From b8879f207405ff55c91bc1ad68ea9245c1fd168c Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Wed, 6 May 2020 20:38:42 +0300 Subject: env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig This converts ad-hoc CONFIG_DELAY_ENVIRONMENT to Kconfig. Signed-off-by: Ovidiu Panait --- env/Kconfig | 12 ++++++++++++ scripts/config_whitelist.txt | 1 - 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/env/Kconfig b/env/Kconfig index af63ac5..ed94e83 100644 --- a/env/Kconfig +++ b/env/Kconfig @@ -592,6 +592,18 @@ config ENV_VARS_UBOOT_RUNTIME_CONFIG run-time determined information about the hardware to the environment. These will be named board_name, board_rev. +config DELAY_ENVIRONMENT + bool "Delay environment loading" + depends on !OF_CONTROL + help + Enable this to inhibit loading the environment during board + initialization. This can address the security risk of untrusted data + being used during boot. Normally the environment is loaded when the + board is initialised so that it is available to U-Boot. This inhibits + that so that the environment is not available until explicitly loaded + later by U-Boot code. With CONFIG_OF_CONTROL this is instead + controlled by the value of /config/load-environment. + if SPL_ENV_SUPPORT config SPL_ENV_IS_NOWHERE bool "SPL Environment is not stored" diff --git a/scripts/config_whitelist.txt b/scripts/config_whitelist.txt index c57b871..6dde9bc 100644 --- a/scripts/config_whitelist.txt +++ b/scripts/config_whitelist.txt @@ -303,7 +303,6 @@ CONFIG_DEFAULT CONFIG_DEFAULT_CONSOLE CONFIG_DEFAULT_IMMR CONFIG_DEF_HWCONFIG -CONFIG_DELAY_ENVIRONMENT CONFIG_DESIGNWARE_ETH CONFIG_DEVELOP CONFIG_DEVICE_TREE_LIST -- cgit v1.1 From 9441f8cbfe30e9addd12ad7735e36b4815be65b1 Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Wed, 6 May 2020 20:38:43 +0300 Subject: board_r: env: Use IS_ENABLED() instead of #ifdefs Use IS_ENABLED() instead of #ifdef in should_load_env and initr_env functions. No functional change intended. Signed-off-by: Ovidiu Panait --- common/board_r.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/common/board_r.c b/common/board_r.c index d9015cd..f6770f2 100644 --- a/common/board_r.c +++ b/common/board_r.c @@ -464,13 +464,14 @@ static int initr_mmc(void) */ static int should_load_env(void) { -#ifdef CONFIG_OF_CONTROL - return fdtdec_get_config_int(gd->fdt_blob, "load-environment", 1); -#elif defined CONFIG_DELAY_ENVIRONMENT - return 0; -#else + if (IS_ENABLED(CONFIG_OF_CONTROL)) + return fdtdec_get_config_int(gd->fdt_blob, + "load-environment", 1); + + if (IS_ENABLED(CONFIG_DELAY_ENVIRONMENT)) + return 0; + return 1; -#endif } static int initr_env(void) @@ -480,10 +481,10 @@ static int initr_env(void) env_relocate(); else env_set_default(NULL, 0); -#ifdef CONFIG_OF_CONTROL - env_set_hex("fdtcontroladdr", - (unsigned long)map_to_sysmem(gd->fdt_blob)); -#endif + + if (IS_ENABLED(CONFIG_OF_CONTROL)) + env_set_hex("fdtcontroladdr", + (unsigned long)map_to_sysmem(gd->fdt_blob)); /* Initialize from environment */ image_load_addr = env_get_ulong("loadaddr", 16, image_load_addr); -- cgit v1.1 From 98bf46f7bd90b53ef9ed31b0b1dc8ddc4db15d61 Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Wed, 6 May 2020 20:38:44 +0300 Subject: board_r: Introduce CONFIG_PCI_INIT_R Kconfig option With CONFIG_DM_PCI enabled, PCI buses are not enumerated at boot, as they are without that config option enabled. However, there are cases such as DM PCI-based Ethernet devices that need the PCI bus enumerated so that they can be discovered by their drivers. Currently, to solve this, some boards enumerate the pci bus using "pci enum" preboot command, while others do it manually in board files (in board_init/board_late_init/etc. functions). In order to possibly make the pci enumeration process uniform across all boards, introduce CONFIG_PCI_INIT_R Kconfig option. This change also preserves the current behavior in the !DM_PCI case (pci_init is run unconditionally at boot). Signed-off-by: Ovidiu Panait --- common/Kconfig | 10 ++++++++++ common/board_r.c | 5 ++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/common/Kconfig b/common/Kconfig index 30cba15..2d86dd7 100644 --- a/common/Kconfig +++ b/common/Kconfig @@ -932,6 +932,16 @@ config LAST_STAGE_INIT U-Boot calls last_stage_init() before the command-line interpreter is started. +config PCI_INIT_R + bool "Enumerate PCI buses during init" + depends on PCI + default y if !DM_PCI + help + With this option U-Boot will call pci_init() soon after relocation, + which will enumerate PCI buses. This is needed, for instance, in the + case of DM PCI-based Ethernet devices, which will not be detected + without having the enumeration performed earlier. + endmenu menu "Security support" diff --git a/common/board_r.c b/common/board_r.c index f6770f2..96034b8 100644 --- a/common/board_r.c +++ b/common/board_r.c @@ -232,9 +232,8 @@ static int initr_unlock_ram_in_cache(void) #ifdef CONFIG_PCI static int initr_pci(void) { -#ifndef CONFIG_DM_PCI - pci_init(); -#endif + if (IS_ENABLED(CONFIG_PCI_INIT_R)) + pci_init(); return 0; } -- cgit v1.1 From aff03976985ef10839211d490887d30b1f3ff943 Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Wed, 6 May 2020 20:38:45 +0300 Subject: qemu_arm64_defconfig: Enable CONFIG_PCI_INIT_R Replace the "pci enum" preboot sequence with CONFIG_PCI_INIT_R=y. Signed-off-by: Ovidiu Panait --- configs/qemu_arm64_defconfig | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/configs/qemu_arm64_defconfig b/configs/qemu_arm64_defconfig index 80e0ad5..53c653d 100644 --- a/configs/qemu_arm64_defconfig +++ b/configs/qemu_arm64_defconfig @@ -10,10 +10,9 @@ CONFIG_FIT_SIGNATURE=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_BEST_MATCH=y CONFIG_LEGACY_IMAGE_FORMAT=y -CONFIG_USE_PREBOOT=y -CONFIG_PREBOOT="pci enum" # CONFIG_DISPLAY_CPUINFO is not set # CONFIG_DISPLAY_BOARDINFO is not set +CONFIG_PCI_INIT_R=y CONFIG_CMD_BOOTEFI_SELFTEST=y CONFIG_CMD_NVEDIT_EFI=y CONFIG_CMD_PCI=y -- cgit v1.1 From 1d4ad53d43340fb6bfdf810ece4cfee5d03d40d3 Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Wed, 6 May 2020 20:38:46 +0300 Subject: qemu_arm_defconfig: Enable CONFIG_PCI_INIT_R Replace the "pci enum" preboot sequence with CONFIG_PCI_INIT_R=y. Signed-off-by: Ovidiu Panait --- configs/qemu_arm_defconfig | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/configs/qemu_arm_defconfig b/configs/qemu_arm_defconfig index f807dfc..a847398 100644 --- a/configs/qemu_arm_defconfig +++ b/configs/qemu_arm_defconfig @@ -12,10 +12,9 @@ CONFIG_FIT_SIGNATURE=y CONFIG_FIT_VERBOSE=y CONFIG_FIT_BEST_MATCH=y CONFIG_LEGACY_IMAGE_FORMAT=y -CONFIG_USE_PREBOOT=y -CONFIG_PREBOOT="pci enum" # CONFIG_DISPLAY_CPUINFO is not set # CONFIG_DISPLAY_BOARDINFO is not set +CONFIG_PCI_INIT_R=y CONFIG_CMD_BOOTEFI_SELFTEST=y CONFIG_CMD_NVEDIT_EFI=y CONFIG_CMD_PCI=y -- cgit v1.1 From c60f6d668dd6c439f4a88bdce3398ac05e5f8843 Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Wed, 6 May 2020 20:38:47 +0300 Subject: qemu-x86*_defconfig: Enable CONFIG_PCI_INIT_R Enable CONFIG_PCI_INIT_R for qemux86 and qemux86-64 pci enumeration during boot in order to eliminate the custom preboot commands in include/configs/qemu-x86.h. Signed-off-by: Ovidiu Panait --- configs/qemu-x86_64_defconfig | 1 + configs/qemu-x86_defconfig | 1 + include/configs/qemu-x86.h | 2 -- 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/configs/qemu-x86_64_defconfig b/configs/qemu-x86_64_defconfig index 0cb123e..6f722c1 100644 --- a/configs/qemu-x86_64_defconfig +++ b/configs/qemu-x86_64_defconfig @@ -34,6 +34,7 @@ CONFIG_SPL_NET_SUPPORT=y CONFIG_SPL_PCI=y CONFIG_SPL_PCH_SUPPORT=y CONFIG_SPL_RTC_SUPPORT=y +CONFIG_PCI_INIT_R=y CONFIG_CMD_CPU=y CONFIG_CMD_BOOTEFI_SELFTEST=y CONFIG_CMD_NVEDIT_EFI=y diff --git a/configs/qemu-x86_defconfig b/configs/qemu-x86_defconfig index a562f21..565f232 100644 --- a/configs/qemu-x86_defconfig +++ b/configs/qemu-x86_defconfig @@ -18,6 +18,7 @@ CONFIG_BOOTARGS="root=/dev/sdb3 init=/sbin/init rootwait ro" CONFIG_SYS_CONSOLE_INFO_QUIET=y CONFIG_DISPLAY_BOARDINFO_LATE=y CONFIG_LAST_STAGE_INIT=y +CONFIG_PCI_INIT_R=y CONFIG_CMD_CPU=y CONFIG_CMD_BOOTEFI_SELFTEST=y CONFIG_CMD_NVEDIT_EFI=y diff --git a/include/configs/qemu-x86.h b/include/configs/qemu-x86.h index 49e307b..52c3360 100644 --- a/include/configs/qemu-x86.h +++ b/include/configs/qemu-x86.h @@ -22,8 +22,6 @@ #include #include -#define CONFIG_PREBOOT "pci enum" - #define CONFIG_SYS_MONITOR_LEN (1 << 20) #define CONFIG_STD_DEVICES_SETTINGS "stdin=serial,i8042-kbd\0" \ -- cgit v1.1