| Age | Commit message (Collapse) | Author |
|---|
|
This command is being introduced with the goal of allowing user-friendly
"generic use case" U-Boot builds to pause until user input under some
situations.
The main use case would be when a boot failure happens, to pause until
the user has had time to acknowledge the current state.
Tested using:
make && ./u-boot -v -T -c 'ut lib lib_test_hush_pause'
Signed-off-by: Samuel Dionne-Riel <[email protected]>
Cc: Simon Glass <[email protected]>
|
|
fit_image_get_comp() should not set value -1 in case it can't read
the compression node. Instead, leave the value untouched in that case
as it can be absent and a default value previously defined by the
caller of fit_image_get_comp() should be used.
As a result the warning message
WARNING: 'compression' nodes for ramdisks are deprecated, please fix your .its file!
no longer shows if the compression node is actually absent.
Signed-off-by: Daniel Golle <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
This reinstates fix from commit 8f8c04bf1ebb ("i2c: fix stack buffer
overflow vulnerability in i2c md command") without the changes unrelated
to the actual fix. Avoid the underflow by setting only nbytes and
linebytes as unsigned integers.
Signed-off-by: Marek Vasut <[email protected]>
Cc: Heiko Schocher <[email protected]>
Cc: Nicolas Iooss <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Tim Harvey <[email protected]>
Acked-by: Tim Harvey <[email protected]>
|
|
This reverts commit 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409.
The commit is largely wrong and breaks most of i2c command functionality.
The problem described in the aforementioned commit commit message is valid,
however the commit itself does many more changes unrelated to fixing that
one problem it describes. Those extra changes, namely the handling of i2c
device address length as unsigned instead of signed integer, breaks the
expectation that address length may be negative value. The negative value
is used by DM to indicate that address length of device does not change.
The actual bug documented in commit 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409
can be fixed by extra sanitization in separate patch.
Signed-off-by: Marek Vasut <[email protected]>
Cc: Heiko Schocher <[email protected]>
Cc: Nicolas Iooss <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Tim Harvey <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
https://source.denx.de/u-boot/custodians/u-boot-dm
binman/patman documentation improvements
other minor fixes
|
|
Avoid enabling this command by default. This saves about 1KB of code
space.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Signed-off-by: Sergei Antonov <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
PCIe config space has address range 0-4095. So do not allow reading from
addresses outside of this range. Lot of U-Boot drivers do not expect that
passed value is not in this range. PCI DM read function is extended to
fill read value to all ones or zeros when it fails as U-Boot callers
ignores return value.
Calling U-Boot command 'pci display.b 0.0.0 0 0x2000' now stops printing
config space at the end (before 0x1000 address).
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
Currently message is not intended that prompt end up at the end of debug
line. For example like this:
DFU alt info setting: done
DFU entities configuration failed!
(partition table does not match dfu_alt_info?)
Firmware update failed: <NULL>
Cannot handle a capsule at 10000000Zynq>
Signed-off-by: Michal Simek <[email protected]>
Reviewed-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Add a command to look at VBE methods and their status. Provide a test for
all of this as well.
Signed-off-by: Simon Glass <[email protected]>
|
|
Add support for handling this concept in bootflows. Update the 'bootflow'
command to allow only the normal bootmeths to be used. This alllows
skipping EFI bootmgr and VBE, for example.
Signed-off-by: Simon Glass <[email protected]>
|
|
With global bootmeths we want to scan without a bootdev. Update the logic
to allow this.
Change the bootflow command to show the bootdev only when valid.
Signed-off-by: Simon Glass <[email protected]>
|
|
The current way of handling things like EFI bootmgr is a bit odd, since
that bootmeth handles selection of the bootdev itself. VBE needs to work
the same way, so we should support it properly.
Add a flag that indicates that the bootmeth is global, rather than being
invoked on each bootdev. Provide a helper to read a bootflow from the
bootmeth.
Signed-off-by: Simon Glass <[email protected]>
|
|
Update the 'read' command to work correctly with sandbox.
Signed-off-by: Simon Glass <[email protected]>
|
|
We want to use VBE to mean Verfiied Boot for Embedded in U-Boot. Rename
the existing VBE (Vesa BIOS extensions) to allow this.
Verified Boot for Embedded is documented doc/develop/vbe.rst
Signed-off-by: Simon Glass <[email protected]>
|
|
https://source.denx.de/u-boot/custodians/u-boot-dm
dtoc fixes with pylint, tests
|
|
Remove the dependency on CMD_PXE from BOOTMETH_DISTRO by introducing a
new hidden kconfig symbol to control whether pxe_utils is compiled,
allowing bootstd's distro method to be compiled without needing
networking support enabled.
Signed-off-by: John Keeping <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Correct build errors when CMD_BOOTM is not enabled:
Signed-off-by: Simon Glass <[email protected]>
|
|
Move this out of the common header and include it only where needed.
Signed-off-by: Simon Glass <[email protected]>
|
|
EFI_RNG_PROTOCOL with a TPM
|
|
A large number of files include <flash.h> as it used to be how various
SPI flash related functions were found, or for other reasons entirely.
In order to migrate some further CONFIG symbols to Kconfig we need to
not include flash.h in cases where we don't have a NOR flash of some
sort enabled. Furthermore, in cases where we are in common code and it
doesn't make sense to try and further refactor the code itself in to new
files we need to guard this inclusion.
Signed-off-by: Tom Rini <[email protected]>
|
|
No board uses lcd_clear() anymore. So we can remove support for it.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
If 'extension apply all' is executed and no extension is found, the return
value of do_extension_apply() is undefined. Return CMD_RET_FAILURE in this
case.
Fixes: 2f84e9cf06d3 ("cmd: add support for a new "extension" command")
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Kory Maincent <[email protected]>
|
|
The source code contains an error:
- argv[2] contains <channel> arg, variable for env_set is in argv[3]
- number of args is 4
Revert 54d24d72601321f4470c4edf31c6b29adae424a7
cmd: simplify do_adc_single()
Fixes 9de612ae4ded53f742f5f99929c06d0839471ced
cmd: adc: Add support for storing ADC result in env variable
Reviewed-by: Simon Glass <[email protected]>
|
|
The 'rng' command dumps a number of random bytes on the console. Add a
set of tests for the 'rng' command. The test function performs basic
sanity testing of the command.
Since a unit test is being added for the command, enable it by default
in the sandbox platforms.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Use a statically allocated buffer on stack instead of using malloc for
reading the random bytes. Using a local array is faster than
allocating heap memory on every initiation of the command.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
The 'rng' u-boot command is used for printing a select number of
random bytes on the console. Currently, the RNG device from which the
random bytes are read is fixed. However, a platform can have multiple
RNG devices, one example being qemu, which has a virtio RNG device and
the RNG pseudo device through the TPM chip.
Extend the 'rng' command so that the user can provide the RNG device
number from which the random bytes are to be read. This will be the
device index under the RNG uclass.
Signed-off-by: Sughosh Ganu <[email protected]>
Tested-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Ilias Apalodimas <[email protected]>
|
|
Negative return value from cmd main function cause U-Boot to print criplic
error message: exit not allowed from main input shell.
Set return value on error to 1.
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
Armada 3700 BootROM supports also images with sha512 checksums and
mox-imager tool [1] generates such bootable images. Without sha512 support
U-Boot bubt command just prints error message:
Error: Unsupported hash_algorithm_id = 64
Error: Image header verification failed
This patch adds support for sha512 checksum validation for Armada 3700
images. With it bubt prints:
Image checksum...OK!
[1] - https://gitlab.nic.cz/turris/mox-boot-builder.git
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
net_loop() returns signed int type and negative value represents error.
tftp_read_file() returns unsigned size_t type and zero value represents
error. Casting signed negative value to unsigned size_t type cause losing
information about error and bubt thinks that no error happened, and
continue erasing SPI-NOR which cause malfunction device.
Fix this issue by correctly propagating failure during tftp transport.
With this change when there is no eth link, bubt does not erase SPI-NOR
anymore.
=> bubt
Burning U-Boot image "flash-image.bin" from "tftp" to "spi"
ethernet@30000 Waiting for PHY auto negotiation to complete......... TIMEOUT !
ethernet@30000: No link.
Error: Failed to read file flash-image.bin from tftp
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
Current image type verification code is specific to 32-bit Armada SoCs but
used only for Armada 38x. Implement image type verification for Armada 3700
and enable Armada 38x image verification for all 32-bit Armada SoCs.
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
add arguments for mmc wp to assign which boot partition to protect.
Signed-off-by: Ying-Chun Liu (PaulLiu) <[email protected]>
Cc: Peng Fan <[email protected]>
Cc: Jaehoon Chung <[email protected]>
|
|
These flags may be used to check whether an FPGA driver is able to
load a particular FPGA bitstream image.
Signed-off-by: Oleksandr Suvorov <[email protected]>
Tested-by: Ricardo Salveti <[email protected]>
Tested-by: Adrian Fiergolski <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Michal Simek <[email protected]>
|
|
It allows using this feature without enabling the "fpga loads"
command.
Signed-off-by: Oleksandr Suvorov <[email protected]>
Co-developed-by: Adrian Fiergolski <[email protected]>
Signed-off-by: Adrian Fiergolski <[email protected]>
Tested-by: Ricardo Salveti <[email protected]>
Tested-by: Adrian Fiergolski <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Michal Simek <[email protected]>
|
|
Just a spelling mistake.
Signed-off-by: Ramin Zaghi <[email protected]>
|
|
Fix diacritics in some instances of my name and change my e-mail address
to [email protected].
Add corresponding .mailmap entries.
Signed-off-by: Marek Behún <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
tlv_eeprom uses crc32() function, so add dependency into Kconfig.
Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Baruch Siach <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
Do not suggest successful operation if a flash area to be changed is
actually locked, thus will not execute the request. Rather report an
error and bail out. That's way more user-friendly than asking them to
manually check for this case.
Derived from original patch by Chao Zeng.
Signed-off-by: Jan Kiszka <[email protected]>
Acked-by: Jagan Teki <[email protected]>
|
|
efi_dp_str() allocates memory which should be released after use.
Use %pD printf code. Adjust message wording.
Fixes: d837cb1e3b6b ("efi: Add debugging to efi_set_bootdev()")
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
|
|
https://source.denx.de/u-boot/custodians/u-boot-dm into next
nman external-symbol improvements
Driver model memory-usage reporting
patman test-reporting improvements
Add bloblist design goals
|
|
This converts the following to Kconfig:
CONFIG_SYS_BOOTM_LEN
As part of this, rework error handling in boot/bootm.c so that we pass
the buffer size to handle_decomp_error as CONFIG_SYS_BOOTM_LEN will not
be available to host tools but we do know the size that we passed to
malloc().
Cc: Soeren Moch <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
This converts the following to Kconfig:
CONFIG_USE_ONENAND_BOARD_INIT
Signed-off-by: Tom Rini <[email protected]>
|
|
The "autoload" environment variable is always checked with env_get_yesno
as it can be set to any form of no. The default behavior of
env_get_yesno is to return -1 on variables that are not set, which acts
as true in general (we test for non-zero return). To convert
CONFIG_SYS_AUTOLOAD to Kconfig, given that it was almost always used to
set autoload to no, first rename to CONFIG_SYS_DISABLE_AUTOLOAD for
consistency sake. Then, make it so that if enabled we set autoload=0 in
the default environment. Migrate all platforms which set
CONFIG_SYS_AUTOLOAD to non-true or that set autoload to false in their
default environment to using CONFIG_SYS_DISABLE_AUTOLOAD
Signed-off-by: Tom Rini <[email protected]>
|
|
When running "i2c md 0 0 80000100", the function do_i2c_md parses the
length into an unsigned int variable named length. The value is then
moved to a signed variable:
int nbytes = length;
#define DISP_LINE_LEN 16
int linebytes = (nbytes > DISP_LINE_LEN) ? DISP_LINE_LEN : nbytes;
ret = dm_i2c_read(dev, addr, linebuf, linebytes);
On systems where integers are 32 bits wide, 0x80000100 is a negative
value to "nbytes > DISP_LINE_LEN" is false and linebytes gets assigned
0x80000100 instead of 16.
The consequence is that the function which reads from the i2c device
(dm_i2c_read or i2c_read) is called with a 16-byte stack buffer to fill
but with a size parameter which is too large. In some cases, this could
trigger a crash. But with some i2c drivers, such as drivers/i2c/nx_i2c.c
(used with "nexell,s5pxx18-i2c" bus), the size is actually truncated to
a 16-bit integer. This is because function i2c_transfer expects an
unsigned short length. In such a case, an attacker who can control the
response of an i2c device can overwrite the return address of a function
and execute arbitrary code through Return-Oriented Programming.
Fix this issue by using unsigned integers types in do_i2c_md. While at
it, make also alen unsigned, as signed sizes can cause vulnerabilities
when people forgot to check that they can be negative.
Signed-off-by: Nicolas Iooss <[email protected]>
Reviewed-by: Heiko Schocher <[email protected]>
|
|
This command shows the memory used by driver model along with various
hints as to what it might be if some 'core' tags were moved to use the
tag list instead of a core (i.e. always-there) pointer.
This may help with future work to reduce memory usage.
Signed-off-by: Simon Glass <[email protected]>
|
|
Put these in alphabetic order, both in the help and in the implementation,
as there are quite a few subcommands now. Tweak the help for 'dm tree' to
better explain what it does.
Signed-off-by: Simon Glass <[email protected]>
|
|
This is not a good name anymore as it does not dump everything. Rename it
to dm_dump_tree() to avoid confusion.
Signed-off-by: Simon Glass <[email protected]>
|
|
https://source.denx.de/u-boot/custodians/u-boot-microblaze into next
Xilinx changes for v2022.10
cpu:
- Add driver for microblaze cpu
net:
- Add support for DM_ETH_PHY to AXI emac and emaclite
xilinx:
- Switch platforms to DM_ETH_PHY
- DT chagnes in ZynqMP and Zynq
- Enable support for SquashFS
zynqmp:
- Add support for KR260 boards
- Move BSS from address 0
- Move platform identification from board code to soc driver
- Improve zynqmp_psu_init_minimize
versal:
- Enable loading app at EL1
serial:
- Setup default address and clock rates for DEBUG uarts
pinctrl:
- Add support for tri state and output enable properties
relocate-rela:
- Clean relocate-rela implementation for ARM64
- Add support for Microblaze
microblaze:
- Add support for runtime relocation
- Rework cache handling (wiring, Kconfig) based on cpuinfo
- Remove interrupt support
timer:
- Extract axi timer driver from Microblaze to generic location
|
|
Migrate cpu command to use U_BOOT_CMD_WITH_SUBCMDS() helper macro, to
reduce duplicated code. This also fixes the cpu command on boards that
enable CONFIG_NEEDS_MANUAL_RELOC.
Signed-off-by: Ovidiu Panait <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Michal Simek <[email protected]>
|
|
Currently, enabling CMD_MISC gives:
cmd/misc.c:67:25: warning: assignment to 'int (*)(struct udevice *, int, void *, int)' from incompatible pointer type 'int (*)(struct udevice *, int, const void *, int)' [-Wincompatible-pointer-types]
Because 'misc_read' takes a void * and 'misc_write' takes a const void
*, both of which make sense for their operation. Given there's one
place we make use of the function pointer, just call read or write
directly for the operation we're called with.
Reviewed-by: Bin Meng <[email protected]>
Reviewed-by: Sean Anderson <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
