| Age | Commit message (Collapse) | Author |
|---|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc2
This pull request contains bug fixes needed due to the merged changes for
EFI secure boot.
Patches are supplied to identify EFI system partitions.
|
|
It is useful to dump ACPI tables in U-Boot to see what has been generated.
Add a command to handle this.
To allow the command to find the tables, add a position into the global
data.
Support subcommands to list and dump the tables.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
Put this in the context along with the other important pointers.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
We always write three basic tables to ACPI at the start. Move this into
its own function, along with acpi_fill_header(), so we can write a test
for this code.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move this code to a generic location so that we can test it with sandbox.
This requires adding a few new fields to acpi_ctx, so drop the local
variables used in the original code.
Also use mapmem to avoid pointer-to-address casts which don't work on
sandbox.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
The current code uses an address but a pointer would result in fewer
casts. Also it repeats the alignment code in a lot of places so this would
be better done in a helper function.
Update write_acpi_tables() to make use of the new acpi_ctx structure,
adding a few helpers to clean things up.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
A device may want to write out ACPI tables to describe itself to Linux.
Add a method to permit this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
In subsequent patches UEFI variables shalled be stored on the EFI system
partition. Hence we need to identify the EFI system partition.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Move Python tools to use absolute paths
Minor buildman fixes for new features
Make libfdt code more similar to upsteam
|
|
- Assorted bugfixes.
- Documentation improvements including support for https://u-boot.readthedocs.io/
|
|
Provide a valid reference for the deflate format.
Reformat the ALGORITHM and REFERENCES comments.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
This patch enables LZMA decompression support for SPL build
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
|
|
My goal is to sync lib/libfdt/ with scripts/dtc/libfdt/, that is,
make lib/libfdt/ contain only wrapper files.
fdt_region.c was written only for U-Boot to implement the verified
boot. So, this belongs to the same group as common/fdt_support.c,
which is a collection of U-Boot own fdt helpers.
Move lib/libfdt/fdt_region.c to common/fdt_region.c . This is
necessary only when CONFIG_(SPL_TPL_)_FIT_SIGNATURE is enabled.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
There is no essential difference between scripts/dtc/libfdt/fdt_ro.c
and lib/libfdt/fdt_ro.c
Migrate to a simple wrapper like the other files.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
Update the arguments of these functions so they can be called from code
which uses constant strings.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Add a helper function for this operation. Update the strtoul() tests to
check upper case as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
This issue has been found when mtd partition are specified. Autodetection
code should stop when the first invalid char is found.
Here is the example of commands:
setenv mtdids nand0=memory-controller@e000e000
setenv mtdparts "mtdparts=nand0:4m(boot),4m(env),64m(kernel),96m(rootfs)"
mtd list
Before:
Zynq> mtd list
List of MTD devices:
* nand0
- type: NAND flash
- block size: 0x20000 bytes
- min I/O: 0x800 bytes
- OOB size: 64 bytes
- OOB available: 16 bytes
- ECC strength: 1 bits
- ECC step size: 2048 bytes
- bitflip threshold: 1 bits
- 0x000000000000-0x000010000000 : "nand0"
- 0x000000000000-0x000000400000 : "boot"
- 0x000000400000-0x000000800000 : "env"
- 0x000000800000-0x000006c00000 : "kernel"
- 0x000006c00000-0x000010000000 : "rootfs"
Where it is visible that kernel partition has 100m instead of 64m
After:
Zynq> mtd list
* nand0
- type: NAND flash
- block size: 0x20000 bytes
- min I/O: 0x800 bytes
- OOB size: 64 bytes
- OOB available: 16 bytes
- ECC strength: 1 bits
- ECC step size: 2048 bytes
- bitflip threshold: 1 bits
- 0x000000000000-0x000010000000 : "nand0"
- 0x000000000000-0x000000400000 : "boot"
- 0x000000400000-0x000000800000 : "env"
- 0x000000800000-0x000004800000 : "kernel"
- 0x000004800000-0x00000a800000 : "rootfs"
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Fixes: 0486497e2b5f ("lib: Improve _parse_integer_fixup_radix base 16 detection")
Tested-by: Heiko Schocher <hs@denx.de>
Tested-by: Pali Rohár <pali@kernel.org>
|
|
SPL should not be enlarged by building with CONFIG_HEXDUMP=y.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
The OID registry is only used by crypto functions that are not built in
SPL. So we should not build it in SPL.
Fixes: a9b45e6e8382 ("lib: add oid registry utility")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
The tool need to use fdtdec_get_child_count(), make it available for
HOST_CC.
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
The callback member of struct env_entry is always NULL for an SPL
build. Removing it thus saves a bit of run-time memory in the
SPL (when CONFIG_SPL_ENV_SUPPORT=y) since struct env_entry is embedded
in struct env_entry_node - i.e. about 2KB for the normal case of
512+change hash table entries.
Two small fixups are needed for this, all other references to the
callback member are already under !CONFIG_SPL_BUILD: Don't initialize
.callback in set_flags() - hsearch_r doesn't use that value
anyway. And make env_callback_init() initialize ->callback to NULL for
a new entry instead of relying on an unused or deleted entry having
NULL in ->callback.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
In SPL, environment callbacks are not supported, so e->callback is
always NULL. Removing this makes the SPL a little smaller (about 400
bytes in my ppc build) with no functional change.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This is preparation for compiling out the "call the callback" code and
associated error handling for SPL, where ->callback is always NULL.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
In U-Boot, the reserved memory end address is considered as a inclusive
address. This notion is followed while adding a reserved memory node to
the DT.
For example:
end_address = start_address + size - 1
Follow the same notion and fix the end address computation while checking
for existing nodes.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
|
|
There is no way to select BZIP2 compression method.
Add it under library/compression config where all other
compression related configs are present.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc1
This pull request
* provides an implementation of UEFI secure booting
* fixes a problem with the rsa_mod_exp driver which stops some boards
from booting when CONFIG_RSA is enabled which is needed for UEFI
secure booting
* enables the EFI_RNG_PROTOCOL if DM_RNG is enabled
* fixes some function comments
|
|
Functions for reading indexed values from device tree
Enhancements to 'dm' command
Log test enhancements and syslog driver
DM change to read parent ofdata before children
Minor fixes
|
|
fdtdec_set_carveout() is limited to only one phandle. Fix this
limitation by adding support for multiple phandles.
Signed-off-by: Laurentiu Tudor <laurentiu.tudor@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
The DMA Remapping Reporting (DMAR) table contains information about DMA
remapping.
Add a version simple version of this table with only the minimum fields
filled out. i.e. no entries.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
Each ACPI table has its own version number. Add the version numbers in a
single function so we can keep them consistent and easily see what
versions are supported.
Start a new acpi_table file in a generic directory to house this function.
We can move things over to this file from x86 as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
|
This file is potentially useful to other architectures saddled with ACPI
so move most of its contents to a common location.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
|
|
The following variable is exported as UEFI specification defines:
SignatureSupport: array of GUIDs representing the type of signatures
supported by the platform firmware
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
With this commit, image validation can be enforced, as UEFI specification
section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled.
Currently we support
* authentication based on db and dbx,
so dbx-validated image will always be rejected.
* following signature types:
EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images)
EFI_CERT_X509_GUID (x509 certificate for signed images)
Timestamp-based certificate revocation is not supported here.
Internally, authentication data is stored in one of certificates tables
of PE image (See efi_image_parse()) and will be verified by
efi_image_authenticate() before loading a given image.
It seems that UEFI specification defines the verification process
in a bit ambiguous way. I tried to implement it as closely to as
EDK2 does.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
The following variable is exported as UEFI specification defines:
VendorKeys: whether the system is configured to use only vendor-provided
keys or not
The value will have to be modified if a platform has its own way of
initializing signature database, in particular, PK.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
UEFI specification defines several global variables which are related to
the current secure boot state. In this commit, those values will be
maintained according to operations. Currently, AuditMode and DeployedMode
are defined but not implemented.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
is supported for authenticated variables and the system secure state
will transfer between setup mode and user mode as UEFI specification
section 32.3 describes.
Internally, authentication data is stored as part of authenticated
variable's value. It is nothing but a pkcs7 message (but we need some
wrapper, see efi_variable_parse_signature()) and will be validated by
efi_variable_authenticate(), hence efi_signature_verify_with_db().
Associated time value will be encoded in "{...,time=...}" along with
other UEFI variable's attributes.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
efi_signature_parse_sigdb() is a helper function will be used to parse
signature database variable and instantiate a signature store structure
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
In this commit, implemented are a couple of helper functions which will be
used to materialize variable authentication as well as image authentication
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
Under this configuration, UEFI secure boot support will be added
in later patches.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
Correct function descriptions in efi_watchdog.c.
Add the descriptions to the generated HTML documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Add missing descriptions for functions in efi_disk.c.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Correct function descriptions in efi_unicode_collation.c
Add the Unicode collation protocol to the generated HTML documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Enable EFI_RNG_PROTOCOL by default if DM_RNG is set.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Remove superfluous 'if DM_RNG'
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next
Xilinx changes for v2020.07
common:
- Align ENV_FAT_INTERFACE
- Fix MAC address source print log
- Improve based autodetection code
xilinx:
- Enable netconsole
Microblaze:
- Setup default ENV_OFFSET/ENV_SECT_SIZE
Zynq:
- Multiple DT updates/fixes
- Use DEVICE_TREE environment variable for DTB selection
- Switch to single zynq configuration
- Enable NOR flash via DM
- Minor SPL print removal
- Enable i2c mux driver
ZynqMP:
- Print multiboot register
- Enable cache commands in mini mtest
- Multiple DT updates/fixes
- Fix firmware probing when driver is not enabled
- Specify 3rd backup RAM boot mode in SPL
- Add SPL support for zcu102 v1.1 and zcu111 revA
- Redesign debug uart enabling and psu_init delay
- Enable full u-boot run from EL3
- Enable u-boot.itb generation without ATF with U-Boot in EL3
Versal:
- Enable distro default
- Enable others SPI flashes
- Enable systems without DDR
Drivers:
- Gem:
- Flush memory after freeing
- Handle mdio bus separately
- Watchdog:
- Get rid of unused global data pointer
- Enable window watchdog timer
- Serial:
- Change reinitialization logic in zynq serial driver
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Base autodetection is failing for this case:
if test 257 -gt 3ae; then echo first; else echo second; fi
It is because base for 3ae is recognized by _parse_integer_fixup_radix() as
10. The code detects the first char which is not between 'a'/'A' or 'f'/'F'
to change base from dec to hex.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Shiril Tichkule <shirilt@xlinx.com>
|
|
These are used in multiple places so update them to use a shared #define.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
|
|
'vendor' is both an input and an output parameter. So it cannot be
constant.
Fixes: 0bda81bfdc5c ("efi_loader: use const efi_guid_t * for variable services")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Provide unit tests for CalculateCrc32(), CopyMem(), SetMem().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
For EFI binaries we have to provide an implementation of memmove() in
efi_freestanding.c.
Before this patch the memmove() function was copying in the wrong
direction.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
