Commit Graph

148 Commits

Author SHA1 Message Date
Simon Glass
5981d61178 vpl: Allow signature verification
Add the required Kconfig option so that signatures can be verified when
loading a configuration.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:04:00 -04:00
Simon Glass
a56f663f07 vbe: Add info about the VBE device to the fwupd node
At present we put the driver in the /chosen node in U-Boot. This is a bit
strange, since U-Boot doesn't normally use that node itself. It is better
to put it under the bootstd node.

To make this work we need to copy create the node under /chosen when
fixing up the device tree. Copy over all the properties so that fwupd
knows what to do.

Update the sandbox device tree accordingly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:04:00 -04:00
Simon Glass
4218456b3f vbe: Add Kconfig options for VPL
Enable the various features needed in VPL, by adding Kconfig options.

Update the defconfig for sandbox_vpl so that the build for each phase
includes what is needed. Drop LZMA for now and make sure partition support
is omitted in SPL, since it is not needed.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:03:59 -04:00
Simon Glass
e45d22655a vbe: Drop the U-Boot prefix from the version
We don't need the U-Boot prefix on the version and in fact it is harmful
since pytest gets confused seeing the U-Boot banner bring displayed when
the version is printed.

Drop the prefix from the string.

We could produce an entirely new string from the component parts, but this
adds to the rodata size and would break the use of version_string as the
only thing which holds this information.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:03:36 -04:00
Simon Glass
c263e21bcb vbe: Move OS implementation into a separate file
Move this into its own file so it can be built only by U-Boot proper.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:03:36 -04:00
Simon Glass
d2b22ae231 vbe: Support reading the next SPL phase via VBE
Add an SPL loader to obtain the next-phase binary from a FIT provided
by the VBE driver.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:03:18 -04:00
Simon Glass
c3a148f38f vbe: Use a warning for a failed requests
Optional requests should present a warning rather than an error. Update
the log call.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:03:18 -04:00
Simon Glass
98bedf42ea vbe: Rename vbe_fixup to vbe_request
The vbe_fixup file handles device tree fixups, but these are called OS
requests in VBE. Rename the file to reflect its wider purpose.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:03:18 -04:00
Simon Glass
bbe285c305 image: Allow loading a FIT image for a particular phase
Add support for filtering out FIT images by phase. Rather than adding yet
another argument to this already overloaded function, use a composite
value, where the phase is only added in if needed.

The FIT config is still selected (and verified) as normal, but the images
are selected based on the phase.

Tests for this come in a little later, as part of the updated VPL test.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:02:45 -04:00
Simon Glass
44ad35a0f6 image: Add the concept of a phase to FIT
We want to be able to mark an image as related to a phase, so we can
easily load all the images for SPL or for U-Boot proper.

Add this to the FIT specification, along with some access functions.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:02:44 -04:00
Simon Glass
494e66d3a9 image: Move comment for fit_conf_find_compat()
Move this comment to the header file, where the APIs should be defined.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:02:44 -04:00
Simon Glass
b190deb895 bootstd: Add a way to set up a bootflow
Add a function to init a bootflow, to reduce code duplication.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:02:44 -04:00
Simon Glass
984639039f Rename CONFIG_SYS_TEXT_BASE to CONFIG_TEXT_BASE
The current name is inconsistent with SPL which uses CONFIG_SPL_TEXT_BASE
and this makes it imposible to use CONFIG_VAL().

Rename it to resolve this problem.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-31 11:01:31 -04:00
Simon Glass
b86986c7b3 video: Rename CONFIG_DM_VIDEO to CONFIG_VIDEO
Now that all the old code is gone, rename this option. Driver model
migration is now complete.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-30 20:07:17 +01:00
Simon Glass
70cc7b614f video: Drop use of the lcd header file
This file is being removed so drop remaining references to it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-30 20:07:17 +01:00
Sean Anderson
0abe3323f5 mkimage: fit: Fix signing of configs with external data
Just like we exclude data-size, data-position, and data-offset from
fit_config_check_sig, we must exclude them while signing as well.

While we're at it, use the FIT_DATA_* defines for fit_config_check_sig
as welll.

Fixes: 8edecd3110 ("fit: Fix verification of images with external data")
Fixes: c522949a29 ("rsa: sig: fix config signature check for fit with padding")
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-10-26 11:36:06 -04:00
Tom Rini
73ceadcd72 Merge branch 'master' of https://source.denx.de/u-boot/custodians/u-boot-sunxi
Beside some rather unexciting sync of the DTs from the kernel tree, and
some Kconfig cleanup, there are some improvements for the ARMv5 Allwinner
family, to support boards with the F1C200s (64MB DRAM) better. We will
get actual board support as soon as the DTs have passed the Linux review
process.
There is also support for the X96 Mate TV Box, featuring the H616 SoC and
a full 4GB of DRAM.
Also we found the secret to enable SPI booting on the H616 (pin PC5 must
be pulled to GND), so the SPI boot support patch is now good to go.

Passed the gitlab CI, plus briefly tested on Pine64-LTS, LicheePi Nano,
X96 Mate and OrangePi Zero.
2022-10-20 08:58:05 -04:00
Andre Przywara
1bf98bd4e2 sunxi: Kconfig: introduce SUNXI_MINIMUM_DRAM_MB
Traditionally we assumed that every Allwinner board would come with at
least 256 MB of DRAM, and set our DRAM layout accordingly. This affected
both the default load addresses, but also U-Boot's own address
expectations (like being loaded at 160 MB).

Some SoCs come with co-packaged DRAM, but only provide 32 or 64MB. So
far we special-cased those *chips*, as there was only one chip per DRAM
size. However new chips force us to take a more general approach.

Introduce a Kconfig symbol, which provides the minimum DRAM size of the
board. If nothing else is specified, we use 256 MB, and default to
smaller values for those co-packaged SoCs.
Then select the different DRAM maps according to this new symbol, so
that different SoCs with the same DRAM size can share those definitions.

Inspired by an idea from Icenowy.

This is just refactoring: compiled for all boards before and after this
patch: the binaries were identical.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jernej Skrabec <jernej.skrabec@gmail.com>
2022-10-19 14:15:02 +01:00
Simon Glass
8aaacd6136 vbe: Add fixups for a basic set of OS requests
As a starting point, add support for providing random data, if requested
by the OS. Also add ASLR, as a placeholder for now.

Signed-off-by: Simon Glass <sjg@chromium.org>
(fixed up to use uclass_first_device_err() instead)
2022-10-17 21:17:13 -06:00
Simon Glass
87c97cb1f9 boot: Tidy up logging and naming in vbe_simple
Make sure the log_msg_ret() values are unique so that the log trace is
unambiguous with LOG_ERROR_RETURN. Also avoid reusing the 'node' variable
for two different nodes in bootmeth_vbe_simple_ft_fixup(), since this is
confusing.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-17 21:17:13 -06:00
Simon Glass
33ba72700b boot: Pass the correct FDT to the EVT_FT_FIXUP event
Now that we support multiple device trees with the ofnode interface, we
can pass the correct FDT to this event. This allows the 'working' FDT to
be fixed up, as expected, so long as OFNODE_MULTI_TREE is enabled.

Also make sure we don't try to do this with livetree, which does not
support fixups yet.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-17 21:17:13 -06:00
Simon Glass
19511935df boot: Correct handling of addresses in boot_relocate_fdt()
This code uses casts between addresses and pointers, so does not work with
sandbox. Update it so we can allow sandbox to do device tree fixups.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-17 21:17:12 -06:00
Simon Glass
13819f07ea bootm: Change incorrect 'unsupported' error
At present when bootm fails, it says:

    subcommand not supported

and then prints help for the bootm command. This is not very useful, since
generally the error is related to something else, such as fixups failing.
It is quite confusing to see this in a test run.

Change the error and show the error code.

We could update the OS functions to return -ENOSYS when they do not
support the bootm subcommand. But this involves some thought since this is
arch-specific code and proper errno error codes are not always returned.
Also, with the code as is, all required subcommands are of course
supported - a problem would only come if someone added a new one or
removed support for one from an existing OS. Therefore it seems better to
leave that sort of effort for when our bootm tests are improved.

Note: v1 of this patch generated a discussion[1] about printing error
strings automatically using printf(). That is outside the scope of this
patch but will be dealt with separately.

[1] https://patchwork.ozlabs.org/project/uboot/patch/20220909151801.336551-3-sjg@chromium.org/

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-17 21:17:12 -06:00
Michal Suchanek
28a22cd9a4 bootstd: Fix listing boot devices
bootdev_list() uses uclass_*_device_err() to iterate devices.
However, the only value _err adds is returning an error when the device
pointer is null, and that's checked anyway.

Also there is some intent to report errors, and that's what
uclass_*_device_check() is for, use it.

Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-10-17 21:17:12 -06:00
Steven Lawrance
05b0f241f2 boot: image-pre-load: Check environment for location of signature info
Setting an alternative signature info node in "pre_load_sig_info_path"
allows verification of an image using the bootm pre-load mechanism with
a different key, e.g.: setenv pre_load_sig_info_path "/alt/sig" ; bootm
preload [addr]

Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-10-11 15:40:48 -04:00
Steven Lawrance
7c5eeb8309 image-pre-load: Move macros/definitions to image.h
Putting these definitions in a header will allow signatures to be
validated independently of bootm.

Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-10-11 15:40:48 -04:00
Edoardo Tomelleri
35821a25c1 cmd: pxe: add alias devicetree-overlay for fdtoverlays
This adds keyword devicetree-overlay as an alias for fdtoverlays in
extlinux (sysboot) and pxe to better follow the Boot Loader Specification
[1], improves documentation around them by adding an example for both
fdtoverlays and devicetree-overlay and the environment variable required
for this feature. The link for the spec is updated to the current one.

[1] https://systemd.io/BOOT_LOADER_SPECIFICATION/

Signed-off-by: Edoardo Tomelleri <e.tomell@gmail.com>
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
2022-10-11 15:40:48 -04:00
Simon Glass
b7bd94f1a8 dm: core: Split ofnode_path_root() into two functions
This function turns out to be a little confusing since it looks up a path
and also registers the tree. Split it into two, one that gets the root
node and one that looks up a path, so the purpose is clear.

Registering the tree will happen in a function to be added in a later
patch, called oftree_from_fdt().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 22:43:43 -04:00
Simon Glass
b215b6034c event: Pass the images to EVT_FT_FIXUP
Pass the boot images along as well, in case the fixups need to look at
them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:58 -04:00
Simon Glass
f3543e6944 treewide: Drop image_header_t typedef
This is not needed and we should avoid typedefs. Use the struct instead
and rename it to indicate that it really is a legacy struct.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Simon Glass
da79b2f25e treewide: Drop image_info_t typedef
This is not needed and we should avoid typedefs. Use the struct instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Simon Glass
d9d7c20b73 treewide: Drop bootm_headers_t typedef
This is not needed and we should avoid typedefs. Use the struct instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-29 16:07:57 -04:00
Pali Rohár
efc3f9526f boot: Call flush() before booting
In a lot of cases kernel resets UART HW. To ensure that U-Boot messages
printed before booting the kernel are not lost, call new U-Boot console
flush() function.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-09-24 11:34:38 -04:00
Tom Rini
e9a1ff9724 Merge branch 'master' into next
Signed-off-by: Tom Rini <trini@konsulko.com>
2022-09-19 16:07:12 -04:00
Stefan Roese
29caf9305b cyclic: Use schedule() instead of WATCHDOG_RESET()
Globally replace all occurances of WATCHDOG_RESET() with schedule(),
which handles the HW_WATCHDOG functionality and the cyclic
infrastructure.

Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com> [am335x_evm, mx6cuboxi, rpi_3,dra7xx_evm, pine64_plus, am65x_evm, j721e_evm]
2022-09-18 10:26:33 +02:00
Simon Glass
9c2e9128f3 image: Drop some other #ifdefs in image-board.c
Remove all but a few that are difficult, relying on legacy CONFIG options
or optional global_data fields.

Drop the duplicate function name in the comment for boot_get_cmdline().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:07 -04:00
Simon Glass
20f5d83fb1 image: Correct indentation in select_ramdisk()
Finish off the refactoring by correcting the indent levels. Note that this
does not include any functional changes.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:07 -04:00
Simon Glass
ca78883fdc image: Drop remaining FIT #ifdef
Drop the last one of these, by using a done_select variable to control
whether to fall back to using 'select' as a hex value.

Note that the indentation is not adjusted, to make this easier to review.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:07 -04:00
Simon Glass
1a68c039c5 image: Drop another #ifdef for FIT
Drop the prenultimate one of these from select_ramdisk().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
f7659f69f7 image: Drop one #ifdef for FIT
Drop the #ifdef from near the end of select_ramdisk(). Move some variables
to the top of the function to make this work.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
0f81af4897 image: Drop #ifdefs for LEGACY_IMAGE_FORMAT
Use if() instead of the #ifdef in select_ramdisk().

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
4f2d94129d image: Track when ramdisk processing is completed
The current switch default is tricky since it relies on #ifdefs to work.
Use a bool instead.

Also fix the comment on @select, since it has a dual purpose.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Simon Glass
1ce8e10f3b image: Fix up ANDROID_BOOT_IMAGE ramdisk code
Convert this to an if(), fix the cast from an address to a pointer and
make sure that any error is returned correctly.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-09-14 09:03:06 -04:00
Sean Anderson
37feaf2f72 image: fit: Add some helpers for getting data
Several different firmware users have repetitive code to extract the
firmware data from a FIT. Add some helper functions to reduce the amount
of repetition. fit_conf_get_prop_node (eventually) calls
fdt_check_node_offset_, so we can avoid an explicit if. In general, this
version avoids printing on error because the callers are typically
library functions, and because the FIT code generally has (debug)
prints of its own. One difference in these helpers is that they use
fit_image_get_data_and_size instead of fit_image_get_data, as the former
handles external data correctly.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2022-09-07 13:40:44 +08:00
Pali Rohár
5acfdfbd43 bootm: Fix upper bound of FDT overlap checks
FTD blob can be put immediately after the OS image.
So use strict inequality for start address check.

Fixes: fbde7589ce ("common: bootm: add checks to verify if ramdisk / fdtimage overlaps OS image")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31 12:21:47 -04:00
Daniel Golle
88de6c5127 image-fit: don't set compression if it can't be read
fit_image_get_comp() should not set value -1 in case it can't read
the compression node. Instead, leave the value untouched in that case
as it can be absent and a default value previously defined by the
caller of fit_image_get_comp() should be used.

As a result the warning message
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
no longer shows if the compression node is actually absent.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31 12:21:47 -04:00
Daniel Golle
0cd57f29e4 bootm: fix typo imape_comp -> image_comp
Change variable name 'imape_comp' to the supposedly intended name
'image_comp'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-31 12:21:47 -04:00
Dario Binacchi
c2ee5ee7b3 Rename disto_[pxe_]getfile to distro_[pxe_]getfile
Replace 'disto' with 'distro' since they are all functions about distro
booting.

Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
2022-08-26 16:33:48 -06:00
Heinrich Schuchardt
49740e0255 boot: simplify bootmeth_vbe_simple_ft_fixup()
Don't assign a value to a variable if it is not used afterwards.
Move variables to the code fragment where they are used.

Addresses-Coverity: CID 356243 ("Code maintainability issues (UNUSED_VALUE)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-26 16:32:59 -06:00
Heinrich Schuchardt
d81eeacd48 boot: fix vbe_find_first_device()
uclass_find_first_device() may return NULL if no device for the uclass
exists. Handle this case gracefully.

Addresses-Coverity: CID 356244 ("Null pointer dereferences (FORWARD_NULL)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-08-26 16:32:59 -06:00