| Age | Commit message (Collapse) | Author |
|---|
|
When printing the LMB flags for a memory region, there is a need to
check that the array index that is computed is a sane value. Put a
noisy assert in case this check fails, as that implies something with
the LMB code is not working as expected.
Reported-by: Coverity (CID 510463)
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
This commit introduces a number of failure to build issues. For now,
revert it and we will wait for v2 to address the issue and the build
problems as well.
This reverts commit e1c3c720e780eed6647796d69dca6184640234a5.
Signed-off-by: Tom Rini <[email protected]>
|
|
Fix "Integer handling issues (SIGN_EXTENSION)" in newly added code:
Cast serial_info.reg_offset to u64 to prevent an integer overflow when
shifted too many bits to the left. Currently this never happens as the
shift is supposed to be less than 4.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Moritz Fischer <[email protected]>
|
|
Patrick Rudolph <[email protected]> says:
Based on the existing work done by Simon Glass this series adds
support for booting aarch64 devices using ACPI only.
As first target QEMU SBSA support is added, which relies on ACPI
only to boot an OS. As secondary target the Raspberry Pi4 was used,
which is broadly available and allows easy testing of the proposed
solution.
The series is split into ACPI cleanups and code movements, adding
Arm specific ACPI tables and finally SoC and mainboard related
changes to boot a Linux on the QEMU SBSA and RPi4. Currently only the
mandatory ACPI tables are supported, allowing to boot into Linux
without errors.
The QEMU SBSA support is feature complete and provides the same
functionality as the EDK2 implementation.
The changes were tested on real hardware as well on QEMU v9.0:
qemu-system-aarch64 -machine sbsa-ref -nographic -cpu cortex-a57 \
-pflash secure-world.rom \
-pflash unsecure-world.rom
qemu-system-aarch64 -machine raspi4b -kernel u-boot.bin -cpu cortex-a72 \
-smp 4 -m 2G -drive file=raspbian.img,format=raw,index=0 \
-dtb bcm2711-rpi-4-b.dtb -nographic
Tested against FWTS V24.03.00.
Known issues:
- The QEMU rpi4 support is currently limited as it doesn't emulate PCI,
USB or ethernet devices!
- The SMP bringup doesn't work on RPi4, but works in QEMU (Possibly
cache related).
- PCI on RPI4 isn't working on real hardware since the pcie_brcmstb
Linux kernel module doesn't support ACPI yet.
Link: https://lore.kernel.org/r/[email protected]
|
|
On Arm platforms that use ACPI they cannot rely on the "spin-table"
CPU bringup usually defined in the FDT. Thus implement the
'ACPI Multi-processor Startup for ARM Platforms', also referred to as
'ACPI parking protocol'.
The ACPI parking protocol works similar to the spin-table mechanism, but
the specification also covers lots of shortcomings of the spin-table
implementations.
Every CPU defined in the ACPI MADT table has it's own 4K page where the
spinloop code and the OS mailbox resides. When selected the U-Boot board
code must make sure that the secondary CPUs enter u-boot after relocation
as well, so that they can enter the spinloop code residing in the ACPI
parking protocol pages.
The OS will then write to the mailbox and generate an IPI to release the
CPUs from the spinloop code.
For now it's only implemented on ARMv8, but can easily be extended to
other platforms, like ARMv7.
TEST: Boots all CPUs on qemu-system-aarch64 -machine raspi4b
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Tom Rini <[email protected]>
|
|
Allow to use BLOBLIST_TABLES on arm to store ACPI or other tables.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Tom Rini <[email protected]>
|
|
Add a new method to write the processor device identified by _HID
ACPI0007, that is preferred over the Processor OpCode since ACPI 6.0.
Fixes booting arm using ACPI only since the Processor OpCode isn't
found valid by the Linux kernel.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
|
|
Allocate memory for ACPI tables in generic acpi code. When ACPI wasn't
installed in other places, install the ACPI table using BLOBLISTs.
This allows non x86 platforms to boot using ACPI only in case the
EFI loader is being used, since EFI is necessary to advertise the location
of the ACPI tables in memory.
TEST: Booted QEMU SBSA (no QFW) using EFI and ACPI only.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Tom Rini <[email protected]>
|
|
Since ACPI 2.0 the RSDT is deprecated and the XSDT should be preferred.
Until now the RSDT and XSDT entries were keept in sync as all platforms
that installed ACPI tables placed them below 4GiB and thus the address
would fit into the 32bit RSDT.
On platforms that do not have usable DRAM below 4GiB, like QEMU sbsa,
the RSDT cannot be used. Allow both RSDT and XSDT to be null and only
fill those tables that are present in acpi_add_table().
TEST: Fixes a crash on QEMU sbsa and allows to boot on QEMU sbsa.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Tom Rini <[email protected]>
|
|
The SoC can implement acpi_fill_iort to update the IORT table.
Add a helper function to fill out the NAMED_COMPONENT node.
TEST=Run FWTS V24.03.00 on RPi4 and round no problems.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
|
|
Return the ACPI table revision in acpi_get_table_revision() for
PPTT and GTDT. Match both to ACPI 6.2.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
|
|
The FADT structure found in U-Boot represents FADT revision 6 and the
GICC and GICD structures defined in U-Boot are based on ACPI revision
6.3.
Bump the table revision to fix FWTS failures seen on aarch64.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Bin Meng <[email protected]>
|
|
Add a new method to acpi_ops to let drivers fill out ACPI MADT.
The code is unused for now until drivers implement the new ops.
TEST: Booted on QEMU sbsa using driver model generated MADT.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
|
|
Write MADT in common code and let the SoC fill out the body by
calling acpi_fill_madt() which must be implemented at SoC level.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Bin Meng <[email protected]>
|
|
Write the FADT in common code since it's used on all architectures.
Since the FADT is mandatory all SoCs or mainboards must implement the
introduced function acpi_fill_fadt() and properly update the FADT.
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Bin Meng <[email protected]>
|
|
This moves the SPCR and DBG2 table generation into common code, so that
they can be used by architectures other than x86.
Signed-off-by: Maximilian Brune <[email protected]>
Signed-off-by: Patrick Rudolph <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Cc: Simon Glass <[email protected]>
Cc: Bin Meng <[email protected]>
|
|
Simon Glass <[email protected]> says:
This little series adds a new 'memmap' command, intended to show the
layout of memory within U-Boot and how much memory is available for
loading images.
Link: https://lore.kernel.org/r/[email protected]
|
|
Provide a way to access this data structure so that the meminfo command
can use it.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
These library routines obviously do not make use of the
cyclic_register() etc. API, but do need to call schedule(). Include
the proper header.
Eventually, their ifdef logic should be updated to avoid talking about
CONFIG_WATCHDOG.
Signed-off-by: Rasmus Villemoes <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
|
|
Chia-Wei Wang <[email protected]> says:
Aspeed AST2700 SoCs integrates the Caliptra secure IP, where an ECDSA384
signature verification HW interface is exported for SoC crypto needs.
This patch series firstly extends the FIT image signing/verify common
code to support the ECDSA384 algorithm. For better convenience, the
device tree for ECDSA public key storage is also revised by referring
to RSA implementations.
After the FIT common code revision, the driver is implemented for
AST2700 to leverage the Caliptra ECDSA384 signature verification.
These are verified by signed FIT images with the algorithm "sha384,ecdsa384".
Link: https://lore.kernel.org/r/[email protected]
|
|
Add ECDSA384 algorithm support for image signing and verification.
Signed-off-by: Chia-Wei Wang <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request efi-2025-01-rc1-2
CI: https://source.denx.de/u-boot/custodians/u-boot-efi/-/pipelines/22810
Documentation:
* Add document describing Ethernet boot on AM62x SoC
* Fix typo in blkmap command example
UEFI:
* Avoid #ifdef in efi_setup.c
* Reduce message noisiness if ESP is missing
* Remove ERROR:, WARNING: prefixes in messages
* Use blk_create_devicef() in block device driver
Others:
* Let CONFIG_CMD_WGET depend on CONFIG_CMD_NET
|
|
Fixes of unreleased buffer, deadcode and wrong variable type detected
by coverity scan.
Addresses-Coverity-ID: 510809: Resource leaks (RESOURCE_LEAK)
Addresses-Coverity-ID: 510806: Control flow issues (DEADCODE)
Addresses-Coverity-ID: 510794 Control flow issues (NO_EFFECT)
Signed-off-by: Raymond Mao <[email protected]>
|
|
lmb_add_region() returns a positive integer if the added regions causes
existing regions to be coalesced. We still want to notify the EFI
subsystem about these added regions though, so adjust lmb_add() to only
bail on errors.
This fixes EFI memory allocation on boards with adjacent memory banks as is the
case on several Qualcomm boards like the RB3 Gen 2.
Fixes: 2f6191526a13 (lmb: notify of any changes to the LMB memory map)
Signed-off-by: Caleb Connolly <[email protected]>
Reviewed-by: Sughosh Ganu <[email protected]>
Tested-by: Neil Armstrong <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
The EFI block device driver is the only user of blk_create_device() outside
the block device uclass. Use blk_create_devicef() instead like other block
device drivers.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
We should not write "ERROR:" or "WARNING:" when using log_err() or
log_warning(). These prefixed don't provide additional information.
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Messages written with log_err() should terminate with a linefeed.
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
EFI variables can be stored in a file on the EFI system partition. If that
partition is missing we are writing two error messages per variable. This
is too noisy.
Just warn once about the missing ESP.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
We prefer `if` over `#ifdef` in our code.
Eliminate #ifdef statements in efi_setup.c.
Reviewed-by: Ilias Apalodimas <[email protected]>
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
It might happen that CONFIG_GZIP and CONFIG_LZO are enabled but we might
have CONFIG_MULTI_DTB_FIT_LZO enabled in this case in the code path of
uncompress_blob() we parse the gzip headers first which results in
`Error: Bad gzipped data` being printed. To avoid this parse the gzip/lzo
headers only when dependencies have met.
Signed-off-by: Lad Prabhakar <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
|
|
The TFTP protocol uses a default block size of 512 bytes. This value is
sub-optimal for ethernet devices, which have a MTU (Maximum Transmission
Unit) of 1500 bytes. When taking into acount the overhead of the IP and
UDP layers, this leaves 1468 bytes for the TFTP payload.
This patch introduces a new function: tftp_client_set_blksize() which
may be used to change the block size from the default. It has to be
called after tftp_client_init() and before tftp_get(). If the server
does not support the option, the client will still accept to receive
512-byte blocks.
Submitted upstream: https://savannah.nongnu.org/patch/index.php?10462
Signed-off-by: Jerome Forissier <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
|
|
Implement do_tftpb(). This implementation of the tftp command
supports an optional port number. For example:
tftp 192.168.0.30:9069:file.bin
It also supports taking the server IP from ${tftpserverip} if
defined, before falling back to ${serverip}.
Signed-off-by: Jerome Forissier <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
Tested-by: Ilias Apalodimas <[email protected]>
|
|
The TFTP app should not bind to the TFTP server port when configured as
a client. Instead, the local port should be chosen from the dynamic
range (49152 ~ 65535) so that if the application is stopped and started
again, the remote server will not consider the new packets as part of
the same context (which would cause an error since a new RRQ would be
unexpected).
Submitted upstream: https://savannah.nongnu.org/patch/?10480
Signed-off-by: Jerome Forissier <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Add what it takes to enable NETDEVICES with NET_LWIP and enable DHCP as
well as the dhcp command. CMD_TFTPBOOT is selected by BOOTMETH_EFI due
to this code having an implicit dependency on do_tftpb().
Note that PXE is likely non-fonctional with NET_LWIP (or at least not
100% functional) because DHCP option 209 is not supported by the lwIP
library. Therefore, BOOTP_PXE_DHCP_OPTION cannot be enabled.
Signed-off-by: Jerome Forissier <[email protected]>
Tested-by: Ilias Apalodimas <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
|
|
Build the lwIP library when NET_LWIP is enabled. The following files
are adaptation layers written specially for U-Boot:
lib/lwip/u-boot/arch/cc.h
lib/lwip/u-boot/arch/sys_arch.h (empty)
lib/lwip/u-boot/limits.h (empty)
lib/lwip/u-boot/lwipopts.h
They were initially contributed by Maxim in a previous RFC patch series.
The lwIP stack needs to be added as a Git subtree with the following
command:
$ git subtree add --squash --prefix lib/lwip/lwip \
https://github.com/lwip-tcpip/lwip.git STABLE-2_2_0_RELEASE
Signed-off-by: Jerome Forissier <[email protected]>
Co-developed-by: Maxim Uvarov <[email protected]>
Cc: Maxim Uvarov <[email protected]>
Acked-by: Ilias Apalodimas <[email protected]>
|
|
|
|
A bunch of static functions in the LMB module have used a
double-undersore for the function names. It was suggested to use a
single-underscore instead, as the double-underscore is usually used
by library functions. Replace the double-underscore with
single-underscore for all functions.
Signed-off-by: Sughosh Ganu <[email protected]>
Suggested-by: Simon Glass <[email protected]>
|
|
The variable overlap_only_ram is used to specify that the new memory
region that is being created needs to come from the free memory pool
-- this is done by carving out the memory region from the free
memory. The name is a bit confusing though, as other allocated memory
regions, like boot-services code and data are also part of the RAM
memory. Rename the variable to overlap_conventional to highlight the
fact that it is the free/conventional memory that is being referred to
in this context.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
The EFI memory allocations are now being done through the LMB
module. With this change, there is no need to get the EFI memory map
and set aside EFI allocated memory.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
The EFI_CONVENTIONAL_MEMORY type, which is the usable RAM memory is
now being managed by the LMB module. Remove the addition of this
memory type to the EFI memory map. This memory now gets added to the
EFI memory map as part of the LMB memory map update event handler.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
The EFI_CONVENTIONAL_MEMORY type is now being managed through the LMB
module. Add a separate function, lmb_arch_add_memory() to add the RAM
memory to the LMB memory map. The efi_add_known_memory() function is
now used for adding any other memory type to the EFI memory map.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
The EFI memory allocations are now being done through the LMB module,
and hence the memory map is maintained by the LMB module. Use the
lmb_arch_add_memory() API function to add the usable RAM memory to the
LMB's memory map.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
Some architectures have special or unique aspects which need
consideration when adding memory ranges to the list of available
memory map. Enable this config in such scenarios which allow
architectures and boards to define their own memory map.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
The memory region occupied by U-Boot is reserved by LMB, and gets
added to the EFI memory map through a call from the LMB module. Remove
this superfluous addition to the EFI memory map.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
In U-Boot, LMB and EFI are two primary modules who provide memory
allocation and reservation API's. Both these modules operate with the
same regions of memory for allocations. Use the LMB memory map update
event to notify other interested listeners about a change in it's
memory map. This can then be used by the other module to keep track of
available and used memory.
There is no need to send these notifications when the LMB module is
being unit-tested. Add a flag to the lmb structure to indicate if the
memory map is being used for tests, and suppress sending any
notifications when running these unit tests.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
Use the LMB API's for allocating and freeing up memory. With this, the
LMB module becomes the common backend for managing non U-Boot image
memory that might be requested by other modules.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
U-Boot does not use memory above ram_top. However, this memory does
need to get registered as part of the memory map, so that subsystems
like EFI pass it on to the operating system as part of the EFI memory
map. Add memory above ram_top and reserve it with the LMB_NOOVERWRITE
flag so that it does not get allocated or re-used.
Signed-off-by: Sughosh Ganu <[email protected]>
Suggested-by: Mark Kettenis <[email protected]>
|
|
Add a flag LMB_NONOTIFY that can be passed to the LMB API's for
reserving memory. This will then result in no notification being sent
from the LMB module for the changes to the LMB's memory map.
While here, also add a description of the memory attributes that the
flags signify.
Signed-off-by: Sughosh Ganu <[email protected]>
|
|
The LMB module is to be used as a backend for allocating and freeing
up memory requested from other modules like EFI. These memory requests
are different from the typical LMB reservations in that memory
required by the EFI module cannot be overwritten, or re-requested. Add
versions of the LMB API functions with flags for allocating and
freeing up memory. The caller can then use these API's for specifying
the type of memory that is required. For now, these functions will be
used by the EFI memory module.
Signed-off-by: Sughosh Ganu <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
Raymond Mao <[email protected]> says:
Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
Motivations:
------------
1. MbedTLS is well maintained with LTS versions.
2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
3. MbedTLS recently switched license back to GPLv2.
Prerequisite:
-------------
This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:
$ git subtree add --prefix lib/mbedtls/external/mbedtls \
https://github.com/Mbed-TLS/mbedtls.git \
v3.6.0 --squash
Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:
$ git add --renormalize .
$ git commit
New Kconfig options:
--------------------
`MBEDTLS_LIB` is for MbedTLS general switch.
`MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
MbedTLS.
`MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
MbedTLS crypto alternatives.
`MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
and Pubkey parser with MbedTLS.
By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
when `MBEDTLS_LIB` is enabled.
`LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
`LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
`LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
introduced.
In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
for testing purpose.
Patches for external MbedTLS project:
-------------------------------------
Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
executables which is not supported by MbedTLS at the moment,
addtional patches for MbedTLS are created to adapt with the EFI loader:
1. Decoding of Microsoft Authentication Code.
2. Decoding of PKCS#9 Authenticate Attributes.
3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
4. MbedTLS native test suites for PKCS#7 signer's info.
All above 4 patches (tagged with `mbedtls/external`) are submitted to
MbedTLS project and being reviewed, eventually they should be part of
MbedTLS LTS release.
But before that, please merge them into U-Boot, otherwise the building
will be broken when MBEDTLS_LIB_X509 is enabled.
See below PR link for the reference:
https://github.com/Mbed-TLS/mbedtls/pull/9001
Miscellaneous:
--------------
Optimized MbedTLS library size by tailoring the config file
and disabling all unnecessary features for EFI loader.
From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
sha512) are completely replaced when MbedTLS is enabled.
From v3, the size-growth is slightly reduced by refactoring Hash functions.
From v6, smaller implementations for SHA256 and SHA512 are enabled and
target size reduce significantly.
Target(QEMU arm64) size-growth when enabling MbedTLS:
v1: 6.03%
v2: 4.66%
v3 - v5: 4.55%
v6: 2.90%
Tests done:
-----------
EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
verifying and booting) via U-Boot console.
EFI Secure Boot and Capsule sandbox test passed.
Known issues:
-------------
None.
Link: https://lore.kernel.org/u-boot/[email protected]/
|
