bootstage: Fix out-of-bounds read in reloc_bootstage()
bootstage_get_size() returns the total size of the data structure
including associated records.
When copying from gd->bootstage, only the allocation size of gd->bootstage
must be used. Otherwise too much memory is copied.
This bug caused no harm so far because gd->new_bootstage is always
large enough and reading beyond the allocation length of gd->bootstage
caused no problem due to the U-Boot memory layout.
Fix by using the correct size and perform the initial copy directly
in bootstage_relocate() to have the whole relocation process in the
same function.
Signed-off-by: Richard Weinberger <richard@nod.at> Reviewed-by: Simon Glass <sjg@chromium.org>
Evaluate the filesystem incompat and ro_compat bit fields to judge
whether the filesystem can be read or written.
For the read side only a scary warning is shown so far.
I'd love to abort mounting too, but I fear this will break some setups
where the driver works by chance.
Signed-off-by: Richard Weinberger <richard@nod.at>
Do not load and flush segments whose program header type is not
PT_LOAD to avoid crash happen.
bootelf will load all program headers and then flush cache.
Since PT_GNU_STACK start address is 0x0, crash happens when
it flushes PT_GNU_STACK area for target that memory cannot be
accessed from address 0x0.
crash call stack:
====================================================================
bootelf -p
|-> do_bootelf (cmd/elf.c)
|-> load_elf_image_phdr (lib/elf.c) /* Load each program header */
|-> for (i = 0; i < ehdr->e_phnum; ++i) { /* e_phnum is 2 */
|-> flush_cache(start=0, size=0) (arch/arm/lib/cache.c) (*1)
|-> flush_dcache_range(start=0, 0); (arch/arm/cpu/armv8/cache_v8.c)
|-> __asm_flush_dcache_range(start=0, 0) (arch/arm/cpu/armv8/cache.S)
|-> /* clean & invalidate data or unified cache */
|-> dc civac, x0 <<== crash happen x0:start=0
====================================================================
*1 Here the p_paddr and p_filesz of the GNU_STACK program are 0.
hello_world elf image program headers
====================================================================
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
LOAD 0x0000000000000000 0x0000000080ff0000 0x0000000080ff0000
0x0000000000010390 0x0000000000010390 R E 0x10000
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 0x10
Sean Anderson [Sat, 10 Aug 2024 13:59:37 +0000 (09:59 -0400)]
pinmux: generic: Use ENOENT instead of ENOSYS
ENOSYS should only be used when a subsystem is completely absent.
Convert its use in pinctrl-generic to ENOENT, which better reflects the
error condition (that a function/group/pin is missing).
Signed-off-by: Sean Anderson <seanga2@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Ravi Minnikanti [Sun, 11 Aug 2024 18:44:15 +0000 (11:44 -0700)]
env: remove vars that are not in default env
current env_set_default_vars() doesn't delete
var that are not in the imported env. hashtable
removes vars that are not in the imported
env but present in the current env only if H_NOCLEAR
flag is not set.
This change is to avoid passing H_NOCLEAR flag if
specific vars are passed to env_set_default_vars()
Without this change:
Marvell>> env default boot_mode
Marvell>>
With the change:
Marvell>> env default boot_mode
WARNING: 'boot_mode' not in imported env, deleting it!
Signed-off-by: Ravi Minnikanti <rminnikanti@marvell.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Yasuharu Shibata [Wed, 14 Aug 2024 12:41:07 +0000 (21:41 +0900)]
sandbox: fix wget test failure after fixing wget issue
After applying the following patch, wget test on sandbox failed[1].
Commit: cab7867cff ("net: wget: Support retransmission a dropped packet")
Here are two reasons why the test is failed and how to fix it:
1. tcp_ack is calculated by the wrong value.
tcp_ack needs to be calculated by the received TCP payload size.
2. wget command may have a problem that HTTP response from server
must be divided into more than two packets.
In this commit, HTTP response is divided into two packets.
In addition, I fixed the HTTP response returned at the correct timing.
cmd: led: fix led command usage for the LED_SW_BLINK enabled case
CONFIG_LED_BLINK and CONFIG_LED_SW_BLINK can be defined independently.
Led blinking works if any (or both) of them is enabled. Unfortunately
the led command help does not display blinking option if only
CONFIG_LED_SW_BLINK is enabled. This is definitely wrong.
This patch fix an issue.
Signed-off-by: Mikhail Kshevetskiy <mikhail.kshevetskiy@iopsys.eu> Reviewed-by: Simon Glass <sjg@chromium.org> Acked-by: Alexander Dahl <ada@thorsis.com>
spi: soft_spi: Parse cs-gpios only if num-chipselects is not <0>
Some boards don't have chipselect lines for leds so cs-gpios is not
specified in the dts leading to probing error. Fix it by making
behavior similar to the one in Linux, parse num-chipselects and
if it is zero, ignore cs-gpios.
Signed-off-by: Michael Polyntsov <michael.polyntsov@iopsys.eu> Signed-off-by: Mikhail Kshevetskiy <mikhail.kshevetskiy@iopsys.eu>
- Convert tqma6q_mba6 to watchdog DM to fix reset.
- Convert tqma6q_mba6 to PMIC and I2C DM.
- Convert tqma6q_mba6 to OF_UPSTREAM.
- Do not print the board name twice on tqma6.
- Enable CMD_ERASEENV for imx8mm/mp Phytec boards.
- Add imx8ulp binman support.
- Fix imx8 build when CONFIG_IMX_BOOTAUX is set.
Fabio Estevam [Fri, 9 Aug 2024 15:25:48 +0000 (12:25 -0300)]
imx6-tqma6: Convert to OF_UPSTREAM
Instead of using the local imx6-tqma6 devicetree copies from U-Boot,
convert the imx6-tqma6 target to OF_UPSTREAM so that the upstream
kernel devicetrees can be used instead.
Gary Bisson [Mon, 5 Aug 2024 21:25:10 +0000 (23:25 +0200)]
mach-imx: Add i.MX 8ULP binman support
- Re-use i.MX 93 Makefile target as similar boot process
- Create imx8ulp-u-boot.dtsi for binman image architecture
- Create both SPL and U-Boot containers configuration
Key differences between the 93 and 8ULP SPL container are:
- No LPDDR training library needed for 8ULP
- 8ULP requires a uPower binary (RISC-V core) for power management
- 8ULP also requires a M33 binary to work properly
Signed-off-by: Gary Bisson <bisson.gary@gmail.com> Reviewed-by: Peng Fan <peng.fan@nxp.com>
Gary Bisson [Mon, 5 Aug 2024 21:25:08 +0000 (23:25 +0200)]
tools: imx8image: add upower image support
Part of the upower management was included in a previous commit [1].
This patch only adds the bits required to properly parse a config file
that would include the binary as follows:
IMAGE PWR upower.bin
Gary Bisson [Mon, 5 Aug 2024 21:25:07 +0000 (23:25 +0200)]
tools: imx8image: fix soc variable for ULP
Currently the ULP token sets the soc as IMX9, making it impossible to
differentiate the two families of processors.
However, since the 8ULP requires specific binaries like upower which do
not exist in 93, they need to be separated.
Fixes: 6ec65c8558f (tools: image: support i.MX93) Signed-off-by: Gary Bisson <bisson.gary@gmail.com> Reviewed-by: Peng Fan <peng.fan@nxp.com>
Simon Glass [Sun, 11 Aug 2024 14:50:34 +0000 (08:50 -0600)]
armv8: ls2085a: Drop CMD_DATE
These boards use pre-driver model code and it is several years since the
migration deadline. Disable the 'date' command so that this old code can
be removed.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>
Simon Glass [Sun, 11 Aug 2024 14:50:33 +0000 (08:50 -0600)]
mips: malta: Drop CMD_DATE
These boards use pre-driver model code and it is several years since the
migration deadline. Disable the 'date' command so that this old code can
be removed.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heiko Schocher <hs@denx.de>
Tom Rini [Mon, 12 Aug 2024 13:58:24 +0000 (07:58 -0600)]
Merge tag 'u-boot-rockchip-20240812' of https://source.denx.de/u-boot/custodians/u-boot-rockchip
Please pull the updates for rockchip platform:
- Add board support:
RK3566: Radxa ROCK 3 Model C
Radxa ZERO 3W/3E
Xunlong Orange Pi 3B
RK3568J: Radxa ROCK 3B
RK3308B: Radxa ROCK S0
RK3588: Radxa ROCK 5 ITX
FriendlyElec CM3588 NAS board
- dw-mmc: allow 4-bit mode;
- dts and config updates;
Tom Rini [Mon, 12 Aug 2024 13:57:34 +0000 (07:57 -0600)]
Merge tag 'efi-2024-10-rc3' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request efi-2024-10-rc3
UEFI:
* efi_loader: use list_count_nodes() in efi_protocols_per_handle()
* efi_loader: correct description of efi_get_distro_fdt_name
* boot: set correct block device name in set_efi_bootdev()
* configs: enable efidebug and EFI http boot on QEMU aarch64
Other:
* Makefile: don't use CFLAGS for environment text file
FUKAUMI Naoki [Tue, 6 Aug 2024 03:47:59 +0000 (12:47 +0900)]
configs: rockchip: enable "ums" command for Radxa ROCK 5B
USB Type-C port is configured as "peripheral" port. so enable "ums"
command to use as USB Mass Storage device.
("rockusb" command is already enabled and working)
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com> Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Heiko Stuebner [Fri, 2 Aug 2024 21:00:28 +0000 (23:00 +0200)]
board: rockchip: Add Radxa ROCK 5 ITX
The Rock 5 ITX is a board in ITX form factor using the RK3588 SoC
It can be powered either by 12V, ATX power-supply or PoE.
Notable peripherals are the 4 SATA ports, M.2 M-Key slot, M.2 E-key slot,
2*2.5Gb PCIe-connected Ethernet NICs.
Display options are 2*HDMI, DP via USB-c, eDP + 2*DSI via PCB connectors.
USB ports are 4*USB3 + 2*USB2 on the back panel and 2-port front-panel
connector.
Schematics for the board can be found on
- https://dl.radxa.com/rock5/5itx/radxa_rock_5_itx_X1100_schematic.pdf
- https://dl.radxa.com/rock5/5itx/v1110/radxa_rock_5itx_v1110_schematic.pdf
The naming scheme with the dashes follows Dragan's comment on the mainline
devicetree commit:
"the name of this board deviates from the standard Radxa naming scheme,
which is something like "ROCK <number><letter>" thus, "rock-5a" is
fine, but it should be "rock-5-itx", simply because there's a space
between "5" and "ITX" in "ROCK 5 ITX"
Signed-off-by: Heiko Stuebner <heiko@sntech.de> Reviewed-by: Kever Yang <kever.yang@rock-chips.com> Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Makefile: don't use CFLAGS for environment text file
We use KCPPFLAGS to let the user set flags when invoking the C precompiler.
These should also be used when generating the environment text file.
Reported-by: Dave Jones <dave.jones@canonical.com> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Simon Glass <sjg@chromium.org>
configs: enable efidebug and EFI http boot on QEMU aarch64
EFI HTTP is a useful option to have by default and is working reliably on
QEMU. Let's enable it by default, since we have no size limitations.
While at it enable 'efidebug' as well, which is currently needed to
configure the EFI HTTP boot options.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
Alexander Dahl [Wed, 3 Jul 2024 10:12:58 +0000 (12:12 +0200)]
fs: ubifs: Add volume mounted check
Safety guard in the U-Boot filesystem glue code, because these functions
are called from different parts of the codebase. For generic filesystem
handling this should have been checked in blk_get_device_part_str()
already. Commands from cmd/ubifs.c should also check this before
calling those functions, but you never know?!
Alexander Dahl [Wed, 3 Jul 2024 10:12:57 +0000 (12:12 +0200)]
fs: ubifs: Make k(z)alloc/kfree symmetric
Although kfree() is in fact only a slim wrapper to free() in U-Boot, use
kfree() here, because those structs where allocated with kalloc() or
kzalloc().
Alexander Dahl [Wed, 3 Jul 2024 10:12:56 +0000 (12:12 +0200)]
fs: ubifs: Set pointers to NULL after free
Global superblock pointer 'ubifs_sb' and volume pointer 'ubi' of type
struct ubi_volume_desc in private member sb->s_fs_info of type struct
ubifs_info, can be allocated and freed at runtime, and allocated and
freed again, depending which console or script commands are run. In
some cases ubifs_sb is even tested to determine if the filesystem is
mounted. Reset those pointers to NULL after free to clearly mark them
as not valid. This avoids potential double free on invalid pointers.
(The ubifs_sb pointer was already reset, but that statement was moved
now to directly after the free() to make it easier to understand.)
Alexander Dahl [Wed, 3 Jul 2024 10:12:55 +0000 (12:12 +0200)]
fs: ubifs: Fix memleak and double free in u-boot wrapper functions
When mounting ubifs e.g. through command 'ubifsmount' one global static
superblock 'ubifs_sb' is used _and_ the requested volume is opened (like
in Linux). The pointer returned by 'ubifs_open_volume()' is stored in
that superblock struct and freed later on cmd 'ubifsumount' or another
call to 'ubifsmount' with a different volume, through ubifs_umount() and
ubi_close_volume().
In ubifs_ls(), ubifs_exists(), ubifs_size(), and ubifs_read() the volume
was opened again, which is technically no problem with regard to
refcounting, but here the still valid pointer in sb was overwritten,
leading to a memory leak. Even worse, when using one of those
functions and calling ubifsumount later, ubi_close_volume() was called
again but now on an already freed pointer, leading to a double free.
This actually crashed with different invalid memory accesses on a board
using the old distro boot and a rather long script handling RAUC
updates.
Example:
> ubi part UBI
> ubifsmount ubi0:boot
> test -e ubi ubi0:boot /boot.scr.uimg
> ubifsumount
The ubifs specific commands 'ubifsls' and 'ubifsload' check for a
mounted volume by themselves, for the generic fs variants 'ls', 'load',
(and 'size', and 'test -e') this is covered by special ubifs handling in
fs_set_blk_dev() and deeper down blk_get_device_part_str() then. So for
ubifs_ls(), ubifs_exists(), ubifs_size(), and ubifs_read() we can be
sure the volume is opened and the necessary struct pointer in sb is
valid, so it is not needed to open volume again.
Fixes: 9eefe2a2b37 ("UBIFS: Implement read-only UBIFS support in U-Boot") Fixes: 29cc5bcadfc ("ubifs: Add functions for generic fs use") Signed-off-by: Alexander Dahl <ada@thorsis.com>
Tom Rini [Fri, 9 Aug 2024 22:03:21 +0000 (16:03 -0600)]
Merge patch series "Universal Payload initial series"
Simon Glass <sjg@chromium.org> says:
Universal Payload (UPL) is an Industry Standard for firmware
components[1]. UPL is designed to improve interoperability within the
firmware industry, allowing mixing and matching of projects with less
friction and fewer project-specific implementations. UPL is
cross-platform, supporting ARM, x86 and RISC-V initially.
This series provides some initial support for this, targeting 0.9.1 and
sandbox only.
Features still to come include:
- Support for architectures
- FIT validation
- Handoff validation
- Interoperability tests
Simon Glass [Wed, 7 Aug 2024 22:47:39 +0000 (16:47 -0600)]
upl: Add an end-to-end test
Now that sandbox_vpl supports UPL, add a test that checks that the
payload can be loaded by SPL and the handoff information passed through
to U-Boot proper.
Simon Glass [Wed, 7 Aug 2024 22:47:28 +0000 (16:47 -0600)]
upl: Add support for writing a upl handoff
Universal Payload provides a standard way of handing off control between
two firmware phases. Add support for writing the handoff information from
a structure.
Simon Glass [Wed, 7 Aug 2024 22:47:27 +0000 (16:47 -0600)]
upl: Add support for reading a upl handoff
Universal Payload provides a standard way of handing off control between
two firmware phases. Add support for reading the handoff information into
a structure.
Simon Glass [Wed, 7 Aug 2024 22:47:26 +0000 (16:47 -0600)]
sandbox: Set up global_data earlier
It is possible for U-Boot functions such as printf() to be called
within state_init(). This can end up checking gd->flags (e.g. in putc())
before global_data is set up.
Move the setup earlier to avoid this. This fixes the suppression of some
debug output in memory allocation (when enabled).
Simon Glass [Wed, 7 Aug 2024 22:47:24 +0000 (16:47 -0600)]
sandbox: Return error code from read/write/seek
The existing API for these functions is different from the rest of
U-Boot, in that any error code must be obtained from the errno variable
on failure. This variable is part of the C library, so accessing it
outside of the special 'sandbox' shim-functions is not ideal.
Adjust the API to return an error code, to avoid this. Update existing
uses to check for any negative value, rather than just -1.
Simon Glass [Wed, 7 Aug 2024 22:47:23 +0000 (16:47 -0600)]
sandbox: fdt: Avoid overwriting an existing fdt
Since the removal of OF_HOSTFILE logic in board_fdt_blob_setup(), the
logic for obtaining the DT is handled in the OF_BOARD option. If a
devicetree comes from a bloblist it is immediately overwritten by this
function.
Fix this by skipping the function if a devicetree is already present.
This is sort-of a fix for e7fb7896 ("sandbox: Remove OF_HOSTFILE") but
it has only come to light since bloblist was added, so I have not added
a Fixes tag.
Unfortunately it is not possible to report the correct FDT source with
the current code. It might be best to use an error-return code for
board_fdt_blob_setup() so that an error can be reported if the board
does not provide the DT.
Tom Rini [Fri, 9 Aug 2024 20:00:04 +0000 (14:00 -0600)]
Merge tag 'tpm-master-09082024' of https://source.denx.de/u-boot/custodians/u-boot-tpm.git
Back when the TPM subsystem was refactored tpm_tis_wait_init() ended up
being called after tpm_tis_init() which initializes values the former needs.
Since we added more TPM chipsets since then sitting on an i2c bus, this patch
folds in tpm_tis_wait_init into tpm_tis_init and makes sure it's called in the
right order regardless of the bus the TPM sits on.
Fedor Ross [Wed, 7 Aug 2024 14:08:01 +0000 (16:08 +0200)]
i2c: imx_lpi2c: Support read transfers longer than 256 bytes
The TXFIFO register of LPI2C only has one byte length, and if the length
of the data that needs to be read exceeds 256 bytes, it needs to be
written to TXFIFO multiple times.
Fedor Ross [Wed, 7 Aug 2024 14:08:00 +0000 (16:08 +0200)]
i2c: imx_lpi2c: Replace hard-coded bus speed value with bus->speed_hz
Instead of using the hard-coded bus speed value I2C_SPEED_STANDARD_RATE,
use the actual configured bus speed. This way the bus speed doesn't
change suddenly after calling the imx_lpi2c_probe_chip() function for
example.
David Virag [Fri, 2 Aug 2024 19:19:16 +0000 (21:19 +0200)]
i2c: samsung: Support platforms other than EXYNOS4 and EXYNOS5
Newer Samsung SoCs (including newer Exynos, ExynosAuto, Google Tensor)
still use these IPs, or slightly newer versions of it.
Make these drivers available on these platforms by guarding
EXYNOS4/EXYNOS5 specific code behind their configs, and using CCF for
clocks on other platforms.
Tested S3C I2C driver on Exynos7885.
This along with extended clock driver should enable S3C I2C on
Exynos850.
Signed-off-by: David Virag <virag.david003@gmail.com> Tested-by: Henrik Grimler <henrik@grimler.se> Reviewed-by: Heiko Schocher <hs@denx.de>
Heiko Stuebner [Fri, 2 Aug 2024 21:00:27 +0000 (23:00 +0200)]
arm64: dts: rockchip: add ROCK 5 ITX board
The ROCK 5 ITX as the name suggests is made in the ITX form factor and
actually built in a form to be used in a regular case even providing
connectors for regular front-panel io.
It can be powered either by 12V, ATX power-supply or PoE.
Notable peripherals are the 4 SATA ports, M.2 M-Key slot, M.2 E-key slot,
2*2.5Gb PCIe-connected Ethernet NICs.
As of yet unsupported display options consist of 2*HDMI, DP via USB-c,
eDP + 2*DSI via PCB connectors.
USB ports are 4*USB3 + 2*USB2 on the back panel and 2-port front-panel
connector.
Schematics for the board can be found on
- https://dl.radxa.com/rock5/5itx/radxa_rock_5_itx_X1100_schematic.pdf
- https://dl.radxa.com/rock5/5itx/v1110/radxa_rock_5itx_v1110_schematic.pdf
Alexey Charkov [Fri, 2 Aug 2024 21:00:26 +0000 (23:00 +0200)]
arm64: dts: rockchip: add thermal zones information on RK3588
This includes the necessary device tree data to allow thermal
monitoring on RK3588(s) using the on-chip TSADC device, along with
trip points for automatic thermal management.
Each of the CPU clusters (one for the little cores and two for
the big cores) get a passive cooling trip point at 85C, which
will trigger DVFS throttling of the respective cluster upon
reaching a high temperature condition.
All zones also have a critical trip point at 115C, which will
trigger a reset.
projects / thirdparty / u-boot.git / log
