Update a few memory functions to log their inputs and outputs. To avoid
the use of 'goto', etc. the functions are turned into stubs, calling a
separate function to do the actual operation.
Add a few tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a test which does some sample calls and checks the output.
Expand the size of the sandbox bloblist to accommodate the log.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create an EFI log when the EFI subsystem is first touched. This happens
after relocation in board_init_f()
Signed-off-by: Simon Glass <sjg@chromium.org>
The current logging system suffers from some disadvantages, mainly that
it writes its output to the console and cannot be easily reviewed.
Add a dedicated log, storing records in a binary format and including
the result codes and any return values from each call. The log is built
sequentially in memory and can be reviewed after any EFI operation. It
could potentially be written to media for later review, but that is not
implemented so far.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rather than setting up the global variables and then making the call,
pass them into function directly. This cleans up the code and makes it
all a bit easier to understand.
Signed-off-by: Simon Glass <sjg@chromium.org>
This code is only needed if an invalid image/device path is passed in.
Move the code out to a caller where this can be dealt with. The normal
flow will provide these parameters.
Signed-off-by: Simon Glass <sjg@chromium.org>
This uses a few global variables at present. With the bootflow we have
the required parameters, so add a function which accepts these. Update
the existing function to call the new one with the globals.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide these globals as parameters to this function, on the way to
making it possible to start an image without relying on the globals.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This function is not called from outside this file and has no entry in
the header file, so mark it static.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This collects together several v3 patches into one, to avoid any
temporary test-breakage which would make future bisecting difficult.
For efi_memory, the efi_allocate_pool() call uses a pointer to refer to
memory, but efi_allocate_pages() uses an int. This causes quite a bit of
confusion, since sandbox has a distinction between pointers and
addresses. Adjust efi_allocate/free_pages_ext() to handle the
conversions.
Update efi_add_memory_map() function and its friend to use an address
rather than a pointer cast to an integer.
For lmb, now that efi_add_memory_map_pg() uses a address rather than a
pointer cast to an int, we can simplify the code here.
For efi_reserve_memory(), use addresses rather than pointers, so that it
doesn't have to use mapmem.
In general this simplifies the code, but the main benefit is that casts
are no-longer needed in most places, so the compiler can check that we
are doing the right thing.
For efi_add_runtime_mmio(), now that efi_add_memory_map() takes an
address rather than a pointer, do the mapping in this function.
Update the memset() parameter to be a char while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
This cannot work since the code is not present in the emulated memory.
In any case, sandbox cannot make use of the runtime code.
For now, just drop it from sandbox. We can always adjust things to copy
it into memory, if needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
When logging pool allocations, show the address of the pointer, not the
pointer itself. This makes it easier to debug with sandbox
Signed-off-by: Simon Glass <sjg@chromium.org>
This function is passed the address of a void * so update the argument
to match. It is better to have casts in the caller than introduce
confusion as to what is passed in.
Signed-off-by: Simon Glass <sjg@chromium.org>
The word 'physical' suggests that there is an associated virtual address
but there is not. Use 'base' since this is the base address of a region.
Change some uint64_t and remove some brackets to keep checkpatch happy.
Signed-off-by: Simon Glass <sjg@chromium.org>
This struct is really a node in the list, not a list itself. Also it
doesn't need an efi_ prefix. Rename it.
Signed-off-by: Simon Glass <sjg@chromium.org>
We don't need a separate struct for the values in this node. Move
everything in together, so that there is just one struct to consider.
Add a comment about physical_start, so it is clear that it is really
a pointer.
Signed-off-by: Simon Glass <sjg@chromium.org>
This field is always the same as physical_start, so keeping track of it
separately is unnecessary and confusing. Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present efi_memory uses struct efi_mem_desc for each node of its
memory list. This is convenient but is not ideal, since:
- it means that the fields are under a 'desc' sub-structure
- it includes an unused 'reserved' field
- it includes virtual_start which is confusing as it is always the same
as physical_start
- we must use u64 to store pointers, since that is how they are returned
by calls to efi_get_memory_map()
As a first step to tidying this up, create a new, private struct to hold
these fields.
Signed-off-by: Simon Glass <sjg@chromium.org>
Exported functions should be documented in the header file, not the
implementation. We tend to make such updates on a piecemeal basis to
avoid a 'flag day'. Move some comments related to memory allocation to
follow the convention.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update efi_allocate_pool_ext() to log the pointer returned from this
call, which can be helpful when debugging.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some functions are passing addresses instead of pointers to the
efi_add_memory_map() function. This confusion is understandable since
the function arguments indicate an address.
Make a note of the 8 places where there are problems, which would break
usage in sandbox tests.
Future work will resolve these problems.
Signed-off-by: Simon Glass <sjg@chromium.org>
There is quite a bit of confusion in the EFI code as to whether a field
contains an address or a pointer. As a first step towards resolving
this, document the memory-descriptor struct, indicating that it holds
pointers, not addresses.
Dro the same for efi_add_memory_map() as it is widely used, as well as
efi_add_memory_map_pg() which is only used by lmb
Signed-off-by: Simon Glass <sjg@chromium.org>
The cache-flush function is incorrect which causes a crash in the
remoteproc tests with arm64.
Fix both problems by using map_sysmem() to convert an address to a
pointer and map_to_sysmem() to convert a pointer to an address.
Also update the image-loader's cache-flushing logic.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 3286d223fd ("sandbox: implement invalidate_icache_all()")
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Changes in v6:
- Re-introduce
Changes in v2:
- Drop message about EFI_LOADER
arch/sandbox/cpu/cache.c | 8 +++++++-
drivers/remoteproc/rproc-elf-loader.c | 18 +++++++++++-------
lib/efi_loader/efi_image_loader.c | 3 ++-
3 files changed, 20 insertions(+), 9 deletions(-)
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Given that OF_LIBFDT is library functionality, the feature of EFI_LOADER
needs to select OF_LIBFDT rather than depend on it being already
enabled.
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Janne Grunau <j@jannau.net> says:
Starting with v2024.10 dev_iommu_dma_unmap calls during device removal
trigger a NULL pointer dereference in the Apple dart iommu driver. The
iommu device is removed before its user. The sparsely used DM_FLAG_VITAL
flag is intended to describe this dependency. Add it to the driver.
Adding this flag is unfortunately not enough since the boot routines
except the arm one simply remove all drivers. Add and use a new function
which calls
dm_remove_devioce_flags(DM_REMOVE_ACTIVE_ALL | DM_REMOVE_NON_VITAL);
dm_remove_devices_flags(DM_REMOVE_ACTIVE_ALL);
to ensure this order dependency is head consistently.
Link: https://lore.kernel.org/r/20241123-iommu_apple_dart_ordering-v2-0-cc2ade6dde97@jannau.net
This replaces dm_remove_devices_flags() calls in all boot
implementations to ensure non vital devices are consistently removed
first. All boot implementation except arch/arm/lib/bootm.c currently
just call dm_remove_devices_flags(DM_REMOVE_ACTIVE_ALL). This can result
in crashes when dependencies between devices exists. The driver model's
design document describes DM_FLAG_VITAL as "indicates that the device is
'vital' to the operation of other devices". Device removal at boot
should follow this.
Instead of adding dm_remove_devices_flags() with (DM_REMOVE_ACTIVE_ALL |
DM_REMOVE_NON_VITAL) everywhere add dm_remove_devices_active() which
does this.
Fixes a NULL pointer deref in the apple dart IOMMU driver during EFI
boot. The xhci-pci (driver which depends on the IOMMU to work) removes
its mapping on removal. This explodes when the IOMMU device was removed
first.
dm_remove_devices_flags() is kept since it is used for testing of
device_remove() calls in dm.
Signed-off-by: Janne Grunau <j@jannau.net>
We never free and unmap the memory on errors and we never unmap it when
freeing it. The latter won't cause any problems even on sandbox, but for
consistency always use unmap_sysmem()
Fixes: commit 22f2c9ed9f ("efi: memory: use the lmb API's for allocating and freeing memory")
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Commit 775f7657ba ("Kconfig: clean up the efi configuration status")
by mistake revoked commit dcd1b63b70 ("efi_loader: allow
EFI_LOADER_BOUNCE_BUFFER on all architectures").
Fixes: 775f7657ba ("Kconfig: clean up the efi configuration status")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Loic Devulder <ldevulder@suse.com>
The value of variable nt is never used. Just use NULL when calling
efi_check_pe().
The API function is not expected to write to the console. Such output might
have unwanted side effects on the screen layout of an EFI application.
Leave error handling to the caller.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
When the --native flag is given, pretend to be running the host
architecture rather than sandbox.
Allow the same control for PXE too.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move this function from the EFI bootmeth to the common efi_helper file.
No functional change is intended.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a simple app to use for testing. This is intended to do whatever it
needs to for testing purposes. For now it just prints a message and
exits boot services.
There was a considerable amount of discussion about whether it is OK to
call exit-boot-services and then return to U-Boot. This is not normally
done in a real application, since exit-boot-services is used to
completely disconnect from U-Boot. For now, this part is skipped.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
All call sites are using size rather than end addresses,
so instead - as previously done - calculating an end address
everywhere, just modify the function to use size and internally
calculate the end address
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Patrick Wildt <pwildt@google.com>
Signed-off-by: Moritz Fischer <moritzf@google.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Heinrich Schuchardt <heinrich.schuchardt@canonical.com> says:
With this series opendir, readdir, closedir are implemented for ext4.
These functions are needed for the UEFI sub-system to interact with
the ext4 file system.
To reduce code growth the functions are reused to implement the ls
command for ext4.
A memory leak in ext4fs_exists is resolved.
ext4fs_iterate_dir is simplified by removing a redundant pointer copy.
Link: https://lore.kernel.org/r/20241026064048.370062-1-heinrich.schuchardt@canonical.com
* Some of our file system drivers cannot report a file size for
directories. Use a dummy value in this case.
* For SetInfo the UEFI spec requires to ignore the file size field.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The function expects an end address but is being called with
an size instead.
Fixes: 6422820ac3 ("efi_loader: split unrelated code from efi_bootmgr.c")
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Moritz Fischer <moritzf@google.com>
Reviewed-by: Patrick Wildt <pwildt@google.com>
