| Age | Commit message (Collapse) | Author |
|---|
|
Create a Kconfig which indicates that EFI functionality is in use,
either as a client (EFI app / stub) or provider (EFI loader). This will
make it easier to share code between these two parts of U-Boot
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The generic name 'EFI' would be more useful for common EFI features. At
present it just refers to the EFI app and stub, which is confusing.
Rename it to EFI_CLIENT
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This directory was created when U-Boot gained the ability to run as an
EFI app in 2015. Since then the EFI-loader feature has been added.
The code in lib/efi is not actually used by the loader, so the name is
confusing.
Rename the directory to efi_client to indicate that it includes files
just for U-Boot being a client of EFI, i.e. the EFI app and stub.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Now that we moved out the capsule signature from the DTB, remove the
relevant documentation.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Remove one of the double colon so ..code-block is used for formatting.
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
We now can use a combination og lwIP & mbedTLS and download from
https://. Describe the config options needed to enable it as well
as some limitations
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
This is not actually a command so the name is confusing. Use
BOOTEFI_HELLO_COMPILE instead. Put it in the efi_loader directory
with the other such config options.
The link rule (for $(obj)/%_efi.so) in scripts/Makefile.lib handles
pulling in efi_crt0.o and efi_reloc.o so drop the 'extra' rules.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Document how platforms can generate GUIDs at runtime rather than
maintaining a list of UUIDs per-board.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Caleb Connolly <caleb.connolly@linaro.org>
|
|
The EFI Capsule ESL file (EFI Signature List File) used for authentication
is a binary generated from the EFI Capsule public key certificate. Instead
of including it in the source repo, automatically generate it from the
certificate file during the build process.
Currently, sandbox is the only device using this, so removed its ESL file
and set the (new) CONFIG_EFI_CAPSULE_CRT_FILE config to point to its public
key certificate.
Signed-off-by: Jonathan Humphreys <j-humphreys@ti.com>
|
|
Prepare v2024.07-rc5
|
|
Correct the links to the FIT documentation.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Created a capsule update porting section in the documentation that outlines
the steps a board developer must do when porting from an existing reference
board implementation.
In particular, added a big warning that new capsule GUID's need to be
defined.
Signed-off-by: Jonathan Humphreys <j-humphreys@ti.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
The FWU Update Agent in U-Boot supports both versions of the FWU
metadata. Make changes in the documentation to reflect this.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Tested-by: Michal Simek <michal.simek@amd.com>
|
|
the file pytest.py does not exist
Signed-off-by: Wei Ming Chen <jj251510319013@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
There should be only one "has" instead of "has has"
Signed-off-by: Wei Ming Chen <jj251510319013@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
This adds the description about HTTP Boot.
[Ilias add the new EFI_HTTP_BOOT option in docs]
Lore: https://lore.kernel.org/u-boot/20231110042542.3797301-1-masahisa.kojima@linaro.org/T/#m36acf922a888cc14f74e823ec57bacd9f977194e
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Add documentation to explain the printing of the capsule headers
through the mkeficapsule tool.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Moving towards using .dtso for overlay sources, update the
documentation examples to follow that pattern.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The 64-bit app is supported now, so update the documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Prepare v2023.10-rc4
|
|
Update the document to specify how the EFI Signature List(ESL) file
can be embedded into the platform's dtb as part of the U-Boot build.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
The EFI capsules can now be generated as part of U-Boot build, through
binman. Highlight these changes in the documentation.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
The configuration for EFI is enhanced to start U-Boot at VirtualBox (x86_64)
with all features like booting with help of boot scripts and extended linux.
This documentation describes how to use U-Boot at VirtualBox to boot
Linux systems with a some simple example.
Signed-off-by: Thomas Mittelstaedt <thomas.mittelstaedt@de.bosch.com>
|
|
To enforce anti-rollback to any older version, dtb must be
always update manually. This should be described in the
documentation.
This commit also adds the recommendation that secure system should not
enable the fdt command because lowest-supported-version
property in device tree can be changed by fdt command.
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
|
https://source.denx.de/u-boot/custodians/u-boot-microblaze into next
Xilinx changes for v2023.10-rc1
global:
- Use proper U-Boot project name
Fix sparse warnings in zynqmp-clk, zynqmp handoff, board
cmd:
- Cover incorrect 0 length entries
Versal NET:
- Add bootmode logic
- Support SPP production version
- Add loadpdi command
ZynqMP:
- Clear pmufw node command ID handling
- Change power domain behavior around zynqmp_pmufw_node()
- Fix zynqmp cmd return values and pmufw command
- Fix R5 tcm init and modes
mmc:
- Sync Versal NET emmc DT binding
pcie:
- Add support for ZynqMP PCIe root port
video:
- Add support for ZynqMP DP
tools:
- Fix debug message in relocate-rela
|
|
Use proper project name in comments, Kconfig, readmes.
Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/0dbdf0432405c1c38ffca55703b6737a48219e79.1684307818.git.michal.simek@amd.com
|
|
This commit describe the procedure to configure lowest supported
version in the device tree for anti-rollback protection.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
|
This commit describes the procedure to add the firmware version
into the capsule file.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
|
Fix a couple of links so that they are rendered correctly with sphinx.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The EFI Conformance Profile Table entry for EBBR appears in v2.1.0 of the
EBBR specification[1]. Update naming accordingly.
While at it, update the EBBR version referenced in the documentation.
[1]: https://github.com/ARM-software/ebbr/releases/tag/v2.1.0
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Add documentation for the FWU Multi Bank Update feature. The document
describes the steps needed for setting up the platform for the
feature, as well as steps for enabling the feature on the platform.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
We currently have an if_type (interface type) and a uclass id. These are
closely related and we don't need to have both.
Drop the if_type values and use the uclass ones instead.
Maintain the existing, subtle, one-way conversion between UCLASS_USB and
UCLASS_MASS_STORAGE for now, and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The OsIndications is a 64 bit variable, and the current code expects
the value of the variable to be 64 bit. Update the documentation to
reflect this fact.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Update the capsule update functionality related documentation to
refect the additional definitions that need to be made per platform
for supporting the capsule update feature.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
|
|
There is no CONFIG_UEFI_SECURE_BOOT, and there was never any.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.
To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
[--fit <image> | --raw <image>] <capsule file>
NEW:
[--fit | --raw | --guid <guid-string>] <image> <capsule file>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Now we can use mkeficapsule command instead of EDK-II's script
to create a signed capsule file. So update the instruction for
capsule authentication.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
https://source.denx.de/u-boot/custodians/u-boot-amlogic into next
- disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs
- meson64_android: add board specific env settings, in order to support VIM3/L for android
- add changes to support VIM3/L android boot by using meson64_android.h config
|
|
At present this is disabled, but it should work so long as the kernel does
not need EFI services. Enable it and add a note about remaining work.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
When starting the app, locate all block devices and make them available
to U-Boot. This allows listing partitions and accessing files in
filesystems.
EFI also has the concept of 'disks', meaning boot media. For now, this
is not obviously useful in U-Boot, but add code to at least locate these.
This can be expanded later as needed.
We cannot use printf() in the early stub or app since it is not compiled
in
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
This is a 'y/n' selection, so fix it.
While at it remove the duplicate usage of CFG_CORE_HEAP_SIZE
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
These names are better used for access to devices provided by an EFI
layer. Use EFI_LOADER instead here, since these are only available in
U-Boot's EFI_LOADER layer.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The current EFI video driver only works when running in the stub. In that
case the stub calls boot services (before jumping to U-Boot proper) and
copies the graphics info over to the efi table. This is necessary because
the stub exits boot services before jumping to U-Boot.
The app maintains access to boot services throughout its life, so does not
need to do this. Update the driver to support calling boot services
directly.
Enable video output for the app. Note that this uses the
EFI_GRAPHICS_OUTPUT_PROTOCOL protocol, even though it mentions vesa.
A sample qemu command-line for this case is:
qemu-system-x86_64 -bios /usr/share/edk2.git/ovmf-ia32/OVMF-pure-efi.fd
-drive id=disk,file=try.img,if=none,format=raw -nic none
-device ahci,id=ahci -device ide-hd,drive=disk,bus=ahci.0
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Most modern platforms use 64-bit EFI so it is useful to have a U-Boot app
that runs under that. Add a (non-functional) build for this.
Note that --whole-archive causes the gcc 9.2 linker to crash, so disable
this for now. Once this is resolved, things should work.
For now, avoid mentioning the documentation for the 64-bit app, since it
does not work.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
It is quite complicated to run U-Boot on QEMU since we have four
different builds and they must use different versions of qemu and the
UEFI binaries.
Add a script to help. It requires U-Boot itself to be built. Once that
is done you can use this script to build an image for use with qemu and
optionally run it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The existing intructions in the U-Boot on EFI doc do not work with
the latest QEMU. Update the doc with the correct instructions, as
well as using the new OVMF URL link.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
|
|
This reverts commit a7e4f905d206d5895dab4bd38a8316e4f2fe15fe.
The description originally written by Sughosh is still valid
even after the commit 47a25e81d35c ("Revert "efi_capsule: Move signature
from DTB to .rodata"") was applied.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
This reverts commit 316ab801c0d91c02b21b8be1e3db7e69555364e9.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This Kconfig symbol was never added to U-Boot but it was mentioned in the
origin commit c35df7c9e43e ("qemu: arm64: Add documentation for capsule
update"). That's why remove it from documentation to be accurate.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
