u-boot.git/lib, branch v2026.04-rc2 Unnamed repository; edit this file 'description' to name the repository. Merge tag 'net-20260209' of https://source.denx.de/u-boot/custodians/u-boot-net 2026-02-09T14:28:01+00:00 Tom Rini trini@konsulko.com 2026-02-09T14:28:01+00:00 d395ea73dc2814a2ec5b309e90df8c618d89ede0 Pull request net-20260209. net: - airoha: mdio support for the switch - phy: mscc: allow RGMII with internal delay for the VSC8541 - dwc_eth_qos: Update tail pointer handling net-legacy: - Stop conflating return value with file size in net_loop() net-lwip: - wget: rework the '#' printing - tftp: add support of tsize option to client 
Pull request net-20260209.

net:
- airoha: mdio support for the switch
- phy: mscc: allow RGMII with internal delay for the VSC8541
- dwc_eth_qos: Update tail pointer handling

net-legacy:
- Stop conflating return value with file size in net_loop()

net-lwip:
- wget: rework the '#' printing
- tftp: add support of tsize option to client
Merge tag 'efi-2026-04-rc2' of https://source.denx.de/u-boot/custodians/u-boot-efi 2026-02-06T18:35:44+00:00 Tom Rini trini@konsulko.com 2026-02-06T18:35:44+00:00 e5e75ea8c7b8e6d9ce1ca8ec7a25fa8b3f6029a9 Pull request efi-2026-04-rc2 CI: https://source.denx.de/u-boot/custodians/u-boot-efi/-/pipelines/29203 Documentation: * Remove pip from requirements.txt * develop/process: Clarify name usage in the Signed-off-by line UEFI: * Improve EFI variable load message * Fix use after free in efi_exit() with tcg2 * Fix efi_debug_image_info_normal allocation * Add missing EFI_CALL in efi_net 
Pull request efi-2026-04-rc2

CI: https://source.denx.de/u-boot/custodians/u-boot-efi/-/pipelines/29203

Documentation:

* Remove pip from requirements.txt
* develop/process: Clarify name usage in the Signed-off-by line

UEFI:

* Improve EFI variable load message
* Fix use after free in efi_exit() with tcg2
* Fix efi_debug_image_info_normal allocation
* Add missing EFI_CALL in efi_net
net: lwip: tftp: add support of tsize option to client 2026-02-06T15:42:37+00:00 Marek Vasut marek.vasut+renesas@mailbox.org 2026-01-28T23:43:45+00:00 337f50bad2ac8e1db126e4f6d372a3186bba2893 The TFTP server can report the size of the entire file that is about to be received in the Transfer Size Option, this is described in RFC 2349. This functionality is optional and the server may not report tsize in case it is not supported. Always send tsize request to the server to query the transfer size, and in case the server does respond, cache that information locally in tftp_state.tsize, otherwise cache size 0. Introduce new function tftp_client_get_tsize() which returns the cached tftp_state.tsize so clients can determine the transfer size and use it. Update net/lwip/tftp.c to make use of tftp_client_get_tsize() and avoid excessive printing of '#' during TFTP transfers in case the transfer size is reported by the server. Submitted upstream: https://savannah.nongnu.org/patch/index.php?item_id=10557 Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> Acked-by: Jerome Forissier <jerome.forissier@arm.com> 
The TFTP server can report the size of the entire file that is about to
be received in the Transfer Size Option, this is described in RFC 2349.
This functionality is optional and the server may not report tsize in
case it is not supported.

Always send tsize request to the server to query the transfer size,
and in case the server does respond, cache that information locally
in tftp_state.tsize, otherwise cache size 0. Introduce new function
tftp_client_get_tsize() which returns the cached tftp_state.tsize so
clients can determine the transfer size and use it.

Update net/lwip/tftp.c to make use of tftp_client_get_tsize() and
avoid excessive printing of '#' during TFTP transfers in case the
transfer size is reported by the server.

Submitted upstream: https://savannah.nongnu.org/patch/index.php?item_id=10557

Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Acked-by: Jerome Forissier <jerome.forissier@arm.com>
gunzip: Fix len parameter in function signature 2026-02-06T15:29:48+00:00 Marek Vasut marek.vasut+renesas@mailbox.org 2026-01-28T19:40:40+00:00 02ffe4a0c9d2885899648a5ffe22090e6c7ff9a5 The only call site of gzwrite() is cmd/unzip.c do_gzwrite(), where the 'len' parameter passed to gzwrite(..., len, ...) function is of type unsigned long. This usage is correct, the 'len' parameter is an unsigned integer, and the gzwrite() function currently supports input data 'len' of up to 4 GiB - 1 . The function signature of gzwrite() function in both include/gzip.h and lib/gunzip.c does however list 'len' as signed integer, which is not correct, and ultimatelly limits the implementation to only 2 GiB input data 'len' . Fix this, update gzwrite() function parameter 'len' data type to size_t consistently in include/gzip.h and lib/gunzip.c . Furthermore, update gzwrite() function 'szwritebuf' parameter in lib/gunzip.c from 'unsigned long' to 'size_t' to be synchronized with include/gzip.h . Rewrite the other parameters to size_t and off_t and propagate the change too. Since the gzwrite() function currently surely only supports input data size of 4 GiB - 1, add input data size check. The limitation comes from the current use of zlib z_stream .avail_in parameter, to which the gzwrite() function sets the entire input data size, and which is of unsigned int type, which cannot accept any number beyond 4 GiB - 1. This limitation will be removed in future commit. Reported-by: Yuya Hamamachi <yuya.hamamachi.sx@renesas.com> Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> 
The only call site of gzwrite() is cmd/unzip.c do_gzwrite(), where
the 'len' parameter passed to gzwrite(..., len, ...) function is of
type unsigned long. This usage is correct, the 'len' parameter is
an unsigned integer, and the gzwrite() function currently supports
input data 'len' of up to 4 GiB - 1 .

The function signature of gzwrite() function in both include/gzip.h
and lib/gunzip.c does however list 'len' as signed integer, which
is not correct, and ultimatelly limits the implementation to only
2 GiB input data 'len' .

Fix this, update gzwrite() function parameter 'len' data type to
size_t consistently in include/gzip.h and lib/gunzip.c .

Furthermore, update gzwrite() function 'szwritebuf' parameter in
lib/gunzip.c from 'unsigned long' to 'size_t' to be synchronized
with include/gzip.h . Rewrite the other parameters to size_t and
off_t and propagate the change too.

Since the gzwrite() function currently surely only supports input
data size of 4 GiB - 1, add input data size check. The limitation
comes from the current use of zlib z_stream .avail_in parameter,
to which the gzwrite() function sets the entire input data size,
and which is of unsigned int type, which cannot accept any number
beyond 4 GiB - 1. This limitation will be removed in future commit.

Reported-by: Yuya Hamamachi <yuya.hamamachi.sx@renesas.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
efi_net: add missing EFI_CALL in efi_net 2026-02-06T09:04:30+00:00 Vincent Stehlé vincent.stehle@arm.com 2026-02-05T16:40:12+00:00 36e321b487a9ac73c2dfb9cbaadb0244f70f66fb The efi_reinstall_protocol_interface() function is a UEFI function; make sure to call it from within U-Boot using the EFI_CALL() macro. This fixes the following assertion: lib/efi_loader/efi_boottime.c:3752: efi_reinstall_protocol_interface: Assertion `__efi_entry_check()' failed. To reproduce the issue, define LOG_DEBUG in lib/efi_loader/efi_boottime.c and build u-boot for your platform. Then, boot the U-Boot helloworld.efi application over the network. Example commands (adjust the URL and boot entry number): => efidebug boot add -u 0 net http://10.0.2.2:8000/helloworld.efi => efidebug boot order 0 => bootefi bootmgr Fixes: dd5d82a59995 ("efi_loader: efi_net: Add device path cache") Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org> Cc: Tom Rini <trini@konsulko.com> Cc: Adriano Cordova <adrianox@gmail.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The efi_reinstall_protocol_interface() function is a UEFI function;
make sure to call it from within U-Boot using the EFI_CALL() macro.

This fixes the following assertion:

  lib/efi_loader/efi_boottime.c:3752: efi_reinstall_protocol_interface: Assertion `__efi_entry_check()' failed.

To reproduce the issue, define LOG_DEBUG in lib/efi_loader/efi_boottime.c
and build u-boot for your platform. Then, boot the U-Boot helloworld.efi
application over the network. Example commands (adjust the URL and boot
entry number):

  => efidebug boot add -u 0 net http://10.0.2.2:8000/helloworld.efi
  => efidebug boot order 0
  => bootefi bootmgr

Fixes: dd5d82a59995 ("efi_loader: efi_net: Add device path cache")
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Adriano Cordova <adrianox@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: fix efi_debug_image_info_normal allocation 2026-02-06T08:57:00+00:00 Vincent Stehlé vincent.stehle@arm.com 2026-02-03T12:59:41+00:00 e94d0bd82761b7b41bc061368a11684f19130954 When adding a new EFI Debug Image Info entry, we allocate memory for a new EFI Debug Image Info Normal structure and we add a new entry into the EFI Debug Image Info Table, which is in fact just a pointer to the allocated structure. However, when allocating memory for the new structure we allocate memory for the wrong type, leading to allocating memory for just a pointer instead of the desired structure. Fix the type used during allocation. Fixes: 146546138af5 ("efi: add EFI_DEBUG_IMAGE_INFO for debug") Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org> Cc: Tom Rini <trini@konsulko.com> Cc: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
When adding a new EFI Debug Image Info entry, we allocate memory for a new
EFI Debug Image Info Normal structure and we add a new entry into the EFI
Debug Image Info Table, which is in fact just a pointer to the allocated
structure.

However, when allocating memory for the new structure we allocate memory
for the wrong type, leading to allocating memory for just a pointer instead
of the desired structure.

Fix the type used during allocation.

Fixes: 146546138af5 ("efi: add EFI_DEBUG_IMAGE_INFO for debug")
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: Improve EFI variable load message 2026-02-06T08:56:45+00:00 Pranav Tilak pranav.vinaytilak@amd.com 2026-02-02T11:37:17+00:00 32b835ccf3db8ae393c1ff27a9a367f7b6edd78f Change the EFI variable load message from log_err() to log_info() with neutral wording. The previous "Failed to load" message caused customer confusion as it appeared to indicate an error condition. The efi_var_from_file() function deliberately returns EFI_SUCCESS in this case to allow the boot process to continue normally. This is documented in the function's comment block but was not reflected in the log message level or content. The message now uses informational wording to reflect that this is normal behavior when the ubootefi.var file does not yet exist. Signed-off-by: Pranav Tilak <pranav.vinaytilak@amd.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Change the EFI variable load message from log_err() to log_info() with
neutral wording. The previous "Failed to load" message caused customer
confusion as it appeared to indicate an error condition.

The efi_var_from_file() function deliberately returns EFI_SUCCESS in
this case to allow the boot process to continue normally. This is
documented in the function's comment block but was not reflected in
the log message level or content.

The message now uses informational wording to reflect that this is
normal behavior when the ubootefi.var file does not yet exist.

Signed-off-by: Pranav Tilak <pranav.vinaytilak@amd.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
efi_loader: fix use after free in efi_exit() with tcg2 2026-02-06T08:32:32+00:00 Vincent Stehlé vincent.stehle@arm.com 2026-01-27T16:18:43+00:00 beec6834544d8288d34ef0cd8e3c40aa890a8a10 The efi_exit() function frees the loaded image memory by calling efi_delete_image(). However, when CONFIG_EFI_TCG2_PROTOCOL is enabled, the image_obj->image_type structure member is accessed after the memory has been freed. Fix this by performing the tcg2 measurement before the image deletion. Fixes: 8fc4e0b4273a ("efi_loader: add boot variable measurement") Suggested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Tom Rini <trini@konsulko.com> Cc: Masahisa Kojima <kojima.masahisa@socionext.com> Acked-by: Masahisa Kojima <kojima.masahisa@socionext.com> Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The efi_exit() function frees the loaded image memory by calling
efi_delete_image(). However, when CONFIG_EFI_TCG2_PROTOCOL is enabled, the
image_obj->image_type structure member is accessed after the memory has
been freed.

Fix this by performing the tcg2 measurement before the image deletion.

Fixes: 8fc4e0b4273a ("efi_loader: add boot variable measurement")
Suggested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Masahisa Kojima <kojima.masahisa@socionext.com>
Acked-by: Masahisa Kojima <kojima.masahisa@socionext.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
net: lwip: tftp: Do not write past buffer end 2026-02-04T08:04:36+00:00 Andrew Goodbody andrew.goodbody@linaro.org 2026-01-14T15:12:09+00:00 8df6b78746ee1f4f0bb750aec9c4da2fb31d3e33 sprintf will add a trailing \0 so manually adding a trailing \0 will result in an extra unaccounted for character being written. This overwrote the first byte of the following allocation block resulting in unexpected behavior. This was found by Running 'pxe get' with no available file resulting in multiple attempts, using the default algorithm, to attempt to find a file. Eventually there would be a failed assert when free() was called. Failing the assert would result in a system reset. Fixes: 27d7ccda94fa ("net: lwip: tftp: add support of blksize option to client") Reported-by: Michal Simek <michal.simek@amd.com> Tested-by: Michal Simek <michal.simek@amd.com> Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org> Tested-by: Tom Rini <trini@konsulko.com> # Pine64+ Reviewed-by: Jerome Forissier <jerome.forissier@arm.com> Reviewed-by: Jerome Forissier <jerome.forissier@arm.com> 
sprintf will add a trailing \0 so manually adding a trailing \0 will
result in an extra unaccounted for character being written. This
overwrote the first byte of the following allocation block resulting in
unexpected behavior.

This was found by Running 'pxe get' with no available file resulting in
multiple attempts, using the default algorithm, to attempt to find a file.
Eventually there would be a failed assert when free() was called.
Failing the assert would result in a system reset.

Fixes: 27d7ccda94fa ("net: lwip: tftp: add support of blksize option to client")
Reported-by: Michal Simek <michal.simek@amd.com>
Tested-by: Michal Simek <michal.simek@amd.com>

Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
Tested-by: Tom Rini <trini@konsulko.com> # Pine64+
Reviewed-by: Jerome Forissier <jerome.forissier@arm.com>
Reviewed-by: Jerome Forissier <jerome.forissier@arm.com>
lib: crypt: remove dependency on autoboot 2026-01-13T15:42:44+00:00 Tomas Paukrt tomaspaukrt@email.cz 2026-01-04T14:02:11+00:00 d54691b64e74438cf24c7ad4d9d54f418808c196 Make crypt_compare() accessible from board-specific code by removing its dependency on the autoboot feature. Signed-off-by: Tomas Paukrt <tomaspaukrt@email.cz> Reviewed-by: Tom Rini <trini@konsulko.com> 
Make crypt_compare() accessible from board-specific code
by removing its dependency on the autoboot feature.

Signed-off-by: Tomas Paukrt <tomaspaukrt@email.cz>
Reviewed-by: Tom Rini <trini@konsulko.com>