The MMC and network subsystems must be present to use device paths for
them. Add the missing checks.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add support for using ulib with this board, as an example of using ulib
outside the existing sandbox and EFI options.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Even if CONFIG_ULIB is enabled it may not actually be in use. If not,
we still need the EFI-runtime relocation to happen. Adjust the condition
in efi_runtime_relocate() to fix this.
For static linking with ulib examples, provide weak symbol definitions
for __efi_runtime_rel_start and __efi_runtime_rel_stop. These symbols
are normally defined in linker scripts but need fallback definitions
when linking statically against libu-boot.a.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
The ROM is close to its limit and any main program using ulib will
overflow it. Expand the ROM size to 2MB.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
The shared library is useful only with sandbox, so add an option to
allow it to be disabled, e.g. for EFI builds.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
To avoid needing an #ifdef in the C code, move this sandbox-specific
declaration to the common init.h header.
Update ulib.c to include init.h to avoid warnings. Fix the ordering
while we are here.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Update both build-efi and build-scripts to allow a -c option to provide
custom firmware. This makes the scripts more generally useful.
Drop the existing -c for --spice since it conflicts and is also is bit
hard to remember.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Provide a way to include a directory of files in the firmware image
created by build-efi
This is useful for including a U-Boot environment, for example.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add support for AES-XTS cipher mode in addition to the existing
AES-CBC-ESSIV support. This is the default cipher for LUKS2 volumes.
The cipher mode (CBC/XTS) is obtained from the LUKS1 cipher_mode or
LUKS2 encryption metadata.
XTS mode uses 512-byte block numbers for IV generation (plain64),
matching dm-crypt behavior. LUKS2 typically uses 4096-byte sectors
for XTS encryption but the IV is based on 512-byte block numbers.
Fix the blkmap-size calculation to exclude the LUKS header/payload
offset.
Update the LUKSv2 test to check reading a file.
Series-to: concept
Cover-letter:
luks: Support the AES-XTS cipher mode
This series finishes off the implementation of LUKSv2, adding support
for the common cipher mode and testing that files can be read from the
disk.
It includes a fix for using the correct size when mapping the crypt, as
well as some refactoring to split up the code a little better.
END
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
In preparation for adding support for a new algorithm, move the
decryption part of blkmap_crypt_read() into its own function.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Create a new blkmap_crypt.c file to hold the LUKS code, since it is
fairly large. Add an internal header for blkmap as well.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
The current tests check that decryption happens but don't go so far as
reading a file. Add the logic for this. Since this currently fails for
LUKSv2, leave the last part of that test out for now.
Use direct filesystem calls for LUKSv2 since it is easier to check for
the current error.
Add more information on the errors returned by luks_unlock() so we can
check for the correct one.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Fix the blkmap-size calculation to exclude the LUKS header/payload
offset. This was missed in the initial implementation.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Fixes: 0cbfb2d490 ("luks: Provide a way to unlock and map encrypted..")
Add documentation for the new LUKSv2 feature and update LUKSv1 to
mention the more common algorithm.
Update the tests to use LUKSv2 for mmc12
Series-to: concept
Series-cc: heinrich
Cover-letter:
luks: Provide support for LUKSv2
Modern systems mostly use LUKSv2 as it is more secure that v1. This
series provides an implementation of this feature, making use of the
existing 'luks unlock' command.
One interesting part of this series is a converter from JSON to FDT, so
that U-Boot's existing ofnode interface can be used to access the
hierarchical data in JSON text. This obviously results in quite a bit
of new code, but it is more robust than trying to parse the text
directly using strstr(), etc. The choice of JSON for LUKS was presumably
made with larger code bases in mind, rather than a firmware
implementation.
END
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Series-links: 1:58
Add supports for luks v2 which is a more common version used on modern
systems.
This makes use of Argon2 and also the JSON->FDT parser.
Enable this feature for sandbox, tidying up the defconfig while we are
here.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
In preparation for luks v2, make a few code-style tweaks:
- shorter vars in some cases
- 80cols in a few places
- drop an unwanted blank line
- use 'pass' instead of 'passphrase'
- unnecessary assignments to NULL
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Provide this function through an internal header, so that luks2 will be
able to use it.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
For LUKS version 2, argon is normally used in preference to pbkdf2. Add
an argument to specify this when creating a filesystem.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
This is very long and the 'encrypt' part is implied by the passphrase.
Shorten it to just 'passphrase'.
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add a Kconfig optiion to enable this library and add it to the lib/
Makefile, being careful to avoid a conflict with the existing blake2b
implementation.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Rename argon.c to argon_wrapper.c so we can use 'argon' as the library
name. Move the include file into the normal place.
Add SPDX tags but otherwise keep the files as is. The code style uses
spaces instead of tabs and has other differences with U-Boot
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
JSON is a rather more free format than devicetree, so it is sometimes
better to parse it into dtb format. This is widely used in U-Boot and we
can use the ofnode interface to access it.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Update ut_asserteq_str() and ut_asserteq_strn() to check for NULL. This
allows tests to avoid doing this.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add a configuration and a Makefile rule to provide access to the mbedtls
base64 support.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add a few Kconfig options to support XTS (XEX Tweakable Block Ciphertext
Stealing).
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
The conditional filter checking for "drivers/video/images" in $(obj)
fails for out-of-tree builds where $(obj) contains the full build path.
Fix the wildcard pattern (%drivers/video/images) so files are matched
correctly.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Enable CONFIG_ENV_IS_IN_FAT to automatically load the environment from
the uboot.env file on the FAT filesystem. This makes the build-efi
script's --bootcmd option work correctly.
Series-to: concept
Cover-letter:
efi: Minor improvements to QEMU and build scripts
This series introduces a few improvements:
- passing a boot command to the EFI app
- FPDT support for EFI app
END
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
When running U-Boot as an EFI application under EDK2/OVMF, U-Boot doesn't
have direct access to QEMU's fw_cfg interface. To support the --bootcmd
option, write a uboot.env file to the EFI partition containing the boot
command.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add -b as a short alias for --bootcmd to build_helper so it is available
in both build-qemu and build-efi
Move the fw_cfg bootcmd logic to build_helper as well.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add documentation explaining how to use the fw_cfg interface to specify
a boot command for QEMU x86. This feature allows automated testing and
scripting by providing the boot command directly through QEMU's
firmware configuration interface.
The documentation includes:
- How to create a boot command file
- The QEMU command-line syntax with -fw_cfg option
- Behavior and limitations of the feature
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Currently qfw_locate_file() always prints error messages when it can't
find a file. This causes unwanted error output in qemu_get_bootcmd()
when the optional "opt/u-boot/bootcmd" file doesn't exist.
Adjust qfw_locate_file() to be silent, with a new qfw_locate_file_msg()
that shows messages.
This allows callers to choose whether missing files should generate
error messages.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
QEMU creates ACPI tables but doesn't include FPDT (Firmware Performance
Data Table). Add FPDT generation in qfw_acpi.c following the same
pattern as BGRT.
Move the acpi_write_fpdt() function from acpi_table.c to acpi_extra.c so
that is available even when CONFIG_ACPIGEN is disabled.
This allows QEMU x86_64 builds to provide firmware boot timing
information to the operating system.
Disable this for qemu-riscv64_smode_acpi as it is near the code-size
limit.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a function which can detect a LUKS partition. Add a test, using
mmc11
Series-to: concept
Cover-letter:
luks: Provide basic support for unlocking a LUKS1 partition
With full-disk encryption (FDE) it is traditional to unlock a LUKS
partition within userspace as part of the initial ramdisk passed to
Linux. The user is prompted for a passphrase and then the disk is
unlocked.
This works well but does have some drawbacks:
- firmware has no way of knowing whether the boot will success
- the 'passphrase' prompt comes quite late in the boot, which can be
confusing for the user
- specifically it is not possible to provide an integrated 'boot' UI in
firmware where the user can enter the passphrase
- in a VM environment, the key may be known in advance, but there is no
way to take advantage of this
- it is not possible to use an encryted disk unless also using a ramdisk
This series makes a small step towards improving U-Boot in this area. It
allows a passphrase to be checked against a LUKS1-encrypted partition.
It also provides read-only access to the unencrypted data, so that files
can be read.
END
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a new 'luks unlock' command which can unlock a LUKS1 partition,
given a passphrase.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add the logic to unlock a partition and set up a blkmap for use with it.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Enhance blkmap to support decrypting a partition encrypted with LUKS
version 1. This will allow filesystems to access files on the parition.
This will be tested once filesystems support is plumbed in.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Extract the full information for version 2, which is JSON format. Show
this with the 'luks info' command.
Use the mmc12 disk to check this.
Require the JSON for LUKS.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new mmc12 image which has a LUKS2-encrypted ext4 partition.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
LUKS version 2 uses JSON as a means of communicating the key
information. Add a simple library which can print JSON in a
human-readable format.
Note that it does not fully parse the JSON fragment. That may be
considered later, if needed.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a 'luks' command which allows querying a partition to see if it is
encrypted using LUKS, as well as showing information about a LUKS
partition.
Provide some documentation and a test.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
