Commit graph

79688 commits

Author SHA1 Message Date
Tom Rini
46eb29201c Merge branch '2022-05-03-virtio-pci-add-and-fix-consistency-checks'
To quote the author:
The virtio PCI drivers forgo a number of consistency checks,
particularly around pointer validation and bounds checking. This series
focuses on the modern driver to add those checks.

The start of the series adds and fixes some basic bounds checks. Later
patches ensure PCI addresses fall within the expected regions rather
than any arbitrary address. This is acheived by introducing range
parameters to a few of the dm_pci_* functions that allow the ranges to
be checked.

The series also adds a few new configs to allow parts of virtio and PCI
to be disabled where the features may be unused and the current
implementations don't have the needed consistencty checks.
2022-05-03 18:33:46 -04:00
Andrew Scull
3b92018675 pci: Add config for Enhanced Allocation
Add a config to control whether Enhanced Allocation is supported by the
driver.

Signed-off-by: Andrew Scull <ascull@google.com>
2022-05-03 18:33:29 -04:00
Andrew Scull
0699a78c0c virtio: pci: Make use of dm_pci_map_bar()
The virtio PCI capabilities describe regions of memory that should be
mapped. Map those with dm_pci_map_bar() which will ensure they are valid
PCI regions.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 18:33:29 -04:00
Andrew Scull
c763e1e023 virtio: pci: Check virtio configs are mapped
Prepare for calls to `virtio_pci_map_capability()` failing by returning
NULL on error. If this happens, later accesses to the pointers would be
unsafe so cause the probe to fail if such an error occurs.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 18:33:29 -04:00
Andrew Scull
2635e3b50f pci: Add mask parameter to dm_pci_map_bar()
Add a mask parameter to control the lookup of the PCI region from which
the mapping can be made.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 18:33:29 -04:00
Andrew Scull
a822d1dee4 pci: Update dm_pci_bus_to_virt() parameters
Add mask parameter and reorder length parameter to match the other PCI
address conversion functions. Using PCI_REGION_TYPE as the mask gives
the old behaviour.

It's converted from a macro to an inline function as the length
parameter is now used twice, but should only be calculated once.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 18:33:29 -04:00
Andrew Scull
7739d93d82 pci: Match region flags using a mask
When converting addresses, apply a mask to the region flags during
lookup. This allows the caller to specify which flags are important and
which are not, for example to exclude system memory regions.

The behaviour of the function is changed such that they don't
preferentially search for a non-system memory region. However, system
memory regions are added after other regions in decode_regions() leading
to a similar outcome.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 18:33:26 -04:00
Andrew Scull
12507a2d22 pci: Map bars with offset and length
Evolve dm_pci_map_bar() to include an offset and length parameter. These
allow a portion of the memory to be mapped and range checks to be
applied.

Passing both the offset and length as zero results in the previous
behaviour and this is used to migrate the previous callers.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:46 -04:00
Andrew Scull
55e6adbd78 test: pci: Test PCI address conversion functions
Add tests for the functions dm_pci_bus_to_phys() and
dm_pci_phys_to_bus() which convert between PCI bus addresses and
physical addresses based on the ranges declared for the PCI controller.

The ranges of bus#1 are used for the tests, adding a translation to one
of the ranges to cover more cases.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:46 -04:00
Andrew Scull
398dc367c5 pci: Range check address conversions
When converting between PCI bus and physical addresses, include a length
parameter that can be used to check that the entire range fits within
one of the PCI regions. This prevents an address being returned that
might be only partially valid for the range it is going to be used for.

Where the range check is not wanted, passing a length of 0 will have the
same behaviour as before this change.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
ec8eba8c2d pci: Check region ranges are addressable
When parsing the `ranges` DT node, check that both extremes of the
regions are addressable without overflow. This assumption can then be
safely made when processing the regions.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
60f4142aa2 pci: Fix use of flags in dm_pci_map_bar()
The flags parameter of dm_pci_map_bar() is used for PCI region flags
rather than memory mapping flags. Fix the type to match that of the
region flags and stop using the regions flags as memory mapping flags.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
e7870c2cdc virtio: pci: Read entire capability into memory
Read the virtio PCI capability out of the device configuration space to
a struct rather than accessing fields directly from the configuration
space as they are needed. This both makes access to the fields easier
and avoids re-reading fields.

Re-reading fields could result in time-of-check to time-of-use problems,
should the value in the configuration space change. The range check of
the `bar` field and the later call to `dm_pci_read_bar32()` is an
example of where this could happen.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
6a8cb878a2 virtio: pci: Check virtio capability is in bounds
Ensure the virtio PCI capabilities are contained within the bounds of
the device's configuration space. The expected size of the capability is
passed when searching for the capability to enforce this check.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
f2c1ef1b6d virtio: pci: Check virtio common config size
Check that the common config is at least as large as the struct it is
expected to contain. Only then is it safe to cast the pointer and be
safe from out-of-bounds accesses.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
c690f64f4c virtio: pci: Bounds check notification writes
Make sure virtio notifications are written within their allocated
buffer.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
94b28b9158 virtio: pci: Bounds check device config access
The device config is optional, so check it was present and mapped before
trying to use the pointer. Bounds violations are an error, not just a
warning, so bail if the checks fail.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
da03cdfa7a virtio: pci: Fix discovery of device config length
The length of the device config was erroneously being taken from the
notify capability. Correct this by finding the length in the device
capability.

Fixes: 550435edf8 ("virtio: pci: Support non-legacy PCI transport device")
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Andrew Scull
30471d5351 virtio: pci: Allow exclusion of legacy driver
Add a new config to control whether the driver for legacy virtio PCI
devices is included in the build. VIRTIO_PCI_LEGACY is included by
default when VIRTIO_PCI is selected, but it can also be independently
toggled.

Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 15:50:45 -04:00
Masahisa Kojima
2158b0da22 bootmenu: add Kconfig option not to enter U-Boot console
This commit adds the Kconfig option to disable to enter
the U-Boot console from bootmenu.

If CMD_BOOTMENU_ENTER_UBOOT_CONSOLE is enabled, "U-Boot console"
entry is appeared as the last entry in the bootmenu, then user can
enter U-Boot console.

If CMD_BOOTMENU_ENTER_UBOOT_CONSOLE is disabled, "Quit" entry
is appeared as the last entry instead of "U-Boot console".
When user chooses "Quit" from bootmenu, the following default
commands are invoked.

 - "bootefi bootmgr" (if efi bootmgr is enabled)
 - "run bootcmd"

If the both commands are executed and returns to the bootmenu,
the bootmenu will appears again.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2022-05-03 21:39:22 +02:00
Masahisa Kojima
c606c0059f bootmenu: add UEFI boot entry into bootmenu
This commit adds the UEFI related menu entries
into the bootmenu.

User can select which UEFI "Boot####" option to execute
from bootmenu, then bootmenu sets the "BootNext" UEFI
variable and invoke efi bootmgr. The efi bootmgr
will handle the "BootNext" UEFI variable.

If the "BootNext" UEFI variable is preset and efi bootmgr is enabled,
bootmenu invokes efi bootmgr to handle "BootNext" as first priority.

The UEFI boot entry has the "UEFI BOOTXXXX" prefix as below.

  *** U-Boot Boot Menu ***

     UEFI BOOT0000 : debian
     UEFI BOOT0001 : ubuntu

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
2022-05-03 21:39:22 +02:00
Masahisa Kojima
a3d0aa87ac bootmenu: update bootmenu_entry structure
This is a preparation for succeeding addition of uefi boot
and distro boot menu entries into bootmenu.
The bootmenu_entry title is updated to u16 string because
uefi use u16 string. This commit also factors out the function
to prepare the entries generated by "bootmenu_x" U-Boot environment
variable.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
AKASHI Takahiro
4e65ca00f3 efi_loader: bootmgr: add booting from removable media
Under the current implementation, booting from removable media using
a architecture-specific default image name, say BOOTAA64.EFI, is
supported only in distro_bootcmd script. See the commit 74522c898b
("efi_loader: Add distro boot script for removable media").

This is, however, half-baked implementation because
1) UEFI specification requires this feature to be implemented as part
   of Boot Manager's responsibility:

  3 - Boot Manager
  3.5.1 Boot via the Simple File Protocol
  When booting via the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL, the FilePath will
  start with a device path that points to the device that implements the
  EFI_SIMPLE_FILE_SYSTEM_PROTOCOL or the EFI_BLOCK_IO_PROTOCOL. The next
  part of the FilePath may point to the file name, including
  subdirectories, which contain the bootable image. If the file name is
  a null device path, the file name must be generated from the rules
  defined below.
  ...
  3.5.1.1 Removable Media Boot Behavior
  To generate a file name when none is present in the FilePath, the
  firmware must append a default file name in the form
  \EFI\BOOT\BOOT{machine type short-name}.EFI ...

2) So (1) entails the hehavior that the user's preference of boot media
   order should be determined by Boot#### and BootOrder variables.

With this patch, the semantics mentioned above is fully implemented.
For example, if you want to boot the system from USB and SCSI in this
order,
* define Boot0001 which contains only a device path to the USB device
  (without any file path/name)
* define Boot0002 which contains only a device path to the SCSI device,
and
* set BootOrder to Boot0001:Boot0002

To avoid build error for sandbox, default file name "BOOTSANDBOX.efi"
is defined even if it is out of scope of UEFI specification.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
On sandbox use binary name corresponding to host architecture.
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
AKASHI Takahiro
d8465ffc01 efi_loader: export efi_locate_device_handle()
This function will be used in the next commit where some behavior
of EFI boot manager will be expanded.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Masahisa Kojima
7f67525f99 menu: menu_get_choice() return -ENOENT if menu item is empty
menu_get_choice() needs to handle the case that menu item
is empty. In this case, menu_get_choice() returns -ENOENT.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Masahisa Kojima
c23bb03465 menu: always show the menu regardless of the number of entry
To make user aware of the menu entry selection, menu always
appears regardless of the number of entry.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Adjust test/py/tests/test_bootmenu.py
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Masahisa Kojima
b8cd1e7fc2 test: unit test for u16_strlcat()
Provide a unit test for function u16_strlcat().

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Masahisa Kojima
eca08ce94c lib/charset: add u16_strlcat() function
Provide u16 string version of strlcat().

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
d30924f16b lib: fix selection of CONFIG_CHARSET
lib/charset.c is not optional for
EFI_APP || EFI_LOADER || UFS || UT_UNICODE.
These must select CONFIG_CHARSET.

Fixes: 726cd9836d ("efi: Make unicode printf available to the app")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
c900a42eb0 efi_selftest: error handling in efi_selftest_tcg2
If memory allocation fails, write an error message.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
0db8221f32 efi_selftest: clean up unaligned unit test
* fix typo %s/give/given/
* don't use void * in pointer arithmetic

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
1b2c3e543c efi_selftest: buildefi_selftest_unaligned.c
The unit test has not been built since CPU_V7 was rename CPU_V7A.

Fixes: acf1500138 ("arm: v7: Kconfig: Rename CPU_V7 as CPU_V7A")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
1979404263 test: fix some pylint problems in test_capsule_firmware_raw.py
* improve doc-string formatting
* remove unused imports

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
5c1037d578 efi_loader: reset colors before clearing screen
When resetting the text console the colors have to be set before clearing
the screen. Otherwise the background color may be wrong.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
100de5e37d doc: fix typos in bootmenu.rst
%s/cammand/command/
%s/sequencies/sequences/

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
d1d7ed7b1e cmd: simplify bootmenu
* correct output for timeout > 99 s
* don't use spaces to advance to the output column

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
f2c534d354 test: unit test for bootmenu
Provide a unit test for the bootmenu command

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Heinrich Schuchardt
29a02185cd sandbox: enable bootmenu command
Provide the bootmenu command on the sandbox for testing.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-05-03 21:39:22 +02:00
Tom Rini
f8e7670f8b CI: Azure: Rework how we update MSYS2
Based on reading https://www.msys2.org/docs/ci/ and "Other Systems"
rework how we update MSYS2 to the current version.  We run it once, to
perform nothing other than being the first run, then we run pacman
twice.

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-05-03 08:32:50 -04:00
Luca Ellero
c62f93a620 sf: dataflash: add support for AT45DB641E
NOTE: this chip uses "extened device information"

Signed-off-by: Luca Ellero <l.ellero@asem.it>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
2022-05-03 17:57:19 +05:30
Luca Ellero
1c1c581d56 sf: dataflash: add support for "extended ID"
Take as reference Linux kernel code:
	drivers/mtd/devices/mtd_dataflash.c
	commit 1da8869a428317a6d3cd8d47184cf87feb34a98b
	Author: Andrey Smirnov <andrew.smirnov@gmail.com>

Signed-off-by: Luca Ellero <luca.ellero@brickedbrain.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
2022-05-03 17:56:16 +05:30
Jim Liu
aaf2dbc82b spi: npcm-fiu: add NPCM7xx FIU controller driver
Add Nuvoton NPCM BMC Flash Interface Unit(FIU) SPI master
controller driver using SPI-MEM interface.

The FIU supports single, dual or quad communication interface.
The FIU controller driver provides flash access in UMA(User
Mode Access) mode by using an indirect address/data mechanism.

the dts node is followed upstream kernel dts name.

Signed-off-by: Jim Liu <JJLIU0@nuvoton.com>
Signed-off-by: Stanley Chu <yschu@nuvoton.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
[Jagan: fixed the Kconfig, Makefile order]
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
2022-05-03 17:49:48 +05:30
Tien Fong Chee
f9b9641348 mtd: spi-nor-ids: add Macronix mx25u51245g flash entry
Add Macronix mx25u51245g flash entry, so this can be used on
SoCFPGA devices.

Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
[Jagan: updated commit head]
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
2022-05-03 17:37:39 +05:30
Marek Vasut
1aa60f0cea mtd: spi-nor-ids: Add Winbond W25Q128JW ID
Add ID for Winbond W25Q128JW device. This is a 128 Mbit QSPI NOR.
Tested on W25Q128JWPIM part.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Horatiu Vultur <horatiu.vultur@microchip.com>
Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Cc: Stefan Roese <sr@denx.de>
Cc: Vignesh R <vigneshr@ti.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
2022-05-03 17:35:17 +05:30
Tom Rini
edb6982b58 Merge branch '2022-05-02-add-verifying-program-loader'
To quote the author:

U-Boot provides a verified-boot feature based around FIT, but there is
no standard way of implementing it for a board. At present the various
required pieces must be built up separately, to produce a working
implementation. In particular, there is no built-in support for selecting
A/B boot or recovery mode.

This series introduces VPL, a verified program loader phase for U-Boot.
Its purpose is to run the verified-boot process and decide which SPL
binary should be run. It is critical that this decision happens before
SPL runs, since SPL sets up SDRAM and we need to be able to update the
SDRAM-init code in the field.

Adding VPL into the boot flow provides a standard place to implement
verified boot. This series includes the phase itself, some useful Kconfig
options and a sandbox_vpl build for sandbox. No verfied-boot support is
provided in this series.

Most of the patches in this series are fixes and improvements to docs and
various Kconfig conditions for SPL.
2022-05-02 19:02:44 -04:00
Tom Rini
2406a91734 Merge https://source.denx.de/u-boot/custodians/u-boot-marvell
- Misc turris_omnia/mox related Fixes and impovements (Pali)
- Turris Omnia: Add support for configuring mSATA and WWAN slots
  via env variables (Pali)
- net: mvgbe: Set PHY page 0 before phy_connect (Tony)
- kirkwood: nsa310s: Use Marvell uclass mvgbe and PHY driver (Tony)
- mvebu: turris_omnia: Fix SYS_RSTOUT_* macro names (Pali)
- mvebu: clearfog_defconfig: enable setexpr command (Josef)
- mvebu: x530: set MPP55 to gpio (Chris)
2022-05-02 19:00:42 -04:00
Simon Glass
a31eff3015 CI: Run VPL tests
Add tests for VPL into the mix. For now this just runs the help test and
a few SPL ones.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-05-02 10:01:52 -04:00
Simon Glass
5f195140a9 vpl: Test that VPL runs correctly through to U-Boot proper
Check the TPL -> VPL -> SPL -> U-Boot path by running the 'help' command
in U-Boot.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-05-02 10:01:51 -04:00
Simon Glass
313438c971 vpl: Support running vpl tests
Add support for these to the pytest system.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-05-02 09:58:13 -04:00
Simon Glass
9ae25b9ac9 sandbox: Add a build for VPL
Add an initial VPL build for sandbox. This includes the flow:

   TPL (with of-platdata) -> VPL -> SPL -> U-Boot

To run it:

   ./tpl/u-boot-tpl -D

The -D is needed to get the default device tree, which includes the serial
console info.

Add a Makefile check for OF_HOSTFILE which is the option that enables
devicetree control on sandbox.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-05-02 09:58:13 -04:00