This feature is used for measured boot, so we can add a log entry to the
TCPA with some information about where the digest comes from. It is not
currently supported in the TPM drivers, but add it to the API so that
code which expects it can signal its request.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add bindings needed for accessing the FWU metadata regions.
These include the compatible string which point to the access
method, the actual device which stores the FWU metadata and
the offsets for both metadata regions.
The current patch adds basic bindings needed for accessing the
metadata structure on non-GPT mtd regions.
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
The old "Patches" wiki page is not available anymore. Now that the
content has been integrated with the submitting_patches document,
reference that instead.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
- Use gender-neutral language to refer to the user, consistently.
- Reference the checkpatch document.
- Move the section on commit message tags to the process document and
reference this in sending_patches.rst.
- Reword the custodian workflow process section to refer to this new
section, integrate some of the wording from there in this new section.
- Update the comment about GPLv2 applying to August 2022, to be clear
this still is correct.
- Reword the section about MAKEALL to talk about local build testing and
link to the CI document.
- Reference the system_configuration document for the note about
modifying existing code.
- Reword the patchwork flow section.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Import as-is much of the old "Patches" wiki page to the current
sending_patches.rst file. This means we need to move patman to being
included in the higher level ToC and add a reference for "Custodians" in
the process document. A very minimal amount of content changing and
rewording is done here as part of the import, in order to make the
conversion easier.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add gpio status output fields description and one output example.
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tweak the formatting.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Only probed block devices are available in the UEFI sub-system. Multiple
block devices may be involved in the boot process. So we have to make sure
that all block devices are probed. Another reason is that we store UEFI
variables on the ESP which may be on any block device.
On the sandbox before the patch:
=> efidebug devices
No EFI system partition
Device Device Path
================ ====================
000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
000055d078bc1ae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D)
000000001b22e0b0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1)
After the patch:
=> efidebug devices
No EFI system partition
Device Device Path
================ ====================
000000001b027c70 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)
000055bdac8ddae0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/Uart(0,0,D,D)
000000001b230920 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)
000000001b233ac0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)
000000001b233b80 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(1,GPT,d0a914ee-a71c-fc1e-73f0-7e302b0e6c20,0x30,0x1)
000000001b234110 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(1)/HD(2,GPT,9330a0ea-8aff-f67a-294c-fa05d60896c3,0x31,0x1)
000000001b22f0e0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(2)
000000001b238df0 /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/MAC(020011223344,1)
Fixes: a9bf024b29 ("efi_loader: disk: a helper function to create efi_disk objects from udevice")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Newer versions of GCC won't initialize parts of structures which don't
appear to be used. This results in uninitialized semihosting parameters
passed via R1. Fix this by marking the inline assembly as clobbering
memory.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
LibreSSL 3.5.0 and later (also shipped as part of OpenBSD 7.1 and
and later) have an opaque RSA object and do provide the
RSA_get0_* functions that OpenSSL provides.
Fixes: 2ecc354b8e ("tools: mkimage: fix build with LibreSSL")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
FTD blob can be put immediately after the OS image.
So use strict inequality for start address check.
Fixes: fbde7589ce ("common: bootm: add checks to verify if ramdisk / fdtimage overlaps OS image")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
fit_image_get_comp() should not set value -1 in case it can't read
the compression node. Instead, leave the value untouched in that case
as it can be absent and a default value previously defined by the
caller of fit_image_get_comp() should be used.
As a result the warning message
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
no longer shows if the compression node is actually absent.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Change variable name 'imape_comp' to the supposedly intended name
'image_comp'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This reinstates fix from commit 8f8c04bf1e ("i2c: fix stack buffer
overflow vulnerability in i2c md command") without the changes unrelated
to the actual fix. Avoid the underflow by setting only nbytes and
linebytes as unsigned integers.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Heiko Schocher <hs@denx.de>
Cc: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tim Harvey <tharvey@gateworks.com>
Acked-by: Tim Harvey <tharvey@gateworks.com>
This reverts commit 8f8c04bf1e.
The commit is largely wrong and breaks most of i2c command functionality.
The problem described in the aforementioned commit commit message is valid,
however the commit itself does many more changes unrelated to fixing that
one problem it describes. Those extra changes, namely the handling of i2c
device address length as unsigned instead of signed integer, breaks the
expectation that address length may be negative value. The negative value
is used by DM to indicate that address length of device does not change.
The actual bug documented in commit 8f8c04bf1e
can be fixed by extra sanitization in separate patch.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Heiko Schocher <hs@denx.de>
Cc: Nicolas Iooss <nicolas.iooss+uboot@ledger.fr>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tim Harvey <tharvey@gateworks.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When compiling executables from a single.c file, the linker is also
invoked. Pass the flags like the other linker commands.
cherry-pick kbuild change from Linux:
63185b46cdb3 (kbuild: use HOSTLDFLAGS for single .c executables)
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
There are three different kinds of EEPROM possibly present on boards.
1. 1byte address. For those we should avoid 2byte address in order
not to rewrite the data. Second byte of the address can potentially
be interpreted as the data to write.
2. 2byte address with defined behaviour. When we try to use 1byte
address they just return "FF FF FF FF ... FF"
3. 2byte address with undefined behaviour (for instance, 24LC32AI).
When we try to use 1byte address, then their internal read
pointer is changed to some value. Subsequential reads may be
broken.
To gracefully handle both case #1 and case #3 we read all required
data from EEPROM at once (about 80 bytes). So either all the data is
valid or we fallback to 2byte address.
Cc: Nishanth Menon <nm@ti.com>
Fixes: a58147c2db ("board: ti: common: board_detect: Do 1byte address checks first.")
Reference: https://lore.kernel.org/all/CAJs94Ebdd4foOjhGFu9Bop0v=B1US9neDLxfhgcY23ukgLzFOQ@mail.gmail.com/
Signed-off-by: Matwey V. Kornilov <matwey.kornilov@gmail.com>
Acked-by: Nishanth Menon <nm@ti.com>
I do not have any non-serial output devices, so a
print_pre_console_buffer(PRE_CONSOLE_FLUSHPOINT2_EVERYTHING_BUT_SERIAL)
does nothing for me.
However, I was manually inspected the pre-console buffer using md.b,
and I noticed that the early part of it was repeated. The reason is
that the first call of print_pre_console_buffer(), from
console_init_f(), ends up invoking puts() with the contents of the
buffer at that point, and puts() at that point ends up in the else
branch of
if (gd->flags & GD_FLG_DEVINIT) {
/* Send to the standard output */
fputs(stdout, s);
} else {
/* Send directly to the handler */
pre_console_puts(s);
serial_puts(s);
}
so indeed the contents is added again.
That can be somewhat confusing (both when reading the buffer manually,
but also if it did actually come out on some device). So disable all
use of the pre-console buffer while print_pre_console_buffer() is
emitting it.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
other minor fixes
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmMJZZ8RHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZ8pggAjYxdCTEtTMJamt67hht8xjeZLom4KX3G
HZJhXHAXHgnw2vku4nYKEZp6B5+if184I34Gbw6AGHJib7tfGBPFHeb0lIg+NHlB
bb7hMSKJwZJAASWB5Txqtmx2iFdnTZVnUUMp5Jl8Fpd0yhd8YxsaDKrt7BUTTZgM
84ht/zv+laFoDvM0Xj81TVkPym8ShIylsUc44Sn8je5KC8kg1lmukqnBHAOj0DKG
cE/hGOmdq5HLu7Ylj3XQ8tl6jpPMn6hltoIMku6ePsJeaTOdsXg2i3RN/Xga835D
7/KW+qasl2+5XwqYyAXjLW6YncbGzxmsLfJ6HrzInLtp9rkOt/z0hA==
=09Bs
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-26aug22' of https://source.denx.de/u-boot/custodians/u-boot-dm
binman/patman documentation improvements
other minor fixes
Some UBI partitions may use non-standard UBI header offset. For attaching
these UBI partitions it is required to pass second argument with offset to
"ubi part" command.
Therefore extend distroboot to allow specifying additional optional 6th
argument with UBI header offset. This offset is set in new distroboot
variable ${bootubioff} which may be used by distroboot script to e.g.
properly pass this value to linux kernel command line for proper mounting
of rootfs by kernel. This variable is set to empty string (cleared) when
UBI header offset is not specified into distroboot BOOT_TARGET_DEVICES
macro.
Usage of helper macro BOOTENV_DEV_UBIFS_BOOTUBIOFF in this change is there
as a type check. It ensures that in BOOT_TARGET_DEVICES macro was specified
UBIFS func with either 5 or 6 arguments. If not then cpp throws compile
error.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Avoid enabling this command by default. This saves about 1KB of code
space.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tests should be in order of the test-file numbers. Sort the tests
according to the test-file numbers and rework the test-file numbers to
eliminate duplicate numbers.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Don't assign a value to a variable if it is not used afterwards.
Move variables to the code fragment where they are used.
Addresses-Coverity: CID 356243 ("Code maintainability issues (UNUSED_VALUE)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
uclass_find_first_device() may return NULL if no device for the uclass
exists. Handle this case gracefully.
Addresses-Coverity: CID 356244 ("Null pointer dereferences (FORWARD_NULL)")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
With the addition of the revision stats this now takes over a minute. Use
a parallel build to reduce it a bit (24 seconds for me).
Series-changes; 2
- Use '-j auto' instead
Signed-off-by: Simon Glass <sjg@chromium.org>
The spl doesn't support ubifs and thereby doesn't provide the
ubifs_is_mounted function. Remove the dependency to ubifs for the spl.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
The brute-force controller disable method can end up racing controller
initialization and causing a crash when we shut down Apple ANS2 NVMe
controllers. Do a proper controlled shutdown, which does block until
things are quiesced properly. This is nicer in general for all
controllers.
Signed-off-by: Hector Martin <marcan@marcan.st>
Tested-by: Mark Kettenis <kettenis@openbsd.org> (firefly-rk3399)
PCIe config space has address range 0-4095. So do not allow reading from
addresses outside of this range. Lot of U-Boot drivers do not expect that
passed value is not in this range. PCI DM read function is extended to
fill read value to all ones or zeros when it fails as U-Boot callers
ignores return value.
Calling U-Boot command 'pci display.b 0.0.0 0 0x2000' now stops printing
config space at the end (before 0x1000 address).
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
- kirkwood: pogo_v4 & nsa310s: Add distro boot (Tony)
- kirkwood: add DM timer support and use it on lsxl boards (Michael)
- kirkwood: convert the Buffalo Linkstation LS-CHLv2 and XHL boards
to DM (Michael)
- mvebu: turris_mox/omnia: misc improments (Pali)
- mvebu: mbus: Fix mbus driver to work also after U-Boot relocation (Pali)
The board has only one network interface. The linux kernel will
gracefully skip a the ethernet interface if no connected PHY could be
probed. u-boot on the other hand will throw an error message. The kernel
device tree is about to be fixed. For now, just disable the ethernet
interface in our -u-boot.dtsi.
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
DM_SERIAL needs early malloc. The on-chip RAM is pretty tight, it's only
2kiB, with DM_SERIAL enabled, this doesn't work anymore. Fortunately for
us, we don't need the on-chip RAM because the DRAM is already
initialized before u-boot starts. Just put the early malloc area there
and use the default early malloc size.
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Just enabling the Kconfig option for DM_ETH and DM_MDIO is enough.
Additionally, we can remove the old hardcoded config.
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Use the new mvebu GPIO driver and convert all the function calls to the
former kirkwood GPIO driver. This means that we are now using the LED
uclass and the regulator uclass. Unfortunately, the GPIO LED doesn't
offer a blinking method. Thus we are now stuck with solid on and off
states, which makes debugging a bit harder. Also, there is no GPIO fan
driver for now.
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
If something is wrong with the environment, we cannot rely on a proper
u-boot operation anymore. In fact, it is possible, that we never reach
misc_init_r() with a broken environment.
Also don't enable the netconsole by environment settings. This way the
user don't have to reconfigure the environment. Instead the network
console is only enabled when the push button is pressed during boot.
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
We still need to be able to boot legacy images. Esp. the debian
installer will have a kernel with an appended DTB.
Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Stefan Roese <sr@denx.de>