]> git.dujemihanovic.xyz Git - u-boot.git/log
u-boot.git
6 months agoarm: tegra20: bct: add missing <vsprintf.h>
Svyatoslav Ryhel [Fri, 5 Jul 2024 07:16:48 +0000 (10:16 +0300)]
arm: tegra20: bct: add missing <vsprintf.h>

Fixes implicit declaration of function 'hextoul'

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
6 months agoconfigs: transformer: simplify boot command
Svyatoslav Ryhel [Thu, 27 Jun 2024 15:31:41 +0000 (18:31 +0300)]
configs: transformer: simplify boot command

Drop boot device sequence re-definition since now it is default.

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
6 months agoinclude: configs: tegra-common-post: make usb first boot target
Svyatoslav Ryhel [Tue, 18 Jun 2024 10:07:57 +0000 (13:07 +0300)]
include: configs: tegra-common-post: make usb first boot target

This ensures that the device can boot from a USB device prior to MMC. Useful
cases are when installing a new OS from USB while MMC still has a working OS
configuration or if the OS configuration is broken in late boot stages
(kernel boots but the system does not start).

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
6 months agovideo: tegra20: dc: use nvidia,head property to identify DC controller
Svyatoslav Ryhel [Tue, 14 May 2024 06:05:00 +0000 (09:05 +0300)]
video: tegra20: dc: use nvidia,head property to identify DC controller

Use existing nvidia,head device tree property to get DC controller id.

Acked-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
6 months agoconfigs: paz00: enable EDID support
Svyatoslav Ryhel [Sun, 2 Jun 2024 13:26:39 +0000 (16:26 +0300)]
configs: paz00: enable EDID support

Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
6 months agoMerge patch series "xtensa: Enable qemu-xtensa board"
Tom Rini [Thu, 4 Jul 2024 22:11:08 +0000 (16:11 -0600)]
Merge patch series "xtensa: Enable qemu-xtensa board"

Jiaxun Yang <jiaxun.yang@flygoat.com> says:

Hi all,

This series enabled qemu-xtensa board.

For dc232b CPU it needs to be built with toolchain[1].

This is a side product of me investigating architectures
physical address != virtual address in U-Boot. Now we can
get it covered under CI and regular tests.

VirtIO devices are not working as expected, due to U-Boot's
assumption on VA == PA everywhere, I'm going to get this fixed
later.

My Xtensa knowledge is pretty limited, Xtensa people please
feel free to point out if I got anything wrong.

Thanks
[1]: https://github.com/foss-xtensa/toolchain/releases/download/2020.07/x86_64-2020.07-xtensa-dc232b-elf.tar.gz

6 months agoCI Changes
Jiaxun Yang [Tue, 18 Jun 2024 13:56:12 +0000 (14:56 +0100)]
CI Changes

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoci: Wire up qemu_xtensa_dc233c
Jiaxun Yang [Tue, 18 Jun 2024 13:56:11 +0000 (14:56 +0100)]
ci: Wire up qemu_xtensa_dc233c

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agodoc: New documentation for qemu-xtensa
Jiaxun Yang [Tue, 18 Jun 2024 13:56:10 +0000 (14:56 +0100)]
doc: New documentation for qemu-xtensa

Introduce the board and provide instructions on how to get
it work.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoboard: emulation: New board qemu-xtensa
Jiaxun Yang [Tue, 18 Jun 2024 13:56:09 +0000 (14:56 +0100)]
board: emulation: New board qemu-xtensa

Introduce the new board, define every bits.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agodts/upsteam: Add Makefile for xtensa
Jiaxun Yang [Tue, 18 Jun 2024 13:56:08 +0000 (14:56 +0100)]
dts/upsteam: Add Makefile for xtensa

It is required to get it xtensa OF_UPSTREAM work.

Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agodrivers: cpu: Add xtensa CPU driver
Jiaxun Yang [Tue, 18 Jun 2024 13:56:07 +0000 (14:56 +0100)]
drivers: cpu: Add xtensa CPU driver

Implement various CPU related functions.
I'm actually just using it to get cpu clock frequency.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agodrivers: serial: Add xtensa semihosting driver
Jiaxun Yang [Tue, 18 Jun 2024 13:56:06 +0000 (14:56 +0100)]
drivers: serial: Add xtensa semihosting driver

Add xtensa semihosting driver.

It can't use regular semihosting driver as Xtensa's has it's own
semihosting ABI.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoxtensa: Bring in semihosting headers and config options
Jiaxun Yang [Tue, 18 Jun 2024 13:56:05 +0000 (14:56 +0100)]
xtensa: Bring in semihosting headers and config options

They are all directly imported from Linux kernel.

Reviewed-by: Max Filippov <jcmvbkbc@gmail.com>
Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoxtensa: Define PLATFORM_ELFFLAGS
Jiaxun Yang [Tue, 18 Jun 2024 13:56:04 +0000 (14:56 +0100)]
xtensa: Define PLATFORM_ELFFLAGS

u-boot.elf target requires it to work.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoxtensa: Implement phys virt conversion for PTP_MMU
Jiaxun Yang [Tue, 18 Jun 2024 13:56:03 +0000 (14:56 +0100)]
xtensa: Implement phys virt conversion for PTP_MMU

For PTP_MMU our physical address is not directly mapped
into virtual address space, we need to access physical
memory from those fixed map segments.

Implement phys_to_virt and virt_to_phys hook to reflect
this setting.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoxtensa: Correct define of _end symbol
Jiaxun Yang [Tue, 18 Jun 2024 13:56:02 +0000 (14:56 +0100)]
xtensa: Correct define of _end symbol

So U-Boot is using _end symbol to detect location of devicetree
appended at the end of the ROM.

It needs to be calculated based on end of .data load address,
as in our lds .current address is address in RAM.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoxtensa: Move dram_init to xtfpga board file
Jiaxun Yang [Tue, 18 Jun 2024 13:56:01 +0000 (14:56 +0100)]
xtensa: Move dram_init to xtfpga board file

This is a board level stuff.

Tested-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
6 months agoCI: Make pytest export JUnitXML
Tom Rini [Thu, 27 Jun 2024 13:43:20 +0000 (07:43 -0600)]
CI: Make pytest export JUnitXML

Both GitLab and Azure (and other CI systems) have native support for
displaying JUnitXML test report results. The pytest framework that we
use can generate these reports. Change our CI tests so that they will
generate these reports and then have the respective CI platform pick
them up. We write to different locations because of where each CI is
(and isn't) able to easily pass things along.

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agotest/py/tests: Update some network dependencies
Tom Rini [Tue, 18 Jun 2024 20:23:43 +0000 (14:23 -0600)]
test/py/tests: Update some network dependencies

On tests which require "tftpboot" we need to depend not on cmd_net but
rather cmd_tftpboot. And on tests which require cmd_pxe we do not need
to also depend on cmd_net as this should be handled already via Kconfig
logic.

Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agoMerge patch series "testb: Various tweaks and fixes for Labgrid"
Tom Rini [Thu, 4 Jul 2024 15:25:51 +0000 (09:25 -0600)]
Merge patch series "testb: Various tweaks and fixes for Labgrid"

Simon Glass <sjg@chromium.org> says:

This series includes a number of mostly unrelated changes which are in
service of running U-Boot on a lab using Labgrid.

6 months agosmbios: Correct error handling when writing tables
Simon Glass [Sun, 23 Jun 2024 20:30:33 +0000 (14:30 -0600)]
smbios: Correct error handling when writing tables

Since write_smbios_table() returns an address, we cannot use it to
return and error number. Also, failing on sysinfo_detect() breaks
existing boards, e.g. chromebook_link

Correct this by logging and swallowing the error.

Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: a5a57562856 ("lib: smbios: Detect system properties via...")
6 months agotest: Check help output
Simon Glass [Sun, 23 Jun 2024 20:30:31 +0000 (14:30 -0600)]
test: Check help output

The current test doesn't check anything about the output. If a bug
results in junk before the output, this is not currently detected.

Add a check for the first line being the one expected.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agotest: Decode exceptions only with sandbox
Simon Glass [Sun, 23 Jun 2024 20:30:30 +0000 (14:30 -0600)]
test: Decode exceptions only with sandbox

When a real board fails we don't want to decode the exception. Reserve
that behaviour for sandbox. Also avoid raising a new exception on
failure - just re-raise the existing one.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agotest: dm: Show failing driver name
Simon Glass [Sun, 23 Jun 2024 20:30:29 +0000 (14:30 -0600)]
test: dm: Show failing driver name

When a driver is not registered properly it is not clear which one it
is. Adjust test_dm_compat() to show this.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agolog: Allow tests to pass with CONFIG_LOGF_FUNC_PAD set
Simon Glass [Sun, 23 Jun 2024 20:30:28 +0000 (14:30 -0600)]
log: Allow tests to pass with CONFIG_LOGF_FUNC_PAD set

This setting pads out the function names. Adjust the test to handle
this, since some boards use it.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agotest: Make bootstd init run only on sandbox
Simon Glass [Sun, 23 Jun 2024 20:30:27 +0000 (14:30 -0600)]
test: Make bootstd init run only on sandbox

Tests for standard boot need disks to be set up, which can only be done
on sandbox, since adjusting disks on real hardware is not currently
supported. Mark the init function as sandbox-only.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agogoogle: Disable TPMv2 on most Chromebooks
Simon Glass [Sun, 23 Jun 2024 20:30:25 +0000 (14:30 -0600)]
google: Disable TPMv2 on most Chromebooks

This feature is not present on older Chromebooks, so disable the
setting.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agosunxi: Mark scp as optional
Simon Glass [Sun, 23 Jun 2024 20:30:24 +0000 (14:30 -0600)]
sunxi: Mark scp as optional

This binary does not prevent the system from booting. Mark it optional
so that U-Boot can be built without it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
6 months agoam33xx: Provide a function to set up the debug UART
Simon Glass [Sun, 23 Jun 2024 20:30:23 +0000 (14:30 -0600)]
am33xx: Provide a function to set up the debug UART

Since commit 0dba45864b2a ("arm: Init the debug UART") the debug UART is
set up in _main() before early_system_init() is called.

Add a suitable board_debug_uart_init() function to set up the UART in
SPL.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agoinitcall: Correct use of relocation offset
Simon Glass [Sun, 23 Jun 2024 20:30:22 +0000 (14:30 -0600)]
initcall: Correct use of relocation offset

The relocation offset can change in some initcall sequences. Handle
this and make sure it is used for all debugging statements in
init_run_list()

Update the trace test to match.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Caleb Connolly <caleb.connolly@linaro.org>
6 months agodm: core: Enhance comments on bind_drivers_pass()
Simon Glass [Sun, 23 Jun 2024 20:30:21 +0000 (14:30 -0600)]
dm: core: Enhance comments on bind_drivers_pass()

This part of driver model is a little subtle, so add some more comments
to promote better understanding.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agotrace: Update test to tolerate different trace-cmd version
Simon Glass [Sun, 23 Jun 2024 20:30:20 +0000 (14:30 -0600)]
trace: Update test to tolerate different trace-cmd version

Some versions of trace-cmd (or some machines?) show one less dot in the
CPU list.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agoMerge patch series "cmd: avoid duplicate weak functions"
Tom Rini [Wed, 3 Jul 2024 20:44:12 +0000 (14:44 -0600)]
Merge patch series "cmd: avoid duplicate weak functions"

Heinrich Schuchardt <heinrich.schuchardt@canonical.com> says:

[trini: Patch 1/3 was replaced by my series merged just prior to this,
 Heinrich's cover letter is lightly edited and any mistakes are my own]

If we have multiple weak implementations of functions, the linker might
choose any of these.

The EFI sub-systems uses invalidate_icache_all() after loading binaries.
Both the EFI sub-system and cmd/cache.c provide a weak
invalidate_icache_all() function. Remove the EFI instance.

For ARM11 functional implementation of invalidate_icache_all is missing.
Add it.

6 months agoefi_loader: avoid duplicate weak invalidate_icache_all()
Heinrich Schuchardt [Sun, 16 Jun 2024 17:31:05 +0000 (19:31 +0200)]
efi_loader: avoid duplicate weak invalidate_icache_all()

If multiple weak implementations of a weak function exist, it is unclear
which one the linker should chose. cmd/cache.c already defines a weak
invalidate_icache_all().

We don't need a call to invalidate_icache_all() on x86.
ARM, RISC-V, and Sandbox provide an implementation.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agoarm: implement invalidate_icache_all on ARM11
Heinrich Schuchardt [Sun, 16 Jun 2024 17:31:04 +0000 (19:31 +0200)]
arm: implement invalidate_icache_all on ARM11

In EFI sub-system we rely on invalidate_icache_all() to invalidate the
instruction cache after loading binaries. Add the missing implementation on
ARM1136, ARM1176.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
6 months agoMerge patch series "m68k: Implement a default flush_dcache_all"
Tom Rini [Wed, 3 Jul 2024 20:42:11 +0000 (14:42 -0600)]
Merge patch series "m68k: Implement a default flush_dcache_all"

Tom Rini <trini@konsulko.com> says:

Prior to this series we had some de-facto required cache functions that
were either unimplemented on some architectures or differently named.
This would lead in some cases to having multiple "weak" functions
available as well. Rework things so that an architecture must provide
these functions and it is up to that architecture if a "weak" default
function makes sense, or not.

6 months agocmd: cache: Remove weak functions
Tom Rini [Wed, 19 Jun 2024 21:27:59 +0000 (15:27 -0600)]
cmd: cache: Remove weak functions

It should be up to an architecture to decide how to implement cache
functions, and if they need to use weak functions or not. Allowing the
cache command to be built without cache functionality implemented is
unhelpful. Further, guard the call to noncached_set_region with
CONFIG_SYS_NONCACHED_MEMORY as that's when it's implemented and again is
an architecture specific detail.

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agopowerpc: Add the old invalidate_icache_all function
Tom Rini [Wed, 19 Jun 2024 21:27:58 +0000 (15:27 -0600)]
powerpc: Add the old invalidate_icache_all function

Add the old invalidate_icache_all function that prints a warning that
was previously found in cmd/cache.c

Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agopowerpc: Implement a default flush_dcache_all
Tom Rini [Wed, 19 Jun 2024 21:27:57 +0000 (15:27 -0600)]
powerpc: Implement a default flush_dcache_all

Implement a weak default version of flush_dcache_all which is based on
the ARM default, which is to flush the entire range via
flush_dcache_range(...).

Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agosh: Add the old invalidate_icache_all function
Tom Rini [Wed, 19 Jun 2024 21:27:56 +0000 (15:27 -0600)]
sh: Add the old invalidate_icache_all function

Add the old invalidate_icache_all function that prints a warning that
was previously found in cmd/cache.c

Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agosh: Implement a default flush_dcache_all
Tom Rini [Wed, 19 Jun 2024 21:27:55 +0000 (15:27 -0600)]
sh: Implement a default flush_dcache_all

Implement a weak default version of flush_dcache_all which is based on
the ARM default, which is to flush the entire range via
flush_dcache_range(...).

Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agom68k: Rename icache_invalid to invalidate_icache_all
Tom Rini [Wed, 19 Jun 2024 21:27:54 +0000 (15:27 -0600)]
m68k: Rename icache_invalid to invalidate_icache_all

The implementation of icache_invalid appears to be doing what other
architectures call invalidate_icache_all so rename to match.

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agom68k: Implement a default flush_dcache_all
Tom Rini [Wed, 19 Jun 2024 21:27:53 +0000 (15:27 -0600)]
m68k: Implement a default flush_dcache_all

Implement a weak default version of flush_dcache_all which is based on
the ARM default, which is to flush the entire range via
flush_dcache_range(...).

Acked-by: Angelo Dureghello <angelo@kernel-space.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agoMerge tag 'ubifixes-for-v2024-10-rc1' of https://source.denx.de/u-boot/custodians...
Tom Rini [Wed, 3 Jul 2024 15:06:07 +0000 (09:06 -0600)]
Merge tag 'ubifixes-for-v2024-10-rc1' of https://source.denx.de/u-boot/custodians/u-boot-ubi

ubi changes for v2024.10-rc1

fs: ubifs: Add support for ZSTD decompression
  from Piotr Wojtaszczyk

Fixes for ubi command from Martin Kurbanov

6 months agoMerge tag 'dm-pull-2jun24-take2' of https://source.denx.de/u-boot/custodians/u-boot-dm
Tom Rini [Wed, 3 Jul 2024 15:05:52 +0000 (09:05 -0600)]
Merge tag 'dm-pull-2jun24-take2' of https://source.denx.de/u-boot/custodians/u-boot-dm

buildman CI improvements
binman fixes and assumed size
partial tools fixes for Python 3.12
patman enhancements

6 months agobootstd: cros: store partition type in an efi_guid_t
Vincent Stehlé [Thu, 27 Jun 2024 17:06:29 +0000 (19:06 +0200)]
bootstd: cros: store partition type in an efi_guid_t

The scan_part() function uses a struct uuid to store the little-endian
partition type GUID, but this structure should be used only to contain a
big-endian UUID. Use an efi_guid_t instead.

Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agou_boot_pylib: Use correct coverage tool within venv
Simon Glass [Sun, 23 Jun 2024 17:56:21 +0000 (11:56 -0600)]
u_boot_pylib: Use correct coverage tool within venv

When running within a Python venv we must use the 'coverage' tool (which
is within the venv) so that the venv packages are used in preference to
system packages. Otherwise the coverage tests run in a different
environment from the normal tests and may fail due to missing packages.

Handle this by detecting the venv and changing the tool name.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobuildman: Always use the full path in CROSS_COMPILE
Simon Glass [Sun, 23 Jun 2024 17:56:20 +0000 (11:56 -0600)]
buildman: Always use the full path in CROSS_COMPILE

The feature to set the toolchain path does not seem to be needed. It
causes problems with venv (see [1]). Let's remove it.

Add some tests while we are here.

It does not look like any docs changes are needed for this.

[1] https://patchwork.ozlabs.org/project/uboot/patch/20240621131423.2363294-6-sjg@chromium.org/

Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Andrejs Cainikovs <andrejs.cainikovs@toradex.com>
6 months agobuildman: Fix a few typos in toolchain code
Simon Glass [Sun, 23 Jun 2024 17:56:19 +0000 (11:56 -0600)]
buildman: Fix a few typos in toolchain code

Fix 'Thie' and capitalise 'unicode'.

Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
6 months agobuildman: Add python3-pycryptodome
Simon Glass [Sun, 23 Jun 2024 17:56:18 +0000 (11:56 -0600)]
buildman: Add python3-pycryptodome

This is used by some Binman entry types, so add it to allow more tests
to pass.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
6 months agobuildman: Add python3-coverage
Simon Glass [Sun, 23 Jun 2024 17:56:17 +0000 (11:56 -0600)]
buildman: Add python3-coverage

Add this package so we can run code-coverage tests for Binman.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
6 months agobuildman: Add a way to limit the number of buildmans
Simon Glass [Sun, 23 Jun 2024 17:55:15 +0000 (11:55 -0600)]
buildman: Add a way to limit the number of buildmans

Buildman uses all available CPUs by default, so running more than one or
two concurrent processes is not normally useful.

However in some CI cases we want to be able to run several jobs at once
to save time. For example, in a lab situation we may want to run a test
on 20 boards at a time, since only the build step actually takes much
CPU.

Add an option which allows such a limit. When buildman starts up, it
waits until the number of running processes goes below the limit, then
claims a spot in the list. The list is maintained with a temporary file.

Note that the temp file is user-specific, since it is hard to create a
locked temporary file which can be accessed by any user. In most cases,
only one user is running jobs on a machine, so this should not matter.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobuildman: Add a flag to force mrproper on failure
Simon Glass [Sun, 23 Jun 2024 17:55:13 +0000 (11:55 -0600)]
buildman: Add a flag to force mrproper on failure

When a file is removed by a commit (e.g. include/common.h yay!) it can
cause incremental build failures since one of the dependency files from
a previous build may mention the file.

Add an option to run 'make mrproper' automatically when a build fails.
This can be used to automatically resolve the problem, without always
adding the large overhead of 'make mrproper' to every build.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobuildman: Avoid rebuilding when --mrproper is used
Simon Glass [Sun, 23 Jun 2024 17:55:12 +0000 (11:55 -0600)]
buildman: Avoid rebuilding when --mrproper is used

When this flag is enabled, 'make mrproper' is always used when
reconfiguring, so there is no point in doing it again.

Update this.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobuildman: Make mrproper an argument to run_commit()
Simon Glass [Sun, 23 Jun 2024 17:55:11 +0000 (11:55 -0600)]
buildman: Make mrproper an argument to run_commit()

Pass this in so the caller can change it independently of the member
variable.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobuildman: Make mrproper an argument to _config_and_build()
Simon Glass [Sun, 23 Jun 2024 17:55:10 +0000 (11:55 -0600)]
buildman: Make mrproper an argument to _config_and_build()

Pass this in so the caller can change it independently of the member
variable.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobuildman: Make mrproper an argument to _reconfigure()
Simon Glass [Sun, 23 Jun 2024 17:55:09 +0000 (11:55 -0600)]
buildman: Make mrproper an argument to _reconfigure()

Pass this in so the caller can change it independently of the member
variable.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agox86: Set up some assumed sizes for binary blobs
Simon Glass [Sun, 23 Jun 2024 17:55:08 +0000 (11:55 -0600)]
x86: Set up some assumed sizes for binary blobs

Add assumed sizes so that Binman can check that the U-Boot binaries do
not grow too large.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobinman: Make Intel ME default to position 0x1000
Simon Glass [Sun, 23 Jun 2024 17:55:07 +0000 (11:55 -0600)]
binman: Make Intel ME default to position 0x1000

This cannot ever go at offset 0 since the descriptor is there. Use a
better offset for the ME, as used by link and coral, for example.

This matters when we start using assumed sizes for missing blobs.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobinman: Support an assumed size for missing binaries
Simon Glass [Sun, 23 Jun 2024 17:55:06 +0000 (11:55 -0600)]
binman: Support an assumed size for missing binaries

Binman has a the useful feature of handling missing external blobs
gracefully, including allowing them to be missing, deciding whether the
resulting image is functional or not and faking blobs when this is
necessary for particular tools (e.g. mkimage).

This feature is widely used in CI. One drawback is that if U-Boot grows
too large to fit along with the required blobs, then this is not
discovered until someone does a 'real' build which includes the blobs.

Add a 'assume-size' property to entries to allow Binman to reserve a
given size for missing external blobs.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobinman: Update the entrydocs header
Simon Glass [Sun, 23 Jun 2024 17:55:05 +0000 (11:55 -0600)]
binman: Update the entrydocs header

Reduce the length of the underline for this header, to match the
heading itself.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobinman: ti: Regenerate entry docs
Simon Glass [Sun, 23 Jun 2024 17:55:04 +0000 (11:55 -0600)]
binman: ti: Regenerate entry docs

Correct formatting errors in the documentation.

Regenerate the entries.rst file to include this recent addition.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobinman: Regenerate nxp docs
Simon Glass [Sun, 23 Jun 2024 17:55:03 +0000 (11:55 -0600)]
binman: Regenerate nxp docs

Regenerate the entries.rst file to include this recent addition.

Note that more docs are needed here, to actually describe the entry
type.

Note also that the entry type needs Binman tests added.

Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agobinman: efi: Correct entry docs
Simon Glass [Sun, 23 Jun 2024 17:55:02 +0000 (11:55 -0600)]
binman: efi: Correct entry docs

Somehow the class documentation has got out of sync with the generated
entries.rst file. Regenerating it causes errors, so correct these and
regenerate the entries.rst file.

Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 809f28e7213 ("binman: capsule: Use dumped capsule header...")
6 months agoconfigs: enable setvariable at runtime on sandbox
Ilias Apalodimas [Tue, 18 Jun 2024 17:28:20 +0000 (20:28 +0300)]
configs: enable setvariable at runtime on sandbox

We currently don't have any boards enabling CONFIG_EFI_RT_VOLATILE_STORE.
We do have EFI selftests testing the feature though, so enable it in
all the sandbox platforms and test the functionality properly

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agosandbox: cleanup linker scripts and sections
Ilias Apalodimas [Mon, 17 Jun 2024 15:14:18 +0000 (18:14 +0300)]
sandbox: cleanup linker scripts and sections

commit 6e2228fb052b ("Merge patch series "Clean up arm linker scripts"")
was cleaning up linker scripts for armv7 and v8 in a similar fashion.

Several commits in the past -- e.g
commit d0b5d9da5de2 ("arm: make _end compiler-generated")
was moving symbols to be compiler generated. They were defined as c
variables in its own section to force the compiler emit relative a
reference. However, defining those in the linker script will do the
same thing since [0].

So let's remove the special sections from the linker scripts, the
variable definitions from sections.c, and define them as a symbols.
It's worth noting that the linker was discarding the symbols in the
older binary completely since the symbol definition had an extra _.

- new binary
$~ aarch64-linux-gnu-readelf -sW u-boot | grep efi_runtim
   246: 000000000004acbe    13 FUNC    LOCAL  DEFAULT   14 vbe_req_efi_runtime_rand
  3198: 0000000000318690    16 OBJECT  LOCAL  DEFAULT   29 efi_runtime_mmio
  6359: 00000000000dedff   217 FUNC    LOCAL  DEFAULT   14 efi_runtime_relocate
  7942: 00000000003074c0   136 OBJECT  GLOBAL HIDDEN    29 efi_runtime_services
  8869: 0000000000305e20     0 NOTYPE  GLOBAL DEFAULT   27 __efi_runtime_rel_stop
  9159: 0000000000305e20     0 NOTYPE  GLOBAL DEFAULT   27 __efi_runtime_stop
  9410: 0000000000305e20     0 NOTYPE  GLOBAL DEFAULT   27 __efi_runtime_start
 10137: 00000000005981bd     0 NOTYPE  WEAK   HIDDEN    33 efi_runtime.c.de5bed54
 10470: 0000000000305e20     0 NOTYPE  GLOBAL DEFAULT   27 __efi_runtime_rel_start

- old binary
$~ aarch64-linux-gnu-readelf -sW u-boot.old | grep efi_runtim
   246: 000000000004acbe    13 FUNC    LOCAL  DEFAULT   14 vbe_req_efi_runtime_rand
  3198: 0000000000318690    16 OBJECT  LOCAL  DEFAULT   29 efi_runtime_mmio
  6359: 00000000000dedff   221 FUNC    LOCAL  DEFAULT   14 efi_runtime_relocate
  7942: 00000000003074c0   136 OBJECT  GLOBAL HIDDEN    29 efi_runtime_services
 10135: 0000000000598320     0 NOTYPE  WEAK   HIDDEN    33 efi_runtime.c.de5bed54

$~ bloat-o-meter u-bool.old u-boot
add/remove: 0/0 grow/shrink: 1/1 up/down: 7/-4 (3)
Function                                     old     new   delta
efi_memory_init                              343     350      +7
efi_runtime_relocate                         221     217      -4
Total: Before=2009902, After=2009905, chg +0.00%

[0] binutils commit 6b3b0ab89663 ("Make linker assigned symbol dynamic only for shared object")

Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> # sandbox_defconfig on amd64, arm64, riscv64
Reviewed-by: Simon Glass <sjg@chromium.org>
Fixes: commit aac53d3d96a2 ("sandbox: Rename EFI runtime sections")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agodm: core: fix typo in SPL_DM_WARN prompt text
Quentin Schulz [Tue, 11 Jun 2024 13:04:27 +0000 (15:04 +0200)]
dm: core: fix typo in SPL_DM_WARN prompt text

It should read "in SPL" and not "wuth SPL".

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agodm: core: migrate debug() messages to use dm_warn
Quentin Schulz [Tue, 11 Jun 2024 13:04:26 +0000 (15:04 +0200)]
dm: core: migrate debug() messages to use dm_warn

Prior to that, seeing the debug() messages required to enable DM_DEBUG
which defines DEBUG (and then _DEBUG) which in turn makes failing
assert() calls reset U-Boot which isn't necessarily what is desired.

Instead, let's migrate to dm_warn which is using log_debug when unset or
log_warn when set.

While at it, reword the DM_DEBUG symbol in Kconfig to explain what it
now actually does.

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agodm: core: fix signedness in debug messages
Quentin Schulz [Tue, 11 Jun 2024 13:04:25 +0000 (15:04 +0200)]
dm: core: fix signedness in debug messages

outp always point to an unsigned type in ofnode_read_u* functions but
the format specifier is currently always using signed type.

This is an issue since the signed type can only contain half of the
unsigned type values above 0.

However, this now breaks another usecase. Indeed,
ofnode_read_s32_default is actually passing an s32 but it'll be printed
as a u32 instead. But since the function is called u32, it makes more
sense to have it print an unsigned value.

This was discovered because arm,smc-id = <0x82000010>; on RK3588S is
above the max signed value and therefore would return a negative signed
decimal value instead of its proper unsigned one.

Fixes: fa12dfa08a7b ("dm: core: support reading a single indexed u64 value")
Fixes: 4bb7075c830c ("dm: core: support reading a single indexed u32 value")
Fixes: 7e5196c409f1 ("dm: core: Add ofnode function to read a 64-bit int")
Fixes: 9e51204527dc ("dm: core: Add operations on device tree references")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agodm: core: fix misleading debug message when matching compatible
Quentin Schulz [Tue, 11 Jun 2024 13:04:24 +0000 (15:04 +0200)]
dm: core: fix misleading debug message when matching compatible

A driver can have multiple compatible. When the id->compatible matches
for that driver, the first compatible supported by the driver is
currently returned, which gives the following confusing message:

   - found match at 'rk3588_syscon': 'rockchip,rk3588-sys-grf' matches 'rockchip,rk3588-pmugrf'

Considering that the compatible passed in argument is necessarily the
one that exactly matched to enter this code path, there's no need to do
some elaborate logic, just print the driver name and the compatible
passed in argument.

Fixes: d3e773613b6d ("dm: core: Use U-Boot logging instead of pr_debug()")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agotools: patman: fix deprecated Python ConfigParser methods
Brandon Maier [Tue, 4 Jun 2024 16:16:07 +0000 (16:16 +0000)]
tools: patman: fix deprecated Python ConfigParser methods

The method `ConfigParser.readfp()` is marked deprecated[1].

In Python 3.12 this method have been removed, so replace it with
`ConfigParser.read_file()`.

[1] https://docs.python.org/3.11/library/configparser.html#configparser.ConfigParser.readfp

Signed-off-by: Brandon Maier <brandon.maier@collins.com>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agotools: binman: fix deprecated Python ConfigParser methods
Brandon Maier [Tue, 4 Jun 2024 16:16:06 +0000 (16:16 +0000)]
tools: binman: fix deprecated Python ConfigParser methods

The method `ConfigParser.readfp()` is marked deprecated[1].

In Python 3.12 this method have been removed, so replace it with
`ConfigParser.read_file()`.

[1] https://docs.python.org/3.11/library/configparser.html#configparser.ConfigParser.readfp

Signed-off-by: Brandon Maier <brandon.maier@collins.com>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agotools: binman: fix deprecated Python unittest methods
Brandon Maier [Tue, 4 Jun 2024 16:16:05 +0000 (16:16 +0000)]
tools: binman: fix deprecated Python unittest methods

The methods `unittest.assertEquals()` and
`unittest.assertRegexpMatches()` are marked deprecated[1].

In Python 3.12 these aliases have been removed, so do a sed to replace
them with their new names.

[1] https://docs.python.org/3.11/library/unittest.html#deprecated-aliases

Signed-off-by: Brandon Maier <brandon.maier@collins.com>
CC: Simon Glass <sjg@chromium.org>
CC: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agoglobal_data.h: drop write-only field dm_root_f
Rasmus Villemoes [Mon, 27 May 2024 20:04:17 +0000 (22:04 +0200)]
global_data.h: drop write-only field dm_root_f

The dm_root_f field seems to be entirely write-only and hence
redundant, unless 'git grep' fails to find some access generated via
preprocessor token concatenation or similar.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agosandbox: enable support for the unlz4 command
Jonathan Liu [Sat, 25 May 2024 08:10:53 +0000 (18:10 +1000)]
sandbox: enable support for the unlz4 command

This does not work with sandbox at present. Fix it up to use map_sysmem()
to convert an address to a pointer.

Signed-off-by: Jonathan Liu <net147@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix conflict and reformat to 80cols:
Signed-off-by: Simon Glass <sjg@chromium.org>
6 months agopatman: Add a tag for when a patch gets added to a series
Sean Anderson [Fri, 19 Apr 2024 02:36:32 +0000 (22:36 -0400)]
patman: Add a tag for when a patch gets added to a series

When a patch is added to a series after the initial version, there are no
changes to note except that it is new. This is typically done to suppress
the "(no changes in vN)" message. It's also nice to add a change to the
cover letter so reviewers know there is an additional patch. Add a tag to
automate this process a bit.

There are two nits with the current approach:

- It favors '-' as a bullet point, but some people may prefer '*' (or
  something else)
- Tags (e.g. 'patman: ' in 'patman: foo bar') are not stripped. They are
  probably just noise in most series, but they may be useful for treewide
  series to distinguish 'gpio: frobnicate' from 'reset: frobnicate', so
  I've left them in.

Suggestions for the above appreciated.

Suggested-by: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
6 months agopatman: Add Commit-cc as an alias for Patch-cc
Sean Anderson [Fri, 19 Apr 2024 02:36:31 +0000 (22:36 -0400)]
patman: Add Commit-cc as an alias for Patch-cc

Most tags referring to commits (or patches) are named Commit-something. The
exception is Patch-cc. Add a Commit-cc alias so we can use whichever one is
convenient.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
6 months agopatman: Fix tests if add_maintainers is set to False
Sean Anderson [Fri, 19 Apr 2024 02:36:30 +0000 (22:36 -0400)]
patman: Fix tests if add_maintainers is set to False

If add_maintainers is set to False in the user's ~/.patman config, it will
cause the custom_get_maintainer_script to fail since that test expects
maintainers to be added. Set add_maintainer to True in the .patman config
to prevent this.

Fixes: 8c042fb7f9f ("patman: add '--get-maintainer-script' argument")
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agoacpi: set creator_revision in acpi_fill_header
Heinrich Schuchardt [Thu, 18 Apr 2024 03:11:13 +0000 (05:11 +0200)]
acpi: set creator_revision in acpi_fill_header

We should have a single place where we write the default value to the
creator revision field. If we ever will have any table created by another
tool, we can overwrite the value afterwards.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
6 months agosandbox: use sane access rights for files
Heinrich Schuchardt [Wed, 10 Apr 2024 08:38:28 +0000 (10:38 +0200)]
sandbox: use sane access rights for files

When writing an executable, allowing other users to modify it introduces
a security issue.

Generally we should avoid giving other users write access to our files by
default.

Replace chmod(777) by chmod(755) and chmod(644).

Fixes: 47f5fcfb4169 ("sandbox: Add os_jump_to_image() to run another executable")
Fixes: d9165153caea ("sandbox: add flags for open() call")
Fixes: 5c2859cdc302 ("sandbox: Allow reading/writing of RAM buffer")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
6 months agocmd: ubi: check 'updating' before calling ubi_more_update_data()
Martin Kurbanov [Sun, 16 Jun 2024 13:34:18 +0000 (16:34 +0300)]
cmd: ubi: check 'updating' before calling ubi_more_update_data()

If 0 is passed to the 'bytes' parameter in the ubi_start_update(),
there is no need to call the ubi_more_update_data(). Otherwise,
there will be a double-free of 'vol->upd_buf'.

Also check that the ubi_start_update() was called before calling
the ubi_more_update_data().

Signed-off-by: Martin Kurbanov <mmkurbanov@salutedevices.com>
6 months agocmd: ubi: remove redundant initializations
Martin Kurbanov [Sun, 16 Jun 2024 13:34:17 +0000 (16:34 +0300)]
cmd: ubi: remove redundant initializations

Signed-off-by: Martin Kurbanov <mmkurbanov@salutedevices.com>
6 months agofs: ubifs: Add support for ZSTD decompression
Piotr Wojtaszczyk [Tue, 28 May 2024 15:05:28 +0000 (17:05 +0200)]
fs: ubifs: Add support for ZSTD decompression

ZSTD can be a better tradeoff between NAND IO operations and decompression
speed giving a better boot time.

Signed-off-by: Piotr Wojtaszczyk <piotr.wojtaszczyk@timesys.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
6 months agoMerge branch 'next'
Tom Rini [Mon, 1 Jul 2024 19:17:56 +0000 (13:17 -0600)]
Merge branch 'next'

6 months agoPrepare v2024.07
Tom Rini [Mon, 1 Jul 2024 18:07:18 +0000 (12:07 -0600)]
Prepare v2024.07

Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agoconfigs: Resync with savedefconfig
Tom Rini [Mon, 1 Jul 2024 14:49:37 +0000 (08:49 -0600)]
configs: Resync with savedefconfig

Rsync all defconfig files using moveconfig.py

Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agoMerge tag 'u-boot-amlogic-20240701' of https://source.denx.de/u-boot/custodians/u...
Tom Rini [Mon, 1 Jul 2024 14:44:28 +0000 (08:44 -0600)]
Merge tag 'u-boot-amlogic-20240701' of https://source.denx.de/u-boot/custodians/u-boot-amlogic into next

- Switch meson dwc3/usb PHY to set_mode callback for switching USB mode

6 months agoRevert "Merge patch series "zlib: Address CVE-2016-9841""
Tom Rini [Mon, 1 Jul 2024 01:03:14 +0000 (19:03 -0600)]
Revert "Merge patch series "zlib: Address CVE-2016-9841""

This series brings our zlib code more up to date. However, it drops an
important performance improvement that is required on some of our
supported platforms in order to boot Linux before the watchdog resets
the system. Furthermore, the "post increment" version of this
performance loop was not tested, so while we can fix it, it would then
require re-testing all platforms. At this point in time, we will revert
updating zlib (which has had a potential security issue since 2016) and
fix this in the v2024.10 release.

This reverts commit 4914263c9a14315390d3ccc4816cf3a94cfd156d, reversing
changes made to ef8ef5f77c9a998f76a48277a883af1645b54117.

Reported-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Tom Rini <trini@konsulko.com>
6 months agoMerge tag 'efi-2024-10-rc1' of https://source.denx.de/u-boot/custodians/u-boot-efi...
Tom Rini [Sun, 30 Jun 2024 16:59:42 +0000 (10:59 -0600)]
Merge tag 'efi-2024-10-rc1' of https://source.denx.de/u-boot/custodians/u-boot-efi into next

Pull request efi-2024-10-rc1

Documentation:
      Update requirements.txt to use current Python module versions
      Add a page describing debugging U-Boot with GDB
      FIT: describe data-size as a conditionally mandatory property
      Correct link to FIT specification in SPL code.
      Correct kaslrseed command long text description

UEFI:
      Add unit test checking that don't have kaslr-seed when measuring boot
      Deduplicate code for measured boot.

Other:
      Print size information in fwu command

6 months agodoc: develop: Add a general section on gdb usage
Alexander Dahl [Wed, 26 Jun 2024 10:47:18 +0000 (12:47 +0200)]
doc: develop: Add a general section on gdb usage

Mashed up from different sources linked below, including the now gone
Wiki and doc/README.arm-relocation file.  Tested on a custom board with
AT91 SAMA5D2 SoC and Segger J-Link Base adapter.  This is only generic
advice here, the usage is not board specific.  Some board docs have more
specific instructions on using gdb with a particular board.

Link: https://www.slideshare.net/slideshow/embedded-recipes-2019-introduction-to-jtag-debugging/177511981
Link: https://boundarydevices.com/debugging-using-segger-j-link-jtag/
Link: https://web.archive.org/web/20141224200032/http://www.denx.de/wiki/view/DULG/DebuggingUBoot
Link: https://web.archive.org/web/20141206064148/http://www.denx.de/wiki/view/DULG/GDBScripts1
Suggested-by: Marek Vasut <marex@denx.de>
Signed-off-by: Alexander Dahl <ada@thorsis.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
6 months agodoc: fit: Make data-size a conditionally mandatory property
Bastian Germann [Mon, 24 Jun 2024 17:00:38 +0000 (19:00 +0200)]
doc: fit: Make data-size a conditionally mandatory property

Before 9d0750064e (doc: Move external FIT docs into the main body), the
FIT property data-size was not a mandatory property and still it is not
expected to be set alongside the data property.

Move the data-size property to the "Conditionally mandatory property"
section, where it actually belongs.

Signed-off-by: Bastian Germann <bage@debian.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
6 months agotpm: allow the user to select the compiled algorithms
Ilias Apalodimas [Sun, 23 Jun 2024 11:48:18 +0000 (14:48 +0300)]
tpm: allow the user to select the compiled algorithms

Simon reports that after enabling all algorithms on the TPM some boards
fail since they don't have enough storage to accommodate the ~5KB growth.

The choice of hash algorithms is determined by the platform and the TPM
configuration. Failing to cap a PCR in a bank which the platform left
active is a security vulnerability. It might allow  unsealing of secrets
if an attacker can replay a good set of measurements into an unused bank.

If MEASURED_BOOT or EFI_TCG2_PROTOCOL is enabled our Kconfig will enable
all supported hashing algorithms. We still want to allow users to add a
TPM and not enable measured boot via EFI or bootm though and at the same
time, control the compiled algorithms for size reasons.

So let's add a function tpm2_allow_extend() which checks the TPM active
PCRs banks against the one U-Boot was compiled with. We only allow
extending PCRs if the algorithms selected during build match the TPM
configuration.

It's worth noting that this is only added for TPM2.0, since TPM1.2 is
lacking a lot of code at the moment to read the available PCR banks.
We unconditionally enable SHA1 when a TPM is selected, which is the only
hashing algorithm v1.2 supports.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org> # chromebook-link
6 months agotpm: Untangle tpm2_get_pcr_info()
Ilias Apalodimas [Sun, 23 Jun 2024 11:48:17 +0000 (14:48 +0300)]
tpm: Untangle tpm2_get_pcr_info()

This function was used on measured boot to retrieve the number of active
PCR banks and was designed to work with the TCG protocols.
Since we now have the need to retrieve the active PCRs outside the
measured boot context -- e.g use the in the command line, decouple the
function.

Create one that will only adheres to TCG TSS2.0 [0] specification called
tpm2_get_pcr_info() which can be used by the TPM2.0 APIs and a new one that
is called from the measured boot context called tcg2_get_pcr_info()

[0] https://trustedcomputinggroup.org/wp-content/uploads/TSS_Overview_Common_Structures_Version-0.9_Revision-03_Review_030918.pdf

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agoefi_loader: remove unneeded header files
Ilias Apalodimas [Sun, 23 Jun 2024 11:48:16 +0000 (14:48 +0300)]
efi_loader: remove unneeded header files

efi_tcg2.h already includes tpm-v2.h. Remove it

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agotpm: Move TCG functions into a separate file
Ilias Apalodimas [Sun, 23 Jun 2024 11:48:15 +0000 (14:48 +0300)]
tpm: Move TCG functions into a separate file

The previous patch is moving the TPM TCG headers in their own file for
a cleaner API. Move the functions in their own file as well.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agotpm: Move TCG headers into a separate file
Ilias Apalodimas [Sun, 23 Jun 2024 11:48:14 +0000 (14:48 +0300)]
tpm: Move TCG headers into a separate file

commit 97707f12fdab ("tpm: Support boot measurements") moved out code
from the EFI subsystem into the TPM one to support measurements when
booting with !EFI.

Those were moved directly into the TPM subsystem and in the tpm-v2.c
library. In hindsight, it would have been better to move it in new
files since the TCG2 is governed by its own spec, it's overeall cleaner
and also easier to enable certain parts of the TPM functionality.

So let's start moving the headers in a new file containing the TCG
specific bits.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agoefi_loader: remove unused TCG algo definitions
Ilias Apalodimas [Sun, 23 Jun 2024 11:48:13 +0000 (14:48 +0300)]
efi_loader: remove unused TCG algo definitions

commit 97707f12fdab ("tpm: Support boot measurements") moved some of the
EFI TCG code to the TPM subsystem. Those definitions are now in tpm-v2.h.
Let's remove the stale entries

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
6 months agocmd: correct kaslrseed description
Heinrich Schuchardt [Tue, 18 Jun 2024 12:29:13 +0000 (14:29 +0200)]
cmd: correct kaslrseed description

The number of random bytes generated is hard coded as 8.
The command takes no argument.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
6 months agoefi_selftest: can't have measured device-tree with kaslr-seed
Heinrich Schuchardt [Tue, 18 Jun 2024 12:23:48 +0000 (14:23 +0200)]
efi_selftest: can't have measured device-tree with kaslr-seed

Test that we don't have a /chosen/kaslr-seed property if we measure the
device-tree.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>