Shows a menu of items that can be controlled using touch panel.
This is useful for touch based devices like tablets to select
alternative boot options (multi-boot).
Signed-off-by: Ondrej Jirman <megous@megous.com>
It does not make sense to enable all SHA algorithms unless they are
needed. It bloats the code and in this case, causes chromebook_link to
fail to build. That board does use the TPM, but not with measured boot,
nor EFI.
Since EFI_TCG2_PROTOCOL already selects these options, we just need to
add them to MEASURED_BOOT as well.
Note that the original commit combines refactoring and new features,
which makes it hard to see what is going on.
Fixes: 97707f12fd tpm: Support boot measurements
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
The PC client spec [0], doesn't describe measurements for DTBs. It does
describe what do to for ACPI tables though.
There is a description for ACPI in 3.3.4.1 PCR[0] – SRTM, POST BIOS,
and Embedded Drivers and they explicitly mention ACPI in there. There's
no mention of ACPI in 3.3.4.2 PCR[1] – Host Platform Configuration.
However, in Figure 6 -- PCR Mapping of UEFI Components ACPI is shown
in PCR1. The general description also mentions PCR0 is for code and PCR1
is for data such as ACPI and SMBIOS.
So let's switch over the DTB measurements to PCR1 which seems a better
fit.
[0] https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Eddie James <eajames@linux.ibm.com>
When bringing in the series 'arm: dts: am62-beagleplay: Fix Beagleplay
Ethernet"' I failed to notice that b4 noticed it was based on next and
so took that as the base commit and merged that part of next to master.
This reverts commit c8ffd1356d, reversing
changes made to 2ee6f3a5f7.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
Add SPL variant of DM_RNG so that the DM_RNG can be disabled in SPL
if necessary. This may be necessary due to e.g. size constraints of
the SPL.
Signed-off-by: Marek Vasut <marex@denx.de>
Create separate helper for just reserving framebuffer region without
creating or enabling simple-framebuffer node.
This is useful for scenarios where user want to preserve the bootloader
splash screen till OS boots up and display server gets started without
displaying anything else in between and thus not requiring
simple-framebuffer.
Signed-off-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Nikhil M Jain <n-jain1@ti.com>
Enable and update simple-framebuffer node using the video handoff
bloblist if video was enabled at SPL stage and corresponding video
bloblist was received at u-boot proper with necessary parameters.
Signed-off-by: Devarsh Thakkar <devarsht@ti.com>
Reviewed-by: Nikhil M Jain <n-jain1@ti.com>
default n doesn't need to be specified. It is default option anyway.
Similar changes have been done by commit 18370f1497 ("Kconfig: Remove all
default n/no options").
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
In case of systems where DRAM bank ends at the edge of 32bit boundary,
start + size calculations would overflow. This happens on STM32MP15xx
with 1 DRAM bank starting at 0xc0000000 and 1 GiB of DRAM. This is a
usual 32bit system DRAM size overflow, fix it by doing all DRAM size
and offset calculations using u64 types. This also covers a case where
a 32bit PAE system might be able to address up to 36bits of DRAM.
Fixes: a4df06e41f ("boot: fdt: Change type of env_get_bootm_low() to phys_addr_t")
Signed-off-by: Marek Vasut <marex@denx.de>
When "memory" node is being processed in fdt_pack_reg() on ARM64
platforms, an unaligned bus access might happen, which leads to
"synchronous abort" CPU exception. Consider next dts example:
/ {
#address-cells = <2>;
#size-cells = <1>;
memory@80000000 {
device_type = "memory";
reg = <0x0 0x80000000 0x3ab00000>,
<0x0 0xc0000000 0x40000000>,
<0x8 0x80000000 0x80000000>;
};
};
After fdt_pack_reg() reads the first addr/size entry from such memory
node, the "p" pointer becomes 12 bytes shifted from its original value
(8 bytes for two address cells + 4 bytes for one size cell). So now it's
not 64-bit aligned, and an attempt to do 64-bit bus access to that
address will cause an abort like this:
"Synchronous Abort" handler, esr 0x96000021, far 0xba235efc
This issue was originally reported by David Virag [1] who observed it
happening on Samsung Exynos7885 SoC (ARM64), and later the same issue
was observed on Samsung Exynos850 (ARM64).
Fix the issue by using put_unaligned_be64() helper, which takes care of
possible unaligned 64-bit accesses. That solution was proposed by Simon
Glass in the original thread [1].
[1] https://lists.denx.de/pipermail/u-boot/2023-July/522074.html
Fixes: 739a01ed8e ("fdt_support: fix an endian bug of fdt_fixup_memory_banks")
Suggested-by: Simon Glass <sjg@google.com>
Reported-by: David Virag <virag.david003@gmail.com>
Closes: https://lists.denx.de/pipermail/u-boot/2023-July/522074.html
Signed-off-by: Sam Protsenko <semen.protsenko@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reduce tmp variable use and remove unnecessary type cast in
env_get_bootm_mapsize(). This aligns the env variable parsing
with env_get_bootm_low(). No functional change.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Change type of 'tmp' variable from phys_size_t to phys_addr_t and
rename it to 'low' to better describe what the variable represents,
which is either the bootm_low address from environment or start of
DRAM address.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Reduce tmp variable use and remove unnecessary type cast in
env_get_bootm_size(). This aligns the env variable parsing
with env_get_bootm_low(). No functional change.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Change type of ulong env_get_bootm_low() to phys_addr_t env_get_bootm_low().
The PPC/LS systems already treat env_get_bootm_low() result as phys_addr_t,
while the function itself still returns ulong. This is potentially dangerous
on 64bit systems, where ulong might not be large enough to hold the content
of "bootm_low" environment variable. Fix it by using phys_addr_t, similar to
what env_get_bootm_size() does, which returns phys_size_t .
Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reported-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Simon Glass <sjg@chromium.org> says:
This series is the culmanation of the current line of refactoring
series. It adjusts pxe to call the booting functionality directly
rather than going through the command-line interface.
With this is is possible to boot using the extlinux bootmeth without
the command line enabled.
It also updates fastboot to do a similar thing.
Use zboot_run() to boot rather than the command line. This allows
extlinux to be used (on x86) without CMDLINE being enabled.
Collect any error but do not return it, to match the existing code.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use bootm_run() and booti_run() to boot rather than the command line.
This allows extlinux to be used without CMDLINE being enabled.
Collect any error but do not return it, to match the existing code.
Signed-off-by: Simon Glass <sjg@chromium.org>
This code undertakes a separate task from the main logic of
label_run_boot() so move it into its own function.
Signed-off-by: Simon Glass <sjg@chromium.org>
The bootm_argv[3] expression is used in many places. It is the FDT
address, so use that name throughout.
Assign it to bootm_argv[3] only at the end, when all the conditions are
resolved.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is far too long and complicated. Split out the part
which actually calls the boot commands into a separate function.
Change a strncpy() to strlcpy() to keep checkpatch happy.
No functional change is intended.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use the new CONFIG_BOOTM symbol to determine whether SYS_BOOT_LEN is
visible or not, since we want to support decompression when CMDLINE is
disabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
Booting an OS does not require the 'bootm' command, so change the
condition for these options.
Move them into boot/ so they don't depend on CMDLINE
Note that CMD_BOOTM_PRE_LOAD has been put directly into the bootm code
so will need some additional refactoring (and a test!) to allow it to
change over.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Create a separate Kconfig option which enables the bootm logic,
separate from the 'bootm' command. This will eventually allow booting
without CMDLINE enabled.
Update boards which disable CMD_BOOTM to disable BOOTM instead, since
CMD_BOOTM now depends on BOOTM
Signed-off-by: Simon Glass <sjg@chromium.org>
The boot menu shows Android first and then a timestamp option. Move
these later since they are less commonly used.
Signed-off-by: Simon Glass <sjg@chromium.org>
Simon Glass <sjg@chromium.org> says:
This series refactors the zboot code to allow it to be used with
CONFIG_COMMAND disabled.
A new zboot_run() function is used to boot a zimage.
The term 'start' is used withint bootm and zboot to indicate the first
phase of booting an image.
Since zboot_start() does the whole boot, rename it to zboot_run() to
align with bootm_run() etc.
Fix a log message while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
* The sandbox must not use an arbitrary file name bootsbox.efi but the
file name matching the host architecture to properly boot the respective
file. We already have an include which provides a macro with the name of
the EFI binary. Use it.
* The path to the EFI binary should be absolute.
* The path and the file name must be capitalized to conform to the UEFI
specification. This is important when reading from case sensitive
file systems.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
If UEFI is enabled in U-Boot, we want it to conform to the UEFI
specification. This requires enabling the boot manager boot method.
Reported-by: E Shattow <lucent@gmail.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The default sequence of boot methods is determined by alphabetical sorting
during linkage.
* efi_mgr must run before efi to be UEFI compliant
* pxe should run as last resort
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
According to README CFG_SYS_BOOTMAPSZ section, in case both "bootm_low" and
"bootm_size" variables are defined, "bootm_mapsize" variable is not defined
and CFG_SYS_BOOTMAPSZ macro is not defined, all data for the Linux kernel
must be between "bootm_low" and "bootm_low" + "bootm_size".
Currently, for systems with DRAM between 0x4000_0000..0x7fff_ffff and with
e.g. bootm_low=0x60000000 and bootm_size=0x10000000, the code will attempt
to reserve memory from 0x4000_0000..0x4fff_ffff, which is incorrect. This
is because "bootm_low" is not taken into consideration correctly.
The last parameter of lmb_alloc_base() is the maximum physical address of
the to be reserved LMB area. Currently this is the start of DRAM bank that
is considered for LMB area reservation + min(DRAM bank size, bootm_size).
In case bootm_low is set to non-zero, this maximum physical address has to
be shifted upward, to min(DRAM bank start + size, bootm_low + bootm_size),
otherwise the reserved memory may be below bootm_low address.
In case of multiple DRAM banks, the current change reserves top part of
the first bank, and reserves the rest of memory in the follow up banks.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
The "bootflow" command currently doesn't support scanning a single
partition. This is inconvenient in setups with multiple bootable
partitions within a single disk, but only one is desired.
Support scanning a single disk partition. Specifically, support the
syntax:
bootflow scan mmc1:4
which scans only mmc device 1, partition 4.
Signed-off-by: Nam Cao <namcao@linutronix.de>
Don't define checksum algos when the underlying hashes are not enabled.
This allows disabling these hashes in SPL (or U-Boot).
Fixes: d16b38f427 ("Add support for SHA384 and SHA512")
Fixes: 646257d1f4 ("rsa: add sha256-rsa2048 algorithm")
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Not all flows have a device and the function already contains logic to
handle this case.
Fixes: eccb25cd59 ("bootstd: Allow the bootdev to be optional in bootflows")
Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
Currently, if boot with extlinux.conf and do not set the fdt
U-Boot will provide its own device tree. This behavior is
beneficial if the U-Boot device tree is in sync with Linux,
but it totally halts the booting of pre-dtb kernels (3.4 for
example) since it uses ATAGs. To fix this, pass `-` in the
fdt extlinux field as a signal that no tree should be used.
Suggested-by: Jonas Schwöbel <jonasschwoebel@yahoo.de>
Tested-by: Jethro Bull <jethrob@hotmail.com>
Signed-off-by: Svyatoslav Ryhel <clamor95@gmail.com>
With the relatively new button API in U-Boot, it's now much easier to
model the common usecase of mapping arbitrary actions to different
buttons during boot - for example entering fastboot mode, setting some
additional kernel cmdline arguments, or booting with a custom recovery
ramdisk, to name a few.
Historically, this functionality has been implemented in board code,
making it fixed for a given U-Boot binary and requiring the code be
duplicated and modified for every board.
Implement a generic abstraction to run an arbitrary command during boot
when a specific button is pressed. The button -> command mapping is
configured via environment variables with the following format:
button_cmd_N_name=<button label>
button_cmd_N=<command to run>
Where N is the mapping number starting from 0. For example:
button_cmd_0_name=vol_down
button_cmd_0=fastboot usb 0
This will cause the device to enter fastboot mode if volume down is held
during boot.
After we enter the cli loop the button commands are no longer valid,
this allows the buttons to additionally be used for navigating a boot
menu.
Tested-by: Svyatoslav Ryhel <clamor95@gmail.com> # Tegra30
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
ret is assigned a value 0 which is never used but
is immediately overwritten in the next statement.
Addresses-Coverity-ID: 453304 ("Unused value")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The 'return 0;' statement is not reachable. Remove it.
'else' is superfluous after an if statement with return.
Addresses-Coverity-ID: 352451 ("Logically dead code")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Sometimes, when only one bootdev is available, and it fails to probe, we
end up in an infinite loop calling probe() on the same device over and
over. With only debug level log output.
Break the loop if we fail to probe the same device twice in a row, and
promote the probe failure message to log_warning().
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Dragan Simic <dsimic@manjaro.org>
At this point, EFI boot manager interfaces is fully independent from
bootefi command. So just rename the configuration parameter.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
