Provide a function which can detect a LUKS partition. Add a test, using
mmc11
Series-to: concept
Cover-letter:
luks: Provide basic support for unlocking a LUKS1 partition
With full-disk encryption (FDE) it is traditional to unlock a LUKS
partition within userspace as part of the initial ramdisk passed to
Linux. The user is prompted for a passphrase and then the disk is
unlocked.
This works well but does have some drawbacks:
- firmware has no way of knowing whether the boot will success
- the 'passphrase' prompt comes quite late in the boot, which can be
confusing for the user
- specifically it is not possible to provide an integrated 'boot' UI in
firmware where the user can enter the passphrase
- in a VM environment, the key may be known in advance, but there is no
way to take advantage of this
- it is not possible to use an encryted disk unless also using a ramdisk
This series makes a small step towards improving U-Boot in this area. It
allows a passphrase to be checked against a LUKS1-encrypted partition.
It also provides read-only access to the unencrypted data, so that files
can be read.
END
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
LUKS version 2 uses JSON as a means of communicating the key
information. Add a simple library which can print JSON in a
human-readable format.
Note that it does not fully parse the JSON fragment. That may be
considered later, if needed.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a 'luks' command which allows querying a partition to see if it is
encrypted using LUKS, as well as showing information about a LUKS
partition.
Provide some documentation and a test.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Linux Unified Key Setup (LUKS) provides a way to encryption a disk
partition with a a key an later unlock it. There are two versions (1 and
2).
Add a definition of the main structures and the ability to detect a LUKS
partition.
Enable this for the sandbox board.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
For debugging it is sometimes helpful to dump an expo. Add an
implementation of this, writing to a membuf.
Add a MAINTAINERS entry for expo, including this next file.
Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
When running a simple GUI it is useful to support a mouse. This is
similar to what is provided in UEFI's boot menu. Add a simple uclass and
a way to read the mouse position.
For sandbox add a driver that reads the position from SDL. Disable input
for the tools-only build, since it is of no use there and causes build
failures.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rather than having this code mixed with the tests, it seems better to
put it up one level. Move the directory and tidy up references.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a small utility for displaying some information about U-Boot and the
hardware it's running on in a similar fashion to the popular neofetch
tool for Linux [1].
While the output is meant to be useful, it should also be pleasing to
look at and perhaps entertaining. The ufetch command aims to bring this
to U-Boot, featuring a colorful ASCII art version of the U-Boot logo.
[1]: https://en.wikipedia.org/wiki/Neofetch
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Mattijs Korpershoek <mkorpershoek@baylibre.com> # vim3
Tested-by: Neil Armstrong <neil.armstrong@linaro.org> # on SM8560-QRD
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
(cherry picked from commit 86d462c05d)
There are various functions which announce that booting is imminent and
do related preparation. Most of these are arch-specific.
In practice, most archs do the a similar thing. It would be better to
have a common function, with perhaps some events for things that are
really arch- and board-specific.
Create a new function for this. For now, nothing uses it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide access to the virtual queue and some functions for sending
various FUSE messages.
Add myself as a maintainer of virtio.
Signed-off-by: Simon Glass <sjg@chromium.org>
Directories can have a number of files within them. U-Boot only needs to
create a file object for those that have been opened for read/write. Add
the concept of a file, with its directory as parent.
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a struct iov_iter and some related functions to encapsulate an
iterator used when reading and writing files. This will be used with the
new 'file' uclass.
While it is modelled on Linux, I/O vectors have been omitted for now.
These can be added later without updating the interface used by the
uclass.
Signed-off-by: Simon Glass <sjg@chromium.org>
Filesystems can have a number of directories within them. U-Boot only
worries about directories that have been accessed. Add the concept of
a directory, with the filesystem as parent.
Note that this is not a hierarchical device structure, so UCLASS_DIR
devices always have a UCLASS_FS as the parent.
Signed-off-by: Simon Glass <sjg@chromium.org>
The existing filesystem support is fairly basic. It supports access to
only one filesystem at a time, does not allow caching, does not have an
equivalent of Linux's VFS and uses global variables to keep track of
which one is in use.
As a starting point to improving this, provide a filesystem uclass. For
now it only includes operations to mount and unmount.
Provide a bootdev so that it is possible to locate bootflows on a
filesystem.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add documentation about standard passage and update the maintainers.
Series-changes: 2
- Add detailed arch-specific information
- Add comments about passing a bloblist to Linux
- Add comments about how to pass standard passage to EFI
- Fix 'it' typo
Series-changes: 3
- Fix 'that' typo
- Update docs for the various code changes
Signed-off-by: Simon Glass <sjg@chromium.org>
Change-Id: I91d5b9ae45e8d1081b1e165620ad1946bd69af00
The 'EFI PAYLOAD' entry really refers to the EFI loader and EFI APP
refers to the app and the payload.
Rename 'EFI PAYLOAD' to 'EFI LOADER' and 'EFI APP' to 'EFI CLIENT'
Signed-off-by: Simon Glass <sjg@chromium.org>
This directory was created when U-Boot gained the ability to run as an
EFI app in 2015. Since then the EFI-loader feature has been added.
The code in lib/efi is not actually used by the loader, so the name is
confusing.
Rename the directory to efi_client to indicate that it includes files
just for U-Boot being a client of EFI, i.e. the EFI app and stub.
Signed-off-by: Simon Glass <sjg@chromium.org>
Convert this to Python and make use of the build_helpers module. Update
that module to remove old options and improve the ordering of options.
The script doubles in size, part of which is being a lot more friendly
with virtiofsd problems, as well as adding a verbose mode.
Update the documentation as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
Make use of the mk_fs() function to avoid needing to use sudo to mount
the loopback partition. This makes the script a little more friendly for
those nervous about sudo in their tools.
Signed-off-by: Simon Glass <sjg@chromium.org>
The .py extension isn't very useful. Drop it and update the shebang to
specify Python 3
Update the docs for this and also drop the old reference to 2021 images.
Signed-off-by: Simon Glass <sjg@chromium.org>
Introduce an EFI app for arm64 and update the documentation.
Provide a value for LOAD_ADDR to avoid a link error.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rename the C and header files to use the membuf basename, to match the
functions.
Add a MAINTAINERS entry while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
So far only VBE-simple is implemented in U-Boot. This supports a single
image which can be updated in situ.
It is often necessary to support two images (A and B) so that the board
is not bricked if the update is interrupted or is bad.
In some cases, a non-updatable recovery image is desirable, so that the
board can be returned to a known-good state in the event of a serious
failure.
Introduce ABrec which provides these features. It supports three
independent images and the logic to select the desired one on boot.
While we are here, fix a debug message to indicate the function it
called. Provide a maintainers entry for VBE.
Note that fwupdated only supports VBE-simple so far, but supports for
ABrec will appear in time.
Signed-off-by: Simon Glass <sjg@chromium.org>
Create a test which does some sample calls and checks the output.
Expand the size of the sandbox bloblist to accommodate the log.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current logging system suffers from some disadvantages, mainly that
it writes its output to the console and cannot be easily reviewed.
Add a dedicated log, storing records in a binary format and including
the result codes and any return values from each call. The log is built
sequentially in memory and can be reviewed after any EFI operation. It
could potentially be written to media for later review, but that is not
implemented so far.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is handy to be able to quickly build and boot a QEMU image for a
particular architecture and distro.
Add a script for this purpose. It supports only arm and x86 at present.
For distros it only supports Ubuntu. Both 32- and 64-bit builds are
supported.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add native support of the bootcount mechanism in the ZynqMP by
utilising internal PMU registers. The Persistent Global Storage
Registers of the Platform Management Unit can keep their value
during reboot cycles unless there is a POR reset, making them
appropriate for the bootcount mechanism.
Signed-off-by: Vasileios Amoiridis <vasileios.amoiridis@cern.ch>
Reviewed-by: Heiko Schocher <hs@denx.de>
Link: https://lore.kernel.org/r/20241105132744.1572759-2-vassilisamir@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
Sometimes this breaks, so add a build to keep it working. Since sandbox
enables a lot of options, it is a good board to use. The new config is
created simply by copying the existing sandbox and turning off CMDLINE
Once we have tests for non-CMDLINE operation, this can be adjusted to
run those tests.
Create a new build which will be picked up by CI. Update the maintainer
entry as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
I'd like to get Cc'ed to u-boot's SPI NOR patches to help review them.
The ultimate goal is to have an aligned approach in u-boot and linux.
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Acked-by: Marek Vasut <marex@denx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
Patrick Rudolph <patrick.rudolph@9elements.com> says:
Based on the existing work done by Simon Glass this series adds
support for booting aarch64 devices using ACPI only.
As first target QEMU SBSA support is added, which relies on ACPI
only to boot an OS. As secondary target the Raspberry Pi4 was used,
which is broadly available and allows easy testing of the proposed
solution.
The series is split into ACPI cleanups and code movements, adding
Arm specific ACPI tables and finally SoC and mainboard related
changes to boot a Linux on the QEMU SBSA and RPi4. Currently only the
mandatory ACPI tables are supported, allowing to boot into Linux
without errors.
The QEMU SBSA support is feature complete and provides the same
functionality as the EDK2 implementation.
The changes were tested on real hardware as well on QEMU v9.0:
qemu-system-aarch64 -machine sbsa-ref -nographic -cpu cortex-a57 \
-pflash secure-world.rom \
-pflash unsecure-world.rom
qemu-system-aarch64 -machine raspi4b -kernel u-boot.bin -cpu cortex-a72 \
-smp 4 -m 2G -drive file=raspbian.img,format=raw,index=0 \
-dtb bcm2711-rpi-4-b.dtb -nographic
Tested against FWTS V24.03.00.
Known issues:
- The QEMU rpi4 support is currently limited as it doesn't emulate PCI,
USB or ethernet devices!
- The SMP bringup doesn't work on RPi4, but works in QEMU (Possibly
cache related).
- PCI on RPI4 isn't working on real hardware since the pcie_brcmstb
Linux kernel module doesn't support ACPI yet.
Link: https://lore.kernel.org/r/20241023132116.970117-1-patrick.rudolph@9elements.com
Rename 'ahci_mvebu' to 'ahci_generic' and select it by default.
The AHCI driver contains no SoC specific code and only expects the
base address to be passed, thus rename it to ahci_generic and add the
DT compatible string "generic-ahci".
Update existing defconfigs to use the new Kconfig name as well.
TEST: Booted on QEMU sbsa using the generic-ahci node.
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Stefan Roese <sr@denx.de>
Acked-by: Tony Dinh <mibodhi@gmail.com>
Siddharth Vadapalli <s-vadapalli@ti.com> says:
Hello,
This series adds support for the Cadence PCIe controller on TI's K3
family of SoCs to which the J7200 SoC belongs. The driver is an adaptation
of the Linux driver (drivers/pci/controller/cadence/pci-j721e.c) and has
been implemented specifically for Root-Complex mode of operation on the
J7200 SoC. A minor set of changes will be sufficient to support other K3
SoCs as well with plans to implement it in the near future.
Link: https://lore.kernel.org/r/20241014053924.4027491-1-s-vadapalli@ti.com
Add support for the Cadence PCIe Controller present on TI's K3 SoCs.
This driver is an adaptation of the Linux driver.
Signed-off-by: Siddharth Vadapalli <s-vadapalli@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Provide a short description of how tests work, why they are so critical
and how to resolve gaps in Binman's test coverage.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Add new section for USB TypeC Port Manager (TCPM) support, which
is needed to figure out cable orientation of USB-C plus and to do
USB PD communication.
Signed-off-by: Sebastian Reichel <sebastian.reichel@collabora.com>
Acked-by: Marek Vasut <marex@denx.de>
Add myself as a maintainer for the lwIP network stack integration code
and network commands as well as the sandbox ethernet driver for lwIP.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Oliver Gaskell <Oliver.Gaskell@analog.com> says:
ADSP-SC5xx is a series of ARM-based DSPs.
This comprises the armv7 based SC57x, SC58x and SC594 series, and the
armv8 based SC598.
This patch series includes configurations, init code, and minimal DTs
to enable Analog Devices' evaluation boards for these SoCs to boot
through SPL and into U-Boot Proper, as well as devicetree schemas for
the added DTs.
This patch series depends on ("arm: Add Analog Devices SC5xx Machine
Type") (https://lists.denx.de/pipermail/u-boot/2024-April/552043.html)
