QEMU creates ACPI tables but doesn't include FPDT (Firmware Performance
Data Table). Add FPDT generation in qfw_acpi.c following the same
pattern as BGRT.
Move the acpi_write_fpdt() function from acpi_table.c to acpi_extra.c so
that is available even when CONFIG_ACPIGEN is disabled.
This allows QEMU x86_64 builds to provide firmware boot timing
information to the operating system.
Disable this for qemu-riscv64_smode_acpi as it is near the code-size
limit.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
LUKS version 2 uses JSON as a means of communicating the key
information. Add a simple library which can print JSON in a
human-readable format.
Note that it does not fully parse the JSON fragment. That may be
considered later, if needed.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a few Kconfig options to allow PKCS#5 (PBKDF2) to be used within
U-Boot
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
For sandbox it normally doesn't make sense to reset when a panic occurs,
since presumably it will just happen again. Add an option to power off
instead.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the aes_get_rounds() and aes_get_keycols() functions compare
the key_len parameter (in bits) directly against AES*_KEY_LENGTH
constants (in bytes), causing incorrect round and column counts for
non-128-bit keys.
Additionally, aes_expand_key() uses key_len as a byte count in memcpy(),
copying far more data than intended and causing buffer overflows.
Specifically, for AES-256 (256-bit key) it comparies 256 (bits) against
32 (bytes), failing the comparison. This causes AES-256 to use AES-128
parameters (10 rounds instead of 14) and the memcpy() to copy 256 bytes
instead of 32.
Fix by converting key_len from bits to bytes before comparisons and in
memcpy. With this we get:
- AES-128 (128 bits / 16 bytes): 10 rounds, 4 key columns
- AES-192 (192 bits / 24 bytes): 12 rounds, 6 key columns
- AES-256 (256 bits / 32 bytes): 14 rounds, 8 key columns
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 8302d1708a ("aes: add support of aes192 and aes256")
Update the FPDT boot performance record's ebs_entry and ebs_exit
fields in bootm_final() to record the time when we're about to
hand off to the operating system.
The timing is recorded just before we start the kernel, after all
device cleanup and before interrupts are disabled, which corresponds
to the ExitBootServices phase in UEFI.
If EFI is used to boot, a further update could be made, but that is
left for later.
Avoid including asm/acpi_table.h on platforms without ACPI. Ad a special
case for the QEMU RISC-V ACPI board.
Series-changes: 2
- Depend on ACPIGEN instead of GENERATE_ACPI_TABLE
- Avoid including asm/acpi_table.h on platforms without ACPI
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add an ACPI writer to automatically generate the FPDT table with boot
timing information when ACPI tables are created.
This allows the OS to read firmware boot-timing metrics from the FPDT
table.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add ACPI FPDT support to report firmware boot timing information to
the OS. The FPDT table contains timing data for firmware phases from
reset through OS handoff.
Add some functions to enable generation of this table.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
The TKey User-Supplied Secret (USS) feature requires blake2s hashing
to derive app-specific secrets. Add blake2s implementation alongside
the existing blake2b support.
The blake2s implementation is ported from the reference BLAKE2
implementation at https://github.com/BLAKE2/BLAKE2
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
This function assumes that an address is the same as a pointer. Use
map_sysmem() to fix this, which crashes on sandbox.
Rename the parameter from addr to ptr, to avoid further confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a membuf_printf() function which supports writing a formatted string
into a membuf.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
When the app is running under QEMU we may wish to do some things
differently. Add a flag for this and use the SMBIOS tables to detect it.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Check for both GUIDs when looking for the SMBIOS tables. This allows
both table versions to be detected when running from OVMF.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Move the BGRT image to use the same video_image linker-list approach
as the other embedded image. Move it into the drivers/video/images
directory and rename it to 'bgrt.bmp' since we know it is an image.
Drop the old bgrt Makefile rule as it is no-longer needed.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a new file in lib/efi to handle conversion of keys from EFI
format to characters, so we can use it from multiple places. Update the
serial_efi driver accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is common for the main program to be at the bottom, but with recent
changes it has crept up a bit. Move it back to the bottom.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a way to set up a membuf with some pre-loaded data, so it is
possible to read it out using membuf_readline(), etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a new lib/rust directory and add a very basic rust library in
there. This will eventually expand to include more features. For now
it only has a few ulib calls needed for the example programs.
Co-developed-by: Claude <noreply@anthropic.com>
Co-developed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a file which lists various symbols to rename when building the
U-Boot library. For now it contains printf() and related functions, but
more can be added later, as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide an arch-neutral init function that can be used by including a
single header file.
This declares a static global_data which is used for the initial startup
process. Once board_init_r() is called, the global_data is moved into
a new place and the static version is not needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
The API is not very useful these days, since it doesn't support driver
model. It is laborious to add new functions to the API as there are so
many needed.
A better approach would be to create a library containing all of U-Boot,
then have the API be generated by a script containing a list of
functions, perhaps with wildcards. Then a stub could be created, with
a list of entry points, which links with and calls through into the
library.
In preparation for heading in this direction, rename some of the
existing files and directories:
- examples/api -> examples/legacy_api
- include/api*.h -> include/legacy_api*.h
- API_BUILD to LEGACY_API_BUILD
Co-developed-by: Claude <noreply@anthropic.com>
This cannot work with the shared library at present, since the symbols
are not defined. Disable it for now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Search the available CHIDs to determine the device on which U-Boot is
running. Use this to select the correct compatible string.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a 'chid list' command to display the values for all CHID variants.
Also add 'chid detail' to see all details about a variant.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a table of variants which indicates which fields are included in
each. Use this to calculate the CHID for a variant. Add some tests to
cover this.
Provide a constant for the length of a uuid.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Microsoft uses information from SMBIOS tables to determine the device
Windows is running on. This same approach has been adopted by fwupd and
other projects.
The information is used to create a list of Computer Hardware
Identifiers (CHIDs) which are used to select firmware builds, etc.
The EFI app needs to support this approach so it can map CHIDs to the
associated compatible string.
Introduce a header file for CHIDs and a function which can extract the
necessary information from the SMBIOS tables.
Further work will deal with actually calculating CHIDs.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Since each table starts with a header, it isn't very useful to have a
separate pointer for the (generic) header and another for the whole
table. Also, casting is a bit of a pain.
Update smbios_get_header() so that it returns a const void * so that it
is possible to directly assign it to the appropriate SMBIOS table's
pointer.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function skips over every second table. Fix it by dropping the
extra iterator update.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: a68c0625aa ("smbios: coreboot: Update smbios_get_header() to..")
Split the v5 GUID generation into separate big-endian and little-endian
functions with shared common code.
The big-endian version is used for CHIDs and standard UUID v5
operations, while the little-endian version seems to be needed for EFI
GUID compatibility.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for reset -c flag to explicitly request cold reset.
This provides symmetry with -w (warm) and -u (firmware UI) flags.
For EFI apps, this performs EFI_RESET_COLD which does a full system
reboot without going to firmware setup interface.
Series-to: concept
Series-cc: heinrich
Cover-letter:
efi: Improve integration of the app with a Shim environment
This series collects together various small fixes and improvements which
make it easier to use the U-Boot EFI app in a bootflow which includes
Shim:
- 'Reset' back to the caller (e.g. EDK2)
- Machine reset using cold and warm reset
- Reset and enter the firmware UI
- Shim command now supports persistent debug
- Bootmenu shows the real media for each bootflow rather than just 'efi'
END
Signed-off-by: Simon Glass <sjg@chromium.org>
Add new SYSRESET_TO_FIRMWARE_UI reset type to allow resetting directly
to firmware UI. This is implemented via the reset command's new -u flag.
For the EFI app, this sets the EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit in
the OsIndications variable before performing a warm reset, causing the
firmware to boot to its setup interface.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
At present reset just exits the U-Boot app and returns to the caller.
Add support for proper warm and cold resets, with 'hot' reset preserving
the current behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is handy to have the pager in the app, since some output can be quite
long. Enable the console mux since the pager feature depends on it.
Signed-off-by: Simon Glass <sjg@chromium.org>
All files in this directory relate to EFI, so set the log category
consistently.
Series-to: concept
Series-cc: heinrich
Cover-letter:
efi: A few minor improvements
This series mostly tidies up the efidebug command, but includes a few
other pieces as well.
END
Signed-off-by: Simon Glass <sjg@chromium.org>
Series-links: 1:20
The device path is updated if an image is used, so move the setting of
*device_pathp lower, to take account of this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 73ad2d9909 ("efi: Move efi_bootflow_run() to a common file")
Obtain EFI's view of reserved memory and ensure that everything
mentioned there is present in a devicetree reserved-memory node. This
ensures that the OS doesn't try to access memory it shouldn't.
Series-to: concept
Series-cc: heinrich
Cover-letter:
efi: App and devicetree improvements
This series improves U-Boot's EFI app support and adds new functionality
for managing devicetree reserved-memory regions.
The main focus is on enhancing memory management when running as an EFI
application. A new mechanism is introduced to sync EFI reserved-memory
regions (such as runtime services and ACPI tables) with the devicetree's
/reserved-memory nodes. This ensures that Linux doesn't inadvertently use
memory regions that EFI firmware has reserved.
The main improvements are:
- New 'fdt reserved' command to display devicetree reserved-memory regions
- New 'efi memsync' command to synchronize EFI memory map with devicetree
- Enhance EFI application support with better memory region handling
- Improve EFI debugging commands and device path handling
- Better integrate EFI boot services and devicetree setup
There are a few other minor thigns:
- Enhance efidebug commands with media device and driver information
- Expose EFI device-paths in a few places in bootstd
- Improve bootflow device reporting
- ARM-specific fixes for exception level handling
This series addresses many of the issues found in booting Linux on
Qualcomm X-Elite laptops using the EFI app.
END
Signed-off-by: Simon Glass <sjg@chromium.org>
The EFI app cannot make the EFI GOP available to Linux directly, since
it calls exit-boot-services before booting Linux. The easiest way to
provide an early console is with the simple-framebuffer feature. Add
this node to the devicetree if the feature is enabled.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
When booting Linux with EFI the devicetree memory-map is ignored and
Linux calls through EFI to obtain the real memory map.
When booting Linux from the EFI app, without EFI, we must pass the
reserved memory onto Linux using the devicetree.
Add a function to support this. It reads the EFI memory-map and adds any
missing regions to the reserved-memory node.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Shim is a program which normally comes before U-Boot in the boot
process. But when the app runs first, it can sometimes chain Shim since
that is what is contained within the bootaa64.efi file, for example.
Add a simple command for dealing with shim. For now it only supports
enabling verbosity.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a function which looks through a device path and tries to figure out
the corresponding name (e.g. 'nvme' and uclass ID. This can be useful
for showing a short summary of the device path.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
