TPM2_PCR_Allocate command is required to reconfigure a TPM device
to enable or disable algorithms in run-time, thus this patch introduces
the implementation of PCR allocate APIs and adds related cmd functions
for testing.
To test the feature, ensure that TPM is started up.
Run pcr_allocate command to turn on/off an algorithm, multiple calls
are supported and all changes will be cached:
`tpm2 pcr_allocate <algorithm_name> <on|off>`
Run startup command with argument 'off' to shutdown the TPM.
`tpm2 startup TPM2_SU_CLEAR off`
Reboot the board via `reset` to activate the changes.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
TPM2_shutdown command is sharing same structure and logics with
TPM2_startup, thus this patch extends the existing startup APIs and
cmd functions to support shutdown instead of created new ones.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Up to now we could only use log level, category, and file for filtering.
Allow filtering on a list of functions.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This function is really just getting the data. The size comes along for
the ride. In fact this function is only reliable way to obtain the data
for an image in a FIT, since the FIT may use external data.
Rename it to fit_image_get_data()
Signed-off-by: Simon Glass <sjg@chromium.org>
When looking at ufetch output it isn't immediately obvious which CPU
architecture the presented board has. This patch therefore adds the
CPU architecture string (for example "powerpc") to the "CPU:" line.
The new format is:
CPU: powerpc (1 cores, 1 in use)
Signed-off-by: J. Neuschäfer <j.ne@posteo.net>
Reviewed-by: Caleb Connolly <caleb.connolly@linaro.org>
Link: https://lore.kernel.org/r/20241211-ufetch-v2-3-2b5432ffaeb1@posteo.net
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
The ufetch command is still quite useful on systems without block
device support; remove the CONFIG_BLK dependency and make sure the code
compiles/works with and without CONFIG_BLK.
Reviewed-by: Caleb Connolly <caleb.connolly@linaro.org>
Signed-off-by: J. Neuschäfer <j.ne@posteo.net>
Link: https://lore.kernel.org/r/20241211-ufetch-v2-2-2b5432ffaeb1@posteo.net
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
On 32-bit architectures, LAST_LINE (_LAST_LINE - 1UL) is 64 bits long,
but size_t (from ARRAY_SIZE(...)) is 32 bits. This results in a warning
because the max() macro expects the same type on both sides:
cmd/ufetch.c: In function ‘do_ufetch’:
include/linux/kernel.h:179:24: warning: comparison of distinct pointer types lacks a cast [-Wcompare-distinct-pointer-types]
179 | (void) (&_max1 == &_max2); \
| ^~
cmd/ufetch.c:92:25: note: in expansion of macro ‘max’
92 | int num_lines = max(LAST_LINE + 1, ARRAY_SIZE(logo_lines));
| ^~~
Fix this by casting LAST_LINE to size_t.
Reviewed-by: Caleb Connolly <caleb.connolly@linaro.org>
Signed-off-by: J. Neuschäfer <j.ne@posteo.net>
Link: https://lore.kernel.org/r/20241211-ufetch-v2-1-2b5432ffaeb1@posteo.net
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
Upstream development stopped 2012.
Linux eliminated YAFFS2 in 2010.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Simon Glass <sjg@chromium.org> says:
This series provides a way to keep track of the images used in bootstd,
including the type of each image.
At present this is sort-of handled by struct bootflow but in quite an
ad-hoc way. The structure has become quite large and is hard to query.
Future work will be able to reduce its size.
Ultimately the 'bootflow info' command may change to also show images as
a list, but that is left for later, as this series is already fairly
long. So for now, just introduce the concept and adjust bootstd to use
it, with a simple command to list the images.
This series includes various alist enhancements, to make use of this new
data structure a little easier.
[trini: Drop patch 18 and 19 for now due to size considerations]
Link: https://lore.kernel.org/r/20241115231926.211999-1-sjg@chromium.org
Add a new 'bootstd images' command, which lists the images which have
been loaded.
Update some existing tests to use it. Provide some documentation about
images in general and this command in particular.
Use a more realistic kernel command-line to make the test easier to
follow.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a file-type parameter to this function and update all users. Add a
proper comment to the function which we are here.
This will allow tracking of the file types loaded by the extlinux
bootmeth.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use an alist for this data structure as it is somewhat simpler to
manage. This means that bootstd holds a simple list of bootflow structs
and can drop it at will, without chasing down lists.
Signed-off-by: Simon Glass <sjg@chromium.org>
This relates to more than just the bootdev, since there is a global list
of bootflows. Move the function to the bootstd file and rename it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This relates to more than just the bootdev, since there is a global list
of bootflows. Move the function to the bootstd file and rename it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Raymond Mao <raymond.mao@linaro.org> says:
Motivations for changes:
Current SMBIOS library and command-line tool is not fully matching with
the requirements:
1. Missing support for other mandatory types (#7, #9, #16, #17, #19).
2. Only a few platforms support SMBIOS node from the device tree.
3. Values of some fields are hardcoded in the library other than fetching
from the device hardware.
4. Embedded data with dynamic length is not supported (E.g. Contained
Object Handles in Type #2 and Contained Elements in Type #3)
Changes:
1. Refactor the SMBIOS library and command-line tool to better align with
the SMBIOS spec.
2. Create an arch-specific driver for all aarch64-based platforms to fetch
SMBIOS private data from the device hardware (processor and cache).
3. Create a sysinfo driver to poppulate platform SMBIOS private data.
4. Add generic SMBIOS DTS file for arm64 platforms for those common strings
and values which cannot be retrieved from the system registers.
Vendors can create their own SMBIOS node using this as an example.
For those boards without SMBIOS nodes, this DTS file can be included to
have a generic SMBIOS information of the system.
5. Add support for Type #7 (Cache Information) and link its handles to
Type #4.
6. To minimize size-growth for those platforms which have not sufficient
ROM spaces or the platforms which don't need detailed SMBIOS
information, new added fields are only being built when kconfig
GENERATE_SMBIOS_TABLE_VERBOSE is selected.
Once this patch is acceptted, subsequent patch sets will add other missing
types (#9, #16, #17, #19).
Tests:
To test this with QEMU arm64, please follow the guide on dt_qemu.rst to
get a merged DT to run with.
```
qemu-system-aarch64 -machine virt -machine dumpdtb=qemu.dtb
cat <(dtc -I dtb qemu.dtb) <(dtc -I dtb ./dts/dt.dtb | grep -v /dts-v1/) \
| dtc - -o merged.dtb
qemu-system-aarch64 -machine virt -nographic -bios u-boot.bin \
-dtb merged.dtb
```
Link: https://lore.kernel.org/r/20241206225438.13866-1-raymond.mao@linaro.org
Update the cmd according to the changes of the smbios library:
1. Refactor smbios cmd print functions to match the content defined
by the specification.
2. Add new print functions for Type 3, 4 and 7.
3. Remove the fallback string "Not specified" from smbios_get_string,
as the spec requires a NULL output for those undefined strings.
4. Update the test_cmd_smbios_sandbox pytest expected result to
align with the smbios library changes and add new pytest
test_cmd_smbios_sysinfo_verbose to test the verbose smbios
output.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Move the smbios field definitions to a separated simple headfile,
which is a prerequisite to be included by dts files.
Add new definitions for cache information.
This patch also includes a few of code optimizations in smbios.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Venkatesh Yadav Abbarapu <venkatesh.abbarapu@amd.com> says:
Add the basic 'hello world ta' command which increments the value passed.
This provides easy test for establishing a session with OP-TEE TA and verify.
It includes following subcommands:
optee hello
optee hello <value>; value to increment via OP-TEE HELLO WORLD TA.
Link: https://lore.kernel.org/r/20241219043918.1646095-1-venkatesh.abbarapu@amd.com
The bootmenu command can display
* menu entries defined by environment variables
* menu entries defined by UEFI boot options
Not in all cases showing the UEFI boot options is desired.
Provide a new parameter '-e' to select the display of UEFI boot options.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add the basic 'hello world ta' command which increment
of the value passed. This provides easy test for
establishing a session with OP-TEE TA and verify.
It includes following "hello world ta" subcommands:
optee hello; default value '0' is passed and gets incremented.
optee hello <value>; value to increment via OP-TEE HELLO
WORLD TA.
To enable the OP-TEE side HELLO WORLD example please refer
https://optee.readthedocs.io/en/latest/building/gits/optee_examples/optee_examples.html
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@amd.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
lmb_reserve() is just calling lmb_reserve_flags() with LMB_NONE.
There's not much we gain from this abstraction.
So let's remove the latter, add the flags argument to lmb_reserve()
and make the code a bit easier to follow.
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
Tested-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The number of bytes may only be specified if a device number id provided.
Correct the formatting.
Acked-by: Marek Behún <kabel@kernel.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This is a debug command to monitor the retention state of the data on
the array. The command needs a duplication of the mtd_read_oob()
function to actually return the maximum number of bitflips encountered
while reading the page. We could write a specific implementation for the
Sunxi driver but this is probably enough.
nand watch <off> <size> - check an area for bitflips
nand watch.part <part> - check a partition for bitflips
nand watch.chip - check the whole device for bitflips
The output may be a bit verbose and could look like:
=> nand watch.chip
device 0 whole chip
size adjusted to 0xff60000 (5 bad blocks)
NAND watch for bitflips in area 0x0-0xff60000:
Page 0 (0x00000000) -> error -74
Page 1 (0x00000800) -> error -74
Page 2 (0x00001000) -> error -74
Page 3 (0x00001800) -> error -74
Page 4 (0x00002000) -> error -74
Page 5 (0x00002800) -> error -74
Page 6 (0x00003000) -> error -74
Page 7 (0x00003800) -> error -74
Page 8 (0x00004000) -> error -74
Page 9 (0x00004800) -> error -74
Page 10 (0x00005000) -> error -74
Page 11 (0x00005800) -> error -74
Page 12 (0x00006000) -> error -74
Page 13 (0x00006800) -> error -74
Page 14 (0x00007000) -> error -74
Page 15 (0x00007800) -> error -74
Page 16 (0x00008000) -> error -74
Page 17 (0x00008800) -> error -74
Page 18 (0x00009000) -> error -74
Page 19 (0x00009800) -> error -74
Page 20 (0x0000a000) -> error -74
Page 21 (0x0000a800) -> error -74
Page 22 (0x0000b000) -> error -74
Page 23 (0x0000b800) -> error -74
Page 1110 (0x0022b000) -> up to 1 bf/chunk
Page 1122 (0x00231000) -> up to 1 bf/chunk
Page 1132 (0x00236000) -> up to 1 bf/chunk
Page 1362 (0x002a9000) -> up to 1 bf/chunk
Page 4990 (0x009bf000) -> up to 1 bf/chunk
Page 5728 (0x00b30000) -> up to 1 bf/chunk
Page 7116 (0x00de6000) -> up to 1 bf/chunk
Page 7160 (0x00dfc000) -> up to 1 bf/chunk
Page 7494 (0x00ea3000) -> up to 1 bf/chunk
Page 10842 (0x0152d000) -> up to 1 bf/chunk
Page 11614 (0x016af000) -> up to 1 bf/chunk
Page 11970 (0x01761000) -> up to 1 bf/chunk
Page 12536 (0x0187c000) -> up to 1 bf/chunk
Page 12687 (0x018c7800) -> up to 1 bf/chunk
Page 14298 (0x01bed000) -> up to 1 bf/chunk
Page 18268 (0x023ae000) -> up to 1 bf/chunk
Page 18760 (0x024a4000) -> up to 1 bf/chunk
Page 21440 (0x029e0000) -> up to 1 bf/chunk
Page 22336 (0x02ba0000) -> up to 1 bf/chunk
Page 22592 (0x02c20000) -> up to 1 bf/chunk
Page 23872 (0x02ea0000) -> up to 1 bf/chunk
Page 27584 (0x035e0000) -> up to 1 bf/chunk
Page 35008 (0x04460000) -> up to 1 bf/chunk
Page 37184 (0x048a0000) -> up to 1 bf/chunk
Page 41728 (0x05180000) -> up to 1 bf/chunk
Page 42176 (0x05260000) -> up to 1 bf/chunk
Page 43200 (0x05460000) -> up to 1 bf/chunk
Page 43328 (0x054a0000) -> up to 1 bf/chunk
Page 45376 (0x058a0000) -> up to 1 bf/chunk
Page 47040 (0x05be0000) -> up to 1 bf/chunk
Page 47552 (0x05ce0000) -> up to 1 bf/chunk
Page 49344 (0x06060000) -> up to 1 bf/chunk
Page 49856 (0x06160000) -> up to 1 bf/chunk
Page 62784 (0x07aa0000) -> up to 1 bf/chunk
Page 65153 (0x07f40800) -> up to 1 bf/chunk
Page 65228 (0x07f66000) -> up to 1 bf/chunk
Page 65382 (0x07fb3000) -> up to 1 bf/chunk
Page 98624 (0x0c0a0000) -> up to 1 bf/chunk
Page 101952 (0x0c720000) -> up to 1 bf/chunk
Page 107584 (0x0d220000) -> up to 1 bf/chunk
Page 118208 (0x0e6e0000) -> up to 1 bf/chunk
Page 126656 (0x0f760000) -> up to 1 bf/chunk
Page 127680 (0x0f960000) -> up to 1 bf/chunk
Page 129920 (0x0fdc0000) -> up to 1 bf/chunk
Maximum number of bitflips: 1
Pages with bitflips: 44/130752
It is also possible to reduce the output with the .quiet suffix in order
to just show the summary.
=> nand watch.chip
device 0 whole chip
size adjusted to 0xff60000 (5 bad blocks)
NAND watch for bitflips in area 0x0-0xff60000:
Maximum number of bitflips: 1
Pages with bitflips: 44/130752
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
This breaks chromebook_coral which says:
Video: No video mode configured in FSP!
This reverts commit 2e9313179a846b581c0fc3f6a49e19f3d343efa8.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a small utility for displaying some information about U-Boot and the
hardware it's running on in a similar fashion to the popular neofetch
tool for Linux [1].
While the output is meant to be useful, it should also be pleasing to
look at and perhaps entertaining. The ufetch command aims to bring this
to U-Boot, featuring a colorful ASCII art version of the U-Boot logo.
[1]: https://en.wikipedia.org/wiki/Neofetch
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Mattijs Korpershoek <mkorpershoek@baylibre.com> # vim3
Tested-by: Neil Armstrong <neil.armstrong@linaro.org> # on SM8560-QRD
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
The lwIP version of wget also supports the legacy syntax. Document it in
the help string.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Prepare for implementing the EFI_HTTP_PROTOCOL.
* Make wget functionality callable even if the wget command is not built.
(add CONFIG_WGET symbol)
* Ensure that wget_with_dns() works the same with the old network stack
and with lwIP.
* Put server_name and port into wget_ctx.
* Integrate struct wget_info into wget code.
* Move ip_to_string to lib/net_utils.c
-----BEGIN PGP SIGNATURE-----
iQJWBAABCABAFiEEK7wKXt3/btL6/yA+hO4vgnE3U0sFAmc7WYAiHGhlaW5yaWNo
LnNjaHVjaGFyZHRAY2Fub25pY2FsLmNvbQAKCRCE7i+CcTdTS9ubD/9PHIyInE2t
jnjlHufnTzWJ1FRhj2ppykXWVVVtWlcGsGQ9TDdKqsNsCuFYnthnvRMuny7D8IXG
c6JuaqvRClwyZqFXbuvpD6wR1+AdLCgN0WEDKy47akMA5DrvH56t1HLwrZm/rBK+
cr8Nk3/+78+FQGRwDi0FdxMYqRZvH74eaNxQGHDuGJh4RTqYqHp01UA3xPz8uP1N
Tv+gVnf5lJsI5ZqjZCbjZ4KcN2JLwVOMIeGz9b/OqB9qP8OT+dqSUGRhL13qaier
Bdk0JT5BKhkzXxjOdSD2Iv2FJzSvWLG9h3FxjndyZwCqodOivsjSGh4bfkpeC6AH
QYHpIGP4VlYLs6wCBe4Ae9RJVTMrXEQbTARtLGcCI7ilTkGirfnb4bqFVWWALTdf
n7R5H5cbKsR3vIcRf78UbdJOuLREOnvc72uKrVgRpkWo7HlixIoTuPrVJJPLmser
frBLcnSaDOExkRJV1zaLp2VFE4g/AIgOYd+WyI8F70RoDJe+qyNfiaABFh29aIay
IGFw9mAklcMZEzbU5YiOZVyM7LlrP4u/JDJJs6Z+El8TiubYUrOu0ita/OtNa/RB
rwLgX+fhJZ+tYvm+mi4NY0PqW9L2HHRC1jMMVYM1VktCHRQJV3TbvEaOEsvBbrJR
D1pSyqBnMLf0aqQ1SiVaoZjmteknFwBGGQ==
=8xjC
-----END PGP SIGNATURE-----
Merge tag 'efi-next-2024-11-18' of https://source.denx.de/u-boot/custodians/u-boot-efi into next
CI: https://source.denx.de/u-boot/custodians/u-boot-efi/-/pipelines/23430
- Prepare for implementing the EFI_HTTP_PROTOCOL:
- Make wget functionality callable even if the wget command is not
built (add CONFIG_WGET symbol).
- Ensure that wget_with_dns() works the same with the old network
stack and with lwIP.
- Put server_name and port into wget_ctx.
- Integrate struct wget_info into wget code.
- Move ip_to_string to lib/net_utils.c
These fields are currently set on exactly two platforms today, and used
by only one of them. Update pic32mzdask to use CFG_SYS_SRAM* in the one
location it needs it and otherwise drop this field from the bd_info
struct.
Signed-off-by: Tom Rini <trini@konsulko.com>
Each wget request now fills the struct wget_info. The efi
bootdevice is now set conditionally to the set_bootdevice
variable in wget_info, and the same holds for lmb memory check.
Signed-off-by: Adriano Cordova <adrianox@gmail.com>
Let net/wget.c and net/lwip/wget.c depend on CONFIG_WGET, and
cmd/wget.c depend on CONFIG_CMD_WGET. This way, the wget code
can be used regardless of whether the wget command is available.
Signed-off-by: Adriano Cordova <adrianox@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Rasmus Villemoes <ravi@prevas.dk> says:
Doing bringup of a board, part of my bootstrap logic is in U-Boot. So
when tweaking that logic, I was bitten by a previous completed
bootstrap having left a copy of the environment on the device, which
was imported and thus overrided the new logic.
So I thought, "ok, I'll just make sure to put 'env default -a' as the
first part of the bootstrap logic so I'm not bitten again". Alas, my
logic also relies on certain variables that are set by C code
(e.g. for detecting board variant), and doing 'env default -a' also
eliminates those.
Looking around, the hashtab code already supports a flag that does
exactly what I need, and exposing that is (morally) a one-liner.
Link: https://lore.kernel.org/r/20241030213404.2894247-1-ravi@prevas.dk
It can be useful to set all variables defined in the default
environment to the value they have there, but without removing
variables that are only defined at runtime. This can sort-of be done
today, by using the "env default var1 var2 ..." variant, but that
requires listing all variables defined in the default
environment. It's much more convenient to be able to say
env default -k -a
The -k flag is also meaningful in the other case: If var1 is not
defined in the default environment, but var2 is,
env default var1 var2
would emit a warning about var1 not being in the default env and thus
being deleted. With -k, there's no warning, and var1 is kept as-is.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
do_upl_write() calls upl_get_test_data() which may increment the fail
count in the unit test state. We should initialize it.
Addresses-Coverity-ID: 510465 Uninitialized scalar variable
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> says:
Since commit 348ea878508d ("cmd: hash: fix param count check") the hash
command cannot be used without the optional variable name parameter if
CONFIG_HASH_VERIFY=y. 'hash sha1 $loadaddr $filesize' returns
CMD_RET_USAGE.
The minimum number of arguments is four no matter if verification is
enabled or not.
Fix the parameter check.
Provide a unit test.
Link: https://lore.kernel.org/r/20241102100836.103005-1-heinrich.schuchardt@canonical.com
Since commit 348ea878508d ("cmd: hash: fix param count check") the hash
command cannot be used without the optional variable name parameter if
CONFIG_HASH_VERIFY=y. 'hash sha1 $loadaddr $filesize' returns
CMD_RET_USAGE.
The minimum number of arguments is four no matter if verification is
enabled or not.
Fixes: 348ea878508d ("cmd: hash: fix param count check")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Igor Opaniuk <igor.opaniuk@gmail.com>
With the recent changes of lwip & mbedTLS we can now download from
https:// urls instead of just http://.
Adjust our wget lwip version parsing to support both URLs.
While at it adjust the default TCP window for QEMU since https seems to
require at least 16384
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
