Now that standard boot is available, mention this in the environment
documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> # Intel Edison
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add some hints and observations related to booting distros on QEMU on x86.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This build can be used to boot 32-bit standard-distro builds. Enable some
more options, so that all possible EFI UUIDs are decoded, we can search
memory for tables, support the full set of standard-boot features, have
full logging along with debug UART and can boot from CDROM media.
This mirrors a similar patch for qemu-x86_64
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
[Drop the unknown option from defconfig]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
At present this feature is enabled in SPL if a bloblist is available.
Some platforms may not want to use this, so add an option to allow the
feature to be disabled.
Note that the feature unfortunately only fills in part of the
video-handoff information, so causes failures on x86 platforms. For now,
disable it there.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com> # qemu-x86_64
This is copying beyond the end of the destination buffer. Correct the code
by using the size of the vesa_mode_info struct. We don't need to copy the
rest of the bytes in the buffer.
This long-standing bug prevents virtio bootdevs working correctly on
qemu-x86 at present.
Fixes: 0ca2426bea ("x86: Add support for running option ROMs natively")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com> # qemu-x86_64
Unfortunately the bochs driver does not currently work with distros.
It causes a hang between grub menu selection and the OS displaying
something.
Preliminary investigation shows that GRUB does not jump to the kernel
at all.
This reproduces reliably.
This reverts commit b8956425d5.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com> # qemu-x86_64
[Slightly modify the commit message about preliminary investigation]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Call the hardware-init function from QEMU from SPL. This allows the
video BIOS to operate correctly.
Create an x86-wide qemu.h header to avoid having to #ifdef the header
in spl.c
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com> # qemu-x86_64
Drop the duplication and add a single rule which can handle SPL as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Nikhil M Jain <n-jain1@ti.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add an example to show how cbfs is used.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
[Removed CONFIG_CMD_CBFS from defconfig files]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Add some more output to make it easier to see what is going wrong when
a bootdev hunter fails.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Use the correct function here, since there may be multiple IDE devices
available.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
This name is a little confusing since it suggests that it sets up the
sibling block device. In fact it sets up a bootdev for it. Rename the
function to make this clearer.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
When CONFIG_ERRNO_STR is not enabled this shows a spurious 'E' from the
format string. Fix this.
Fixes: 7f33194132 ("lib: Support printing an error string")
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
When USB finds no devices it currently returns -EPERM which bootstd does
not understand. This causes other bootdevs of the same priority to be
skipped.
Fix this by returning the correct error code.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
To quote the author:
Adding support for Arm FF-A v1.0 (Arm Firmware Framework for Armv8-A) [A].
FF-A specifies interfaces that enable a pair of software execution
environments aka partitions to communicate with each other. A partition
could be a VM in the Normal or Secure world, an application in S-EL0, or
a Trusted OS in S-EL1.
FF-A is a discoverable bus and similar to architecture features.
FF-A bus is discovered using ARM_SMCCC_FEATURES mechanism performed by
the PSCI driver.
=> dm tree
Class Index Probed Driver Name
-----------------------------------------------------------
...
firmware 0 [ + ] psci |-- psci
ffa 0 [ ] arm_ffa | `-- arm_ffa
...
Clients are able to probe then use the FF-A bus by calling the DM class
searching APIs (e.g: uclass_first_device).
This implementation of the specification provides support for Aarch64.
The FF-A driver uses the SMC ABIs defined by the FF-A specification to:
- Discover the presence of secure partitions (SPs) of interest
- Access an SP's service through communication protocols
(e.g: EFI MM communication protocol)
The FF-A support provides the following features:
- Being generic by design and can be used by any Arm 64-bit platform
- FF-A support can be compiled and used without EFI
- Support for SMCCCv1.2 x0-x17 registers
- Support for SMC32 calling convention
- Support for 32-bit and 64-bit FF-A direct messaging
- Support for FF-A MM communication (compatible with EFI boot time)
- Enabling FF-A and MM communication in Corstone1000 platform as a use case
- A Uclass driver providing generic FF-A methods.
- An Arm FF-A device driver providing Arm-specific methods and reusing the Uclass methods.
- A sandbox emulator for Arm FF-A, emulates the FF-A side of the Secure World and provides
FF-A ABIs inspection methods.
- An FF-A sandbox device driver for FF-A communication with the emulated Secure World.
The driver leverages the FF-A Uclass to establish FF-A communication.
- Sandbox FF-A test cases.
- A new command called armffa is provided as an example of how to access the
FF-A bus
For more details about the FF-A support please refer to [B] and refer to [C] for
how to use the armffa command.
Please find at [D] an example of the expected boot logs when enabling
FF-A support for a platform. In this example the platform is
Corstone1000. But it can be any Arm 64-bit platform.
More details:
[A]: https://developer.arm.com/documentation/den0077/latest/
[B]: doc/arch/arm64.ffa.rst
[C]: doc/usage/cmd/armffa.rst
[D]: example of boot logs when enabling FF-A
turn on EFI MM communication
On Corstone-1000 platform MM communication between u-boot
and the secure world (Optee) is done using the FF-A bus.
Changes made are generated using savedefconfig.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Add MM communication support using FF-A transport
This feature allows accessing MM partitions services through
EFI MM communication protocol. MM partitions such as StandAlonneMM
or smm-gateway secure partitions which reside in secure world.
An MM shared buffer and a door bell event are used to exchange
the data.
The data is used by EFI services such as GetVariable()/SetVariable()
and copied from the communication buffer to the MM shared buffer.
The secure partition is notified about availability of data in the
MM shared buffer by an FF-A message (door bell).
On such event, MM SP can read the data and updates the MM shared
buffer with the response data.
The response data is copied back to the communication buffer and
consumed by the EFI subsystem.
MM communication protocol supports FF-A 64-bit direct messaging.
We tested the FF-A MM communication on the Corstone-1000 platform.
We ran the UEFI SCT test suite containing EFI setVariable, getVariable and
getNextVariable tests which involve FF-A MM communication and all tests
are passing with the current changes.
We made the SCT test reports (part of the ACS results) public following the
latest Corstone-1000 platform software release. Please find the test
reports at [1].
[1]: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-test-report/-/tree/master/embedded-a/corstone1000/CORSTONE1000-2023.06/acs_results_fpga.zip
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Tested-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Provide armffa command showcasing the use of the U-Boot FF-A support
armffa is a command showcasing how to invoke FF-A operations.
This provides a guidance to the client developers on how to
call the FF-A bus interfaces. The command also allows to gather secure
partitions information and ping these partitions. The command is also
helpful in testing the communication with secure partitions.
For more details please refer to the command documentation [1].
A Sandbox test is provided for the armffa command.
[1]: doc/usage/cmd/armffa.rst
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add functional test cases for the FF-A support
These tests rely on the FF-A sandbox emulator and FF-A
sandbox driver which help in inspecting the FF-A communication.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Emulate Secure World's FF-A ABIs and allow testing U-Boot FF-A support
Features of the sandbox FF-A support:
- Introduce an FF-A emulator
- Introduce an FF-A device driver for FF-A comms with emulated Secure World
- Provides test methods allowing to read the status of the inspected ABIs
The sandbox FF-A emulator supports only 64-bit direct messaging.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add Arm FF-A support implementing Arm Firmware Framework for Armv8-A v1.0
The Firmware Framework for Arm A-profile processors (FF-A v1.0) [1]
describes interfaces (ABIs) that standardize communication
between the Secure World and Normal World leveraging TrustZone
technology.
This driver uses 64-bit registers as per SMCCCv1.2 spec and comes
on top of the SMCCC layer. The driver provides the FF-A ABIs needed for
querying the FF-A framework from the secure world.
The driver uses SMC32 calling convention which means using the first
32-bit data of the Xn registers.
All supported ABIs come with their 32-bit version except FFA_RXTX_MAP
which has 64-bit version supported.
Both 32-bit and 64-bit direct messaging are supported which allows both
32-bit and 64-bit clients to use the FF-A bus.
FF-A is a discoverable bus and similar to architecture features.
FF-A bus is discovered using ARM_SMCCC_FEATURES mechanism performed
by the PSCI driver.
Clients are able to probe then use the FF-A bus by calling the DM class
searching APIs (e.g: uclass_first_device).
The Secure World is considered as one entity to communicate with
using the FF-A bus. FF-A communication is handled by one device and
one instance (the bus). This FF-A driver takes care of all the
interactions between Normal world and Secure World.
The driver exports its operations to be used by upper layers.
Exported operations:
- ffa_partition_info_get
- ffa_sync_send_receive
- ffa_rxtx_unmap
Generic FF-A methods are implemented in the Uclass (arm-ffa-uclass.c).
Arm specific methods are implemented in the Arm driver (arm-ffa.c).
For more details please refer to the driver documentation [2].
[1]: https://developer.arm.com/documentation/den0077/latest/
[2]: doc/arch/arm64.ffa.rst
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
provide a test case
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
convert UUID string to little endian binary data
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
add support for x0-x17 registers used by the SMC calls
In SMCCC v1.2 [1] arguments are passed in registers x1-x17.
Results are returned in x0-x17.
This work is inspired from the following kernel commit:
arm64: smccc: Add support for SMCCCv1.2 extended input/output registers
[1]: https://documentation-service.arm.com/static/5f8edaeff86e16515cdbe4c6?token=
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
In [1] Sam points out an assertion does not hold true for 32-bit
platforms, which only impacts Large File Support (LFS) API usage
in erofs-utils according to Xiang [2]. We don't think these APIs
are used in u-boot and this restriction could be safely removed.
[1] https://lists.denx.de/pipermail/u-boot/2023-July/524679.html
[2] https://lists.denx.de/pipermail/u-boot/2023-July/524727.html
Fixes: 3a21e92fc2 ("fs/erofs: Introduce new features including ztailpacking, fragments and dedupe")
Signed-off-by: Yifan Zhao <zhaoyifan@sjtu.edu.cn>
Tested-by: Sam Edwards <CFSworks@gmail.com>
CONFIG_$(SPL_TPL_)SYS_MALLOC_F_LEN is defined as hex. If set to zero
manually, .config contains '0x0' and not '0' as value.
The default value for CONFIG_SPL_SYS_MALLOC_F_LEN should not be set to 0
but to 0x0 if CONFIG_SPL_FRAMEWORK=n to match a manually set value.
Fixes: c0126bd862 ("spl: Support bootstage, log, hash and early malloc in TPL")
Fixes: b616947052 ("SPL: Do not enable SPL_SYS_MALLOC_SIMPLE without SPL_FRAMEWORK by default")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
All SPL hash algorithm options are collected in lib/Kconfig. Move
SPL_CRC32 there as well.
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
There is another SPL_MD5 option defined in lib/Kconfig.
Renaming SPL_MD5_SUPPORT introduced duplicate option with
different description. As for now FIT and hash algorithm options
are not related to each others, removing a duplicate option seems OK.
Fixes: 4b00fd1a84 ("Kconfig: Rename SPL_MD5_SUPPORT to SPL_MD5")
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
In the common bloblist code we call crc32 to get a checksum for the
data. Ensure we will have the CRC32 code via select.
Signed-off-by: Tom Rini <trini@konsulko.com>
With this change the DT and binding files are under the at91 tree
maintainer, and get_maintainer.pl correctly reports the entry.
Signed-off-by: Eugen Hristev <eugen.hristev@collabora.com>
The retimer reset/power on logic was changed in a recent commit,
however, it neglected to check if the commands sent to the
board microcontroller (to control power to the retimer chip)
actually completed.
Add return checks for these operations so any failures will
be reported to the user.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
Fixes: 7a041fea2 ("board: traverse: ten64: ensure retimer reset
is done on new board revisions")
Update MAINTAINERS file. Add missing MAINTAINERS file for Spider,
Whitehawk and V3HSK boards. Update mail addresses. Add file globs
to match on DT and driver files related to these boards.
The GRPEACH and R2DPLUS are special in that they are not R-Car
and have their own set of specialized drivers.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
As Pali Rohár has asked to not be copied on changes to files he is not
a specific maintainer of, add his address to .get_maintainer.ignore.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Michael Trimarchi <michael@amarulasolutions.com>
To reduce overall job time, move a number of smaller jobs together.
These should still be safely under 1 hour total time, but reducing the
overall number of jobs should help with the queue slightly.
Signed-off-by: Tom Rini <trini@konsulko.com>
The job for rockchip vendor platforms has again gotten close to or
exceeded one hour. Rework things such that we move the 32bit platforms
back to the general 32bit ARM job (as there's time there) and make these
build only the 64bit platforms.
Signed-off-by: Tom Rini <trini@konsulko.com>
buildman minor fixes
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmTOp5wRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYApAf+P45nQXX2L0lFpu5vJQ+Xy1VHDh+OE5sU
yVWm2A0zc7L0TyLn4fX5PGF+1C7gZjYGQ6I9OVroS58fXR5o6WjCelCMhE1wxL5i
AgHKmrUUw6XUalF317RquRWDPLAD6KZ1T8XUgjF2PnBwd2RwMH4zW/Ls73UFBf+4
gIi0zlqLsX8zSeFAyitRWobM4gJT4PUAxz7jexBEk9y3EjOufcLqpdl2Y4JAxTtl
82AYy9nJbPyFrT9lIGP9nfPenVPGKL6wdzc5C/sGLeRlutNKgrJTnjWRkJV+ThPx
mIZVSzwi2cbYnMpq1nEGnj+cH6R73xxybj17MVzevyAQNXAZcZfQ+Q==
=Nbd9
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-5aug23' of https://source.denx.de/u-boot/custodians/u-boot-dm
binman support for Xilinx signing
buildman minor fixes
Some boards use a MAINTAINERS entry to specify common files without
referencing any defconfigs. This is allowed and should not result in a
warning.
Drop the warning in this case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Recent refactoring changed buildman to continue operation after fetching
a toolchain. Fix this.
Fixes: b868064652 ("bulidman: Move toolchain handling to a function")
Signed-off-by: Simon Glass <sjg@chromium.org>
DM_POST_INIT was changed to DM_POST_INIT_F.
To debug correct message, change type_name from dm_post_init to
dm_post_init_f.
Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
s/an/a/ :
Signed-off-by: Simon Glass <sjg@chromium.org>
Add test for the 'xilinx-bootgen' etype
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Allow missing bootgen tool; comment testXilinxBootgenMissing() comment:
Signed-off-by: Simon Glass <sjg@chromium.org>
This adds a new etype 'xilinx-bootgen'. By using this etype it is
possible to created an signed SPL (FSBL in Xilinx terms) for
ZynqMP boards.
The etype uses Xilinx Bootgen tools in order to transform the SPL into
a bootable image and sign the image with a given primary and secondary
public key. For more information to signing the FSBL please refer to the
Xilinx Bootgen documentation.
Here is an example of the etype in use:
spl {
filename = "boot.signed.bin";
xilinx-bootgen {
pmufw-filename = "pmu-firmware.elf";
psk-key-name-hint = "psk0";
ssk-key-name-hint = "ssk0";
auth-params = "ppk_select=0", "spk_id=0x00000000";
u-boot-spl-nodtb {
};
u-boot-spl-dtb {
};
};
};
For this to work the hash of the primary public key has to be fused
into the ZynqMP device and authentication (RSA_EN) has to be set.
For testing purposes: if ppk hash check should be skipped one can add
the property 'fsbl_config = "bh_auth_enable";' to the etype. However,
this should only be used for testing(!).
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add the Xilinx Bootgen as bintool. Xilinx Bootgen is used to create
bootable SPL (FSBL in Xilinx terms) images for Zynq/ZynqMP devices. The
btool creates a signed version of the SPL. Additionally to signing the
key source for the decryption engine can be passend to the boot image.
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>