup() to select the best match.
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
The CRC16-CCITT checksum function is useful for space-constrained
applications (such as obtaining a checksum across a 2KBit or 4KBit
EEPROM) in boot applications. It has not been accessible from boot
scripts until now (due to not having a dedicated command and not being
supported by the hash infrstructure) limiting its applicability
outside of custom commands.
This adds the CRC16-CCITT (poly 0x1021, init 0x0) algorithm to the
list of available hashes and adds a new crc16_ccitt_wd_buf() to make
this possible.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[trini: Fix building crc16.o for SPL/TPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
This merges the CRC16-CCITT headers into u-boot/crc.h to prepare for
rolling CRC16 into the hash infrastructure. Given that CRC8, CRC32
and CRC32-C already have their prototypes in a single header file, it
seems a good idea to also include CRC16-CCITT in the same.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
There is only one place in the code which assumes at build-time that we
are using either a v1 or a v2 TPM. Fix this up and add a new function to
return the version of a TPM.
Supported TPM versions (v1 and v2) can be enabled independently and it is
possible to use both versions at once. This is useful for sandbox when
running tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
This release is fully packed with lots of glorious improvements in UEFI
land again!
- Make PE images more standards compliant
- Improve sandbox support
- Improve correctness
- Fix RISC-V execution on virt model
- Honor board defined top of ram (fixes a few boards)
- Imply DM USB access when distro boot is available
- Code cleanups
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJcBYKAAAoJECszeR4D/txgBgwQALmYioI67R5/Iizpv7bg+rIQ
0TyPKZHmfHtVjGHd5X4X+9NBsoaSKqGnoI12bJ+V9hIMuiu5qFKyM3icTOOJ6LI6
wggnvMWZl5nfZmdEgETHTmaZkQZzKwhzbftGlGf2j19FdDk1OOI7hRNLeaIZUTv0
VHiUV68PP/1Of1y7iqB5jij1wTUHWlCufKjGXELP0bAXx86/tecgCuvjBihXizz/
sMsCxEF8++pb5l/l4yFEkKd5rr5D/ZkKMLR4KniZVq2qP1S4calolP14ykHN+a/l
uKP4e4GDuYyrgXXTNRFhVTlaAn18bmvxH4ialnpYVZKRtfsdHPHQXfqmgf8ZgJPE
JK3mmG6eLCbBPeND2Yz3b7G/Ec04z+RJXx0hriyLdejLgp5jM9SBtygiz6FmQLpQ
VfDJNEWV7ot6Ejou55O0d9u5ATF0jAd4tikmsrStWWZOVHvie6nG0wFYiRxnWCKP
sid0p7lWSUKEl0sAvA0LglNMzd4tCAq7vtkfLj/BVrDc9Jpir9CVJ13ppXIGk1HC
YIGWLo0uXAGC9wgRE7ZgGCKtQ6VFZRbSiJQOowi4MrHzHXH218oSNz2w25tAVTBw
le2WbxlGNYhV1xnoWMks1GTdWGQDCXdfBAhfzRIvQq2kz4z9V8hzpnVDIk2ZL3L1
o3nqUatR0ZVXPcinf+Ke
=6o9t
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot
Patch queue for efi - 2018-12-03
This release is fully packed with lots of glorious improvements in UEFI
land again!
- Make PE images more standards compliant
- Improve sandbox support
- Improve correctness
- Fix RISC-V execution on virt model
- Honor board defined top of ram (fixes a few boards)
- Imply DM USB access when distro boot is available
- Code cleanups
We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Previous implementation of the rsa signature was using
the openssl API EVP_Sign*, but the new openssl API
EVP_DigestSign* is more flexible. So we move to this
new API.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In this patch, helper functions for an load option variable (BootXXXX)
are added:
* efi_deserialize_load_option(): parse a string into load_option data
(renamed from parse_load_option and exported)
* efi_serialize_load_option(): convert load_option data into a string
Those functions will be used to implement efishell command.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This is a preparatory patch for use in efi_serialize_load_option()
as a load option's file_path should have both a device path and
a file path.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec mandates that runtime sections are 64kb aligned to enable
support for 64kb page size OSs.
This patch ensures that we extend the runtime section to 64kb to be spec
compliant.
Signed-off-by: Alexander Graf <agraf@suse.de>
The variable name setup_ok might suggest a boolean with true indicating
OK. Let's avoid the misleading name.
%s/setup_ok/setup_status/g
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not call eth_rx() before the network interface is initialized.
The services of the simple network protocol should check the state of
the network adapter.
Add and correct comments.
Without this patch i.mx6 system Wandboard Quad rev B1 fails to execute
bootefi selftest.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Calling net_send_packet() requires that the buffer is aligned to a multiple
of PKTALIGN (= ARCH_DMA_MINALIGN). The UEFI spec does not require
efi_net_transmit() to be called with a buffer with any special alignment.
So we have to copy to an aligned buffer. The current coding copies to an
aligned buffer only if CONFIG_EFI_LOADER_BOUNCE_BUFFER=y. Many boards
like the Odroid C2 do not use a bounce buffer.
With the patch we copy to a correctly aligned buffer in all cases.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
To use the simple network protocol we have to call the start service first
and the initialize service second.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check that the memory area containing the device tree is marked as runtime
data.
Update the Python test to pass ${fdtcontroladdr} to bootefi.
Update the description of the Python test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The sandbox uses a virtual address space that is neither the physical nor
the virtual address space of the operating system. All address used on the
command line live in this address space. So also the environment variable
${fdtcontroladdr} has to be in this address space.
Commands like bootefi and booti receive the fdt address as parameter.
Without the patch ${fdtcontroladdr} cannot be used as parameter value on
the sandbox.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When allocating EFI memory pages the size in bytes has to be converted to
pages.
Provide a macro efi_size_in_pages() for this conversion.
Use it in the EFI subsystem and correct related comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Enable building the sandbox with CONFIG_EFI_SELFTEST.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This unit test checks the following runtime services:
AllocatePages, FreePages, GetMemoryMap
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not use the sandbox's virtual address space for the internal structures
of the memory map. This way we can eliminate a whole lot of unnecessary
conversions.
The only conversion remaining is the one when adding known memory.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
On some systems, not all RAM may be usable within U-Boot. Maybe the
memory maps are incomplete, maybe it's used as workaround for broken
DMA. But whatever the reason may be, a platform can say that it does
not wish to have its RAM accessed above a certain address by defining
board_get_usable_ram_top().
In the efi_loader world, we ignored that hint, mostly because very few
boards actually have real restrictions around this.
So let's honor the board's wish to not access high addresses during
boot time. The best way to do so is by indicating the respective pages
as "allocated by firmware". That way, Operating Systems will still
use the pages after boot, but before boot no allocation will use them.
Reported-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Baruch Siach <baruch@tkos.co.il>
We should use a logical or when combining logical values.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present this code casts addresses to pointers so cannot be used with
sandbox. Update it to use mapmem instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit 3170db63c4.
It reportedly breaks OpenBSD/armv7 booting and I've already received
complaints from people that it breaks some Linux armv7 systems as well.
We'll have to give this whole caching story a good bit more thought.
Reported-by: Jonathan Gray <jsg@jsg.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should be consistent in the types that we use to store Unicode strings.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If a memory bank is not EFI_PAGE_SIZE aligned efi_add_known_memory() the
number of memory pages may be incorrectly calculated.
We have to round up the start address and to round down the end address
to determine which complete pages are provided by the memory bank.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Using %zu for efi_intn_t (ssize_t) creates a build warning. Anyway %zu is
not supported by efi_st_error(). So let's convert to int.
Our implementation of StriColl() only returns -1, 0, or 1.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the max_addr parameter of efi_find_free_memory() is within bounds
of an existing map and fits the reservation, we just return that address
as allocation value.
That breaks however if max_addr is not page aligned. So ensure that it
always comes to us page aligned, simplifying the allocation logic.
Without this, I've seen breakage where we were allocating pages at -1U
(32bit) which fits into a region that spans beyond 0x100000000. In that
case, we would return 0xffffffff as a valid memory allocation, although
we usually do guarantee they are all page aligned.
Fix this by aligning the max address argument always.
Signed-off-by: Alexander Graf <agraf@suse.de>
With RELA absolute relocations, the relocation target contains our link
offset which we need to remove from the equation again. We did this
properly in the relative relocation path, but not in the absolute one.
So let's do this for the absolute one as well. That way, u-boot can have
a TEXT_OFFSET of != 0 and still relocate itself properly.
This fixes a bug where efi_loader did not work on the RISC-V QEMU port.
With this patch, I can successfully run UEFI applications on the RISC-V
QEMU port.
Reported-by: Auer, Lukas <lukas.auer@aisec.fraunhofer.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Linker generated arrays may be stored in code sections of memory that are
not writable. So let's allocate setup_ok as an array at runtime.
This avoids an illegal memory access observed in the sandbox.
Reported-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Factor out efi_set_bootdev() and extract efi_dp_from_name().
This function will be used to set a boot device in efishell command.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
If UninstallMultipleProtocolInterfaces fails, we sometimes return the wrong
status code. The UEFI spec mandates to always return EFI_INVALID_PARAMETER.
Update unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec defines that a line feed moves the cursor to the next line
and (only) a carriage return moves the cursor to the beginning of the line.
So we should issue CR LF when we want to get to the start of the next line.
Add some comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Rename the component parent of some EFI objects to header. This avoids
misunderstandings.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
A pointer to a struct efi_object is a handle. We do not need any handle
member in this structure. Let's eliminate it.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
All our handles point to a struct efi_object. So let's define the
efi_handle_t accordingly. This helps us to discover coding errors much
more easily. This becomes evident by the corrections to the usage of
handles in this patch.
Rename variable image_handle to image_obj where applicable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
fix typos
correct the header comment of efi_selftest_variables.c
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the last protocol interface has been uninstalled remove the handle.
Adjust ReinstallProtocol so that it does not remove the handle.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow an EFI application to shut down the system.
If EFI_RESET_SHUTDOWN is issued call do_poweroff().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Test the handling of execptions by trying to execute an undefined
instruction. For 32bit ARM we expect \selftest to be listed as loaded
image.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not make anything in lib/efi_selftest if
CONFIG_CMD_BOOTEFI_SELFTEST is not defined.
We can make that test in lib/Makefile
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present many TPM calls assume there is only one TPM in the system and
look up this TPM themselves. This is inconsistent with driver model, which
expects all driver methods to have a device parameter. Update the code to
correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present these functions are not accessible outside the TPM library, but
in some cases we need to call them. Export them in the header file and add
a define for the SHA1 digest size.
Also adjust tpm_open() to call tpm_close() first so that the TPM is in a
known state before opening (e.g. by a previous phase of U-Boot).
Signed-off-by: Simon Glass <sjg@chromium.org>
In some cases U-Boot is compressed and it is useful to be able to
decompress it in SPL. Add a Kconfig and Makefile change to allow this.
Note that this does not actually implement decompression.
Signed-off-by: Simon Glass <sjg@chromium.org>
When U-Boot proper is compiled with CONFIG_MULTI_DTB_FIT and tries
to call uncompress_blob(), it fails with -ENOTSUPP. This is because
the full implementation of this function which includes compression
is available only in SPL. In U-Boot proper or if the compression is
not enabled, the blob is not compressed and thus can be passed to
locate_dtb_in_fit() in fdtdec_setup() without any changes. Pass the
blob without any changes if compression is not enabled instead of
failing.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Michal Simek <michal.simek@xilinx.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
A specially crafted FIT image makes it possible to overflow the stack
with controlled values when using the verified boot feature. Depending
on the memory layout, this could be used to overwrite configuration
variables on the heap and setting them to 0, e.g. disable signature
verification, thus bypassing it.
This change fixes a bug in fdt_find_regions where the fdt structure is
parsed. A lower value than -1 of depth can lead to a buffer underflow
write on the stack.
Signed-off-by: Konrad Beckmann <konrad.beckmann@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When a driver declares DM_FLAG_PRE_RELOC flag, it wishes to be
bound before relocation. However due to a bug in the DM core,
the flag only takes effect when devices are statically declared
via U_BOOT_DEVICE(). This bug has been fixed recently by commit
"dm: core: Respect drivers with the DM_FLAG_PRE_RELOC flag in
lists_bind_fdt()", but with the fix, it has a side effect that
all existing drivers that declared DM_FLAG_PRE_RELOC flag will
be bound before relocation now. This may expose potential boot
failure on some boards due to insufficient memory during the
pre-relocation stage.
To mitigate this potential impact, the following changes are
implemented:
- Remove DM_FLAG_PRE_RELOC flag in the driver, if the driver
only supports configuration from device tree (OF_CONTROL)
- Keep DM_FLAG_PRE_RELOC flag in the driver only if the device
is statically declared via U_BOOT_DEVICE()
- Surround DM_FLAG_PRE_RELOC flag with OF_CONTROL check, for
drivers that support both statically declared devices and
configuration from device tree
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Introduce a new Kconfig option for architecture codes to control
whether it provides io{read,write}{8,16,32} I/O accessor functions.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
part_init() is currently called in every DM BLK driver, either
in its bind() or probe() method. However we can use the BLK
uclass driver's post_probe() method to do it automatically.
Update all DM BLK drivers to adopt this change.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently the efi block driver uses priv_auto_alloc_size for the
driver data, however that's only available after the device probe
phase. In order to make it accessible in an earlier phase, switch
to use platdata_auto_alloc_size instead.
This patch is the prerequisite for the follow up patch of DM BLK
driver changes to work with EFI loader.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We may have, the not yet considered, scenario where OPTEE is loaded before
u-boot and *not* by u-boot, e.g, the boot flow using the ARM Trusted
Firmware (ATF), where in the 32bit flow is:
BootRom->ATF(BL2)->Optee(BL32)->u-boot(BL33)
In this case we need still to reserve the memory used by optee, to avoid
for example to realocate ourself to the same address at the end of DRAM.
So, we change here the dependencies on the OPTEE lib and we set the default
size and base of TZRAM to zero.
Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Cc: Ryan Harkin <ryan.harkin@linaro.org>
Cc: u-boot@lists.denx.de
Remove a superfluous statement in efi_dp_get_next_instance().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When the last protocol interface is uninstalled the handle is deleted but
this does not set the value of the handle to NULL.
To create a new handle with OpenProtocolInterface the value of the handle
must be NULL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
As observed with clang:
lib/efi_loader/efi_boottime.c:1624:7: warning: variable 'info'
is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
if (ret != EFI_SUCCESS)
^~~~~~~~~~~~~~~~~~
lib/efi_loader/efi_boottime.c:1653:7: note: uninitialized use
occurs here
free(info);
^~~~
lib/efi_loader/efi_boottime.c:1624:3: note: remove the 'if' if
its condition is always false
if (ret != EFI_SUCCESS)
^~~~~~~~~~~~~~~~~~~~~~~
lib/efi_loader/efi_boottime.c:1602:31: note: initialize the
variable 'info' to silence this warning
struct efi_loaded_image *info;
^
= NULL
Rather than change how we unwind the function it makes the most sense to
initialize info to NULL so that we can continue to pass it to free().
Fixes: c982874e93 ("efi_loader: refactor efi_setup_loaded_image()")
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Do not leak native_name if out of memory.
This addresses CoverityScan CID 184095.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When is_dir() is called we have already execute set_blk_dev(fh).
So don't call it again.
This fixes CoverityScan CID 184093.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use a return type that can encompass the return value.
This fixes CoverityScan CID 184090.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
getc() might return an error code. Avoid an incorrect converison to
Unicode.
This addresses CoverityScan CID 184087.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The first parameter of efi_allocate_pool is a memory type. It cannot be
EFI_ALLOCATE_ANY_PAGES. Use EFI_BOOT_SERVICES_DATA instead.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec requires that file positions are passed as u64 in
GetPosition() and SetPosition().
Check if the file handle points to a directory in GetPosition().
Provide a unit test for GetPosition() and SetPosition().
Fix Coverity warning CID 184079 (CONSTANT_EXPRESSION_RESULT).
Add comments.
Fixes: b6dd577737 ("efi_loader: use correct types in EFI_FILE_PROTOCOL")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently the relocation of the EFI runtime on x86_64 fails. This renders
the EFI subsystem unusable. The ELF relocation records for x86_64 contain
an addend field.
Always write the function name into error messages related to the EFI
runtime relocation.
Break an excessively long line.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit c35a7d375e.
This commit is breaking SPL on zc706.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Patrice Chotard <patrice.chotard@st.com> [on STM32F746-disco]
These are needed for the 2018 version of Chromium OS vboot. Add an
implementation for TPM v1, with v2 to come later.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this file uses logging but it should use the new macros. Update
it and add a log message for an error.
Signed-off-by: Simon Glass <sjg@chromium.org>
In some cases (e.g. sandbox with verified boot) it is useful to support
libfdt in TPL. Update the Kconfig to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this option applies to SPL, but it should be available in TPL
also, and separately. Change to using CONFIG_IS_ENABLED(), add a new
Kconfig option and fix up hang().
Signed-off-by: Simon Glass <sjg@chromium.org>
This is the PR for SPI-NAND changes along with few spi changes.
[trini: Re-sync changes for ls1012afrwy_qspi*_defconfig]
Signed-off-by: Tom Rini <trini@konsulko.com>
Converts fdtdec_setup_memory_banksize() to use ofnode functions instead.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Create the handle of loaded images and the EFI_LOADED_IMAGE_PROTOCOL
inside efi_setup_loaded_image(). Do not use local variables.
Currently we expect the loaded image handle to point to the loaded image
protocol. Additionally we have appended private fields to the protocol.
With the patch the handle points to a loaded image object and the private
fields are added here. This matches how we handle the net and the gop
object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI selftest does not succeed on Sandbox yet. The network support
seems to need some love to actually make our current tests succeed.
So let's disable running the selftest on sandbox for now until "make
tests" just works. Then we can have more amazing CI than ever.
Signed-off-by: Alexander Graf <agraf@suse.de>
Since GRUB patch d0c070179d4d ("arm/efi: Switch to arm64 linux loader",
2018-07-09) we do not need a workaround for GRUB on 32bit ARM anymore.
So let's eliminate function efi_exit_caches().
This will require Linux distributions to update grub-efi-arm to the GRUB
git HEAD (a tag containing the aforementioned GRUB patch is not available
yet).
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
ascii2unicode() always ends the u16 string with '\0'.
Remove redundant assignment.
Add description for efi_str_to_u16() and ascii2unicode().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Currently we assign a lot of protocols to loaded images though
these protocols are not related to them. Instead they should be
installed on a separate handle. Via the device path it is the
parent to the devices like the network adapter.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
In efi_get_variable() a string is longer than the allocated space which
results in overwriting the linked list of malloc().
The prefixes used for variables are 41 characters long, e.g.
efi_67029eb5-0af2-f6b1-da53-fcb566dd1ce6_
Change PREFIX_LEN to 41.
Fixes: faff21556748 ("efi_loader: remove limit on variable length")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Convert the function descriptions to Sphinx style.
efi_driver_init() is cCalled by efi_init_obj_list().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Not all terminals understand CSI [18t for querying the console size.
We should adhere to escape sequences documented in the console_codes
manpage and the ECMA-48 standard.
So here we follow a different approach. We position the cursor to the
bottom right and query its position. Before leaving the function we
restore the original cursor position.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently do not combine memory entries that are adjacent and have
the same attributes. The problem with that is that our memory map can
easily grow multiple hundreds of entries in a simple UEFI Shell
environment.
So let's make sure we always combine all entries to make the memory
map as small as possible. That way every other piece of code that
loops through it should also gain some nice speed ups.
Signed-off-by: Alexander Graf <agraf@suse.de>
gcc 4.8.4 wants to see all levels of braces when initializing a
structure to zeros.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not check parameter file twice.
We should check parameter new_handle.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
For the VT102 and the Linux console the left upper corner is [1, 1].
EFI uses [0, 0] as left upper corner.
Check parameters of the SetCursorPosition() service.
Use CSI H like EDK2 for positioning.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
efi_file_getinfo() is called with a GUID. In EFI_ENTRY use %pUl as
format type. This way the GUID is printed in debug mode.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should not directly cast between pointers and addresses since it breaks
sandbox. Fix this and simplify the code in file_read().
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This allows this feature to build within sandbox. This is useful for
testing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec requires that attributes are only set for when
EFI_FILE_MODE_CREATE is set in open_mode.
The SCT tries to read a directory with EFI_FILE_DIRECTORY.
As EDK2 allows this we should not be more strict.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use a key notification function to leave the
EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement registering and unregistreing key notify functions in the
EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for the EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Support modifiers for F1 - F4.
Add support for letters with ALT key.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch implements the EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL.
The implementation of notification functions is postponed to a later
patch.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should test the WaitForKey event.
Testing for EFI_NOT_READY can be done after resetting the console.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Preread the next key in the console timer event.
The EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL requires to trigger registered key
notification functions based on the prefetched key.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Move reusable utility functions to efi_selftest_util.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Up to now the EFI_TEXT_INPUT_PROTOCOL only supported ASCII characters.
With the patch it can consume UTF-8 from the console.
Currently only the serial console and the console can deliver UTF-8.
Local consoles are restricted to ASCII.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
'Delete' will be implemented here by calling fs_unlink() which relies on
underlying file system's implementation.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
In efi world, there is no obvious "mkdir" interface, instead, Open()
with EFI_FILE_MODE_CREATE in mode parameter and EFI_FILE_DIRECTORY
in attributes parameter creates a directory.
In this patch, efi_file_open() is extended so as to accept such
a combination of parameters and call u-boot's mkdir interface for
expected action.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
%s/efi_simple_input_interface/efi_simple_text_input_protocol/
We should be consistent in the naming of the EFI protocol interface
structures. The protocol is called EFI_SIMPLE_TEXT_INPUT_PROTOCOL.
%s/ExtendedVerification/extended_verification/
Use consistent naming of function parameters. Do not use CamelCase.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for the EFI_UNICODE_COLLATION_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The patch implements the EFI_UNICODE_COLLATION_PROTOCOL.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide functions for upper and lower case conversion.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We register the console in/out protocol on the loaded image handle, but
never tell anyone about it in the systab.
Because of this Shell.efi can not find the input protocol. So let's add
a proper reference.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We have moved generating html documentation with Sphinx.
%s/Return Value/Return/g
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit ccfc78b820.
Now that the underlying issue is fixed, we can revert the revert and hence
restore the original EFI code.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The length of a string printed to the console by the
EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL is not limited by the UEFI spec.
Hence should not allocate a buffer for it on the stack.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI spec does not provide a length limit for variables.
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The width and precision of the printf() function refer to the number of
characters not to the number of bytes printed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
utf8_get() - get next UTF-8 code point from buffer
utf8_put() - write UTF-8 code point to buffer
utf8_utf16_strnlen() - length of a utf-8 string after conversion to utf-16
utf8_utf16_strncpy() - copy a utf-8 string to utf-16
utf16_get() - get next UTF-16 code point from buffer
utf16_put() - write UTF-16 code point to buffer
utf16_strnlen() - number of codes points in a utf-16 string
utf16_utf8_strnlen() - length of a utf-16 string after conversion to utf-8
utf16_utf8_strncpy() - copy a utf-16 string to utf-8
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function names utf16_strlen() and utf16_strnlen() are misnomers.
The functions do not count utf-16 characters but non-zero words.
So let's rename them to u16_strlen and u16_strnlen().
In utf16_dup() avoid assignment in if clause.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Using CONFIG_IS_ENABLED(EFI_LOADER) allows to simply the #if statements.
Suggested-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The fs_read() function wants to get an address rather than the
pointer to a buffer.
So let's convert the passed buffer from pointer back a the address
to make efi_loader on sandbox happier.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Verify that the loaded image protocol is installed on the image handle.
Verify that the loaded image protocol points to the system table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The system table must be passed as a pointer in the loaded image
protocol.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove memory leak in efi_selftest_manageprotocols.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
While 1kB or 1kiB will be parsed correctly, 1k will return the right
amount, but the metric suffix will not be escaped once the char
pointer updated. Fix this situation by simplifying the move of the
endp pointer.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Both ustrtoul and ustrtoull interpret 1k but not 1m or 1g. Even if the
SI symbols for Mega and Giga are 'M' and 'G', certain entries of
eg. mtdparts also use (wrongly) the metric prefix 'm' and 'g'.
I do not see how parsing lowercase prefixes could break anything, so
parse them like their uppercase counterpart.
Also, even though kiB is not equal to kB in general, lets not change
U-Boot behavior and always use kiB and kB (same applies for MiB vs. MB
and GiB vs. GB) as a representation for 1024 instead of 1000.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Stefan Roese <sr@denx.de>
In int-ll64.h, we always use the following typedefs:
typedef unsigned int u32;
typedef unsigned long uintptr_t;
typedef unsigned long long u64;
This does not need to match to the compiler's <inttypes.h>.
Do not include it.
The use of PRI* makes the code super-ugly. You can simply use
"l" for printing uintptr_t, "ll" for u64, and no modifier for u32.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The get_next_memory_node() always sets mem to -1 , which is incorrect,
because then every iteration of memory bank parsing will start from the
first memory bank instead of the previous one.
On systems with 1 memory bank defined in DT and CONFIG_NR_DRAM_BANKS=4 ,
like ie. r8a77965-salvator-x , this will result in U-Boot incorrectly
reporting four identical memory banks with the same memory configuration.
Fix this by setting mem to startoffset value, which restores the behavior
before the fixed patch was applied.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Fixes: 452bc12102 ("fdt: fix fdtdec_setup_memory_banksize()")
Tested-by: Michal Simek <michal.simek@xilinx.com> [on ZynqMP}
In Linux, the memory returned by kmalloc() is DMA-capable.
However, it is not true in U-Boot.
At a glance, kmalloc() in U-Boot returns address aligned with
ARCH_DMA_MINALIGN. However, it never pads the allocated memory.
This half-way house is completely useless because calling kmalloc()
and malloc() in this order causes a cache sharing problem.
Change the implementation to call malloc_cache_aligned(), which
allocates really DMA-capable memory.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This updates the EFI stub codes to pass UEFI BIOS's system table
address to U-Boot payload so that U-Boot can utilize it.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Exit with AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_ARGUMENT
when hashtree_error_mode value passed to avb_append_options()
is unknown (not from AvbHashtreeErrorMode enum).
Otherwise, default value is not handled in the
switch(hashtree_error_mode), which causes below compile warning:
lib/libavb/avb_cmdline.c: In function ‘avb_append_options’:
lib/libavb/avb_cmdline.c:354:13: warning: ‘dm_verity_mode’ may be used uninitialized in this function [-Wmaybe-uninitialized]
new_ret = avb_replace(
~~~~~~~~^~~~~~~~~~~~~~
slot_data->cmdline, "$(ANDROID_VERITY_MODE)", dm_verity_mode);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/libavb/avb_cmdline.c:363:8: warning: ‘verity_mode’ may be used uninitialized in this function [-Wmaybe-uninitialized]
if (!cmdline_append_option(
^~~~~~~~~~~~~~~~~~~~~~
slot_data, "androidboot.veritymode", verity_mode)) {
Signed-off-by: Ievgen Maliarenko <ievgen.maliarenko@globallogic.com>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Starting with commit 867a6ac86d ("efi: Add start-up library code"),
sparse constantly complains about truncated constant value in efi.h:
include/efi.h:176:35: warning: cast truncates bits from constant value (8000000000000000 becomes 0)
This can get quite noisy, preventing real issues to be noticed:
$ make defconfig
*** Default configuration is based on 'sandbox_defconfig'
$ make C=2 -j12 2>&1 | grep truncates | wc -l
441
After the patch is applied:
$ make C=2 -j12 2>&1 | grep truncates | wc -l
0
$ sparse --version
v0.5.2
Following the suggestion of Heinrich Schuchardt, instead of only
fixing the root-cause, I replaced the whole enum of _SHIFT values
by ULL defines. This matches both the UEFI 2.7 spec and the Linux
kernel implementation.
Some ELF size comparison before and after the patch (gcc 7.3.0):
efi-x86_payload64_defconfig:
text data bss dec hex filename
407174 29432 278676 715282 aea12 u-boot.old
407152 29464 278676 715292 aea1c u-boot.new
-22 +32 0 +10
efi-x86_payload32_defconfig:
text data bss dec hex filename
447075 30308 280076 757459 b8ed3 u-boot.old
447053 30340 280076 757469 b8edd u-boot.new
-22 +32 0 +10
Fixes: 867a6ac86d ("efi: Add start-up library code")
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the reset service of the EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL.
This should resolve the error reported by the SCT in
Protocol/SimpleTextOut/BlackBoxTest/SimpleTextOutBBTestFunction_uefi.c:639
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI specification mandates that the create flag is only used in
conjunction with both the read and the write flag.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The crc32 of the runtime services table must be updated after detaching.
efi_update_table_header_crc32() must be __efi_runtime. So move it to
efi_runtime.c
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The function crc32() is needed by the EFI subsystem at runtime. So it has
to be linked into the runtime section together with all dependencies.
Eliminate empty defines local and ZEXPORT.
Mark variables as static which are not exported.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
We should only dereference parameter memory_map_size after checking that
it is valid.
Fixes: 8e835554b3 ("efi_loader: check parameters of GetMemoryMap")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The commit 21b3edfc96 ("efi_loader: check parameters of CreateEvent")
enforces a strict parameter check at CreateEvent(). On the other hand,
UEFI specification version 2.7, section 7.1, says:
The EVT_NOTIFY_WAIT and EVT_NOTIFY_SIGNAL flags are exclusive. If
neither flag is specified, the caller does not require any notification
concerning the event and the NotifyTpl, NotifyFunction, and
NotifyContext parameters are ignored.
So the check should be mitigated so as to comply with the specification.
Without this patch, EDK2's Shell.efi won't be started.
Fixes: 21b3edfc96 ("efi_loader: check parameters of CreateEvent")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
When applying a virtual memory map we have to update the pointer to the
list of configuration tables.
Fixes: 4182a129ef ("efi_loader: allocate configuration table array")
Reported-by: Mark Kettenis <mark.kettenis@xs4all.nl>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit aa909462d0. This change
caused "dhcp filename" to crash the system on p2371-2180 (Jetson TX1), for
example when running test/py.
Reverting this change isn't optimal, but at least restores TX1 to a working
state. In the future, we should:
a) Fix whatever problem causes the crash with this patch applied. This
needs further discussion, so isn't something we can immediately do.
b) Undo the revert; re-apply the original patch to efi_allocate_pages.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Fixes the following checkstyle warning:
WARNING: Missing a blank line after declarations
+ int tmp = smbios_write_funcs[i]((ulong *)&addr, handle++);
+ max_struct_size = max(max_struct_size, tmp);
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fixes the following chechpatch -f error:
ERROR: "(foo*)" should be "(foo *)"
+ strncpy((char*)t->uuid, serial_str, sizeof(t->uuid));
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Highlights this time:
- Many small fixes to improve spec compatibility (found by SCT)
- Almost enough to run with sandbox target
- GetTime() improvements
- Enable EFI_LOADER and HYP entry on ARMv7 with NONSEC=y
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJbWHUwAAoJECszeR4D/txgKlUP/3Lu6pxScwzL7TsSD6OFZQ6M
qQq2FH89XOA6/3r04RXrJZoHwOKIH5uj7ea6FlitpS1sQ4UOCQhp/lJJuJennHHj
+veeuzI1sKTCX8Kd9ptrZDEF3G8lbF/zSyCFa1MOd1ONDVsTgSO9fOGmiqcC9FBF
UrUH7dzXlE2CWs/mv/UikCBI7rYF+NOFJNuwHVXfsW4PyQ/7uaNsa7Rl3mXYb/Lr
gjdcJkeHZAmFv/r84tGS9AFv+m0So9AGEYD7MeQDt02hSOuH9/nu4HgPmiwln3Fn
3sFA3+daMrlFNi6kFw10S0sjKz94nN+Arm6cIXlvGaoc/wnPM2wEcKOSiXhzVM8d
CoP/26N/ETRoI9P01C2WyTrKjo0O0aFwp3ubfmmbdcaKr/pyjAJgb3BnqXBfAr7T
OjsE086jtHzdyKYKXDIz8+ZxSo4VsiDjBzDK7LVA0L5KtqAFFa+OYjlgEMJnQCk3
YJfj+rhxfpjzFI7x5BAgq0q3XQRvAJS8QcUq+V2todQ3JkUlCIaVUNQLWAfNJN0q
ze/WR8l4nwj5YFo8XiEbFHpQi/1bkR6cSzyjlBKUqrtHUUEu32vWlzZpNi6HzPMq
cP7gehboFlcCSr8T2UMjBTE1LWI35eWNQQoiNRrS2UVcTH9h1vXMFV9PT+I82BBl
ivJ+YwF9nU1JdS8CG3n7
=ePTT
-----END PGP SIGNATURE-----
Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot
Patch queue for efi - 2018-07-25
Highlights this time:
- Many small fixes to improve spec compatibility (found by SCT)
- Almost enough to run with sandbox target
- GetTime() improvements
- Enable EFI_LOADER and HYP entry on ARMv7 with NONSEC=y
fdt_fixup_mtdparts() calls mtdparts_init() and device_find(),
which are defined in cmd/mtdparts.c
The combination of FDT_FIXUP_PARTITIONS=y and CMD_MTDPARTS=n
emits the following link error:
common/fdt_support.c:903: undefined reference to `mtdparts_init'
common/fdt_support.c:914: undefined reference to `device_find'
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Prior to this patch is fdtdec_setup_memory_banksize() incorrectly
ignoring the "status" field. This patch fixes that by testing the status
with fdtdec_get_is_enabled() before using a memory node.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
if_type is not correctly initialized
Failure to initialize if_type means that grub2/efinet sends
a bogus arp request. It therefore gets no response. On Raspberry Pi 3B+
this leads to a pause at:
lan78xx_eth Waiting for PHY auto negotiation to complete....... done
lan78xx_eth Waiting for PHY auto negotiation to complete....... done
Signed-off-by: Andrew Thomas <andrew.thomas@oracle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Provide a unit test for the GetTime() runtime service.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Allow specifying the precision when printing integers, e.g.
efi_st_printf("%.4u-%.2u-%.2u\n", year, month, day);
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the missing parts of the GetTime() runtime service.
Fill seconds.
Fill daylight saving time flag correctly.
Provide dummy values for capabilities.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove unused function efi_get_time_init().
Initialization of the RTC has to be done in board bring up not in the EFI
subsystem.
There is no RTC device in the UEFI spec. The RTC is only accessed through
the runtime services.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
This unit test checks the CalculateCrc32 bootservice and checks the
headers of the system table, the boot services tablle, and the runtime
services table before and after ExitBootServices().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
InstallConfigurationTable() may change the number of installed
configuration tables.
Check the crc32 of the system table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
If the number of installed tables is changed in
InstallConfigurationTable() update the crc32 of the system table.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Use const for the buffer. We are not changing the buffer.
Use efi_uintn_t where prescribed by the UEFI spec.
Prefer u32 over uint32_t.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for InstallConfigurationTable().
A table is installed, updated, removed. The table entry and the
triggering of events is checked.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The system table contains a link to the list of configurations tables.
These include the device tree, SMBIOS table, and the ACPI table.
This array is currently statically linked. With the patch it is allocated
as EFI_RUNTIME_SERVICES_DATA. Due to the structure of the system table we
cannot work with a linked list here.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
For the boot and runtime services tables and for the system table the
crc32 has to be set in the header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a firmware revision in the system table using the Makefile
variables VERSION and PATCHLEVEL, e.g. 0x20180700 for v2018.07.
Correct the type of the firmware vendor. It is a u16* pointer.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The headersize field has to be set to the size of the whole table
including the header.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Both in the boot and the runtime services tables we have to specify the
UEFI spec revision. The same value is already used for the system
table. So let's use a common constant.
In the boot services table we have to provide the header signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
After clearing the screen the cursor position is row 0, column 0.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Implement the reset service of the EFI_SIMPLE_TEXT_INPUT_PROTOCOL.
This should resolve the error reported by the SCT in
Protocol/SimpleTextIn/BlackBoxTest/SimpleTextInBBTestFunction.c:193
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The revision number has to be set in the loaded image protocol.
The problem was detected by running the SCT in
Protocol/LoadedImage/BlackBoxTest/LoadedImageBBTestMain.c:890
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Set the DM_FLAG_NAME_ALLOCED flag to avoid a memory leak when the block
device is removed.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Provide a unit test for writing to a FAT file system.
Add some additional comments in block device unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The UEFI spec requires that the memory map key is checked in
ExitBootServices().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Check the parameters of boottime service GetMemoryMap().
Return EFI_INVALID_PARAMETER where required by the UEFI spec.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Rigorously check the TPL level and the event type.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Fix the 'amp' typo, expand on what 'steps' is and fix a few other minor
things.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present a NULL pointer passed to printf for a %pU argument will cause
U-Boot to access memory at 0. Fix this by adding a check, and print
"(null)" instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
[agraf: s/(null)/<NULL>/]
Signed-off-by: Alexander Graf <agraf@suse.de>
We currently expose host addresses in the EFI memory map. That can be
bad if we ever want to use sandbox to boot strap a real kernel, because
then the kernel would fetch its memory table from our host virtual address
map. But to make that use case work, we would need to have full control
over the address space the EFI application sees.
So let's expose only U-Boot addresses to the guest until we get to the
point of allocation. EFI's allocation functions are fun - they can take
U-Boot addresses as input values for hints and return host addresses as
allocation results through the same uint64_t * parameter. So we need to
be extra careful on what to pass in when.
With this patch I am successfully able to run the efi selftest suite as
well as grub.efi on aarch64.
Signed-off-by: Alexander Graf <agraf@suse.de>
With sandbox the U-Boot code is not mapped into the sandbox memory range
so does not need to be excluded when allocating EFI memory. Update the EFI
memory init code to take account of that.
Signed-off-by: Simon Glass <sjg@chromium.org>
[agraf: Remove map_sysmem() call and header reference]
Signed-off-by: Alexander Graf <agraf@suse.de>
Now that elf.h contains relocation defines for all architectures
we care about, let's just include it unconditionally and refer to
the defines.
Signed-off-by: Alexander Graf <agraf@suse.de>
Thanks to CONFIG_SANDBOX, we can not rely on config options to tell us
what CPU architecture we're running on.
The compiler however does know that, so let's just move the ifdefs over
to compiler based defines rather than kconfig based options.
Signed-off-by: Alexander Graf <agraf@suse.de>
Varargs differ between sysv and ms abi. On x86_64 we have to follow the ms
abi though, so we also need to make sure we use x86_64 varargs helpers.
This patch introduces generic efi vararg helpers that adhere to the
respective EFI ABI. That way we can deal with them properly from efi
loader code and properly interpret variable arguments.
This fixes the InstallMultipleProtocolInterfaces tests in the efi selftests
on x86_64 for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
In the sandbox environment we can not easily build efi stub binaries
right now, so let's disable the respective test cases for the efi
selftest suite.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
When running on the sandbox the stack is not necessarily at a higher memory
address than the highest free memory.
There is no reason why the checking of the highest memory address should be
more restrictive for EFI_ALLOCATE_ANY_PAGES than for
EFI_ALLOCATE_MAX_ADDRESS.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
[agraf: use -1ULL instead]
Signed-off-by: Alexander Graf <agraf@suse.de>
We try hard to make sure that SMBIOS tables live in the lower 32bit.
However, when we can not find any space at all there, we should not
error out but instead just fall back to map them in the full address
space instead.
This can for example happen on systems that do not have any RAM mapped
in the lower 32bits of address space. In that case having any SMBIOS
tables at all is better than having none.
Signed-off-by: Alexander Graf <agraf@suse.de>
The EFI image loader tries to determine which target architecture we're
working with to only load PE binaries that match.
So far this has worked based on CONFIG defines, because the target CPU
was always indicated by a config define. With sandbox however, this is
not longer true as all sandbox targets only encompass a single CONFIG
option and so we need to use compiler defines to determine the CPU
architecture.
Signed-off-by: Alexander Graf <agraf@suse.de>
This reverts commit c524997acb.
Booting ARMv7 in non-secure mode using bootefi works now.
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
The following generated files should be ignored by git:
efi_miniapp_file_image_exit.h
efi_miniapp_file_image_return.h
*.so files are normally deleted during the build but should be
ignored too.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
The length returned by hexport_r has a few redundant characters.
This appears as NULL characters at the end so seems harmless.
Remove the surplus counts in two places
totlen += strlen(ep->key) + 2;
I'm guessing the +2 here is for = and sep char. But there is another
totlen += 2; line that does that.
size = totletn + 1;
Doesn't make sense and isn't justified with any comment.
Signed-off-by: Zubair Lutfullah Kakakhel <zubair@resin.io>
The Linux kernel moved to sphinx-based documentation and got rid of the
DocBook based documentation quite a while ago. Hence, the DocBook
documentation for U-Boot should be converted as well.
To achieve this, import the necessary files from Linux v4.17, and
convert the current DocBook documentation (three files altogether) to
sphinx/reStructuredText.
For now, all old DocBook documentation was merged into a single
handbook, tentatively named "U-Boot Hacker Manual".
For some source files, the documentation style was changed to comply
with kernel-doc; no functional changes were applied.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
When vars are passed to the himport_r function with H_NOCLEAR flag,
those vars will be overridden in the current environment and if one of
those vars is not in the imported environment, it'll be deleted in the
current environment whatever the flag passed to himport_r.
The H_NOCLEAR flag is used to clear the whole environment whether vars
are passed to the function or not.
This leads to incoherent behaviour. If one passes vars to himport_r
with the H_NOCLEAR flag, if a var in vars is not in the imported env,
that var will be removed from the current env.
If one passes vars to himport_r without the H_NOCLEAR flag, the whole
environment will be removed and vars will be imported from the
environment in RAM.
It makes more sense to keep the variable that is in the current
environment but not in the imported environment if the H_NOCLEAR flag is
set and remove only that variable if the H_NOCLEAR flag is not set.
Let's clear the whole environment only if H_NOCLEAR and vars are not
passed to himport_r.
Let's remove variables that are in the current environment but not in
the imported env only if the H_NOCLEAR flag is not passed.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Quentin Schulz <quentin.schulz@bootlin.com>
This patch renames the routine fdtdec_setup_memory_size()
to fdtdec_setup_mem_size_base() as it now fills the
mem base as well along with size.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This patch updates the ram_base to store the start address of
the first bank DRAM and the use this ram_base to calculate ram_top
properly. This patch fixes the erroneous calculation of ram_top
incase of non zero ram start address.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This patch basically adds two new commands for loadig secure
images.
1. zynq rsa adds support to load secure image which can be both
authenticated or encrypted or both authenticated and encrypted
image in xilinx bootimage(BOOT.bin) format.
2. zynq aes command adds support to decrypt and load encrypted
image back to DDR as per destination address. The image has
to be encrypted using xilinx bootgen tool and to get only the
encrypted image from tool use -split option while invoking
bootgen.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Add support for loading U-Boot on the Broadcom 7445 SoC. This port
assumes Broadcom's BOLT bootloader is acting as the second stage
bootloader, and U-Boot is acting as the third stage bootloader, loaded
as an ELF program by BOLT.
Signed-off-by: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Cc: Stefan Roese <sr@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Support a default memory bank, specified in reg, as well as
board-specific memory banks in subtree board-id nodes.
This allows memory information to be provided in the device tree,
rather than hard-coded in, which will make it simpler to handle
similar devices with different memory banks, as the board-id values
or masks can be used to match devices.
Signed-off-by: Michael Pratt <mpratt@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
ACPI tables can be passed via EFI configuration table to an EFI
application. This is only supported on x86 so far.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present the number of configuration tables is set to 2. By
looking at which tables the Linux EFI stub or iPXE can process,
it looks 16 is a reasonable number.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The use_uart assignment should follow immediately after the call to
exit_boot_services(), in case we want some debug output after that.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently efi.h determines a few bits of its environment according to
config options. This falls apart with the efi stub support which may
result in efi.h getting pulled into the stub as well as real U-Boot
code. In that case, one may be 32bit while the other one is 64bit.
This patch changes the conditionals to use compiler provided defines
instead. That way we always adhere to the build environment we're in
and the definitions adjust automatically.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
[bmeng: added some comments to describe the __x86_64__ check]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We store pixels as BGRA in memory, as can be seen from struct efi_gop_pixel.
So we need to expose the same format to UEFI payloads to actually have them
use the correct colors.
Reported-by: Fabian Vogt <fvogt@suse.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
