We don't have an explicit indication of whether the root disk is
encrypted or not. For now, try to detect it and set the flag if
found.
Series-to: concept
Cover-letter:
Continue TKey development
This series adds the ability to provide a user-supplied secret to the
TKey and use that to obtain a disk-encryption key.
Expo is enhanced to support password entry and bootflows can now record
whether the root disk is encrypted or not.
Further work will enable the TKey in the UI and actually unlock an
encrypted disk.
END
Signed-off-by: Simon Glass <simon.glass@canonical.com>
We don't support storing the OS on an encrypted partition, but in some
cases the root partition may be encrypted. Add an indication of this
when listing the bootflows.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
The header and the extlinux image on mmc1 appear in several tests. Add
a shared constant for this.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
At present the EFI bootmgr scans all devices in the system before
deciding which one to boot. Ideally it would use the bootstd iterator
for this, but in the meantime, give it a lower priority, so it runs
just before the network devices.
Note that if there are no hunted network devices hunted, then it will
run at the end, after all bootdevs are exhausted. In other words, it
will always run.
Series-changes: 2
- Update commit message to indicate the bootmeth will always run
- Document how the priority was chosen
Signed-off-by: Simon Glass <sjg@chromium.org>
At present before scanning global bootmeths, the iterator sets the
method count to the index of the first global bootmeth. Now that we
support scanning the global bootmeths multiple times, we must leave this
count alone.
Check against have_global and first_glob_method instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a bitfield which tracks when bootmeths have been used. This will be
needed when global bootmeths can be used later in the iteration.
Fix a missing bootflow_free() while here.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current 'doing_global' refers to being in the state of processing
global bootmeths. Since global bootmeths are currently used once at the
start, it becomes false once the last global bootmeth has been used.
In preparation for allowing bootmeths to run at other points in the
bootstd interation, add a new 'have_global' flag which tracks whether
there are any global bootmeths in the method_order[] list. It is set up
when iteration starts. Unlike doing_global which resets back to false
after the global bootmeths have been handled, once have_global is set to
true, it remains true for the entire iteration process. This provides a
quick check as to whether global-bootmeth processing is needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
For now we only support dropping non-global bootmeths from the
iteration. Update first_glob_method in that case and add a few checks
that things are correct.
Signed-off-by: Simon Glass <sjg@chromium.org>
These have different behaviour from normal bootmeths and we are about to
enhance it. So add a test and also an extra check in bootflow_iter()
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a few comments about global bootmeths and first_glob_method
Fix a broken line in bootmeth_setup_iter_order() while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The 'bootflow list' command supports looking at the EFI device-path when
available. Move this piece into a common function so it can be used
elsewhere.
This updates the output from 'bootflow list'.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create two new images (vbe0 and vbe1) containing the two types of VBE-OS
setups: with and without an OEM FIT. Put this in a new img/ subdirectory
since the test_ut.py file is getting quite large.
Most of the test is in C, with just the image-setup done in Python.
Enable the test for non-SPL sandbox builds.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create two new images (vbe0 and vbe1) containing the two types of VBE-OS
setups: with and without an OEM FIT. Put this in a new img/ subdirectory
since the test_ut.py file is getting quite large.
Most of the test is in C, with just the image-setup done in Python.
Signed-off-by: Simon Glass <sjg@chromium.org>
This shows a message for the user. Implement it to keep the user
informed.
Series-to: u-boot
pxe: Support an automatic localboot
It seems that extlinux expects that boards know how to boot a local OS
from attached media. U-Boot currently assumes that boards define a
"localcmd" environment variable to support this. None does.
Provide an automatic means to find a kernel and ramdisk, using common
filenames. This addresses booting on MAAS, at least.
END
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The current localboot implementation assumes that a 'localcmd'
environment variable is provided, with the instructions to follow. This
may not be included, so provide a fallback in that case.
Add a test image and test as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
The prep_mmc_bootdev() function replaces bootstd's bootdev_order with
its own static version, then returns it.
From then on std->bootdev_order cannot be freed, since it was not
allocated.
So long as the test passes, all is well. But if a test fails, the test
system will try to free std->bootdev_order and this will fail.
Adjust prep_mmc_bootdev() to allocate the boot_dev order, instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add more enum values so we can use these in the tests, instead of adding
comments. This makes it easier to adjust tests when new hunters are
added.
Signed-off-by: Simon Glass <sjg@chromium.org>
The bootflow_img_find() function does not permit updating the image.
Some bootmeths may want to do this, e.g. to change the address. Add a
function which returns a writeable pointer.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rename the existing expo_apply_theme() to expo_setup_theme() and adjust
the former so that it applies a theme which has already been read into
the struct. This will make it easier for tests to check theme
adjustments, since they won't have to put them in a node.
Add the white-on-black property into the theme struct while we are.
Signed-off-by: Simon Glass <sjg@chromium.org>
The expo now has all that is needed to apply a suitable theme, so drop
this unnecessary code. Any further tweaks can be added to the generic
expo code.
Signed-off-by: Simon Glass <sjg@chromium.org>
The menu is currently quite basic. Make use of some recently added
features in expo, to:
- Show proper prompts
- Highlight the current item
- Centre text
- Use multi-line text instead of two independent lines
- Put a box around the items
Signed-off-by: Simon Glass <sjg@chromium.org>
In preparation for adding more text types, refactor the common fields
into a new structure. This will allow common code to be used.
Signed-off-by: Simon Glass <sjg@chromium.org>
Split the iteration piece of this function into bootflow_menu_add_all()
so that it is possible for the caller to be in control of adding items
to the menu.
Move the expo_destroy() call into the caller.
Signed-off-by: Simon Glass <sjg@chromium.org>
The driver name is typically not unique so using that as a basis for the
block and bootdev devices makes them hard to distinguish. This happens
when there are multiple USB controllers using the same driver.
Make use of the parent-device name and the hub port number. This gives a
reasonable chance that the name is unique.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add an extlinux configuration-file that contains a few entries as
created by the u-boot-menu package in Ubuntu 24.04
Increase the number of sandbox-USB-hub ports to permit this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Any 'bootable' flag in a DOS partition causes boostd to only scan
bootable partitions for that media. This can mean that extlinux.conf
files on the root disk are missed.
Put this logic behind a flag and update the documentation.
For now, the flag is enabled, to preserve existing behaviour. Future
work may provide a command (or some other mechanism) to control this.
Signed-off-by: Simon Glass <sjg@chromium.org>
When exit-boot-services is called, active devices should be removed.
Update testapp to call this method and check that the USB controller is
removed as expected.
Signed-off-by: Simon Glass <sjg@chromium.org>
The bootflow should not be affected by the app running and returning.
Add a check that it is still valid after the app completes execution.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add checks that all memory allocations complete successfully and that
only expected parameters are provided. Check that memory addresses are
within range.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new extlinux_setup() function which sets things up so that the
bootflow can either be booted, or just probed.
Provide a readall() method so that images can be read into memory,
without booting the OS. Adjust the boot() method so that it can boot,
after any changes have been made by the user.
Update the test to change the bootargs and check that they are booted
with the changes intact.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move processing of the FDT so that it happens before booting. Add a test
to check that the FDT is now visible.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is useful to be able to inspect things before the OS is actually
booted, perhaps to check that all is well or to adjust the kernel
command-line. Implement the 'read_all()' method to allow this.
Provide a simple test to check that the images are found.
For now it is not possible to actually continue the uninterrupted boot,
without re-reading all the images.
Signed-off-by: Simon Glass <sjg@chromium.org>
This makes a start on dealing with images loaded outside the context of
bootstd. For now, it just records these images. They can be listed using
the 'bootstd images' command.
Often, very little is known about these images, but future work could
perhaps use the filename or contents to detect the type.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new 'bootstd images' command, which lists the images which have
been loaded.
Update some existing tests to use it. Provide some documentation about
images in general and this command in particular.
Use a more realistic kernel command-line to make the test easier to
follow.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rename actual android bootmethod test to specify it's for boot image
version 4.
Add a unit test for testing the Android bootmethod with boot image
version 2.
This requires another mmc image (mmc8) to contain the following
partitions:
- misc: contains the Bootloader Control Block (BCB)
- boot_a: contains a fake generic kernel image
we can test this with:
$ ./test/py/test.py --bd sandbox --build -k test_ut # build the mmc8.img
$ ./test/py/test.py --bd sandbox --build -k bootflow_android
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Signed-off-by: Guillaume La Roque <glaroque@baylibre.com>
Link: https://lore.kernel.org/r/20241126-adnroidv2-v4-5-11636106dc69@baylibre.com
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
We make fewer calls to dm_test_restore() since
commit fbdac8155c ("test: Expand implementation of ut_list_has_dm_tests()")
Because of this some valid test combinations are now broken:
$ ./test/py/test.py --bd sandbox --build -k test_ut
$ ./test/py/test.py --bd sandbox --build -k "bootflow_android or bootflow_cros"
Shows:
Expected ' 2 cros ready mmc 4 mmc5.bootdev.part_4 ',
got ' 2 cros ready mmc 2 mmc5.bootdev.part_2 '
Here prep_mmc_bootdev() is called twice and it will bind bootmeth_cros twice.
Since bootmeth_cros is bound twice, 'bootflow scan' will find 2x the
expected bootflows.
Before
commit fbdac8155c ("test: Expand implementation of ut_list_has_dm_tests()")
this did not happen because a cleanup was called each time.
Add UTF_DM and UTF_SCAN_FDT flags to both tests to make sure that the
bootmeths are unbound after the test finishes.
Fixes: fbdac8155c ("test: Expand implementation of ut_list_has_dm_tests()")
Signed-off-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Add a simple test of booting with the EFI bootmeth, which runs the app
and checks that it can call 'exit boot-services' (to check that all the
device-removal code doesn't break anything) and then exit back to
U-Boot.
This uses a disk image containing the testapp, ready for execution by
sandbox when needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a new disk for use with tests, which contains the new 'testapp'
EFI app specifically intended for testing the EFI loader.
Attach it to the USB device, since most testing is currently done with
mmc.
Initially this image will be used to test the EFI bootmeth.
Fix a stale comment in prep_mmc_bootdev() while we are here.
For now this uses sudo and a compressed fallback file, like all the
other bootstd tests. Once this series is in, the patch which moves
this to use user-space tools will be cleaned up and re-submitted.
Signed-off-by: Simon Glass <sjg@chromium.org>
In the bootflow tests the script bootmeth is bound with the name
bootmeth_script whereas the others have a name without the bootmeth_
prefix. Adjust it to be the same.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
The bootflow_menu.c code depends on e.g. scene_txt_set_font(),
which is only built when CONFIG_EXPO is enabled. Introduce new
Kconfig symbol BOOTSTD_MENU which depends on EXPO to prevent
triggering errors like these in case e.g. CONFIG_VIDEO=n :
"
boot/bootflow_menu.c:158:(.text+0x8851): undefined reference to `scene_txt_set_font'
"
Make the symbol depend on BOOTSTD_FULL as well to get rid of
the Makefile dependency workaround. Since BOOTSTD_FULL is not
available in SPL, do not define SPL variant of BOOTSTD_MENU.
Fix up bootflow test accordingly.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
When DSA_SANDBOX is not set, the sandbox tests fail as follows:
$ ./test/py/test.py --build-dir=$(pwd) -k bootdev_test_any
[...]
Scanning for bootflows with label '9'
[...]
Cannot find '9' (err=-19)
This is due to the device list containing two less entries than
expected. Therefore, look for label '7' when DSA_SANDBOX is disabled.
The actual use case is NET_LWIP=y (to be introduced in later patches)
which implies DSA_SANDBOX=n for the time being.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
