This series comprises error corrections for the UEFI subsystem:
* correct consideration of timestamps for variable authentication
* correct collection of data regions for code authentication
* correct unit tests to test loading dbx
* enable FAT_WRITE as required by the UEFI spec
The boot manager uses log functions instead of printf() and debug().
The UEFI intialization state is exported.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAl8AQD4ACgkQxIHbvCwF
GsQqpxAAlt+EmomF8I5oUFZ7RwX3XTBXOU2oWlYt2DbkemZvroiGnWu6MC52K/RD
sDdJwvIo+5NuzDbGlPqKB/NjhJ4eF2W+vOIKSey8+iCXhTovmCiqc7DzxUm0Ansi
J0A/fwr3jdqUC1dl4C+ytwxPHQC01kK++8Ln5OptqbM1/DskpF0bspdr2fZG02Gc
ndOPw0WEJYEdNH18rQaW+7fOADXgJzK1VIwMIhqQszGrOO/M7mbyXZDpHG787iOH
smz41YL/2n4ExGsU4hdIQNWDmSJuEIWgB0PEeSiLE29O2m5G8eNfsAmHjRrV9U9p
QEbaREQDxXB1BmlYNr/A2497p5pPfjJGhiPVjuN9vRXCMhbGyh937iOkT0c1TAuu
aJyD5pqPxuGMUjNzO5foINMT97DuqewHoEf/DTmp4AtVzBZC+NzTiO79J94PQc6+
xIDomTIM1WWtPlcMyvZfwUrlX33Gh3yOGBTwnXqS/YSzIQ1mqxoE6rFOZihUYRfz
Rh6vUP8csOEhfm0XXDhwAVTudA53cQbBUOgPLPbS6zxhnvJNWN04zHXatg9unBnw
mH8E30dBote0Make8Kzv53j/ytFL06AA/jgnvDbEOmE4SP7aYGL+oYxryjIPudz8
mngRE2x2zlppXknTrYdnOAjlULxxOA88u0XiNi3uIuVJGtEbrfA=
=wwI2
-----END PGP SIGNATURE-----
Merge tag 'efi-2020-10-rc1' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi into next
Pull request for UEFI sub-system for efi-2020-10-rc1
This series comprises error corrections for the UEFI subsystem:
* correct consideration of timestamps for variable authentication
* correct collection of data regions for code authentication
* correct unit tests to test loading dbx
* enable FAT_WRITE as required by the UEFI spec
The boot manager uses log functions instead of printf() and debug().
The UEFI intialization state is exported.
- Resync Kconfiglib with the v14.1.0 release.
- Re-sync our <linux/compiler*h> files with v5.7-rc5 from upstream.
- Fully resync checkpatch.pl with v5.7 release.
To safely to all of the above, we have a few bugfixes about functions
that need a 'static inline' but weren't. We also stop setting
CROSS_COMPILE in arch/*/config.mk. Finally, with the above changes
boards can now opt-in to optimizing inlining and we do this for the
socfpga stratix10 platform for space savings.
currently gpio hog function is not tested with "ut dm gpio"
so add some basic tests for gpio hog functionality.
For this enable GPIO_HOG in sandbox_defconfig, add
in DTS some gpio hog entries, and add testcase in
"ut dm gpio" command.
Signed-off-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
save the GPIOD_ flags also in the gpio descriptor.
Signed-off-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Patrick Delaunay <patrick.delaunay@st.com>
Fixes: 788ea83412 ("gpio: add function _dm_gpio_set_dir_flags")
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Walter Lozano <walter.lozano@collabora.com>
Export the UEFI sub-system initialization state. This will allow to treat
the setting of UEFI variables during and after initialization differently.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When booting via the boot manager use log function for user messages
instead of printf() and debug().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
When overwriting an existing time base authenticated variable we should
compare to the preceding time value and not to the start of the epoch.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI specification requires that when UEFI variables are set using time
based authentication we have to check that unused fields of the timestamp
are zero
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
- sbi: Add newline to error message
- fu540: dts: Correct reg size of otp and dmc nodes
- Enhance reserved memory fixup about PMP information passed from OpenSBI
- sifive: fu540: Add gpio-restart support
- qemu-riscv: Update QEMU run command
- Assorted fixes related to reserved memory
- fu540: enable all cache ways from U-Boot proper
- use log functions in fdt_fixup
A time authenticated variable cannot be overwritten with another value
with the same time stamp. So we must ensure the correct sequence of time
stamps when generating out test data.
Using parameter -t for sign-efi-sig-list gives reproducible results and
avoids sleep statements.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In the test case (1g) of test_authvar, "db" is mistakenly used,
and it ends up being the exact same as (1f).
So correct it as "dbx" test case.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Currently, we don't use any regular expression in matching outputs from
U-Boot. Since its use is just redundant, we can remove all.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Just for style consistency, replace all the uses of debug() to
EFI_PRINT() in efi_image_loader.c.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Just for style consistency, replace all the uses of debug() to
EFI_PRINT in efi_variable.c.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Just for style consistency, replace all the uses of debug to
EFI_PRINT in efi_signature.c
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The simplest solution to revert the commit b32ac16f9a ("test/py: fix
test_efi_secboot/conftest.py") is to move efi_console_register()
forward before efi_disk_register().
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Replace printf() and debug() by log_err() and log_debug().
"No reserved memory region found in source FDT\n" is not an error but a
debug information.
%s/can not/cannot/ - use the more common spelling.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Add L2 cache node to enable all cache ways from U-Boot proper.
Signed-off-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
fdtdec_get_addr_size_no_parent is not an optimized version if parent
node is already available with the caller.
Use fdtdec_get_addr_size_auto_parent to read the "reg" property
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Not all errors are fatal. If a reserved memory node already exists in the
destination device tree, we can continue to boot without failing.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Explicitly pass the "-bios" option to QEMU to run U-Boot, instead
of the "-kernel" option, as we know that "-bios" behavior will be
changed since QEMU 5.1.0.
This also updates validated QEMU version to 5.0.0.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
The HiFive Unleashed board wires GPIO pin#10 to the input of the
system reset signal. This adds gpio reboot support.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Sagar Kadam <sagar.kadam@sifive.com>
Tested-by: Sagar Kadam <sagar.kadam@sifive.com>
Reviewed-by: Pragnesh Patel <pragnesh.patel@sifive.com>
Starting from OpenSBI v0.7, the SBI firmware inserts/fixes up the
reserved memory node for PMP protected memory regions. All RISC-V
boards need to copy the reserved memory node from the device tree
provided by the firmware to the device tree used by U-Boot.
Turn on CONFIG_OF_BOARD_FIXUP by default for OF_SEPARATE.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Rick Chen <rick@andestech.com>
The FDT blob might not have sufficient space to hold a copy of
reserved memory node. Expand it before the copy.
Reported-by: Rick Chen <rick@andestech.com>
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Rick Chen <rick@andestech.com>
The copy of reserved memory node from source dtb to destination dtb
can be avoided if they point to the same place. This is useful when
OF_PRIOR_STAGE is used.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
While commit 048a648298 ("checkpatch.pl: Update to v5.7") largely
re-syncs us with checkpatch.pl from v5.7 there are a number of things
missing still. Re-copy the script and again take care to keep our
allowed debug prints and now localized checks intact.
Fixes: 048a648298 ("checkpatch.pl: Update to v5.7")
Signed-off-by: Tom Rini <trini@konsulko.com>
This is a side-port of commit 21c54b774744 ("kconfig: show compiler
version text in the top comment") from Linux:
"The kernel configuration phase is now tightly coupled with the compiler
in use. It will be nice to show the compiler information in Kconfig."
We have already had the required makefile logic for this and had not
included printing the value in various user and file visible places.
Cc: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Enable the new CONFIG_OPTIMIZE_INLINING and CONFIG_SPL_OPTIMIZE_INLINING
options for this platform. With gcc-9.2 from kernel.org this saves us
1784 bytes in U-Boot and 80 bytes in SPL.
Cc: Marek Vasut <marex@denx.de>
Cc: Chin-Liang See <chin.liang.see@intel.com>
Cc: Dinh Nguyen <dinh.nguyen@intel.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Marek Vasut <marex@denx.de>
There are cases where when we allow the compiler to decide about making
inline decisions rather than forcing them it can save us space.
For now, we keep the default values for inlining that we have had
historically.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
In the Linux kernel, support for forcing inline functions to be made
inline, rather than allowing the compiler to make its own choice has
been removed. With respect to performance, modern GCC (and Clang) do a
good job at deciding when to, or not to, inline code and there are no
run-time requirements in Linux anymore.
There is one downside to this, which is final binary size. On average
in U-Boot removing this support grows SPL by almost 1 kilobyte. But
there are cases where it shrinks the binary by making better inline
choices than we had forced.
Start by re-introducing CONFIG_OPTIMIZE_INLINING as a global which
essentially reverts 889b3c1245de ("compiler: remove CONFIG_OPTIMIZE_INLINING entirely")
from Linux.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Copy these from Linux v5.7-rc5 tag.
This brings in some handy new attributes and is otherwise important to
keep in sync.
We drop the reference to smp_read_barrier_depends() as it is not
relevant on the architectures we support at this time, based on where
it's implemented in Linux today. We drop the call to kasan_check_read()
as that is not relevant to U-Boot as well.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Unless we mark the function as 'static inline' it may end up being
non-inlined by the compiled and result in duplicate functions.
Cc: Jagan Teki <jagan@amarulasolutions.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Unless we mark the function as 'static inline' it may end up being
non-inlined by the compiled and result in duplicate functions.
Cc: Marek Vasut <marex@denx.de>
Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Cc: Ley Foon Tan <ley.foon.tan@intel.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Marek Vasut <marex@denx.de>
In order to update our <linux/compiler.h> to a newer version that no
longer provides ACCESS_ONCE() but only READ_ONCE()/WRITE_ONCE() we need
to convert arch/x86/include/asm/atomic.h to the other macros.
Cc: Simon Glass <sjg@chromium.org>
Cc: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In order to update our <linux/compiler.h> to a newer version that no
longer provides ACCESS_ONCE() but only READ_ONCE()/WRITE_ONCE() we need
to convert arch/arm/mach-tegra/ivc.c to the other macros.
Cc: Tom Warren <twarren@nvidia.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Borrowing from Linux commit 78a5255ffb6a ("Stop the ad-hoc games with -Wno-maybe-initialized")
move to have maybe-initialized warnings be handled with building with
W=2 instead of playing more guessing games with newer compilers.
Signed-off-by: Tom Rini <trini@konsulko.com>
As part of re-syncing our Kconfig logic up to v4.19, we had missed
adding this new file that includes helper macros. To quote the upstream
commit e1cfdc0e72fc ("kconfig: add basic helper macros to scripts/Kconfig.include"):
Kconfig got text processing tools like we see in Make. Add Kconfig
helper macros to scripts/Kconfig.include like we collect Makefile
macros in scripts/Kbuild.include.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
A large number of changes have happened upstream since our last sync
in commit 65e05ddc1a ("kconfiglib: Update to the 12.14.0 release").
The big motivation for this sync is support for user defined macros
within Kconfig.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
In order to support the compiler providing information used within
Kconfig itself we cannot have the compiler be determined by
arch/*/config.mk as we will not be able to evaluate that yet. Given
that most documentation tells people to specify CROSS_COMPILE, remove
these references.
Cc: Huan Wang <alison.wang@nxp.com>
Cc: Angelo Dureghello <angelo@sysam.it>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Rick Chen <rick@andestech.com>
Cc: Thomas Chou <thomas@wytron.com.tw>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Nobuhiro Iwamatsu <iwamatsu@nigauri.org>
Cc: Simon Glass <sjg@chromium.org>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Michal Simek <michal.simek@xilinx.com>
