This pull request
* provides an implementation of UEFI secure booting
* fixes a problem with the rsa_mod_exp driver which stops some boards
from booting when CONFIG_RSA is enabled which is needed for UEFI
secure booting
* enables the EFI_RNG_PROTOCOL if DM_RNG is enabled
* fixes some function comments
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAl6YjlcACgkQxIHbvCwF
GsQ6Jg/+KVRQF0Dn2jiag8Me9ZhafZx4xGTI3LEzFD7V9kG3dmUzbO3m8a5dEevW
bcPNA6EmcKAjyP09AZY4C8ns4sU7wzPu/GQvApD4S5+vcuNbEqRHfW6zzReNXq09
t89DrFH+XLhGnh4uSh0hmfjrlIPVi86hs/f57vKRayrBu8W2yGPci3SNTO5Y0AY1
to7sxP3hGlDCUhqIABWp5ylpWWUSG1MsVNcMOnHpj+jl0iWWYP46EQrGr95egQor
gcGgUOLdOLLOHPYUIOBmo9INnS2MbvE9Mfgh5Bw7JW8DIu/Xp7r1qePQyMLsngc1
pO5yzwMq6EQy6OjuYnXdIBXtHOlZ8rnE9pbTgyUR8T/2CdL2hqr9ddpqa4ryDABX
iaQF8FG+KhY0XQ5EIJV7pEkvf9TMwGguJNlOkmJPeub2n9i0k1tPk0Rwq5ZWWBIn
rHcgZXwl0On3O3f0HvfL0Oas5u9KE1HhA12h/EVmu2Muy36x2WxAAzDnsH19HzqU
QnWBAo8VMyp3qTIZjb3y+qrxcU/joPGt9+hxmur03hzmKOJ9JNOv6vExb+yUIyXQ
4ML6jvTvSVZbvkP++0zMKOjT8ks3xv5q84oFD5Gp4cG8ZpHpA9dj3mXM92Waepo4
pAkko5IGQ4SqaGIBltEQzrG+cCiHHezdD/raCwAo6DgYSmfZUvc=
=+ZDZ
-----END PGP SIGNATURE-----
Merge tag 'efi-2020-07-rc1' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc1
This pull request
* provides an implementation of UEFI secure booting
* fixes a problem with the rsa_mod_exp driver which stops some boards
from booting when CONFIG_RSA is enabled which is needed for UEFI
secure booting
* enables the EFI_RNG_PROTOCOL if DM_RNG is enabled
* fixes some function comments
Enhancements to 'dm' command
Log test enhancements and syslog driver
DM change to read parent ofdata before children
Minor fixes
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl6YdaMRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYLRwf8C+vKmERVLLcrMZMMiLctbY2kVflJV8zG
RjFwBcazZDPYjtHqClFZtJyIDYzgkVQRo+QPcdLxjcA+gjSXdteeRa0XTsBTXOZQ
kbs7yBkL+rCIO2WyXtuyajsmDMQtqM5vYgeBdTeYnJu7NVxwRMYrUqqAKLolNpIN
SKNYz+a8OEOG2EetbTdwwrmSpNy/cZ3wDGYK25DFTte8/vCZMRBTPiiNSrLp/RsM
xIojRcLqzARwpvPfFZ8psASKei9+5oIICUrNvwwQGtjepvZwdFQEl90SKaHw8kMf
sP9rxuqlEN5ec6xnMTUgwfnyBZgNIMSeb4KVPP1rxN2eAa5+bK1OlQ==
=gyyY
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-10apr20-take2' of git://git.denx.de/u-boot-dm
Functions for reading indexed values from device tree
Enhancements to 'dm' command
Log test enhancements and syslog driver
DM change to read parent ofdata before children
Minor fixes
At present a device can read its ofdata before its parent has done the
same. This can cause problems in the case where the parent has a 'ranges'
property, thus affecting the operation of dev_read_addr(), for example.
We already probe parent devices before children so it does not seem to be
a large step to do the same with ofdata.
Make the change and update the documentation in this area.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Ley Foon Tan <ley.foon.tan@intel.com>
Add a new test for fdtdec_set_carveout().
Signed-off-by: Laurentiu Tudor <laurentiu.tudor@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Drop blank line at EFO:
Signed-off-by: Simon Glass <sjg@chromium.org>
The patch adds helper functions to allow reading a single indexed u32
value from a device-tree property containing multiple u32 values, that
is an array of integers.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add test case to cover dev_read_u64 and dev_read_u64_default functions.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Reviewed-by: Simon Glass <sjg@chromium.org>
If CONFIG_LOG=n, we still expect output for log_err(), log_warning(),
log_notice(), log_info() and in case of DEBUG=1 also for log_debug().
Provide unit tests verifying this.
The tests depend on:
CONFIG_CONSOLE_RECORD=y
CONFIG_LOG=n
CONFIG_UT_LOG=y
It may be necessary to increase the value of CONFIG_SYS_MALLOC_F_LEN to
accommodate CONFIG_CONSOLE_RECORD=y.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Use the new function dm_scan_fdt_ofnode_path() to scan all the nodes
which aren't devices themselves but may contain some:
- "/chosen"
- "/clocks"
- "/firmware"
The patch removes the strcmp call in recursive function dm_scan_fdt_live()
and also corrects a conflict with the 2 applied patches in
the commit 1712ca2192 ("dm: core: Scan /firmware node by default")
and in the commit 747558d014 ("dm: fdt: scan for devices under
/firmware too"): the subnodes of "/firmware" (optee for example)
are bound 2 times.
For example the dm tree command result on STM32MP1 is:
STM32MP> dm tree
Class Index Probed Driver Name
-----------------------------------------------------------
root 0 [ + ] root_driver root_driver
firmware 0 [ ] psci |-- psci
sysreset 0 [ ] psci-sysreset | `-- psci-sysreset
simple_bus 0 [ + ] generic_simple_bus |-- soc
...
tee 0 [ + ] optee |-- optee
...
tee 1 [ ] optee `-- optee
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Tested-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The DMA Remapping Reporting (DMAR) table contains information about DMA
remapping.
Add a version simple version of this table with only the minimum fields
filled out. i.e. no entries.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Each ACPI table has its own version number. Add the version numbers in a
single function so we can keep them consistent and easily see what
versions are supported.
Start a new acpi_table file in a generic directory to house this function.
We can move things over to this file from x86 as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Add a sandbox test for the basic ACPI functionality we have so far.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Different CPUs may support different address widths, meaning the amount of
memory they can address. Add a property for this to the cpu_info struct.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Some callers of serial_getinfo() would like to know the UART base
clock speed in order to make decision what to pass to OS in some
cases. In particular, ACPI SPCR table expects only certain base
clock speed and thus we have to act accordingly.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Provide test cases for
* image authentication for signed images
(test_efi_secboot/test_signed.py)
* image authentication for unsigned images
(test_efi_secboot/test_unsigned.py)
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
A fixture for UEFI secure boot tests (image authentication and variable
authentication) is defined. A small file system with test data in a single
partition formatted in fat is created.
This test requires efitools v1.5.2 or later. If the system's efitools
is older, you have to build it on your own and define EFITOOLS_PATH.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Pull in changes that have been pending in our 'next' branch. This
includes:
- A large number of CI improvements including moving to gcc-9.2 for all
platforms.
- amlogic, xilinx, stm32, TI SoC updates
- USB and i2c subsystem updtaes
- Re-sync Kbuild/etc logic with v4.19 of the Linux kernel.
- RSA key handling improvements
It is a pain to have to set the CROSS_COMPILE environment variable when
using test.py's --build option. It is possible to get this using the -A
option from buildman. But it seems better to just use buildman to do the
build when it is available.
However using buildman adds a new dependency to the test system which we
want to avoid. So leave the default as is and add a flag to make it use
buildman.
Note that most of these changes relate to test.py and the parts of the
travis/gitlab/azure scripts which relate to running test and building a
suitable U-Boot to run the tests on.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a test for the dm drivers command. Also fix a null pointer dereference
revealed by said test.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This test is actually made up of five separate tests. Split them out so
that they appear as separate tests.
Unfortunately this restarts U-Boot multiple times which adds about a
second to the already-long vboot test, about 8 seconds total on my
machine. We could add a special 'teardown' test afterwards but if the
tests are executed out of order that would not work.
Changing test_vboot into a class causes it not to be discovered and makes
it different from all other tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a check to make sure that it is not possible to add a new
configuration and use the hashed nodes and hash of another configuration.
Signed-off-by: Simon Glass <sjg@chromium.org>
With CONFIG_OF_CONTROL environment variable $fdtcontroladdr is not defined
and test_efi_grub_net() fails.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
With CONFIG_OF_CONTROL environment variable $fdtcontroladdr is not defined
and test_efi_helloworld_net() fails.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit 41e30dcf87 ("cmd: mmc: Make Mode: printout consistent") fixed
the layout of `mmc info` output. Reflect this change in the respective
testcase.
Also fix a typo in the documentation.
Fixes: 41e30dcf87 ("cmd: mmc: Make Mode: printout consistent")
Signed-off-by: Harald Seiler <hws@denx.de>
Acked-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
4dbc107f46 ("cmd: gpio: Correct do_gpio() return value") correctly
changed the behaviour of the gpio command to return CMD_RET_SUCCESS or
CMD_RET_FAILURE, but any existing script which expects the return value
to be the pin value is broken by this change.
Reinstate the legacy behaviour for `gpio input` only.
Fixes: 4dbc107f46 ("cmd: gpio: Correct do_gpio() return value")
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alex Kiernan <alex.kiernan@hivehome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
In this patch, a very simple test is added to verify that rsa_verify()
using rsa_verify_with_pkey() work correctly.
To keep the code simple, all the test data, either public key and
verified binary data, are embedded in the source.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In the first version, the result of malloc is checked
with ut_assertnonnull. But on a fail, this macro exit
the function, so previously malloc are not freed.
So to avoid a memleak, we don't use ut_assertnonnull,
but simply check the return of malloc. If one has failed,
we freed all the allocated memory and quit the function.
Reported-by: Coverity (CID: 284403)
Reported-by: Coverity (CID: 284404)
Reported-by: Coverity (CID: 284405)
Reported-by: Coverity (CID: 284406)
Reported-by: Coverity (CID: 284407)
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
/X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
=KRoA
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
- Move P2SB from Apollo Lake to a more generic location
- Add a function to find a device by drvdata in DM core
- Enhancement of DM IRQ uclass driver
- Add a clock driver for Intel devices
- Add support for ACPI general-purpose events
- Add a TPM driver for H1/Cr50
- Enable TPM on Google Chromebook Coral
At present driver model supports the IRQ uclass but there is no way to
request a particular interrupt for a driver.
Add a mechanism, similar to clock and reset, to read the interrupts
required by a device from the device tree and to request those interrupts.
U-Boot itself does not have interrupt-driven handlers, so just provide a
means to read and clear an interrupt. This can be useful to handle
peripherals which must use an interrupt to determine when data is
available, for example.
Bring over the basic binding file as well, from Linux v5.4. Note that the
older binding is not supported in U-Boot; the newer 'special form' must be
used.
Add a simple test of the new functionality.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
There can be different types of interrupt controllers in a system and some
drivers may need to distinguish between these. In general this can be
handled using the device tree by adding the interrupt information to
device nodes.
However on x86 devices we have interrupt controllers which are not tied
to any particular device and not really used in U-Boot. These still need
to be inited, so a convenient method is to give each controller a type
and allow a particular controller type to be probed.
Add support for this in sandbox along with a test.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
[bmeng: remove the new bland line at EOF of test/dm/irq.c]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
It is sometimes useful to find a device in a uclass using only its driver
data. The driver data often indicates the 'subtype' of the device, e,g,
via its compatible string.
Add a function to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present we have uclass_foreach_dev() which requires that uclass_get()
be called beforehand to find the uclass. This is good if we suspect that
that function might fail, but often we know that the uclass is available.
Add a new helper which does this uclass_get() automatically, so that only
the uclass ID is needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present devres.h is included in all files that include dm.h but few
make use of it. Also this pulls in linux/compat which adds several more
headers. Drop the automatic inclusion and require files to include devres
themselves. This provides a good indication of which files use devres.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Anatolij Gustschin <agust@denx.de>
At present there is no positive indication that U-Boot has finished
sending sound data. This means that it is not possible to power down an
audio codec, for example. Add a new method that is called once all sound
data has been sent.
Add a new method for this, called when the sound_play() call is done.
Signed-off-by: Simon Glass <sjg@chromium.org>
When writing tests to check the output from commands it is useful to be
able to check the output line by line using an assertion. Add helper
macros to support this and to check that there is no unexpected trailing
data.
Also some commands produce a dump using print_buffer(). Add a way to check
that the correct number of bytes are dumped (ignoring the actual
contents).
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we reset the console buffer before each test but do not
actually set the recording flag. Without this, the output is not
recorded.
Update the code to set the flag before the test and clear it afterwards.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is convenient for bloblist to zero out the contents of a records when
it is added. This saves the callers having to do it.
Update the API accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
A common check is to see if a blob is present, create it if not and make
sure that the size is large enough. Add a function to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>