Commit graph

66893 commits

Author SHA1 Message Date
Adam Ford
5f1600e03e README: davinci: Clarify when SPL is used and the target devices.
The documentation states that SPL is enabled in all config options
for the da850.  This incorrect, because devices booting from NOR
do not need the SPL to do the low level initializion because when
booting from NOR, the board is able to execute in place (XIP)

This also clarifies that SPL isn't only used for booting from SPI,
because it is also used for booting from MMC and NAND for those
devices supporting those boot options.

Signed-off-by: Adam Ford <aford173@gmail.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
3f09ebfbde arm: dts: k3-am65: Sync CPSW DT node from kernel
Sync CPSW DT node from kernel and move it out of -u-boot.dtsi file.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
aeeca07a80 arm: dts: k3-j721e: Sync CPSW DT node from kernel
Sync CPSW DT node from Kernel and move it out of -u-boot.dtsi file.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
84228940c3 net: ti: am65-cpsw-nuss: Update driver to use kernel DT
Kernel DT has CPSW ports under ethernet-ports subnode. Update the driver
to look for the same.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
9eab6fd526 net: ti: am65-cpsw-nuss: Set ALE default thread enable
Force default thread to be used for RX as ALE is anyways set to Bypass
mode.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
cf9b9942bf net: ti: am65-cpsw-nuss: Remove dead code
MDIO node is not referenced further, therefore drop the dead code.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
ddcf5318af dma: ti: k3-udma: Switch to k3_ringacc_request_rings_pair
We only request ring pairs via K3 DMA driver, switch to use the new
k3_ringacc_request_rings_pair() to simplify the code.

As a good side effect, all boot stages now use exposed RING mode which
avoid maintaining proxy mode for 32 bit R5 core.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
7be5121719 dma: ti: k3-udma: Move RX descriptor ring entries to rflow struct
In K3 UDMA architecture, RX rings are associated with RX flows rather
than RX channels, therefore move the ring pointers to udma_rflow struct

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
af374c24d9 dma: ti: k3-udma: Introduce udma_chan_config struct
Encapsulate channel configuration in a separate struct so as to ease
resetting of these fields with memset() and also to increase readability
of the code.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
b3f95997ce soc: ti: k3-ringacc: Separate soc specific initialization
In preparation of adding more K3 SoCs, separate soc specific
initialization add a SoC specific initialization hook.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
5d25784998 soc: ti: k3-ringacc: Add an API to request pair of rings
Add new API k3_ringacc_request_rings_pair() to request pair of rings at
once, as in the most case Rings are used with DMA channels which required
to request pair of rings - one to feed DMA with descriptors (TX/RX FDQ) and
one to receive completions (RX/TX CQ). This will allow to simplify Ringacc
API users.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
db08a1df43 soc: ti: k3-ringacc: Move state tracking variables under a struct
Move the free, occ, windex and rinfex under a struct.
We can use memset to zero them and it will allow a cleaner way to extend
the variables for duplex rings.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
99faf0df04 arm: dts: k3-am65/j721e: Sync DMA DT bindings from Kernel DT
Sync DT bindings from kernel DT and move them to out of -u-boot.dtsi
files.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
5c92fffab2 dma: ti: k3-udma: Update driver to use static endpoint Data
Update driver to use static PSIL endpoint Data instead of DT. This will
allow DT bindings to be in sync with kernel's DT.

Note that this patch breaks networking and OSPI boot as driver changes
are not backward compatible with existing DT. Subsequent commit will
update the DT to make it compatible with updated driver.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>
2020-07-13 20:58:34 +05:30
Vignesh Raghavendra
53b04c6c09 dma: ti: Add static PSIL endpoint information
Much of PSIL endpoint configuration for a given SoC can be known at
compile time, therefore pass them for platform specific data instead of
DT.

Add per SoC's specific PSIL endpoint data. This is to bring driver in
sync with upstream DT.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com>
2020-07-13 20:58:34 +05:30
Tom Rini
497c7598c4 Merge branch 'master' of https://gitlab.denx.de/u-boot/custodians/u-boot-spi
- Enable DM_SPI on siemens omap boards (Jagan)
- Dropped some non-dm supported omap3 boards (Jagan)
- Dropped non-dm code in omap3 spi driver (Jagan)
- Dropped non-dm code in kirkwood spi driver (Bhargav)
2020-07-11 17:40:00 -04:00
Heinrich Schuchardt
4a3155de3d efi_selftest: adjust runtime test for variables
As variable services are available at runtime we have to expect EFI_SUCCESS
when calling the services.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
b02a707152 efi_loader: enable UEFI variables at runtime
Enable UEFI variables at runtime.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
ab7296c99c efi_loader: use memory based variable storage
Saving UEFI variable as encoded U-Boot environment variables does not allow
implement run-time support.

Use a memory buffer for storing UEFI variables.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
f1f990a8c9 efi_loader: memory buffer for variables
Saving UEFI variable as encoded U-Boot environment variables does not allow
support at runtime.

Provide functions to manage a memory buffer with UEFI variables.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
b0dd8cb407 efi_loader: new function efi_memcpy_runtime()
Provide a memcpy() function that we can use at UEFI runtime.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
724d28171e efi_loader: optional pointer for ConvertPointer
If the EFI_OPTIONAL_PTR is set in DebugDisposition, a NULL pointer does not
constitute an invalid parameter.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
a44d2a2399 efi_loader: export efi_convert_pointer()
We need ConvertPointer() to adjust pointers when implementing  runtime
services within U-Boot.

After ExitBootServices() gd is not available anymore. So we should not use
EFI_ENTRY() and EFI_EXIT().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
5f7dcf079d efi_loader: UEFI variable persistence
Persist non-volatile UEFI variables in a file on the EFI system partition.

The file is written whenever a non-volatile UEFI variable is changed after
initialization of the UEFI sub-system.

The file is read during the UEFI sub-system initialization to restore
non-volatile UEFI variables.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
198bf6418e efi_loader: secure boot flag
In audit mode the UEFI variable SecureBoot is set to zero but the
efi_secure_boot flag is set to true.

The efi_secure_boot flag should match the UEFIvariable SecureBoot.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
55a830560e efi_loader: read-only AuditMode and DeployedMode
Set the read only property of the UEFI variables AuditMode and DeployedMode
conforming to the UEFI specification.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
fd7b6730ab efi_loader: value of VendorKeys
According to the UEFI specification the variable VendorKeys is 1 if the
"system is configured to use only vendor-provided keys".

As we do not supply any vendor keys yet the variable VendorKeys must be
zero.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
37fa7cb045 efi_loader: keep attributes in efi_set_variable_int
Do not change the value of parameter attributes in function
efi_set_variable_int(). This allows to use it later.

Do not use variable attr for different purposes but declare separate
variables (attr and old_attr).

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
dda8c7163a efi_loader: simplify boot manager
Simplify the implementation of the UEFI boot manager:

* avoid EFI_CALL for SetVariable() and GetVariable()
* remove unnecessary type conversions

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:17 +02:00
Heinrich Schuchardt
dc90e5c491 efi_loader: OsIndicationsSupported, PlatformLangCodes
UEFI variables OsIndicationsSupported, PlatformLangCodes should be read
only.

Avoid EFI_CALL() for SetVariable().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
01df8cf336 efi_loader: separate UEFI variable API from implemementation
Separate the remaining UEFI variable API functions GetNextVariableName and
QueryVariableInfo() from internal functions implementing them.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
2a79c352ca efi_loader: display RO attribute in printenv -e
Let the 'printenv -e' command display the read only flag.
If the variable is time authenticated write the time stamp.

Avoid EFI_CALL() when calling SetVariable() and GetVariable().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
f2d2b3a11c efi_loader: prepare for read only OP-TEE variables
We currently have two implementations of UEFI variables:

* variables provided via an OP-TEE module
* variables stored in the U-Boot environment

Read only variables are up to now only implemented in the U-Boot
environment implementation.

Provide a common interface for both implementations that allows handling
read-only variables.

As variable access is limited to very few source files put variable
related definitions into new include efi_variable.h instead of efi_loader.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
5a8d1f60b2 fs/fat: reduce data size for FAT_WRITE
Allocated tmpbuf_cluster dynamically to reduce the data size added by
compiling with CONFIG_FAT_WRITE.

Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
a27c78fddb efi_loader: NULL dereference in efi_convert_pointer
Avoid a possible NULL pointer dereference in efi_convert_pointer().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
1047c6e23c efi_loader: fix efi_get_child_controllers()
Don't call calloc(0, ..).
Consider return value of efi_get_child_controllers().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
39a75f5af1 efi_loader: wrong printf format in efi_image_parse
Commit 1b6c08548c ("efi_loader: image_loader: replace debug to
EFI_PRINT") leads to a build warning on 32bit systems:

lib/efi_loader/efi_image_loader.c: In function ‘efi_image_parse’:
include/efi_loader.h:123:8: warning: format ‘%lu’ expects argument
of type ‘long unsigned int’, but argument 8 has
type ‘size_t’ {aka ‘unsigned int’} [-Wformat=]

Use %zu for printing size_t.

Fixes: 1b6c08548c ("efi_loader: image_loader: replace debug to
EFI_PRINT")

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Ilias Apalodimas
ecb833a0c6 efi_loader: cleanup for tee backed variables
There's 2 variables in efi_get_next_variable_name() checking the size of
the variable name. Let's get rid of the reduntant definition and
simplitfy the code a bit.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
491bfe8606 lib: rsa: export rsa_verify_with_pkey()
This function will be used to implement public_key_verify_signature()
in a later patch. rsa_verify() is not suitable here because calculation
of message digest is not necessary.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
53ce9a6ed9 test: use virt-make-fs to build image
Avoid sudo for test/py/tests/test_efi_secboot by using virt-make-fs.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
7fdc02b3d7 test/py: efi_secboot: add a test for verifying with digest of signed image
Signature database (db or dbx) may have not only certificates that contain
a public key for RSA decryption, but also digests of signed images.

In this test case, if database has an image's digest (EFI_CERT_SHA256_GUID)
and if the value matches to a hash value calculated from image's binary,
authentication should pass in case of db, and fail in case of dbx.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>

Use defined time stamps for sign-efi-sig-list.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
0c7772d40f test/py: efi_secboot: add a test for multiple signatures
In this test case, an image is signed multiple times with different
keys. If any of signatures contained is not verified, the whole
authentication check should fail.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>

Provide a defined time stamp for dbx_hash1.auth.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
c6361e73b5 test/py: efi_secboot: add a test against certificate revocation
Revocation database (dbx) may have not only certificates, but also
message digests of certificates with revocation time
(EFI_CERT_X509_SHA256_GUILD).

In this test case, if the database has such a digest and if the value
matches to a certificate that created a given image's signature,
authentication should fail.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>

Set defined time stamp for dbx_hash.auth.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
48ead6097b test/py: efi_secboot: split "signed image" test case-1 into two cases
Split the existing test case-1 into case1 and a new case-2:
case-1 for non-SecureBoot mode; case-2 for SecureBoot mode.

In addition, one corner case is added to case-2; a image is signed
but a corresponding certificate is not yet installed in "db."

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
d863b307e8 test/py: efi_secboot: more fixes against pylint
More fixes against pylint warnings that autopep8 didn't handle
in the previous commit.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
91d2b6216b test/py: efi_secboot: apply autopep8
Python's autopep8 can automatically correct some of warnings from pylint
and rewrite the code in a pretty print format. So just do it.

Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:16 +02:00
AKASHI Takahiro
7926dfb579 efi_loader: image_loader: add digest-based verification for signed image
In case that a type of certificate in "db" or "dbx" is
EFI_CERT_X509_SHA256_GUID, it is actually not a certificate which contains
a public key for RSA decryption, but a digest of image to be loaded.
If the value matches to a value calculated from a given binary image, it is
granted for loading.

With this patch, common digest check code, which used to be used for
unsigned image verification, will be extracted from
efi_signature_verify_with_sigdb() into efi_signature_lookup_digest(), and
extra step for digest check will be added to efi_image_authenticate().

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:15 +02:00
AKASHI Takahiro
11bafb2596 efi_loader: image_loader: verification for all signatures should pass
A signed image may have multiple signatures in
  - each WIN_CERTIFICATE in authenticode, and/or
  - each SignerInfo in pkcs7 SignedData (of WIN_CERTIFICATE)

In the initial implementation of efi_image_authenticate(), the criteria
of verification check for multiple signatures case is a bit ambiguous
and it may cause inconsistent result.

With this patch, we will make sure that verification check in
efi_image_authenticate() should pass against all the signatures.
The only exception would be
  - the case where a digest algorithm used in signature is not supported by
    U-Boot, or
  - the case where parsing some portion of authenticode has failed
In those cases, we don't know how the signature be handled and should
just ignore them.

Please note that, due to this change, efi_signature_verify_with_sigdb()'s
function prototype will be modified, taking "dbx" as well as "db"
instead of outputing a "certificate." If "dbx" is null, the behavior would
be the exact same as before.
The function's name will be changed to efi_signature_verify() once
current efi_signature_verify() has gone due to further improvement
in intermediate certificates support.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:15 +02:00
AKASHI Takahiro
1e64d0b5a4 efi_loader: signature: make efi_hash_regions more generic
There are a couple of occurrences of hash calculations in which a new
efi_hash_regions will be commonly used.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:15 +02:00
AKASHI Takahiro
36b2f9da5c efi_loader: signature: fix a size check against revocation list
Since the size check against an entry in efi_search_siglist() is
incorrect, this function will never find out a to-be-matched certificate
and its associated revocation time in the signature list.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-07-11 23:14:15 +02:00