From 06ceff70bf040536163d5010c7560e5846f063c6 Mon Sep 17 00:00:00 2001 From: Pali Rohár Date: Thu, 28 Apr 2022 13:33:09 +0200 Subject: watchdog: Fix SPL build with watchdog disabled in asm files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Allow to compile assembler files in SPL build which calls WATCHDOG_RESET function when watchdog is disabled in SPL and enabled in U-Boot proper. This issue was fixed in past by commit 7fbd42f5afc4 ("watchdog: Handle SPL build with watchdog disabled") for C source files, but not for assembler source files. Currently the only assembler source file which calls WATCHDOG_RESET is arch/powerpc/lib/ticks.S, so this patch affects and fixes powerpc SPL builds. Signed-off-by: Pali Rohár Reviewed-by: Stefan Roese --- include/watchdog.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/watchdog.h b/include/watchdog.h index 14fa5fda259..813cc8f2a5d 100644 --- a/include/watchdog.h +++ b/include/watchdog.h @@ -49,7 +49,13 @@ int init_func_watchdog_reset(void); */ #if defined(CONFIG_WATCHDOG) #if defined(__ASSEMBLY__) - #define WATCHDOG_RESET bl watchdog_reset + /* Don't require the watchdog to be enabled in SPL */ + #if defined(CONFIG_SPL_BUILD) && \ + !defined(CONFIG_SPL_WATCHDOG) + #define WATCHDOG_RESET /*XXX DO_NOT_DEL_THIS_COMMENT*/ + #else + #define WATCHDOG_RESET bl watchdog_reset + #endif #else /* Don't require the watchdog to be enabled in SPL */ #if defined(CONFIG_SPL_BUILD) && \ -- cgit v1.3.1 From 3a0654ecd0d6a39406e6fe91f7a40ce589594ae9 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Fri, 10 Jun 2022 18:24:48 +0200 Subject: efi_loader: correctly identify binary name Only on the sandbox the default EFI binary name (e.g. BOOTX64.EFI) must match the host architecture. In all other cases we must use the target architecture. Use #elif where appropriate. Reported-by: Vagrant Cascadian Signed-off-by: Heinrich Schuchardt --- include/efi_default_filename.h | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) (limited to 'include') diff --git a/include/efi_default_filename.h b/include/efi_default_filename.h index 13b9de8754a..77932984b55 100644 --- a/include/efi_default_filename.h +++ b/include/efi_default_filename.h @@ -5,6 +5,7 @@ * file name is defined in this include. * * Copyright (c) 2022, Heinrich Schuchardt + * Copyright (c) 2022, Linaro Limited */ #ifndef _EFI_DEFAULT_FILENAME_H @@ -14,32 +15,42 @@ #undef BOOTEFI_NAME +#ifdef CONFIG_SANDBOX + #if HOST_ARCH == HOST_ARCH_X86_64 #define BOOTEFI_NAME "BOOTX64.EFI" -#endif - -#if HOST_ARCH == HOST_ARCH_X86 +#elif HOST_ARCH == HOST_ARCH_X86 #define BOOTEFI_NAME "BOOTIA32.EFI" -#endif - -#if HOST_ARCH == HOST_ARCH_AARCH64 +#elif HOST_ARCH == HOST_ARCH_AARCH64 #define BOOTEFI_NAME "BOOTAA64.EFI" -#endif - -#if HOST_ARCH == HOST_ARCH_ARM +#elif HOST_ARCH == HOST_ARCH_ARM #define BOOTEFI_NAME "BOOTARM.EFI" -#endif - -#if HOST_ARCH == HOST_ARCH_RISCV32 +#elif HOST_ARCH == HOST_ARCH_RISCV32 #define BOOTEFI_NAME "BOOTRISCV32.EFI" +#elif HOST_ARCH == HOST_ARCH_RISCV64 +#define BOOTEFI_NAME "BOOTRISCV64.EFI" +#else +#error Unsupported UEFI architecture #endif -#if HOST_ARCH == HOST_ARCH_RISCV64 +#else + +#if defined(CONFIG_ARM64) +#define BOOTEFI_NAME "BOOTAA64.EFI" +#elif defined(CONFIG_ARM) +#define BOOTEFI_NAME "BOOTARM.EFI" +#elif defined(CONFIG_X86_64) +#define BOOTEFI_NAME "BOOTX64.EFI" +#elif defined(CONFIG_X86) +#define BOOTEFI_NAME "BOOTIA32.EFI" +#elif defined(CONFIG_ARCH_RV32I) +#define BOOTEFI_NAME "BOOTRISCV32.EFI" +#elif defined(CONFIG_ARCH_RV64I) #define BOOTEFI_NAME "BOOTRISCV64.EFI" +#else +#error Unsupported UEFI architecture #endif -#ifndef BOOTEFI_NAME -#error Unsupported UEFI architecture #endif #endif -- cgit v1.3.1 From a3f2dcf8f44445703a1919a5fa83b4328b244f92 Mon Sep 17 00:00:00 2001 From: Philippe Schenker Date: Wed, 25 May 2022 09:55:02 +0200 Subject: verdin-imx8mm, verdin-imx8mp: Fix default systemd console output systemd prints its messages on the last console= statement that it finds in the kernel arguments. The current ordering sends the systemd messages to tty1, by default this is the display. Ensure that systemd sends its messages to the default UART, reorder the console= statements accordingly. Signed-off-by: Philippe Schenker Reviewed-by: Stefano Babic Acked-by: Marcel Ziswiler Signed-off-by: Marcel Ziswiler --- include/configs/verdin-imx8mm.h | 4 ++-- include/configs/verdin-imx8mp.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/configs/verdin-imx8mm.h b/include/configs/verdin-imx8mm.h index cd950ad055e..558b78115df 100644 --- a/include/configs/verdin-imx8mm.h +++ b/include/configs/verdin-imx8mm.h @@ -58,8 +58,8 @@ "fdt_board=dev\0" \ "initrd_addr=0x43800000\0" \ "initrd_high=0xffffffffffffffff\0" \ - "setup=setenv setupargs console=${console},${baudrate} " \ - "console=tty1 consoleblank=0 earlycon\0" \ + "setup=setenv setupargs console=tty1 console=${console},${baudrate} " \ + "consoleblank=0 earlycon\0" \ "update_uboot=askenv confirm Did you load flash.bin (y/N)?; " \ "if test \"$confirm\" = \"y\"; then " \ "setexpr blkcnt ${filesize} + 0x1ff && setexpr blkcnt " \ diff --git a/include/configs/verdin-imx8mp.h b/include/configs/verdin-imx8mp.h index 470f64d5a74..52fa2be3ab1 100644 --- a/include/configs/verdin-imx8mp.h +++ b/include/configs/verdin-imx8mp.h @@ -75,7 +75,7 @@ "fdt_board=dev\0" \ "initrd_addr=0x43800000\0" \ "initrd_high=0xffffffffffffffff\0" \ - "setup=setenv setupargs console=${console},${baudrate} console=tty1 " \ + "setup=setenv setupargs console=tty1 console=${console},${baudrate} " \ "consoleblank=0 earlycon\0" \ "update_uboot=askenv confirm Did you load flash.bin (y/N)?; " \ "if test \"$confirm\" = \"y\"; then " \ -- cgit v1.3.1 From d6ad5a0af9e6a12f47008141259f77b568c73ab2 Mon Sep 17 00:00:00 2001 From: Loic Poulain Date: Thu, 26 May 2022 16:37:21 +0200 Subject: mmc: Add support for wait_dat0 callback There is no wait_dat0 mmc ops, causing operations waiting for data line state change (e.g mmc_switch_voltage) to fallback to a 250ms active delay. mmc_ops still used when DM_MMC is not enabled, which is often the case for SPL. The result can be unexpectly long SPL boot time. This change adds support for wait_dat0() mmc operation. Signed-off-by: Loic Poulain Reviewed-by: Jaehoon Chung --- drivers/mmc/mmc.c | 3 +++ include/mmc.h | 1 + 2 files changed, 4 insertions(+) (limited to 'include') diff --git a/drivers/mmc/mmc.c b/drivers/mmc/mmc.c index 8a7d0739006..12d29da528a 100644 --- a/drivers/mmc/mmc.c +++ b/drivers/mmc/mmc.c @@ -34,6 +34,9 @@ static int mmc_set_signal_voltage(struct mmc *mmc, uint signal_voltage); static int mmc_wait_dat0(struct mmc *mmc, int state, int timeout_us) { + if (mmc->cfg->ops->wait_dat0) + return mmc->cfg->ops->wait_dat0(mmc, state, timeout_us); + return -ENOSYS; } diff --git a/include/mmc.h b/include/mmc.h index 9b4dc683110..073b01f82b3 100644 --- a/include/mmc.h +++ b/include/mmc.h @@ -561,6 +561,7 @@ struct mmc_ops { int (*getwp)(struct mmc *mmc); int (*host_power_cycle)(struct mmc *mmc); int (*get_b_max)(struct mmc *mmc, void *dst, lbaint_t blkcnt); + int (*wait_dat0)(struct mmc *mmc, int state, int timeout_us); }; static inline int mmc_hs400_prepare_ddr(struct mmc *mmc) -- cgit v1.3.1 From 163863d572a7bc52b58743b3de4aafbc24dd12c8 Mon Sep 17 00:00:00 2001 From: Marek Vasut Date: Mon, 20 Dec 2021 22:57:57 +0100 Subject: arm: socfpga: vining: Unmount UBIFS and detach UBI in ubi_load script Clean up in ubiload script. Unmount UBIFS from which kernel image was loaded and detach UBI on which the UBIFS is located, otherwise message similar to the following is printed just before booting kernel: Removing MTD device #7 (rootfs) with use count 1 Error when deleting partition "rootfs" (-16) Signed-off-by: Marek Vasut Cc: Siew Chin Lim Cc: Simon Goldschmidt Cc: Tien Fong Chee Reviewed-by: Tien Fong Chee --- include/configs/socfpga_vining_fpga.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/configs/socfpga_vining_fpga.h b/include/configs/socfpga_vining_fpga.h index 9455e4cb560..c333c931ab7 100644 --- a/include/configs/socfpga_vining_fpga.h +++ b/include/configs/socfpga_vining_fpga.h @@ -116,7 +116,8 @@ "addargs=run addcons addmtd addmisc\0" \ "ubiload=" \ "ubi part ${ubimtd} ; ubifsmount ${ubipart} ; " \ - "ubifsload ${kernel_addr_r} /boot/${bootfile}\0" \ + "ubifsload ${kernel_addr_r} /boot/${bootfile} ; " \ + "ubifsumount ; ubi detach\0" \ "netload=" \ "tftp ${kernel_addr_r} ${hostname}/${bootfile}\0" \ "miscargs=nohlt panic=1\0" \ -- cgit v1.3.1 From e744bf3a4ba442a0e9ee1c509c70e1452e3a15d0 Mon Sep 17 00:00:00 2001 From: Tom Rini Date: Wed, 8 Jun 2022 14:30:14 -0400 Subject: odroid_xu3: Fix board environment variable When migrating CONFIG_CONS_INDEX to Kconfig, on this platform we changed what "board" evaluated to in the environment. This in turn meant that we would no longer try and find the correct fdtfile via the normal distro boot logic. Fix this by overriding board in the default environment, as done on other platforms where CONFIG_SYS_BOARD is not what we want to be in the board environment variable. Fixes: f76750d11133 ("Convert CONFIG_CONS_INDEX et al to Kconfig") Reported-by: Gabriel Hojda Tested-by: Gabriel Hojda Signed-off-by: Tom Rini --- include/configs/odroid_xu3.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/configs/odroid_xu3.h b/include/configs/odroid_xu3.h index eb35d7b4ae2..360815bc03e 100644 --- a/include/configs/odroid_xu3.h +++ b/include/configs/odroid_xu3.h @@ -86,6 +86,7 @@ "rootfstype=ext4\0" \ "console=console=ttySAC2,115200n8\0" \ "fdtfile=exynos5422-odroidxu3.dtb\0" \ + "board=odroid\0" \ "board_name=odroidxu3\0" \ "mmcbootdev=0\0" \ "mmcrootdev=0\0" \ -- cgit v1.3.1 From 2ac0baab4aff1a0b45067d0b62f00c15f4e86856 Mon Sep 17 00:00:00 2001 From: Miquel Raynal Date: Thu, 9 Jun 2022 16:02:06 +0200 Subject: fs/squashfs: sqfs_read: Prevent arbitrary code execution Following Jincheng's report, an out-of-band write leading to arbitrary code execution is possible because on one side the squashfs logic accepts directory names up to 65535 bytes (u16), while U-Boot fs logic accepts directory names up to 255 bytes long. Prevent such an exploit from happening by capping directory name sizes to 255. Use a define for this purpose so that developers can link the limitation to its source and eventually kill it some day by dynamically allocating this array (if ever desired). Link: https://lore.kernel.org/all/CALO=DHFB+yBoXxVr5KcsK0iFdg+e7ywko4-e+72kjbcS8JBfPw@mail.gmail.com Reported-by: Jincheng Wang Signed-off-by: Miquel Raynal Tested-by: Jincheng Wang --- fs/squashfs/sqfs.c | 8 +++++--- include/fs.h | 4 +++- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c index 547d2fd4b30..b9f05efd9c9 100644 --- a/fs/squashfs/sqfs.c +++ b/fs/squashfs/sqfs.c @@ -975,6 +975,7 @@ int sqfs_readdir(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp) int i_number, offset = 0, ret; struct fs_dirent *dent; unsigned char *ipos; + u16 name_size; dirs = (struct squashfs_dir_stream *)fs_dirs; if (!dirs->size) { @@ -1057,9 +1058,10 @@ int sqfs_readdir(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp) return -SQFS_STOP_READDIR; } - /* Set entry name */ - strncpy(dent->name, dirs->entry->name, dirs->entry->name_size + 1); - dent->name[dirs->entry->name_size + 1] = '\0'; + /* Set entry name (capped at FS_DIRENT_NAME_LEN which is a U-Boot limitation) */ + name_size = min_t(u16, dirs->entry->name_size + 1, FS_DIRENT_NAME_LEN - 1); + strncpy(dent->name, dirs->entry->name, name_size); + dent->name[name_size] = '\0'; offset = dirs->entry->name_size + 1 + SQFS_ENTRY_BASE_LENGTH; dirs->entry_count--; diff --git a/include/fs.h b/include/fs.h index b43f16a692f..2195dc172ec 100644 --- a/include/fs.h +++ b/include/fs.h @@ -174,6 +174,8 @@ int fs_write(const char *filename, ulong addr, loff_t offset, loff_t len, #define FS_DT_REG 8 /* regular file */ #define FS_DT_LNK 10 /* symbolic link */ +#define FS_DIRENT_NAME_LEN 256 + /** * struct fs_dirent - directory entry * @@ -194,7 +196,7 @@ struct fs_dirent { /** change_time: time of last modification */ struct rtc_time change_time; /** name: file name */ - char name[256]; + char name[FS_DIRENT_NAME_LEN]; }; /* Note: fs_dir_stream should be treated as opaque to the user of fs layer */ -- cgit v1.3.1 From 68edbed454b863dbcd197e19e1ab26a0a05c7d85 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Tue, 14 Jun 2022 08:02:03 +0200 Subject: efi_loader: initialize console size late If CONFIG_VIDEO_DM=n we query the display size from the serial console. Especially when using a remote console the response can be so late that it interferes with autoboot. Only query the console size when running an EFI binary. Add debug output showing the determined console size. Reported-by: Fabio Estevam Fixes: a57ad20d07e8 ("efi_loader: split efi_init_obj_list() into two stages") Fixes: a9bf024b2933 ("efi_loader: disk: a helper function to create efi_disk objects from udevice") Signed-off-by: Heinrich Schuchardt Tested-by: Fabio Estevam Tested-by: Heiko Thiery --- include/efi_loader.h | 2 ++ lib/efi_loader/efi_console.c | 20 +++++++++++++------- lib/efi_loader/efi_setup.c | 4 ++++ 3 files changed, 19 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/efi_loader.h b/include/efi_loader.h index f6651e2c604..c1e00ebac39 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -499,6 +499,8 @@ extern struct list_head efi_register_notify_events; int efi_init_early(void); /* Initialize efi execution environment */ efi_status_t efi_init_obj_list(void); +/* Set up console modes */ +void efi_setup_console_size(void); /* Install device tree */ efi_status_t efi_install_fdt(void *fdt); /* Run loaded UEFI image */ diff --git a/lib/efi_loader/efi_console.c b/lib/efi_loader/efi_console.c index 60a3fc85ac4..3164fd484e2 100644 --- a/lib/efi_loader/efi_console.c +++ b/lib/efi_loader/efi_console.c @@ -5,6 +5,8 @@ * Copyright (c) 2016 Alexander Graf */ +#define LOG_CATEGORY LOGC_EFI + #include #include #include @@ -12,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -58,7 +61,12 @@ const efi_guid_t efi_guid_text_output_protocol = #define cESC '\x1b' #define ESC "\x1b" -/* Default to mode 0 */ +/* + * efi_con_mode - mode information of the Simple Text Output Protocol + * + * Use safe settings before efi_setup_console_size() is called. + * By default enable only the 80x25 mode which must always exist. + */ static struct simple_text_output_mode efi_con_mode = { .max_mode = 1, .mode = 0, @@ -333,13 +341,13 @@ static int __maybe_unused query_vidconsole(int *rows, int *cols) } /** - * query_console_size() - update the mode table. + * efi_setup_console_size() - update the mode table. * * By default the only mode available is 80x25. If the console has at least 50 * lines, enable mode 80x50. If we can query the console size and it is neither * 80x25 nor 80x50, set it as an additional mode. */ -static void query_console_size(void) +void efi_setup_console_size(void) { int rows = 25, cols = 80; int ret = -ENODEV; @@ -351,6 +359,8 @@ static void query_console_size(void) if (ret) return; + log_debug("Console size %dx%d\n", rows, cols); + /* Test if we can have Mode 1 */ if (cols >= 80 && rows >= 50) { efi_cout_modes[1].present = 1; @@ -371,7 +381,6 @@ static void query_console_size(void) } } - /** * efi_cout_query_mode() - get terminal size for a text mode * @@ -1262,9 +1271,6 @@ efi_status_t efi_console_register(void) efi_status_t r; struct efi_device_path *dp; - /* Set up mode information */ - query_console_size(); - /* Install protocols on root node */ r = EFI_CALL(efi_install_multiple_protocol_interfaces (&efi_root, diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c index 250eeb2fcd6..492ecf4cb15 100644 --- a/lib/efi_loader/efi_setup.c +++ b/lib/efi_loader/efi_setup.c @@ -243,6 +243,10 @@ efi_status_t efi_init_obj_list(void) goto out; } + /* Set up console modes */ + efi_setup_console_size(); + + /* Install EFI_RNG_PROTOCOL */ if (IS_ENABLED(CONFIG_EFI_RNG_PROTOCOL)) { ret = efi_rng_register(); if (ret != EFI_SUCCESS) -- cgit v1.3.1