Mention the efidebug command specifically the EFI-app documentaion, to
highlight its usefulness.
Series-to: concept
Series-cc: heinrich
Cover-letter:
efi: Move towards the EFI app booting EFI applications
This series adds various new features to the EFI app, mostly by moving
code over from the EFI loader implementation.
In particular it adds support for the efidebug command (with only a
subset of subcommands so far).
The main approach is to make use of the system table (for both the app
and the loader) instead of directly calling EFI-loader code.
It also includes a few fixes, which likely have no effect but will help
to avoid confusion in future.
END
Signed-off-by: Simon Glass <sjg@chromium.org>
Series-version: 2
Series-changes: 2
- Mention the 'dh' subcommand
- Mention that 'order' allows the boot order to be changed
- Mention the eficonfig command and the underlying UEFI firmware
Series-links: 2:10
Add a Kconfig option to easily enable debugging of the app using the
recommended method. Provide some docs too.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the links to an embedded style. Also drop the part about needing
to support ARM, as this is done now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a Kconfig which indicates that EFI functionality is in use,
either as a client (EFI app / stub) or provider (EFI loader). This will
make it easier to share code between these two parts of U-Boot
Signed-off-by: Simon Glass <sjg@chromium.org>
The generic name 'EFI' would be more useful for common EFI features. At
present it just refers to the EFI app and stub, which is confusing.
Rename it to EFI_CLIENT
Signed-off-by: Simon Glass <sjg@chromium.org>
This directory was created when U-Boot gained the ability to run as an
EFI app in 2015. Since then the EFI-loader feature has been added.
The code in lib/efi is not actually used by the loader, so the name is
confusing.
Rename the directory to efi_client to indicate that it includes files
just for U-Boot being a client of EFI, i.e. the EFI app and stub.
Signed-off-by: Simon Glass <sjg@chromium.org>
The .py extension isn't very useful. Drop it and update the shebang to
specify Python 3
Update the docs for this and also drop the old reference to 2021 images.
Signed-off-by: Simon Glass <sjg@chromium.org>
Introduce an EFI app for arm64 and update the documentation.
Provide a value for LOAD_ADDR to avoid a link error.
Signed-off-by: Simon Glass <sjg@chromium.org>
We now can use a combination og lwIP & mbedTLS and download from
https://. Describe the config options needed to enable it as well
as some limitations
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This is not actually a command so the name is confusing. Use
BOOTEFI_HELLO_COMPILE instead. Put it in the efi_loader directory
with the other such config options.
The link rule (for $(obj)/%_efi.so) in scripts/Makefile.lib handles
pulling in efi_crt0.o and efi_reloc.o so drop the 'extra' rules.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Document how platforms can generate GUIDs at runtime rather than
maintaining a list of UUIDs per-board.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
The EFI Capsule ESL file (EFI Signature List File) used for authentication
is a binary generated from the EFI Capsule public key certificate. Instead
of including it in the source repo, automatically generate it from the
certificate file during the build process.
Currently, sandbox is the only device using this, so removed its ESL file
and set the (new) CONFIG_EFI_CAPSULE_CRT_FILE config to point to its public
key certificate.
Signed-off-by: Jonathan Humphreys <j-humphreys@ti.com>
Created a capsule update porting section in the documentation that outlines
the steps a board developer must do when porting from an existing reference
board implementation.
In particular, added a big warning that new capsule GUID's need to be
defined.
Signed-off-by: Jonathan Humphreys <j-humphreys@ti.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The FWU Update Agent in U-Boot supports both versions of the FWU
metadata. Make changes in the documentation to reflect this.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
Add documentation to explain the printing of the capsule headers
through the mkeficapsule tool.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Moving towards using .dtso for overlay sources, update the
documentation examples to follow that pattern.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
Update the document to specify how the EFI Signature List(ESL) file
can be embedded into the platform's dtb as part of the U-Boot build.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The EFI capsules can now be generated as part of U-Boot build, through
binman. Highlight these changes in the documentation.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The configuration for EFI is enhanced to start U-Boot at VirtualBox (x86_64)
with all features like booting with help of boot scripts and extended linux.
This documentation describes how to use U-Boot at VirtualBox to boot
Linux systems with a some simple example.
Signed-off-by: Thomas Mittelstaedt <thomas.mittelstaedt@de.bosch.com>
To enforce anti-rollback to any older version, dtb must be
always update manually. This should be described in the
documentation.
This commit also adds the recommendation that secure system should not
enable the fdt command because lowest-supported-version
property in device tree can be changed by fdt command.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
This commit describe the procedure to configure lowest supported
version in the device tree for anti-rollback protection.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Add documentation for the FWU Multi Bank Update feature. The document
describes the steps needed for setting up the platform for the
feature, as well as steps for enabling the feature on the platform.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We currently have an if_type (interface type) and a uclass id. These are
closely related and we don't need to have both.
Drop the if_type values and use the uclass ones instead.
Maintain the existing, subtle, one-way conversion between UCLASS_USB and
UCLASS_MASS_STORAGE for now, and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
The OsIndications is a 64 bit variable, and the current code expects
the value of the variable to be 64 bit. Update the documentation to
reflect this fact.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Update the capsule update functionality related documentation to
refect the additional definitions that need to be made per platform
for supporting the capsule update feature.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.
To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
[--fit <image> | --raw <image>] <capsule file>
NEW:
[--fit | --raw | --guid <guid-string>] <image> <capsule file>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Now we can use mkeficapsule command instead of EDK-II's script
to create a signed capsule file. So update the instruction for
capsule authentication.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
- disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs
- meson64_android: add board specific env settings, in order to support VIM3/L for android
- add changes to support VIM3/L android boot by using meson64_android.h config
At present this is disabled, but it should work so long as the kernel does
not need EFI services. Enable it and add a note about remaining work.
Signed-off-by: Simon Glass <sjg@chromium.org>
When starting the app, locate all block devices and make them available
to U-Boot. This allows listing partitions and accessing files in
filesystems.
EFI also has the concept of 'disks', meaning boot media. For now, this
is not obviously useful in U-Boot, but add code to at least locate these.
This can be expanded later as needed.
We cannot use printf() in the early stub or app since it is not compiled
in
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
These names are better used for access to devices provided by an EFI
layer. Use EFI_LOADER instead here, since these are only available in
U-Boot's EFI_LOADER layer.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
