| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
As removal of nds32 has been ack'd for the Linux kernel, remove support
here as well.
Cc: Rick Chen <rick@andestech.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Rick Chen <rick@andestech.com>
|
|
To quote the author:
The bootflow feature provide a built-in way for U-Boot to automatically
boot an Operating System without custom scripting and other customisation.
This is called 'standard boot' since it provides a standard way for
U-Boot to boot a distro, without scripting.
It introduces the following concepts:
- bootdev - a device which can hold a distro
- bootmeth - a method to scan a bootdev to find bootflows (owned by
U-Boot)
- bootflow - a description of how to boot (owned by the distro)
This series provides an implementation of these, enabled to scan for
bootflows from MMC, USB and Ethernet. It supports the existing distro
boot as well as the EFI loader flow (bootefi/bootmgr). It works
similiarly to the existing script-based approach, but is native to
U-Boot.
With this we can boot on a Raspberry Pi 3 with just one command:
bootflow scan -lb
which means to scan, listing (-l) each bootflow and trying to boot each
one (-b). The final patch shows this.
With a standard way to identify boot devices, booting become easier. It
also should be possible to support U-Boot scripts, for backwards
compatibility only.
...
The design is described in these two documents:
https://drive.google.com/file/d/1ggW0KJpUOR__vBkj3l61L2dav4ZkNC12/view?usp=sharing
https://drive.google.com/file/d/1kTrflO9vvGlKp-ZH_jlgb9TY3WYG6FF9/view?usp=sharing
|
|
At present it is not possible to find out which part of the string is the
number part and which is before it. Add a new variant which provides this
feature, so we can separate the two in the caller.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present this has a minor bug in that it reads the byte before the
start of the string, if it is empty. Also it doesn't handle a
non-numeric prefix which is only one character long.
Fix these bugs with a reworked implementation. Add a test for the second
case. The first one is hard to test.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-07-rc1-3
Documentation:
* Document image size parameter of bootefi command
UEFI:
* avoid building partition support in SPL/TPL where not required
* improve integration of EFI subsystem and driver model
* restore ability to boot arbitrary blob
|
|
In most of all cases, we can avoid using blk_desc which is expected
to be private to udevice(UCLASS_BLK), that is, the data should not
be manipulated outside the device driver unless really needed.
Now efi_disk's internally use dev_read/write() interfaces
if CONFIG_PARTITIONS is enabled.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
When we create an efi_disk device with an UEFI application using driver
binding protocol, the 'efi_driver' framework tries to create
a corresponding block device(UCLASS_BLK/IF_TYPE_EFI). This will lead to
calling a PROBE callback, efi_disk_probe().
In this case, however, we don't need to create another "efi_disk" device
as we already have this device instance.
So we should avoid recursively invoke further processing in the callback
function.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This function is expected to be called, in particular from dm's pre_remove
hook, when associated block devices no longer exist.
Add efi_disk_remove() function.
This function removes an efi_disk object for a raw disk device (UCLASS_BLK)
and related objects for its partitions (UCLASS_PARTITION).
So this function is expected to be called through driver model's "remove"
interface every time a raw disk device is to be disconnected.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
When we create an efi_disk device with an UEFI application using driver
binding protocol, the 'efi_driver' framework tries to create
a corresponding block device(UCLASS_BLK/IF_TYPE_EFI). This will lead to
calling a PROBE callback, efi_disk_probe().
In this case, however, we don't need to create another "efi_disk" device
as we already have this device instance.
So we should avoid recursively invoke further processing in the callback
function.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Add efi_disk_probe() function.
This function creates an efi_disk object for a raw disk device (UCLASS_BLK)
and additional objects for related partitions (UCLASS_PARTITION).
So this function is expected to be called through driver model's "probe"
interface every time one raw disk device is detected and activated.
We assume that partition devices (UCLASS_PARTITION) have been created
when this function is invoked.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
In the next commit, CONFIG_EFI_SETUP_EARLY will become mandated
in order to support dynamic enumeration of efi_disk objects.
This can, however, be problematic particularly in case of file-based
variable storage (efi_variable.c, default).
Non-volatile variables are to be restored from EFI system partition
by efi_init_variables() in efi_init_obj_list(). When efi_init_obj_list()
is called in board_init_r(), we don't know yet what disk devices
we have since none of device probing commands (say, scsi rescan) has not
been executed at that stage.
So in this commit, a preparatory change is made; efi_init_obj_list() is
broken into the two functions;
* efi_init_early(), and
* new efi_init_obj_list()
Only efi_init_early() will be called in board_init_r(), which allows
us to execute any of device probing commands, either though "preboot"
variable or normal command line, before calling efi_init_obj_list() which
is to be invoked at the first execution of an efi-related command
(or at efi_launch_capsules()) as used to be.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
Now we can build efi_loader with block device support (CONFIG_BLK) and
without CONFIG_PARTITIONS.
So change Makefile.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
In the current implementation, partition table support (either GPT or DOS)
is not mandatory. So CONFIG_PARTITION_UUIDS should not be enabled
(selected) unconditionally.
Fixes: commit 17f8cda505e3 ("efi_loader: set partition GUID in device path for SIG_TYPE_GUID")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Commit 690af71850149bf242502f688eca80fb302d1f76 changed this condition
from an explicit
IS_ENABLED(CONFIG_SPL_SEPARATE_BSS)
to
CONFIG_IS_ENABLED(SEPARATE_BSS)
The documentation for CONFIG_IS_ENABLED() in include/linux/kconfig.h
implies that we will get the correct behaviour, but the actual behaviour
differs such that this condition is now always false.
This stopped TPL being able to load the device tree blob at least on the
ROCKPro64 board (RK3399 SoC), since the wrong device tree location was
chosen.
The issues causing this behaviour with CONFIG_IS_ENABLED() are:
1. The documentation implies that CONFIG_SPL_BUILD =>
CONFIG_SPL_<option> is considered before the TPL equivalent.
Actually, the TPL options have higher priority - see definition of
_CONFIG_PREFIX.
2. The documentation implies a fallthrough, eg. if CONFIG_SPL_BUILD is
defined but the CONFIG_SPL_<option> is not, then it will proceed to
check if CONFIG_TPL_BUILD
Actually, if CONFIG_TPL_BUILD is defined, then it stops there
and CONFIG_SPL_BUILD is not considered - see definition of
_CONFIG_PREFIX.
During TPL build, at least for the ROCKPro64, both CONFIG_TPL_BUILD
and CONFIG_SPL_BUILD are defined, but because of the above, only TPL
options are considered. Since there is no CONFIG_TPL_SEPARATE_BSS,
this fails.
Fixes: 690af71850 ("fdt: Correct condition for SEPARATE_BSS")
Signed-off-by: Andrew Abbott <andrew@mirx.dev>
|
|
This implementation provides standard CRC-16 algorithm with polynomial
x^16 + x^15 + x^2 + 1.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
|
|
U-Boot CRC-16 implementation uses polynomial x^16 + x^12 + x^5 + 1 which is
not standard CRC-16 algorithm, but it is known as CRC-16-CCITT. Rename file
crc16.c to crc16-ccitt.c to reduce confusion.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
|
|
Use u16_strsize().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Use u16_strsize().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Use u16_strsize() instead of duplicating it.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The function u16_strlen() can be implemented as call to u16_strnlen().
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The capsule update code has been modified for getting the image GUID
values from the platform code. With this, each image now has a unique
GUID value. With this change, there is no longer a need for defining
GUIDs for FIT and raw images. Remove these GUID values.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
Currently, there are a bunch of boards which enable the UEFI capsule
update feature. The actual update of the firmware images is done
through the dfu framework which uses the dfu_alt_info environment
variable for getting information on the update, like device, partition
number/address etc. The dfu framework allows the variable to be set
through the set_dfu_alt_info function defined by the platform, or if
the function is not defined, it gets the variable from the
environment. Using the value set in the environment is not very
robust, since the variable can be modified from the u-boot command
line and this can cause an incorrect update.
To prevent this from happening, define the set_dfu_alt_info function
when the capsule update feature is enabled. A weak function is defined
which sets the dfu_alt_info environment variable by getting the string
for the variable from the platform.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
|
|
The current capsule update code compares the image GUID value in the
capsule header with the image GUID value obtained from the
GetImageInfo function of the Firmware Management Protocol(FMP). This
comparison is done to ascertain if the FMP's SetImage function can be
called for the update. Make this checking more robust by comparing the
image_index value passed through the capsule with that returned by the
FMP's GetImageInfo function. This protects against the scenario of the
firmware being updated in a wrong partition/location on the storage
device if an incorrect value has been passed through the capsule,
since the image_index is used to determine the location of the update
on the storage device.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Currently, the image descriptor array that has been passed to the
GetImageInfo function of the Firmware Management Protocol(FMP) gets
populated through the data stored with the dfu framework. The
dfu data is not restricted to contain information only of the images
updatable through the capsule update mechanism, but it also contains
information on other images. The image descriptor array is also parsed
by the ESRT generation code, and thus the ESRT table contains entries
for other images that are not being handled by the FMP for the capsule
updates. Fix this by populating the image descriptor array from the
structure initialised in the board file.
The other issue fixed is assignment of a separate GUID for all images
in the image descriptor array. The UEFI specification mandates that
all entries in the ESRT table should have a unique GUID value as part
of the FwClass member of the EFI_SYSTEM_RESOURCE_ENTRY. Currently, all
images are assigned a single GUID value, either an FIT GUID or a raw
image GUID. This is fixed by obtaining the GUID values from the
efi_fw_images array defined per platform.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
|
|
Set digest_size SHA384 and SHA512 algorithms in pkcs7 and x509,
(not set by ported linux code, but needed by __UBOOT__ part).
EFI_CAPSULE_AUTHENTICATE doesn't select these algos but required for
correctness if certificates contain sha384WithRSAEncryption or
sha512WithRSAEncryption OIDs.
Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Modify function to support any salt length instead of max
length only. Function now detects salt length by parsing
the content of db buffer. Note that it works with (but is
not limited to) zero-length, digest-length and max-length
Signed-off-by: SESA644425 <gioja.hermann@non.se.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Prior to introduction of modifications in rsassa_pss functions
related to padding verification, doing a pass to reduce memory
consumption of function by replacing memory copies of parts of
const buffer by pointers to the original buffer (masked_db and
h are subparts of msg buffer which is declared const, salt is a
subpart of db which is a working buffer, unmodified after being
filled). New pointers scope is limited to the function where
they are declared (not returned to caller by any mean), zeroing
risk of memory fault related to the change.
Signed-off-by: SESA644425 <gioja.hermann@non.se.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Prior to introduction of modifications in rsassa_pss functions
related to padding verification, doing a pass to update
const-correctness in targeted functions to comply with
coding-rules and avoid const-cast
Signed-off-by: SESA644425 <gioja.hermann@non.se.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Use sysreset_walk_halt() directly from reset-after-capsule-on-disk
feature to reboot (cold reset) machine instead of using reset command
interface, since this is not a command.
Note that this will make CONFIG_EFI_CAPSULE_ON_DISK depending on
the CONFIG_SYSRESET.
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
EFI_CAPSULE_ON_DISK=n
Make efi_load_capsule_drivers() available even if EFI_CAPSULE_ON_DISK
is disabled because the caller (efi_init_obj_list()) expects it only
relays on EFI_HAVE_CAPSULE_SUPPORT.
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
|
|
Since be66b89da306 ("efi_loader: configuration of variables store")
the choice of EFI_VARIABLE_FILE_STORE or EFI_MM_COMM_TEE
is mutually-exclusive, however efi_var_to_file also allows
for "neither". Provide an additional Kconfig option.
Signed-off-by: Tom Saeger <tom.saeger@oracle.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Add this dependency to avoid a build error if FIT_SIGNATURE is not
enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This should use a const pointer for the input stream. Fix this and also
add a proper comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We don't use an appended tree for sandbox and the required symbols are
not present. Add a condition to avoid a build error.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This may have different settings for SPL and TPL. Correct the condition.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
If the buffer is empty and not allocated, then abuf_realloc() tries to
copy invalid data. This happens because an incorrect change to use
memdup() was added after the original code was written.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
This commit adds the option SPL_RSA_VERIFY_WITH_PKEY.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
This commit adds the options:
- SPL_ASYMMETRIC_KEY_TYPE
- SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
- SPL_RSA_PUBLIC_KEY_PARSER
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
This commit adds the options:
- SPL_ASN1_DECODER
- SPL_OID_REGISTRY
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
Enhance the help for the config OID_REGISTRY.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
Enhance the help for configs ASN1_COMPILER
and ASN1_decoder.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
It seems a copy'n'paste typo when tool had been introduced.
It has never had the 'exit' suffix in the file name. Hence,
the custom CFLAGS never been applied and, for example, BFD
linker complains:
LD lib/efi_loader/initrddump_efi.so
ld.bfd: lib/efi_loader/initrddump.o: warning: relocation in read-only section `.text.efi_main'
ld.bfd: warning: creating DT_TEXTREL in a shared object
Remove wrong 'exit' suffix from the custom CFLAGS variable.
Fixes: 65ab48d69ddb ("efi_selftest: provide initrddump test tool")
Fixes: 9c045a49a9c9 ("efi_loader: move dtbdump.c, initrddump.c to lib/efi_loader")
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Drop the Kconfigs which are not used and all references to them. In
particular, this drops CONFIG_VIDEO to avoid confusion and allow us to
eventually rename CONFIG_DM_VIDEO to CONFIG_VIDEO.
Also drop the prototype for video_get_info_str() which is no-longer used.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Jason Liu <jason.hui.liu@nxp.com>
|
|
Prepare v2022.04-rc5
|
|
Up to now the initrddump.efi application has drained the input after
showing the prompt. This works for humans but leads to problems when
automating testing. If the input is drained, this should be done before
showing the prompt.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
initrddump.efi uses colored output and clear the screen. This is not
helpful for integration into Python tests. Allow specifying 'nocolor' in
the load option data to suppress color output and clearing the screen.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
%s/devie-path/device-path/
Reported-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The tools dtbdump.efi and initrddump.efi are useful for Python testing even
if CONFIG_EFI_SELFTEST=n.
Don't clear the screen as it is incompatible with Python testing.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The block IO protocol may be installed on any handle. We should make
no assumption about the structure the handle points to.
efi_disk_is_system_part() makes an illegal widening cast from a handle
to a struct efi_disk_obj. Remove the function.
Fixes: Fixes: 41fd506842c2 ("efi_loader: disk: add efi_disk_is_system_part()")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
