Add a Kconfig optiion to enable this library and add it to the lib/
Makefile, being careful to avoid a conflict with the existing blake2b
implementation.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Rename argon.c to argon_wrapper.c so we can use 'argon' as the library
name. Move the include file into the normal place.
Add SPDX tags but otherwise keep the files as is. The code style uses
spaces instead of tabs and has other differences with U-Boot
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
JSON is a rather more free format than devicetree, so it is sometimes
better to parse it into dtb format. This is widely used in U-Boot and we
can use the ofnode interface to access it.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add a configuration and a Makefile rule to provide access to the mbedtls
base64 support.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Add a few Kconfig options to support XTS (XEX Tweakable Block Ciphertext
Stealing).
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
QEMU creates ACPI tables but doesn't include FPDT (Firmware Performance
Data Table). Add FPDT generation in qfw_acpi.c following the same
pattern as BGRT.
Move the acpi_write_fpdt() function from acpi_table.c to acpi_extra.c so
that is available even when CONFIG_ACPIGEN is disabled.
This allows QEMU x86_64 builds to provide firmware boot timing
information to the operating system.
Disable this for qemu-riscv64_smode_acpi as it is near the code-size
limit.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
LUKS version 2 uses JSON as a means of communicating the key
information. Add a simple library which can print JSON in a
human-readable format.
Note that it does not fully parse the JSON fragment. That may be
considered later, if needed.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a few Kconfig options to allow PKCS#5 (PBKDF2) to be used within
U-Boot
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
For sandbox it normally doesn't make sense to reset when a panic occurs,
since presumably it will just happen again. Add an option to power off
instead.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the aes_get_rounds() and aes_get_keycols() functions compare
the key_len parameter (in bits) directly against AES*_KEY_LENGTH
constants (in bytes), causing incorrect round and column counts for
non-128-bit keys.
Additionally, aes_expand_key() uses key_len as a byte count in memcpy(),
copying far more data than intended and causing buffer overflows.
Specifically, for AES-256 (256-bit key) it comparies 256 (bits) against
32 (bytes), failing the comparison. This causes AES-256 to use AES-128
parameters (10 rounds instead of 14) and the memcpy() to copy 256 bytes
instead of 32.
Fix by converting key_len from bits to bytes before comparisons and in
memcpy. With this we get:
- AES-128 (128 bits / 16 bytes): 10 rounds, 4 key columns
- AES-192 (192 bits / 24 bytes): 12 rounds, 6 key columns
- AES-256 (256 bits / 32 bytes): 14 rounds, 8 key columns
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 8302d1708a ("aes: add support of aes192 and aes256")
Update the FPDT boot performance record's ebs_entry and ebs_exit
fields in bootm_final() to record the time when we're about to
hand off to the operating system.
The timing is recorded just before we start the kernel, after all
device cleanup and before interrupts are disabled, which corresponds
to the ExitBootServices phase in UEFI.
If EFI is used to boot, a further update could be made, but that is
left for later.
Avoid including asm/acpi_table.h on platforms without ACPI. Ad a special
case for the QEMU RISC-V ACPI board.
Series-changes: 2
- Depend on ACPIGEN instead of GENERATE_ACPI_TABLE
- Avoid including asm/acpi_table.h on platforms without ACPI
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add an ACPI writer to automatically generate the FPDT table with boot
timing information when ACPI tables are created.
This allows the OS to read firmware boot-timing metrics from the FPDT
table.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add ACPI FPDT support to report firmware boot timing information to
the OS. The FPDT table contains timing data for firmware phases from
reset through OS handoff.
Add some functions to enable generation of this table.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
The TKey User-Supplied Secret (USS) feature requires blake2s hashing
to derive app-specific secrets. Add blake2s implementation alongside
the existing blake2b support.
The blake2s implementation is ported from the reference BLAKE2
implementation at https://github.com/BLAKE2/BLAKE2
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
This function assumes that an address is the same as a pointer. Use
map_sysmem() to fix this, which crashes on sandbox.
Rename the parameter from addr to ptr, to avoid further confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a membuf_printf() function which supports writing a formatted string
into a membuf.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
When the app is running under QEMU we may wish to do some things
differently. Add a flag for this and use the SMBIOS tables to detect it.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Check for both GUIDs when looking for the SMBIOS tables. This allows
both table versions to be detected when running from OVMF.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Move the BGRT image to use the same video_image linker-list approach
as the other embedded image. Move it into the drivers/video/images
directory and rename it to 'bgrt.bmp' since we know it is an image.
Drop the old bgrt Makefile rule as it is no-longer needed.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a new file in lib/efi to handle conversion of keys from EFI
format to characters, so we can use it from multiple places. Update the
serial_efi driver accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is common for the main program to be at the bottom, but with recent
changes it has crept up a bit. Move it back to the bottom.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a way to set up a membuf with some pre-loaded data, so it is
possible to read it out using membuf_readline(), etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a new lib/rust directory and add a very basic rust library in
there. This will eventually expand to include more features. For now
it only has a few ulib calls needed for the example programs.
Co-developed-by: Claude <noreply@anthropic.com>
Co-developed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a file which lists various symbols to rename when building the
U-Boot library. For now it contains printf() and related functions, but
more can be added later, as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide an arch-neutral init function that can be used by including a
single header file.
This declares a static global_data which is used for the initial startup
process. Once board_init_r() is called, the global_data is moved into
a new place and the static version is not needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
The API is not very useful these days, since it doesn't support driver
model. It is laborious to add new functions to the API as there are so
many needed.
A better approach would be to create a library containing all of U-Boot,
then have the API be generated by a script containing a list of
functions, perhaps with wildcards. Then a stub could be created, with
a list of entry points, which links with and calls through into the
library.
In preparation for heading in this direction, rename some of the
existing files and directories:
- examples/api -> examples/legacy_api
- include/api*.h -> include/legacy_api*.h
- API_BUILD to LEGACY_API_BUILD
Co-developed-by: Claude <noreply@anthropic.com>
This cannot work with the shared library at present, since the symbols
are not defined. Disable it for now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Search the available CHIDs to determine the device on which U-Boot is
running. Use this to select the correct compatible string.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a 'chid list' command to display the values for all CHID variants.
Also add 'chid detail' to see all details about a variant.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a table of variants which indicates which fields are included in
each. Use this to calculate the CHID for a variant. Add some tests to
cover this.
Provide a constant for the length of a uuid.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Microsoft uses information from SMBIOS tables to determine the device
Windows is running on. This same approach has been adopted by fwupd and
other projects.
The information is used to create a list of Computer Hardware
Identifiers (CHIDs) which are used to select firmware builds, etc.
The EFI app needs to support this approach so it can map CHIDs to the
associated compatible string.
Introduce a header file for CHIDs and a function which can extract the
necessary information from the SMBIOS tables.
Further work will deal with actually calculating CHIDs.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Since each table starts with a header, it isn't very useful to have a
separate pointer for the (generic) header and another for the whole
table. Also, casting is a bit of a pain.
Update smbios_get_header() so that it returns a const void * so that it
is possible to directly assign it to the appropriate SMBIOS table's
pointer.
Signed-off-by: Simon Glass <sjg@chromium.org>
This function skips over every second table. Fix it by dropping the
extra iterator update.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: a68c0625aa ("smbios: coreboot: Update smbios_get_header() to..")
Split the v5 GUID generation into separate big-endian and little-endian
functions with shared common code.
The big-endian version is used for CHIDs and standard UUID v5
operations, while the little-endian version seems to be needed for EFI
GUID compatibility.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for reset -c flag to explicitly request cold reset.
This provides symmetry with -w (warm) and -u (firmware UI) flags.
For EFI apps, this performs EFI_RESET_COLD which does a full system
reboot without going to firmware setup interface.
Series-to: concept
Series-cc: heinrich
Cover-letter:
efi: Improve integration of the app with a Shim environment
This series collects together various small fixes and improvements which
make it easier to use the U-Boot EFI app in a bootflow which includes
Shim:
- 'Reset' back to the caller (e.g. EDK2)
- Machine reset using cold and warm reset
- Reset and enter the firmware UI
- Shim command now supports persistent debug
- Bootmenu shows the real media for each bootflow rather than just 'efi'
END
Signed-off-by: Simon Glass <sjg@chromium.org>
Add new SYSRESET_TO_FIRMWARE_UI reset type to allow resetting directly
to firmware UI. This is implemented via the reset command's new -u flag.
For the EFI app, this sets the EFI_OS_INDICATIONS_BOOT_TO_FW_UI bit in
the OsIndications variable before performing a warm reset, causing the
firmware to boot to its setup interface.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
At present reset just exits the U-Boot app and returns to the caller.
Add support for proper warm and cold resets, with 'hot' reset preserving
the current behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is handy to have the pager in the app, since some output can be quite
long. Enable the console mux since the pager feature depends on it.
Signed-off-by: Simon Glass <sjg@chromium.org>
All files in this directory relate to EFI, so set the log category
consistently.
Series-to: concept
Series-cc: heinrich
Cover-letter:
efi: A few minor improvements
This series mostly tidies up the efidebug command, but includes a few
other pieces as well.
END
Signed-off-by: Simon Glass <sjg@chromium.org>
Series-links: 1:20
The device path is updated if an image is used, so move the setting of
*device_pathp lower, to take account of this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 73ad2d9909 ("efi: Move efi_bootflow_run() to a common file")
