Add a file-type parameter to this function and update all users. Add a
proper comment to the function which we are here.
This will allow tracking of the file types loaded by the extlinux
bootmeth.
Signed-off-by: Simon Glass <sjg@chromium.org>
We want to record the type of each file which is loaded. Add an new
parameter for this, to the read_file() method. Update all users.
Make bootmeth_common_read_file() store information about the image that
is read.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
The efiload_read_file() does similar things to a common function, so
update it to use that instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
As a first step to recording images and where they came from, update
this function to do so, since it is used by two bootmeths
Create a helper function in the bootflow system, since recorded
images are always associated with bootflows.
Signed-off-by: Simon Glass <sjg@chromium.org>
We want to keep track of images which are loaded, or those which could
perhaps be loaded. This will make it easier to manage memory allocation,
as well as permit removal of the EFI set_efi_bootdev() feature.
Add a list of these, attached to the bootflow. For now the list is
empty.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use an alist for this data structure as it is somewhat simpler to
manage. This means that bootstd holds a simple list of bootflow structs
and can drop it at will, without chasing down lists.
Signed-off-by: Simon Glass <sjg@chromium.org>
This list is only used by two functions, which can be updated to iterate
through the global list. Take this approach, which allows the bootdev
list to be dropped.
Overall this makes the code slightly more complicated, but will allow
moving the bootflow list into an alist
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a function which is safe to call in the 'unbind' path, which
returns the bootstd priv data if available.
Signed-off-by: Simon Glass <sjg@chromium.org>
This relates to more than just the bootdev, since there is a global list
of bootflows. Move the function to the bootstd file and rename it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This relates to more than just the bootdev, since there is a global list
of bootflows. Move the function to the bootstd file and rename it.
Signed-off-by: Simon Glass <sjg@chromium.org>
With the recent changes of lwip & mbedTLS we can now download from
https:// urls instead of just http://.
Adjust our wget lwip version parsing to support both URLs.
While at it adjust the default TCP window for QEMU since https seems to
require at least 16384
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
SNI, or Server Name Indication, is an addition to the TLS encryption
protocol that enables a client device to specify the domain name it is
trying to reach in the first step of the TLS handshake, preventing
common name mismatch errors and not reaching to HTTPS server that
enforce this condition. Since most of the websites require it nowadays
add support for it.
It's worth noting that this is already sent to lwIP [0]
[0] https://github.com/lwip-tcpip/lwip/pull/47
Signed-off-by: Javier Tia <javier.tia@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The current code support mbedTLS 2.28. Since we are using a newer
version in U-Boot, update the necessary accessors and the lwIP codebase
to work with mbedTLS 3.6.0. It's worth noting that the patches are
already sent to lwIP [0]
While at it enable LWIP_ALTCP_TLS and enable TLS support in lwIP
[0] https://github.com/lwip-tcpip/lwip/pull/47
Signed-off-by: Javier Tia <javier.tia@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Since lwIP and mbedTLS have been merged we can tweak the config options
and enable TLS1.2 support. Add RSA and ECDSA by default and enable
enough block cipher modes of operation to be comatible with modern
TLS requirements and webservers
Reviewed-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
For upstream Linux kernel we use below DTBs for HiHope boards:
- r8a774a1-hihope-rzg2m-ex.dtb
- r8a774e1-hihope-rzg2h-ex.dtb
- r8a774b1-hihope-rzg2n-ex.dtb
Update the CONFIG_OF_LIST to match the above. Now that we have switched
upstream DTS, drop deleting the nodes and also rename the
r8a774*-u-boot.dtsi files to r8a774*-ex-u-boot.dtsi to match the OF_LIST
files so that the `bootph-all` property gets applied to required nodes
in upstream DTS.
Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
Signed-off-by: Chris Paterson <chris.paterson2@renesas.com>
Currently we set CONFIG_SYS_MMC_ENV_DEV=1 which is wrong:
Loading Environment from MMC... MMC: no card present
*** Warning - No block device, using default environment
This issue was introduced when we switched to using upstream Linux device
trees for the hihope boards which named the MMC devices differently.
Correct to dev 0 so that the U-Boot environment can be loaded from the
correct storage device.
Fixes: 18fb23b131 ("ARM: dts: renesas: Switch to using upstream DT on 64bit Renesas SoCs")
Signed-off-by: Chris Paterson <chris.paterson2@renesas.com>
Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
When support for the Renesas RZ/G2L SoC was added, the GICR base address
for CPU1 was accidentally used. We should instead supply the GICR base
address for CPU0 so that interrupts are correctly configured for the
CPU core that U-Boot is actually using.
Fixes: 387d4275ab ("arm: rmobile: Add basic RZ/G2L family support")
Signed-off-by: Paul Barker <paul.barker.ct@bp.renesas.com>
We are now using the dts/upstream subtree for the RZ/G2L SoC family so
we can drop unused dt-bindings headers.
Signed-off-by: Paul Barker <paul.barker.ct@bp.renesas.com>
Reviewed-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
We are now using the dts/upstream subtree for the RZ/G2L SoC family so
we can drop unused devicetree files from arch/arm/dts.
Signed-off-by: Paul Barker <paul.barker.ct@bp.renesas.com>
Reviewed-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
We are now using the dts/upstream subtree for the RZ/G2L SoC family, so
update the board MAINTAINERS file to match rz-smarc dtsi files in this
subtree.
Signed-off-by: Paul Barker <paul.barker.ct@bp.renesas.com>
Reviewed-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
CI: https://source.denx.de/u-boot/custodians/u-boot-imx/-/pipelines/23262
- Improve imx9 boot medium autodection.
- Add possibility to skip DCD on i.MX8.
- Switch to using upstream DT on DH i.MX6 DHCOM.
- Add support for i.MX6DL DHCOM SoM on PDK2 carrier board.
- Handle FIELD_RETURN on i.MX HAB.
Documentation:
* correct title and author of rst2pdf generated pdf
* describe CONFIG_DEBUG_SBI_CONSOLE
* remove vile language
UEFI
* correct printf codes in mkeficapsule
* add an EFI test app
* move default filename to a function
* move get_efi_pxe_arch() to efi_helper
* allow reporting the host defaults in efidebug
* drop sandbox PXE architecture
Other:
* do not reserve extra 16 KiB of stack in lmb
* disable the sandbox virtio blk device
* provide -N command line flag to control EFI default boot file name
on the sandbox
* provide a unit test for the efi bootmeth
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEK7wKXt3/btL6/yA+hO4vgnE3U0sFAmcvMKkACgkQhO4vgnE3
U0ugEA/+O1SZITtLk77A00DPxf00/GXKY0PljKKx9UbEtEId6Bdc2Sm/Sq7lXy9S
/G5kxqHSmzBLF/VFr0qMXH3eI8KC1wql00XQKkrcfBqXSRVc26xpEPEy9hJGYaG6
dm5mQczSuaqa9+ZV+JppbHT75zhK6/1iDkNzB4v9dnUxijxjcj20CZyoIQponkoj
GIMLw17j7ObOWuU+xhXVmcOfXzyp1jGGIQc48qj/3gzy0OWuqFM4zmZr4HKIpfTQ
p0JBnCAnJpMNZ8JU3AQCh3OmnOff6a1Jfim0jQez9vu6EUTezWwC5MMgq3TBIdXA
UlS9qKHXUVrov9sQV/SbcdwvBsk41E+lGNnt9aO+lAPfn7OzQFLdIOXMXVyKwPVD
yU/VgchS0YAKBNiOM/i++SXogdWhElk+ySjT+gSr1YwOcXLBV+gGKvi7XB/uoVXS
mNN561Ep3YcxZ+6kP81JKYZ9fmuR398XQYU1yjhl0PTRsiF8xK7evmHSvVY2HCg7
fm/K0RFRTXO1A+4gG3Z4jeK6GJWve44Kh8TSM0m+4TOLK21QFhe70fpRUwz4BGCB
vTo3LL7Zxh4GSI5zOS5ViIuZg71+z/NDcS7EMBB6AcHlaaDlDSE0ImhSBuv8YpLX
61FYdwS8Z2eXKCnZNJImXCBp9T7PkyTjB3DH8ECx1LnvfwZQw9o=
=8H9E
-----END PGP SIGNATURE-----
Merge tag 'efi-2025-01-rc2-2' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request efi-2025-01-rc2-2
Documentation:
* correct title and author of rst2pdf generated pdf
* describe CONFIG_DEBUG_SBI_CONSOLE
* remove vile language
UEFI
* correct printf codes in mkeficapsule
* add an EFI test app
* move default filename to a function
* move get_efi_pxe_arch() to efi_helper
* allow reporting the host defaults in efidebug
* drop sandbox PXE architecture
Other:
* do not reserve extra 16 KiB of stack in lmb
* disable the sandbox virtio blk device
* provide -N command line flag to control EFI default boot file name
on the sandbox
* provide a unit test for the efi bootmeth
Working with HAB on the i.MX8MP we've encountered a case where a board
that successfully authenticates u-boot when booting Linux subsequently
fails to properly bring up the RTC.
The RTC registers live in the low-power block of the Secure Non-Volatile
Storage (SNVS) block.
The root cause of the error has been traced to the HAB handing off the
SNVS-RTC in a state where HPCOMR::NPSWA_EN = 0 in other words where the
Non-Privileged Software Access Enable bit is zero.
Configure SNVS to allow unpriv access to SNVS LP for imx8m and imx8mp.
This commit generalizes 723f8359c1 ("imx: mx7: snvs: Add an SNVS init
routine") to also be used on i.MX8M SoCs, and was testeed on i.MX8MP.
Signed-off-by: Ian Ray <ian.ray@gehealthcare.com>
Commit 723f8359c1 ("imx: mx7: snvs: Add an SNVS init routine") noted
that the init_snvs() call likely applies to other i.MX processors, and
this has been found to be true for i.MX8MP.
Move snvs module for future re-use.
Signed-off-by: Ian Ray <ian.ray@gehealthcare.com>
Enable OF_UPSTREAM to use upstream DT and add nxp/imx/ prefix to the
DEFAULT_DEVICE_TREE. And thereby directly build DTB from dts/upstream/src/
including *-u-boot.dtsi files from arch/$(ARCH)/dts/ directory.
Signed-off-by: Marek Vasut <marex@denx.de>
Add support for the DH electronics i.MX6DL DHCOM SoM and a PDK2 evaluation
board. The evaluation board features three serial ports, USB OTG, USB host
with an USB hub, Fast or Gigabit ethernet, eMMC, uSD, SD, analog audio,
PCIe and HDMI video output.
All of the aforementioned features except for mSATA are supported, mSATA
is not available on i.MX6DL and is only available on DHCOM populated with
i.MX6Q SoC which is already supported upstream.
Backport from linux-next commit
c3f5d76a6e03 ("ARM: dts: imx6dl: Add support for i.MX6DL DHCOM SoM on PDK2 carrier board")
Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Christoph Niedermaier <cniedermaier@dh-electronics.com>
Signed-off-by: Shawn Guo <shawnguo@kernel.org>
Currently U-Boot always adds DCD Image to boot container.
On imx8qxp SoC it is possible to init RAM from within SCFW,
and adding a DCD image type to the boot container in this case
breaks booting (No debug output anymore from SCFW! Nor any
output from SPL), so we need to configure a dcd skip somehow.
This patch adds a new imx8image_cmd entry CMD_DCD_SKIP and a
new entry in imximage.cfg "DCD_SKIP". If set to "true"
no DCD image type will be added to the container.
Signed-off-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Improve "mmcautodetect=yes" boot mode autodetection to able to use it
if CONFIG_ENV_IS_NOWHERE=y is used for i.MX9 SoCs and i.MX93 EVK board.
If both CONFIG_ENV_IS_IN_MMC=y and CONFIG_ENV_IS_NOWHERE=y are in the
defconfig, CONFIG_ENV_IS_IN_MMC=y will be overiden default
CONFIG_ENV_IS_NOWHERE settings.
Goal is in this patch to able to use the boot mode autodetection
if defconfig use only CONFIG_ENV_IS_NOWHERE=y option
(without CONFIG_ENV_IS_IN_MMC) for any i.MX9 SoC.
Signed-off-by: Benjamin Szőke <egyszeregy@freemail.hu>
The decision on whether HAB is enabled is solely based on the SEC_CONFIG
fuse. The HAB FIELD_RETURN feature is able to permanently disable HAB on
a CPU, after which it is able to boot unsigned firmware. U-Boot however
does not take into account the FIELD_RETURN mode, and refuses to boot
unsigned software when the feature is enabled.
Also take the FIELD_RETURN fuse into account when deciding whether HAB
is enabled. When The FIELD_RETURN fuse is blown, HAB is not enabled.
Tested on i.MX8M Mini, i.MX8M Plus, i.MX8M Nano and i.MX6ULL
Signed-off-by: Paul Geurts <paul.geurts@prodrive-technologies.com>
The imx_sec_config_fuse_t structure is not specific to the sec_config
fuse, but can be used for all fuse words.
Rename the structure to a more generic name to be reused for other
fuses.
Signed-off-by: Paul Geurts <paul.geurts@prodrive-technologies.com>
Add a simple test of booting with the EFI bootmeth, which runs the app
and checks that it can call 'exit boot-services' (to check that all the
device-removal code doesn't break anything) and then exit back to
U-Boot.
This uses a disk image containing the testapp, ready for execution by
sandbox when needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a new disk for use with tests, which contains the new 'testapp'
EFI app specifically intended for testing the EFI loader.
Attach it to the USB device, since most testing is currently done with
mmc.
Initially this image will be used to test the EFI bootmeth.
Fix a stale comment in prep_mmc_bootdev() while we are here.
For now this uses sudo and a compressed fallback file, like all the
other bootstd tests. Once this series is in, the patch which moves
this to use user-space tools will be cleaned up and re-submitted.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not implemented so cannot actually be used to read blocks.
Disable it until it is implemented, to avoid causing a hang with EFI,
which probes every available BLK device.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Issue: https://source.denx.de/u-boot/u-boot/-/issues/37
When the --native flag is given, pretend to be running the host
architecture rather than sandbox.
Allow the same control for PXE too.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this function from the EFI bootmeth to the common efi_helper file.
No functional change is intended.
Signed-off-by: Simon Glass <sjg@chromium.org>
Sandbox is its own architecture, but sometimes we want to mimic the host
architecture, e.g. when running an EFI app not built by U-Boot.
Add a -N/--native flag which tells sandbox to reflect the architecture
of the host.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a simple app to use for testing. This is intended to do whatever it
needs to for testing purposes. For now it just prints a message and
exits boot services.
There was a considerable amount of discussion about whether it is OK to
call exit-boot-services and then return to U-Boot. This is not normally
done in a real application, since exit-boot-services is used to
completely disconnect from U-Boot. For now, this part is skipped.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Adjust the PDF output options for rst2pdf:
* Set start document to 'index'.
* Set title to 'Das U-Boot'.
* Set author to 'The U-Boot development community'.
Correct documentation link.
Remove obsolete FIXME.
Link: https://rst2pdf.org/static/manual.html
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
All call sites are using size rather than end addresses,
so instead - as previously done - calculating an end address
everywhere, just modify the function to use size and internally
calculate the end address
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Patrick Wildt <pwildt@google.com>
Signed-off-by: Moritz Fischer <moritzf@google.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For printing a ssize_t variable we must use %zd and not %ld to avoid
a -Wformat error on 32-bit systems.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
