vbe: Add Kconfig options for VPL

Enable the various features needed in VPL, by adding Kconfig options.

Update the defconfig for sandbox_vpl so that the build for each phase
includes what is needed. Drop LZMA for now and make sure partition support
is omitted in SPL, since it is not needed.

Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Simon Glass 2022-10-20 18:23:13 -06:00 committed by Tom Rini
parent e45d22655a
commit 4218456b3f
5 changed files with 181 additions and 2 deletions

View File

@ -292,6 +292,57 @@ config SPL_FIT_GENERATOR
endif # SPL
if VPL
config VPL_FIT
bool "Support Flattened Image Tree within VPL"
depends on VPL
default y
select VPL_HASH
select VPL_OF_LIBFDT
config VPL_FIT_PRINT
bool "Support FIT printing within VPL"
depends on VPL_FIT
default y
help
Support printing the content of the fitImage in a verbose manner in VPL.
config VPL_FIT_FULL_CHECK
bool "Do a full check of the FIT before using it"
default y
help
Enable this do a full check of the FIT to make sure it is valid. This
helps to protect against carefully crafted FITs which take advantage
of bugs or omissions in the code. This includes a bad structure,
multiple root nodes and the like.
config VPL_FIT_SIGNATURE
bool "Enable signature verification of FIT firmware within VPL"
depends on VPL_DM
depends on VPL_LOAD_FIT || VPL_LOAD_FIT_FULL
default y
select FIT_SIGNATURE
select VPL_FIT
select VPL_CRYPTO
select VPL_HASH
imply VPL_RSA
imply VPL_RSA_VERIFY
select VPL_IMAGE_SIGN_INFO
select VPL_FIT_FULL_CHECK
config VPL_FIT_SIGNATURE_MAX_SIZE
hex "Max size of signed FIT structures in VPL"
depends on VPL_FIT_SIGNATURE
default 0x10000000
help
This option sets a max size in bytes for verified FIT uImages.
A sane value of 256MB protects corrupted DTB structures from overlapping
device memory. Assure this size does not extend past expected storage
space.
endif # VPL
endif # FIT
config PXE_UTILS
@ -334,6 +385,26 @@ config BOOTSTD_FULL
- support for selecting the ordering of bootdevs using the devicetree
as well as the "boot_targets" environment variable
config SPL_BOOTSTD
bool "Standard boot support in VPL"
depends on SPL && SPL_DM && SPL_OF_CONTROL && SPL_BLK
default y if VPL
help
This enables standard boot in SPL. This is neeeded so that VBE
(Verified Boot for Embedded) can be used, since it depends on standard
boot. It is enabled by default since the main purpose of VPL is to
handle the firmware part of VBE.
config VPL_BOOTSTD
bool "Standard boot support in VPL"
depends on VPL && VPL_DM && VPL_OF_CONTROL && VPL_BLK
default y
help
This enables standard boot in SPL. This is neeeded so that VBE
(Verified Boot for Embedded) can be used, since it depends on standard
boot. It is enabled by default since the main purpose of VPL is to
handle the firmware part of VBE.
if BOOTSTD
config BOOTSTD_BOOTCOMMAND
@ -408,6 +479,24 @@ config BOOTMETH_VBE
supports selection of various firmware components, seleciton of an OS to
boot as well as updating these using fwupd.
config SPL_BOOTMETH_VBE
bool "Bootdev support for Verified Boot for Embedded (SPL)"
depends on SPL && FIT
default y if VPL
help
Enables support for VBE boot. This is a standard boot method which
supports selection of various firmware components, seleciton of an OS to
boot as well as updating these using fwupd.
config VPL_BOOTMETH_VBE
bool "Bootdev support for Verified Boot for Embedded (VPL)"
depends on VPL && FIT
default y
help
Enables support for VBE boot. This is a standard boot method which
supports selection of various firmware components, seleciton of an OS to
boot as well as updating these using fwupd.
if BOOTMETH_VBE
config BOOTMETH_VBE_SIMPLE
@ -418,6 +507,54 @@ config BOOTMETH_VBE_SIMPLE
firmware image in boot media such as MMC. It does not support any sort
of rollback, recovery or A/B boot.
config BOOTMETH_VBE_SIMPLE_OS
bool "Bootdev support for VBE 'simple' method OS phase"
default y
help
Enables support for the OS parts of VBE 'simple' boot. This includes
fixing up the device tree with the required VBE information, ready
for booting into the OS. This option is only enabled for U-Boot
proper, since it is the phase where device tree fixups happen.
config SPL_BOOTMETH_VBE_SIMPLE
bool "Bootdev support for VBE 'simple' method (SPL)"
depends on SPL
default y if VPL
help
Enables support for VBE 'simple' boot. This allows updating a single
firmware image in boot media such as MMC. It does not support any sort
of rollback, recovery or A/B boot.
config VPL_BOOTMETH_VBE_SIMPLE
bool "Bootdev support for VBE 'simple' method (VPL)"
depends on VPL
default y
help
Enables support for VBE 'simple' boot. This allows updating a single
firmware image in boot media such as MMC. It does not support any sort
of rollback, recovery or A/B boot.
config SPL_BOOTMETH_VBE_SIMPLE_FW
bool "Bootdev support for VBE 'simple' method firmware phase (SPL)"
depends on VPL
default y
help
Enables support for the firmware parts of VBE 'simple' boot. This
includes an SPL loader which locates the correct U-Boot to boot into.
This option should really only be enabled for VPL, since it is the
phase where the SPL + U-Boot decision should be made. But for now,
SPL does its own FIT-configuration selection.
config VPL_BOOTMETH_VBE_SIMPLE_FW
bool "Bootdev support for VBE 'simple' method firmware phase (VPL)"
depends on VPL
default y
help
Enables support for the firmware parts of VBE 'simple' boot. This
includes an SPL loader which locates the correct SPL to boot into.
This option enabled for VPL, since it is the phase where the SPL
decision is made.
endif # BOOTMETH_VBE
config BOOTMETH_SANDBOX

View File

@ -80,7 +80,7 @@ static int bootmeth_vbe_simple_ft_fixup(void *ctx, struct event *event)
ret = device_probe(dev);
if (ret)
return log_msg_ret("probe", ret);
ret = simple_read_state(dev, &state);
ret = vbe_simple_read_state(dev, &state);
if (ret)
return log_msg_ret("read", ret);

View File

@ -133,6 +133,36 @@ config VPL_I2C_SUPPORT
Enable support for the I2C bus in VPL. Vee SPL_I2C_SUPPORT for
details.
config VPL_MMC
bool "Support MMC in VPL"
depends on VPL && MMC
default y if MMC
help
Enable support for MMC (Multimedia Card) within VPL This enables
the MMC protocol implementation and allows any enabled drivers to
be used within VPL. MMC can be used with or without disk partition
support depending on the application (SPL_LIBDISK_SUPPORT). Enable
this option to build the drivers in drivers/mmc as part of an VPL
build.
config VPL_DM_MMC
bool "Enable MMC controllers using Driver Model in VPL"
depends on VPL_DM && DM_MMC
default y
help
This enables the MultiMediaCard (MMC) uclass which supports MMC and
Secure Digital I/O (SDIO) cards. Both removable (SD, micro-SD, etc.)
and non-removable (e.g. eMMC chip) devices are supported. These
appear as block devices in U-Boot and can support filesystems such
as EXT4 and FAT.
config VPL_MMC_WRITE
bool "MMC/SD/SDIO card support for write operations in VPL"
depends on VPL_MMC
default y
help
Enable write access to MMC and SD Cards in VPL
config VPL_PCH_SUPPORT
bool "Support PCH drivers"
default y if TPL_PCH_SUPPORT

View File

@ -4,7 +4,10 @@ CONFIG_SPL_LIBGENERIC_SUPPORT=y
CONFIG_NR_DRAM_BANKS=1
CONFIG_ENV_SIZE=0x2000
CONFIG_DEFAULT_DEVICE_TREE="sandbox"
CONFIG_SPL_TEXT_BASE=0x100000
CONFIG_SPL_MMC=y
CONFIG_SPL_SERIAL=y
CONFIG_TPL_TEXT_BASE=0x100000
CONFIG_TPL_LIBCOMMON_SUPPORT=y
CONFIG_TPL_LIBGENERIC_SUPPORT=y
CONFIG_TPL_SERIAL=y
@ -23,6 +26,7 @@ CONFIG_DISTRO_DEFAULTS=y
CONFIG_FIT=y
CONFIG_FIT_SIGNATURE=y
CONFIG_FIT_VERBOSE=y
CONFIG_FIT_BEST_MATCH=y
CONFIG_SPL_LOAD_FIT=y
# CONFIG_USE_SPL_FIT_GENERATOR is not set
CONFIG_BOOTSTAGE=y
@ -47,6 +51,7 @@ CONFIG_TPL_I2C=y
CONFIG_TPL_RTC=y
CONFIG_VPL=y
CONFIG_VPL_ENV_SUPPORT=y
CONFIG_VPL_TEXT_BASE=0x100000
CONFIG_CMD_CPU=y
CONFIG_CMD_LICENSE=y
CONFIG_CMD_BOOTZ=y
@ -98,7 +103,9 @@ CONFIG_CMD_CBFS=y
CONFIG_CMD_CRAMFS=y
CONFIG_CMD_EXT4_WRITE=y
CONFIG_MAC_PARTITION=y
CONFIG_AMIGA_PARTITION=y
# CONFIG_SPL_MAC_PARTITION is not set
# CONFIG_SPL_DOS_PARTITION is not set
# CONFIG_SPL_EFI_PARTITION is not set
CONFIG_OF_CONTROL=y
CONFIG_SPL_OF_CONTROL=y
CONFIG_TPL_OF_CONTROL=y
@ -113,6 +120,7 @@ CONFIG_NETCONSOLE=y
CONFIG_IP_DEFRAG=y
CONFIG_SPL_DM=y
CONFIG_TPL_DM=y
CONFIG_SPL_DM_SEQ_ALIAS=y
CONFIG_DM_DMA=y
CONFIG_REGMAP=y
CONFIG_SPL_REGMAP=y
@ -226,6 +234,8 @@ CONFIG_SPL_SYSRESET=y
CONFIG_TPL_SYSRESET=y
CONFIG_DM_THERMAL=y
CONFIG_TIMER=y
CONFIG_SPL_TIMER=y
CONFIG_VPL_TIMER=y
CONFIG_TIMER_EARLY=y
CONFIG_SANDBOX_TIMER=y
CONFIG_USB=y
@ -246,6 +256,7 @@ CONFIG_CMD_DHRYSTONE=y
CONFIG_RSA_VERIFY_WITH_PKEY=y
CONFIG_TPM=y
CONFIG_LZ4=y
# CONFIG_VPL_LZMA is not set
CONFIG_ERRNO_STR=y
CONFIG_UNIT_TEST=y
CONFIG_SPL_UNIT_TEST=y

View File

@ -17,5 +17,6 @@ def test_event_dump(u_boot_console):
expect = '''.*Event type Id Source location
-------------------- ------------------------------ ------------------------------
EVT_FT_FIXUP bootmeth_vbe_ft_fixup .*vbe_request.c:.*
EVT_FT_FIXUP bootmeth_vbe_simple_ft_fixup .*vbe_simple_os.c:.*
EVT_MISC_INIT_F sandbox_misc_init_f .*start.c:'''
assert re.match(expect, out, re.MULTILINE) is not None