06 May, 2020
7 commits
-
Previous patch "MLK-21885 lmb: Handle the overlap case for lmb reserve" adds
the overlap support to lmb reserve. However, u-boot has some places to use the
lmb_reserve when allocating memory in loading images. If we allowed overlap
in this function, it means images loading address can overlap each other and
cause the address check mechanism not work.So add another function to allow overlap and only use it for fdt reserved-memory
nodes. The FDT reserved-memory is ok to merge with other reserved memory, since
this won't break image loading address check.Signed-off-by: Ye Li
(cherry picked from commit 2109dc2a4da592003ec62820f5bdfb6bd0899805) -
lmb reserve is used to reserve some memory so that when loading images
(like kernel, dtb, initrd), images won't be loaded into the reserved memory.The problem in current lmb is it does not handle the overlap case. When adding
a new reserved memory, if the memory region is overlap with regions already been
added in lmb, it will fail. One example is reserved memory in DTB may overlap with
u-boot relocate address. lmb reserves the u-boot relocate address firstly, so when
adding reserved memory from DTB, we will meet failure.Actually if we handle the overlap case, we can resolve the overlap by using a max
common region for the overlap regions. So that this case won't fail.Signed-off-by: Ye Li
Reviewed-by: Peng Fan
(cherry picked from commit 37d86c68816dffde3dc8dcda5b9d67a195b2f9c2) -
Fix coverity issue CID 18031: Resource leak (RESOURCE_LEAK)
leaked_storage: Variable fill_buf going out of scope leaks the storage it points toShould free the fill_buf before function return.
Signed-off-by: Ye Li
(cherry picked from commit bc23ae569c7aaea338648c000b7b733b09eb735a)
(cherry picked from commit 0a496da0851e981b0ab19338145fcb622762af94) -
chunk_data_sz = sparse_header->blk_sz * chunk_header->chunk_sz;
All is uint32. chunk_data_sz may be bigger than 4G.Change chunk_data_sz to 64bit.
force chunk_header->chunk_sz and sparse_header->blk_sz to 64bit.Signed-off-by: Frank Li
Acked-by: Ye Li
(cherry picked from commit 08090670625c4ccf86dbc9157dad4799f3669fb7)
(cherry picked from commit af09befee9c55525a6bc9844904048c324db7261) -
The lib provided ql-tipc communication channel with
Trusty OS.
Also the AVB, Keymaster, hwcrypto and SecureStorage service
tipc client implement in this lib.Change-Id: I0ab1ec9ee1b6f272b960c2e944008283c2c9249a
Signed-off-by: Haoran.Wang
(cherry picked from commit 8fb370dd80fbb293b58115d2e7fc4970813773c7)
(cherry picked from commit 0ccdd527a794c2b450658980361a7857ce7495c9)
(cherry picked from commit ffca28682c5a9375c29b3036a156aff190341960) -
Porting the FSL android fastboot features from imx u-boot v2018.03 to
support all SoCs: imx6/imx7/imx7ulp/imx8/imx8m.The UUU commands like UCmd and ACmd are also added. Users need set
CONFIG_FASTBOOT_UUU_SUPPORT=y to enable the feature.Signed-off-by: Frank Li
Signed-off-by: Ye Li
(cherry picked from commit 65120b06a7f750b9b1a6e0db3d2082cc7088d5a8)
(cherry picked from commit 9b149c2a28829fe7017f83981d634157bc31cc94) -
Porting the android AVB lib from imx u-boot v2018.03. Since 2019 u-boot
has added latest AVB library, try to reuse it.Signed-off-by: Ye Li
(cherry picked from commit 2105662ada738a271e12a81d775134a5821dc38f)
(cherry picked from commit f7291d86c4183ce2e299ad271aa5618c71507ffc)
(cherry picked from commit b871714c519e1bda3de6afbd354bee2cb246e4b7)
01 Apr, 2020
1 commit
-
These are used in multiple places so update them to use a shared #define.
Signed-off-by: Simon Glass
Reviewed-by: Philippe Reynes
23 Mar, 2020
1 commit
-
'vendor' is both an input and an output parameter. So it cannot be
constant.Fixes: 0bda81bfdc5c ("efi_loader: use const efi_guid_t * for variable services")
Signed-off-by: Heinrich Schuchardt
22 Mar, 2020
8 commits
-
Provide unit tests for CalculateCrc32(), CopyMem(), SetMem().
Signed-off-by: Heinrich Schuchardt
-
For EFI binaries we have to provide an implementation of memmove() in
efi_freestanding.c.Before this patch the memmove() function was copying in the wrong
direction.Signed-off-by: Heinrich Schuchardt
-
Correct the description of function efi_convert_pointer().
Signed-off-by: Heinrich Schuchardt
-
To check if a variable is non-zero there is no need for '!= 0'.
Signed-off-by: Heinrich Schuchardt
-
GetNextVariableName should report the length of the variable including the
final 0x0000 in bytes.Check this in the unit test.
Increase the buffer size for variable names. 40 bytes is too short.
Signed-off-by: Heinrich Schuchardt
-
The runtime service GetNextVariable() returns the length of the next
variable including the closing 0x0000. This length should be in bytes.Comparing the output of EDK2 and U-Boot shows that this is currently not
correctly implemented:EDK2:
OsIndicationsSupported: 46
PlatformLang: 26
PlatformLangCodes: 36U-Boot:
OsIndicationsSupported: 23
PlatformLang: 13
PlatformLangCodes: 18Provide correct length in GetNextVariable().
Fixes: d99a87f84b75 ("efi_loader: implement GetNextVariableName()")
Signed-off-by: Heinrich Schuchardt -
Use Sphinx style for function descriptions.
Signed-off-by: Heinrich Schuchardt
-
Correct the file description.
Signed-off-by: Heinrich Schuchardt
17 Mar, 2020
1 commit
-
This is a preparatory patch.
Those functions will be used in an implementation of UEFI firmware
management protocol as part of my capsule update patch.Signed-off-by: AKASHI Takahiro
11 Mar, 2020
2 commits
-
The assigned value NULL is never used.
Signed-off-by: Heinrich Schuchardt
-
Currently, if GetMemoryMap API returns EFI_BUFFER_TOO_SMALL, it doesn't
set valid values to other parameters, descriptor_size and
descriptor_version, except memory_map_size.
Some efi applications, however, may use those value; in particular,
xen uses descriptor_size to calculate a size of buffer to be allocated.While UEFI specification is ambiguous in this point, it would be better
to address this issue proactively to maximize the compatibility with
existing efi applications.With this patch, for example, xen.efi (and hence linux kernel) can be
started via bootefi without modification.Signed-off-by: AKASHI Takahiro
Reviewed-by: Heinrich Schuchardt
29 Feb, 2020
2 commits
-
Provide a unit test loading an initial ramdisk using the
EFI_LOAD_FILE2_PROTOCOL. The test is only executed on request.An example usage - given a file image with a file system in partition 1
holding file initrd - is:* Configure the sandbox with
CONFIG_EFI_SELFTEST=y
CONFIG_EFI_LOAD_FILE2_INITRD=y
CONFIG_EFI_INITRD_FILESPEC="host 0:1 initrd"* Run ./u-boot and execute
host bind 0 image
setenv efi_selftest load initrd
bootefi selftestThis would provide a test output like:
Testing EFI API implementation
Selected test: 'load initrd'
Setting up 'load initrd'
Setting up 'load initrd' succeededExecuting 'load initrd'
Loaded 12378613 bytes
CRC32 2997478465
Executing 'load initrd' succeededNow the size and CRC32 can be compared to the provided file.
Signed-off-by: Ilias Apalodimas
Signed-off-by: Heinrich Schuchardt -
Following kernel's proposal for an arch-agnostic initrd loading
mechanism [1] let's implement the U-boot counterpart.
This new approach has a number of advantages compared to what we did up
to now. The file is loaded into memory only when requested limiting the
area of TOCTOU attacks. Users will be allowed to place the initramfs
file on any u-boot accessible partition instead of just the ESP one.
Finally this is an attempt of a generic interface across architectures
in the linux kernel so it makes sense to support that.The file location is intentionally only supported as a config option
argument(CONFIG_EFI_INITRD_FILESPEC), in an effort to enhance security.
Although U-boot is not responsible for verifying the integrity of the
initramfs, we can enhance the offered security by only accepting a
built-in option, which will be naturally verified by UEFI Secure Boot.
This can easily change in the future if needed and configure that via ENV
or UEFI variable.[1] https://lore.kernel.org/linux-efi/20200207202637.GA3464906@rani.riverdale.lan/T/#m4a25eb33112fab7a22faa0fd65d4d663209af32f
Signed-off-by: Ilias Apalodimas
Signed-off-by: Heinrich Schuchardt
27 Feb, 2020
1 commit
-
UEFI spec 2.8 errata A replaces the RuntimeServicesSupported variable
defined in UEFI spec 2.8 by the configuration table
EFI_RT_PROPERTIES_TABLE. So let's follow suit.Cc: Ard Biesheuvel
Signed-off-by: Heinrich Schuchardt
Tested-by: Ard Biesheuvel
19 Feb, 2020
1 commit
-
Do not use quotation marks for Kconfig help text.
Replace rng abbreviation by full words.Signed-off-by: Heinrich Schuchardt
06 Feb, 2020
4 commits
-
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass
-
At present devres.h is included in all files that include dm.h but few
make use of it. Also this pulls in linux/compat which adds several more
headers. Drop the automatic inclusion and require files to include devres
themselves. This provides a good indication of which files use devres.Signed-off-by: Simon Glass
Reviewed-by: Anatolij Gustschin -
At present architectures can override strdup() but not strndup(). Use
the same option for both.Signed-off-by: Simon Glass
-
Tidy up a few places where const * should be used.
Signed-off-by: Simon Glass
31 Jan, 2020
2 commits
-
In upstream libfdt, 6dcb8ba4 "libfdt: Add helpers for accessing
unaligned words" introduced changes to support unaligned reads for ARM
platforms and 11738cf01f15 "libfdt: Don't use memcpy to handle unaligned
reads on ARM" improved the performance of these helpers.In practice however, this only occurs when the user has forced the
device tree to be placed in memory in a non-aligned way, which in turn
violates both our rules and the Linux Kernel rules for how things must
reside in memory to function.This "in practice" part is important as handling these other cases adds
visible (1 second or more) delay to boot in what would be considered the
fast path of the code.Cc: Patrice CHOTARD
Cc: Patrick DELAUNAY
Link: https://www.spinics.net/lists/devicetree-compiler/msg02972.html
Signed-off-by: Tom Rini
Tested-by: Patrice Chotard -
As hinted by GCC 9, there is a return statement that returns
an uninitialized variable in optee_copy_firmware_node().
This patch addresses this.Signed-off-by: Christoph Müllner
Reviewed-by: Heiko Stuebner
26 Jan, 2020
2 commits
-
drivers/rng/sandbox_rng.c requires rand() to be defined but configuration
option CONFIG_CONFIG_LIB_RAND selected in drivers/rng/Kconfig does not
exist.test/lib/test_aes.c requires rand() to be defined.
Fix the selection criteria for choice "Pseudo-random library support type".
Signed-off-by: Heinrich Schuchardt
-
CONFIG_SPL_RSA is meant to control if lib/rsa/* is used for SPL. Adjust
lib/Makefile to consider this setting.This was correctly setup with commit 51c14cd128f4 ("verified-boot: Minimal
support for booting U-Boot proper from SPL") and got lost with commit
089df18bfe9d ("lib: move hash CONFIG options to Kconfig").Fixes: 089df18bfe9d ("lib: move hash CONFIG options to Kconfig")
Signed-off-by: Heinrich Schuchardt
23 Jan, 2020
2 commits
-
Correct some function comments. Convert to Sphinx style.
Signed-off-by: Heinrich Schuchardt
Reviewed-by: Simon Glass -
The file is generated by scripts/build_OID_registry based on the
include/linux/oid_registry.h file.Signed-off-by: Dario Binacchi
18 Jan, 2020
5 commits
-
This is not really a CONFIG since it is not intended to be set by boards.
Move it into the compiler header with other similar defines, and rename
it.Signed-off-by: Simon Glass
-
At present panic() is in the vsprintf.h header file. That does not seem
like an obvious choice for hang(), even though it relates to panic(). So
let's put hang() in its own header.Signed-off-by: Simon Glass
[trini: Migrate a few more files]
Signed-off-by: Tom Rini -
These functions relate to memory init so move them into the init
header.Signed-off-by: Simon Glass
-
These three globals relate to image handling. Move them to the image
header file.Signed-off-by: Simon Glass
-
Move this function out of common.h and into a relevant header file.
Signed-off-by: Simon Glass
17 Jan, 2020
1 commit
-
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.Signed-off-by: Philippe Reynes
