* [PATCH v5 0/5] Add support for booting EFI FIT images
@ 2019-12-30 1:34 Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 1/5] image: Add IH_OS_EFI for EFI chain-load boot Cristian Ciocaltea
` (4 more replies)
0 siblings, 5 replies; 7+ messages in thread
From: Cristian Ciocaltea @ 2019-12-30 1:34 UTC (permalink / raw)
To: u-boot
Currently the only way to run an EFI binary like GRUB2 is via the
'bootefi' command, which cannot be used in a verified boot scenario.
The obvious solution to this limitation is to add support for
booting FIT images containing those EFI binaries.
The implementation relies on a new image type - IH_OS_EFI - which
can be created by using 'os = "efi"' inside an ITS file:
/ {
#address-cells = <1>;
images {
efi-grub {
description = "GRUB EFI";
data = /incbin/("bootarm.efi");
type = "kernel_noload";
arch = "arm";
os = "efi";
compression = "none";
load = <0x0>;
entry = <0x0>;
hash-1 {
algo = "sha256";
};
};
};
configurations {
default = "config-grub";
config-grub {
kernel = "efi-grub";
signature-1 {
algo = "sha256,rsa2048";
sign-images = "kernel";
};
};
};
};
The bootm command has been extended to handle the IH_OS_EFI images.
To enable this feature, a new configuration option has been added:
BOOTM_EFI
I tested the solution using the 'qemu_arm' board:
=> load scsi 0:1 ${kernel_addr_r} efi-image.fit
=> bootm ${kernel_addr_r}#config-grub
Changes in v5:
* Update the definition of BOOTM_EFI: move content right after
CMD_BOOTM, improve description and help text, fix dependency
* Change the type of the 'addr' field inside 'env__efi_fit_tftp_file'
dictionary from string to integer, currently tested on: sandbox,
qemu_arm, qemu_arm64
Changes in v4:
* Extend the python test to also run on real hardware, currently
tested on qemu_arm
Changes in v3:
* Rebase patches on Heinrich Schuchardt's patch series v3:
efi_loader: prepare for FIT images
https://lists.denx.de/pipermail/u-boot/2019-December/393677.html
This fixes implicitly the sandbox issue 'phys_to_virt: Cannot map
sandbox address' since efi_install_fdt() is now expecting a pointer
to addressable memory instead of a physical address.
* Get rid of 'EFI/BOOT/' prefix used in ITS samples
* Add a python test to verify the implementation in sandbox environment
Changes in v2:
* Rebase patches on Heinrich Schuchardt's patch series:
efi_loader: prepare for FIT images
https://lists.denx.de/pipermail/u-boot/2019-December/393192.html
* Add sample configuration: doc/uImage.FIT/uefi.its
* Update uefi documentation: doc/uefi/uefi.rst
Cristian Ciocaltea (5):
image: Add IH_OS_EFI for EFI chain-load boot
bootm: Add a bootm command for type IH_OS_EFI
doc: Add sample uefi.its image description file
doc: uefi.rst: Document launching UEFI binaries from FIT images
test/py: Create a test for launching UEFI binaries from FIT images
cmd/Kconfig | 7 +
common/bootm_os.c | 56 +++++
common/image-fit.c | 3 +-
common/image.c | 1 +
doc/uImage.FIT/uefi.its | 67 +++++
doc/uefi/uefi.rst | 34 +++
include/image.h | 1 +
test/py/tests/test_efi_fit.py | 458 ++++++++++++++++++++++++++++++++++
8 files changed, 626 insertions(+), 1 deletion(-)
create mode 100644 doc/uImage.FIT/uefi.its
create mode 100644 test/py/tests/test_efi_fit.py
--
2.17.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v5 1/5] image: Add IH_OS_EFI for EFI chain-load boot
2019-12-30 1:34 [PATCH v5 0/5] Add support for booting EFI FIT images Cristian Ciocaltea
@ 2019-12-30 1:34 ` Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 2/5] bootm: Add a bootm command for type IH_OS_EFI Cristian Ciocaltea
` (3 subsequent siblings)
4 siblings, 0 replies; 7+ messages in thread
From: Cristian Ciocaltea @ 2019-12-30 1:34 UTC (permalink / raw)
To: u-boot
Add a new OS type to be used for chain-loading an EFI compatible
firmware or boot loader like GRUB2, possibly in a verified boot
scenario.
Bellow is sample ITS file that generates a FIT image supporting
secure boot. Please note the presence of 'os = "efi";' line, which
identifies the currently introduced OS type:
/ {
#address-cells = <1>;
images {
efi-grub {
description = "GRUB EFI";
data = /incbin/("bootarm.efi");
type = "kernel_noload";
arch = "arm";
os = "efi";
compression = "none";
load = <0x0>;
entry = <0x0>;
hash-1 {
algo = "sha256";
};
};
};
configurations {
default = "config-grub";
config-grub {
kernel = "efi-grub";
signature-1 {
algo = "sha256,rsa2048";
sign-images = "kernel";
};
};
};
};
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
common/image-fit.c | 3 ++-
common/image.c | 1 +
include/image.h | 1 +
3 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/common/image-fit.c b/common/image-fit.c
index c52f945120..231612ff5f 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -1926,7 +1926,8 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
image_type == IH_TYPE_FPGA ||
fit_image_check_os(fit, noffset, IH_OS_LINUX) ||
fit_image_check_os(fit, noffset, IH_OS_U_BOOT) ||
- fit_image_check_os(fit, noffset, IH_OS_OPENRTOS);
+ fit_image_check_os(fit, noffset, IH_OS_OPENRTOS) ||
+ fit_image_check_os(fit, noffset, IH_OS_EFI);
/*
* If either of the checks fail, we should report an error, but
diff --git a/common/image.c b/common/image.c
index eb626dcac9..75d5dd944f 100644
--- a/common/image.c
+++ b/common/image.c
@@ -137,6 +137,7 @@ static const table_entry_t uimage_os[] = {
{ IH_OS_OPENRTOS, "openrtos", "OpenRTOS", },
#endif
{ IH_OS_OPENSBI, "opensbi", "RISC-V OpenSBI", },
+ { IH_OS_EFI, "efi", "EFI Firmware" },
{ -1, "", "", },
};
diff --git a/include/image.h b/include/image.h
index f4d2aaf53e..4a280b78e7 100644
--- a/include/image.h
+++ b/include/image.h
@@ -157,6 +157,7 @@ enum {
IH_OS_ARM_TRUSTED_FIRMWARE, /* ARM Trusted Firmware */
IH_OS_TEE, /* Trusted Execution Environment */
IH_OS_OPENSBI, /* RISC-V OpenSBI */
+ IH_OS_EFI, /* EFI Firmware (e.g. GRUB2) */
IH_OS_COUNT,
};
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v5 2/5] bootm: Add a bootm command for type IH_OS_EFI
2019-12-30 1:34 [PATCH v5 0/5] Add support for booting EFI FIT images Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 1/5] image: Add IH_OS_EFI for EFI chain-load boot Cristian Ciocaltea
@ 2019-12-30 1:34 ` Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 3/5] doc: Add sample uefi.its image description file Cristian Ciocaltea
` (2 subsequent siblings)
4 siblings, 0 replies; 7+ messages in thread
From: Cristian Ciocaltea @ 2019-12-30 1:34 UTC (permalink / raw)
To: u-boot
Add support for booting EFI binaries contained in FIT images.
A typical usage scenario is chain-loading GRUB2 in a verified
boot environment.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
cmd/Kconfig | 7 ++++++
common/bootm_os.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 63 insertions(+)
diff --git a/cmd/Kconfig b/cmd/Kconfig
index 1e4cf146c5..4394bb8e51 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -251,6 +251,13 @@ config CMD_BOOTM
help
Boot an application image from the memory.
+config BOOTM_EFI
+ bool "Support booting UEFI FIT images"
+ depends on CMD_BOOTEFI && CMD_BOOTM && FIT
+ default y
+ help
+ Support booting UEFI FIT images via the bootm command.
+
config CMD_BOOTZ
bool "bootz"
help
diff --git a/common/bootm_os.c b/common/bootm_os.c
index d89ddc32b0..1d58462509 100644
--- a/common/bootm_os.c
+++ b/common/bootm_os.c
@@ -7,10 +7,12 @@
#include <common.h>
#include <bootm.h>
#include <cpu_func.h>
+#include <efi_loader.h>
#include <env.h>
#include <fdt_support.h>
#include <linux/libfdt.h>
#include <malloc.h>
+#include <mapmem.h>
#include <vxworks.h>
#include <tee/optee.h>
@@ -498,6 +500,57 @@ static int do_bootm_tee(int flag, int argc, char * const argv[],
}
#endif
+#ifdef CONFIG_BOOTM_EFI
+static int do_bootm_efi(int flag, int argc, char * const argv[],
+ bootm_headers_t *images)
+{
+ int ret;
+ efi_status_t efi_ret;
+ void *image_buf;
+
+ if (flag != BOOTM_STATE_OS_GO)
+ return 0;
+
+ /* Locate FDT, if provided */
+ ret = bootm_find_images(flag, argc, argv);
+ if (ret)
+ return ret;
+
+ /* Initialize EFI drivers */
+ efi_ret = efi_init_obj_list();
+ if (efi_ret != EFI_SUCCESS) {
+ printf("## Failed to initialize UEFI sub-system: r = %lu\n",
+ efi_ret & ~EFI_ERROR_MASK);
+ return 1;
+ }
+
+ /* Install device tree */
+ efi_ret = efi_install_fdt(images->ft_len
+ ? images->ft_addr : EFI_FDT_USE_INTERNAL);
+ if (efi_ret != EFI_SUCCESS) {
+ printf("## Failed to install device tree: r = %lu\n",
+ efi_ret & ~EFI_ERROR_MASK);
+ return 1;
+ }
+
+ /* Run EFI image */
+ printf("## Transferring control to EFI (at address %08lx) ...\n",
+ images->ep);
+ bootstage_mark(BOOTSTAGE_ID_RUN_OS);
+
+ image_buf = map_sysmem(images->ep, images->os.image_len);
+
+ efi_ret = efi_run_image(image_buf, images->os.image_len);
+ if (efi_ret != EFI_SUCCESS) {
+ printf("## Failed to run EFI image: r = %lu\n",
+ efi_ret & ~EFI_ERROR_MASK);
+ return 1;
+ }
+
+ return 0;
+}
+#endif
+
static boot_os_fn *boot_os[] = {
[IH_OS_U_BOOT] = do_bootm_standalone,
#ifdef CONFIG_BOOTM_LINUX
@@ -534,6 +587,9 @@ static boot_os_fn *boot_os[] = {
#ifdef CONFIG_BOOTM_OPTEE
[IH_OS_TEE] = do_bootm_tee,
#endif
+#ifdef CONFIG_BOOTM_EFI
+ [IH_OS_EFI] = do_bootm_efi,
+#endif
};
/* Allow for arch specific config before we boot */
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v5 3/5] doc: Add sample uefi.its image description file
2019-12-30 1:34 [PATCH v5 0/5] Add support for booting EFI FIT images Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 1/5] image: Add IH_OS_EFI for EFI chain-load boot Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 2/5] bootm: Add a bootm command for type IH_OS_EFI Cristian Ciocaltea
@ 2019-12-30 1:34 ` Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 4/5] doc: uefi.rst: Document launching UEFI binaries from FIT images Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 5/5] test/py: Create a test for " Cristian Ciocaltea
4 siblings, 0 replies; 7+ messages in thread
From: Cristian Ciocaltea @ 2019-12-30 1:34 UTC (permalink / raw)
To: u-boot
This patch adds an example FIT image description file demonstrating
the usage of bootm command to securely launch UEFI binaries.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
doc/uImage.FIT/uefi.its | 67 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 67 insertions(+)
create mode 100644 doc/uImage.FIT/uefi.its
diff --git a/doc/uImage.FIT/uefi.its b/doc/uImage.FIT/uefi.its
new file mode 100644
index 0000000000..378ca4ed8d
--- /dev/null
+++ b/doc/uImage.FIT/uefi.its
@@ -0,0 +1,67 @@
+/*
+ * Example FIT image description file demonstrating the usage of the
+ * bootm command to launch UEFI binaries.
+ *
+ * Two boot configurations are available to enable booting GRUB2 on QEMU,
+ * the former uses a FDT blob contained in the FIT image, while the later
+ * relies on the FDT provided by the board emulator.
+ */
+
+/dts-v1/;
+
+/ {
+ description = "GRUB2 EFI and QEMU FDT blob";
+ #address-cells = <1>;
+
+ images {
+ efi-grub {
+ description = "GRUB EFI Firmware";
+ data = /incbin/("bootarm.efi");
+ type = "kernel_noload";
+ arch = "arm";
+ os = "efi";
+ compression = "none";
+ load = <0x0>;
+ entry = <0x0>;
+ hash-1 {
+ algo = "sha256";
+ };
+ };
+
+ fdt-qemu {
+ description = "QEMU DTB";
+ data = /incbin/("qemu-arm.dtb");
+ type = "flat_dt";
+ arch = "arm";
+ compression = "none";
+ hash-1 {
+ algo = "sha256";
+ };
+ };
+ };
+
+ configurations {
+ default = "config-grub-fdt";
+
+ config-grub-fdt {
+ description = "GRUB EFI Boot w/ FDT";
+ kernel = "efi-grub";
+ fdt = "fdt-qemu";
+ signature-1 {
+ algo = "sha256,rsa2048";
+ key-name-hint = "dev";
+ sign-images = "kernel", "fdt";
+ };
+ };
+
+ config-grub-nofdt {
+ description = "GRUB EFI Boot w/o FDT";
+ kernel = "efi-grub";
+ signature-1 {
+ algo = "sha256,rsa2048";
+ key-name-hint = "dev";
+ sign-images = "kernel";
+ };
+ };
+ };
+};
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v5 4/5] doc: uefi.rst: Document launching UEFI binaries from FIT images
2019-12-30 1:34 [PATCH v5 0/5] Add support for booting EFI FIT images Cristian Ciocaltea
` (2 preceding siblings ...)
2019-12-30 1:34 ` [PATCH v5 3/5] doc: Add sample uefi.its image description file Cristian Ciocaltea
@ 2019-12-30 1:34 ` Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 5/5] test/py: Create a test for " Cristian Ciocaltea
4 siblings, 0 replies; 7+ messages in thread
From: Cristian Ciocaltea @ 2019-12-30 1:34 UTC (permalink / raw)
To: u-boot
This patch adds a new section "Launching a UEFI binary from a FIT image"
documenting the usage of the CONFIG_BOOTM_EFI extension to bootm command
that offers a verified boot alternative for UEFI binaries such as GRUB2.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
doc/uefi/uefi.rst | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/doc/uefi/uefi.rst b/doc/uefi/uefi.rst
index db942df694..a8fd886d6b 100644
--- a/doc/uefi/uefi.rst
+++ b/doc/uefi/uefi.rst
@@ -63,6 +63,40 @@ The environment variable 'bootargs' is passed as load options in the UEFI system
table. The Linux kernel EFI stub uses the load options as command line
arguments.
+Launching a UEFI binary from a FIT image
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+A signed FIT image can be used to securely boot a UEFI image via the
+bootm command. This feature is available if U-Boot is configured with::
+
+ CONFIG_BOOTM_EFI=y
+
+A sample configuration is provided as file doc/uImage.FIT/uefi.its.
+
+Below you find the output of an example session starting GRUB::
+
+ => load mmc 0:1 ${kernel_addr_r} image.fit
+ 4620426 bytes read in 83 ms (53.1 MiB/s)
+ => bootm ${kernel_addr_r}#config-grub-nofdt
+ ## Loading kernel from FIT Image at 40400000 ...
+ Using 'config-grub-nofdt' configuration
+ Verifying Hash Integrity ... sha256,rsa2048:dev+ OK
+ Trying 'efi-grub' kernel subimage
+ Description: GRUB EFI Firmware
+ Created: 2019-11-20 8:18:16 UTC
+ Type: Kernel Image (no loading done)
+ Compression: uncompressed
+ Data Start: 0x404000d0
+ Data Size: 450560 Bytes = 440 KiB
+ Hash algo: sha256
+ Hash value: 4dbee00021112df618f58b3f7cf5e1595533d543094064b9ce991e8b054a9eec
+ Verifying Hash Integrity ... sha256+ OK
+ XIP Kernel Image (no loading done)
+ ## Transferring control to EFI (at address 404000d0) ...
+ Welcome to GRUB!
+
+See doc/uImage.FIT/howto.txt for an introduction to FIT images.
+
Executing the boot manager
~~~~~~~~~~~~~~~~~~~~~~~~~~
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v5 5/5] test/py: Create a test for launching UEFI binaries from FIT images
2019-12-30 1:34 [PATCH v5 0/5] Add support for booting EFI FIT images Cristian Ciocaltea
` (3 preceding siblings ...)
2019-12-30 1:34 ` [PATCH v5 4/5] doc: uefi.rst: Document launching UEFI binaries from FIT images Cristian Ciocaltea
@ 2019-12-30 1:34 ` Cristian Ciocaltea
2019-12-30 10:02 ` Heinrich Schuchardt
4 siblings, 1 reply; 7+ messages in thread
From: Cristian Ciocaltea @ 2019-12-30 1:34 UTC (permalink / raw)
To: u-boot
This test verifies the implementation of the 'bootm' extension that
handles UEFI binaries inside FIT images (enabled via CONFIG_BOOTM_EFI).
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
---
test/py/tests/test_efi_fit.py | 458 ++++++++++++++++++++++++++++++++++
1 file changed, 458 insertions(+)
create mode 100644 test/py/tests/test_efi_fit.py
diff --git a/test/py/tests/test_efi_fit.py b/test/py/tests/test_efi_fit.py
new file mode 100644
index 0000000000..6986b2d35c
--- /dev/null
+++ b/test/py/tests/test_efi_fit.py
@@ -0,0 +1,458 @@
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2019, Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
+#
+# Work based on:
+# - test_net.py
+# Copyright (c) 2016, NVIDIA CORPORATION. All rights reserved.
+# - test_fit.py
+# Copyright (c) 2013, Google Inc.
+#
+# Test launching UEFI binaries from FIT images.
+
+import os.path
+import pytest
+import u_boot_utils as util
+
+"""
+Note: This test relies on boardenv_* containing configuration values to define
+which network environment is available for testing. Without this, the parts
+that rely on network will be automatically skipped.
+
+For example:
+
+# Boolean indicating whether the Ethernet device is attached to USB, and hence
+# USB enumeration needs to be performed prior to network tests.
+# This variable may be omitted if its value is False.
+env__net_uses_usb = False
+
+# Boolean indicating whether the Ethernet device is attached to PCI, and hence
+# PCI enumeration needs to be performed prior to network tests.
+# This variable may be omitted if its value is False.
+env__net_uses_pci = True
+
+# True if a DHCP server is attached to the network, and should be tested.
+# If DHCP testing is not possible or desired, this variable may be omitted or
+# set to False.
+env__net_dhcp_server = True
+
+# A list of environment variables that should be set in order to configure a
+# static IP. If solely relying on DHCP, this variable may be omitted or set to
+# an empty list.
+env__net_static_env_vars = [
+ ('ipaddr', '10.0.0.100'),
+ ('netmask', '255.255.255.0'),
+ ('serverip', '10.0.0.1'),
+]
+
+# Details regarding a file that may be read from a TFTP server. This variable
+# may be omitted or set to None if TFTP testing is not possible or desired.
+# Additionally, when the 'size' is not available, the file will be generated
+# automatically in the TFTP root directory, as specified by the 'dn' field.
+env__efi_fit_tftp_file = {
+ 'fn': 'test-efi-fit.img', # File path relative to TFTP root
+ 'size': 3831, # File size
+ 'crc32': '9fa3f79c', # Checksum using CRC-32 algorithm, optional
+ 'addr': 0x40400000, # Loading address, integer, optional
+ 'dn': 'tftp/root/dir', # TFTP root directory path, optional
+}
+"""
+
+# Define the parametrized ITS data to be used for FIT images generation.
+its_data = '''
+/dts-v1/;
+
+/ {
+ description = "EFI image with FDT blob";
+ #address-cells = <1>;
+
+ images {
+ efi {
+ description = "Test EFI";
+ data = /incbin/("%(efi-bin)s");
+ type = "%(kernel-type)s";
+ arch = "%(sys-arch)s";
+ os = "efi";
+ compression = "%(efi-comp)s";
+ load = <0x0>;
+ entry = <0x0>;
+ };
+ fdt {
+ description = "Test FDT";
+ data = /incbin/("%(fdt-bin)s");
+ type = "flat_dt";
+ arch = "%(sys-arch)s";
+ compression = "%(fdt-comp)s";
+ };
+ };
+
+ configurations {
+ default = "config-efi-fdt";
+ config-efi-fdt {
+ description = "EFI FIT w/ FDT";
+ kernel = "efi";
+ fdt = "fdt";
+ };
+ config-efi-nofdt {
+ description = "EFI FIT w/o FDT";
+ kernel = "efi";
+ };
+ };
+};
+'''
+
+# Define the parametrized FDT data to be used for DTB images generation.
+fdt_data = '''
+/dts-v1/;
+
+/ {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ model = "%(sys-arch)s %(fdt_type)s EFI FIT Boot Test";
+ compatible = "%(sys-arch)s";
+
+ reset at 0 {
+ compatible = "%(sys-arch)s,reset";
+ reg = <0>;
+ };
+};
+'''
+
+ at pytest.mark.buildconfigspec('bootm_efi')
+ at pytest.mark.buildconfigspec('cmd_bootefi_hello_compile')
+ at pytest.mark.buildconfigspec('fit')
+ at pytest.mark.notbuildconfigspec('generate_acpi_table')
+ at pytest.mark.requiredtool('dtc')
+def test_efi_fit_launch(u_boot_console):
+ """Test handling of UEFI binaries inside FIT images.
+
+ The tests are trying to launch U-Boot's helloworld.efi embedded into
+ FIT images, in uncompressed or gzip compressed format.
+
+ Additionally, a sample FDT blob is created and embedded into the above
+ mentioned FIT images, in uncompressed or gzip compressed format.
+
+ For more details, see launch_efi().
+
+ The following test cases are currently defined and enabled:
+ - Launch uncompressed FIT EFI & internal FDT
+ - Launch uncompressed FIT EFI & FIT FDT
+ - Launch compressed FIT EFI & internal FDT
+ - Launch compressed FIT EFI & FIT FDT
+ """
+
+ def net_pre_commands():
+ """Execute any commands required to enable network hardware.
+
+ These commands are provided by the boardenv_* file; see the comment
+ at the beginning of this file.
+ """
+
+ init_usb = cons.config.env.get('env__net_uses_usb', False)
+ if init_usb:
+ cons.run_command('usb start')
+
+ init_pci = cons.config.env.get('env__net_uses_pci', False)
+ if init_pci:
+ cons.run_command('pci enum')
+
+ def net_dhcp():
+ """Execute the dhcp command.
+
+ The boardenv_* file may be used to enable/disable DHCP; see the
+ comment at the beginning of this file.
+ """
+
+ has_dhcp = cons.config.buildconfig.get('config_cmd_dhcp', 'n') == 'y'
+ if not has_dhcp:
+ cons.log.warning('CONFIG_CMD_DHCP != y: Skipping DHCP network setup')
+ return False
+
+ test_dhcp = cons.config.env.get('env__net_dhcp_server', False)
+ if not test_dhcp:
+ cons.log.info('No DHCP server available')
+ return False
+
+ cons.run_command('setenv autoload no')
+ output = cons.run_command('dhcp')
+ assert 'DHCP client bound to address ' in output
+ return True
+
+ def net_setup_static():
+ """Set up a static IP configuration.
+
+ The configuration is provided by the boardenv_* file; see the comment at
+ the beginning of this file.
+ """
+
+ has_dhcp = cons.config.buildconfig.get('config_cmd_dhcp', 'n') == 'y'
+ if not has_dhcp:
+ cons.log.warning('CONFIG_NET != y: Skipping static network setup')
+ return False
+
+ env_vars = cons.config.env.get('env__net_static_env_vars', None)
+ if not env_vars:
+ cons.log.info('No static network configuration is defined')
+ return False
+
+ for (var, val) in env_vars:
+ cons.run_command('setenv %s %s' % (var, val))
+ return True
+
+ def make_fpath(fname):
+ """Compute the path of a given (temporary) file.
+
+ Args:
+ fname: The name of a file within U-Boot build dir.
+ Return:
+ The computed file path.
+ """
+
+ return os.path.join(cons.config.build_dir, fname)
+
+ def make_efi(fname, comp):
+ """Create an UEFI binary.
+
+ This simply copies lib/efi_loader/helloworld.efi into U-Boot
+ build dir and, optionally, compresses the file using gzip.
+
+ Args:
+ fname: The target file name within U-Boot build dir.
+ comp: Flag to enable gzip compression.
+ Return:
+ The path of the created file.
+ """
+
+ bin_path = make_fpath(fname)
+ util.run_and_log(cons,
+ ['cp', make_fpath('lib/efi_loader/helloworld.efi'), bin_path])
+ if comp:
+ util.run_and_log(cons, ['gzip', '-f', bin_path])
+ bin_path += '.gz'
+ return bin_path
+
+ def make_dtb(fdt_type, comp):
+ """Create a sample DTB file.
+
+ Creates a DTS file and compiles it to a DTB.
+
+ Args:
+ fdt_type: The type of the FDT, i.e. internal, user.
+ comp: Flag to enable gzip compression.
+ Return:
+ The path of the created file.
+ """
+
+ # Generate resources referenced by FDT.
+ fdt_params = {
+ 'sys-arch': sys_arch,
+ 'fdt_type': fdt_type,
+ }
+
+ # Generate a test FDT file.
+ dts = make_fpath('test-efi-fit-%s.dts' % fdt_type)
+ with open(dts, 'w') as fd:
+ fd.write(fdt_data % fdt_params)
+
+ # Build the test FDT.
+ dtb = make_fpath('test-efi-fit-%s.dtb' % fdt_type)
+ util.run_and_log(cons, ['dtc', '-I', 'dts', '-O', 'dtb', '-o', dtb, dts])
+ if comp:
+ util.run_and_log(cons, ['gzip', '-f', dtb])
+ dtb += '.gz'
+ return dtb
+
+ def make_fit(comp):
+ """Create a sample FIT image.
+
+ Runs 'mkimage' to create a FIT image within U-Boot build dir.
+ Args:
+ comp: Enable gzip compression for the EFI binary and FDT blob.
+ Return:
+ The path of the created file.
+ """
+
+ # Generate resources referenced by ITS.
+ its_params = {
+ 'sys-arch': sys_arch,
+ 'efi-bin': os.path.basename(make_efi('test-efi-fit-helloworld.efi', comp)),
+ 'kernel-type': 'kernel' if comp else 'kernel_noload',
+ 'efi-comp': 'gzip' if comp else 'none',
+ 'fdt-bin': os.path.basename(make_dtb('user', comp)),
+ 'fdt-comp': 'gzip' if comp else 'none',
+ }
+
+ # Generate a test ITS file.
+ its_path = make_fpath('test-efi-fit-helloworld.its')
+ with open(its_path, 'w') as fd:
+ fd.write(its_data % its_params)
+
+ # Build the test ITS.
+ fit_path = make_fpath('test-efi-fit-helloworld.fit')
+ util.run_and_log(
+ cons, [make_fpath('tools/mkimage'), '-f', its_path, fit_path])
+ return fit_path
+
+ def load_fit_from_host(f):
+ """Load the FIT image using the 'host load' command and return its address.
+
+ Args:
+ f: Dictionary describing the FIT image to load, see env__efi_fit_test_file
+ in the comment at the beginning of this file.
+ Return:
+ The address where the file has been loaded.
+ """
+
+ addr = f.get('addr', None)
+ if not addr:
+ addr = util.find_ram_base(cons)
+
+ output = cons.run_command(
+ 'host load hostfs - %x %s/%s' % (addr, f['dn'], f['fn']))
+ expected_text = ' bytes read'
+ sz = f.get('size', None)
+ if sz:
+ expected_text = '%d' % sz + expected_text
+ assert(expected_text in output)
+
+ return addr
+
+ def load_fit_from_tftp(f):
+ """Load the FIT image using the tftpboot command and return its address.
+
+ The file is downloaded from the TFTP server, its size and optionally its
+ CRC32 are validated.
+
+ Args:
+ f: Dictionary describing the FIT image to load, see env__efi_fit_tftp_file
+ in the comment at the beginning of this file.
+ Return:
+ The address where the file has been loaded.
+ """
+
+ addr = f.get('addr', None)
+ if not addr:
+ addr = util.find_ram_base(cons)
+
+ fn = f['fn']
+ output = cons.run_command('tftpboot %x %s' % (addr, fn))
+ expected_text = 'Bytes transferred = '
+ sz = f.get('size', None)
+ if sz:
+ expected_text += '%d' % sz
+ assert expected_text in output
+
+ expected_crc = f.get('crc32', None)
+ if not expected_crc:
+ return addr
+
+ if cons.config.buildconfig.get('config_cmd_crc32', 'n') != 'y':
+ return addr
+
+ output = cons.run_command('crc32 $fileaddr $filesize')
+ assert expected_crc in output
+
+ return addr
+
+ def launch_efi(enable_fdt, enable_comp):
+ """Launch U-Boot's helloworld.efi binary from a FIT image.
+
+ An external image file can be downloaded from TFTP, when related
+ details are provided by the boardenv_* file; see the comment at the
+ beginning of this file.
+
+ If the size of the TFTP file is not provided within env__efi_fit_tftp_file,
+ the test image is generated automatically and placed in the TFTP root
+ directory specified via the 'dn' field.
+
+ When running the tests on Sandbox, the image file is loaded directly
+ from the host filesystem.
+
+ Once the load address is available on U-Boot console, the 'bootm'
+ command is executed for either 'config-efi-fdt' or 'config-efi-nofdt'
+ FIT configuration, depending on the value of the 'enable_fdt' function
+ argument.
+
+ Eventually the 'Hello, world' message is expected in the U-Boot console.
+
+ Args:
+ enable_fdt: Flag to enable using the FDT blob inside FIT image.
+ enable_comp: Flag to enable GZIP compression on EFI and FDT
+ generated content.
+ """
+
+ with cons.log.section('FDT=%s;COMP=%s' % (enable_fdt, enable_comp)):
+ if is_sandbox:
+ fit = {
+ 'dn': cons.config.build_dir,
+ }
+ else:
+ # Init networking.
+ net_pre_commands()
+ net_set_up = net_dhcp()
+ net_set_up = net_setup_static() or net_set_up
+ if not net_set_up:
+ pytest.skip('Network not initialized')
+
+ fit = cons.config.env.get('env__efi_fit_tftp_file', None)
+ if not fit:
+ pytest.skip('No env__efi_fit_tftp_file binary specified in environment')
+
+ sz = fit.get('size', None)
+ if not sz:
+ if not fit.get('dn', None):
+ pytest.skip('Neither "size", nor "dn" info provided in env__efi_fit_tftp_file')
+
+ # Create test FIT image.
+ fit_path = make_fit(enable_comp)
+ fit['fn'] = os.path.basename(fit_path)
+ fit['size'] = os.path.getsize(fit_path)
+
+ # Copy image to TFTP root directory.
+ if fit['dn'] != cons.config.build_dir:
+ util.run_and_log(cons, ['mv', '-f', fit_path, '%s/' % fit['dn']])
+
+ # Load FIT image.
+ addr = load_fit_from_host(fit) if is_sandbox else load_fit_from_tftp(fit)
+
+ # Select boot configuration.
+ fit_config = 'config-efi-fdt' if enable_fdt else 'config-efi-nofdt'
+
+ # Try booting.
+ cons.run_command(
+ 'bootm %x#%s' % (addr, fit_config), wait_for_prompt=False)
+ if enable_fdt:
+ cons.wait_for('Booting using the fdt blob')
+ cons.wait_for('Hello, world')
+ cons.wait_for('## Application terminated, r = 0')
+ cons.restart_uboot();
+
+ cons = u_boot_console
+ # Array slice removes leading/trailing quotes.
+ sys_arch = cons.config.buildconfig.get('config_sys_arch', '"sandbox"')[1:-1]
+ is_sandbox = sys_arch == 'sandbox'
+
+ try:
+ if is_sandbox:
+ # Use our own device tree file, will be restored afterwards.
+ control_dtb = make_dtb('internal', False)
+ old_dtb = cons.config.dtb
+ cons.config.dtb = control_dtb
+
+ # Run tests
+ # - fdt OFF, gzip OFF
+ launch_efi(False, False)
+ # - fdt ON, gzip OFF
+ launch_efi(True, False)
+
+ if is_sandbox:
+ # - fdt OFF, gzip ON
+ launch_efi(False, True)
+ # - fdt ON, gzip ON
+ launch_efi(True, True)
+
+ finally:
+ if is_sandbox:
+ # Go back to the original U-Boot with the correct dtb.
+ cons.config.dtb = old_dtb
+ cons.restart_uboot()
--
2.17.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v5 5/5] test/py: Create a test for launching UEFI binaries from FIT images
2019-12-30 1:34 ` [PATCH v5 5/5] test/py: Create a test for " Cristian Ciocaltea
@ 2019-12-30 10:02 ` Heinrich Schuchardt
0 siblings, 0 replies; 7+ messages in thread
From: Heinrich Schuchardt @ 2019-12-30 10:02 UTC (permalink / raw)
To: u-boot
On 12/30/19 2:34 AM, Cristian Ciocaltea wrote:
> This test verifies the implementation of the 'bootm' extension that
> handles UEFI binaries inside FIT images (enabled via CONFIG_BOOTM_EFI).
>
> Signed-off-by: Cristian Ciocaltea<cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2019-12-30 10:02 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-30 1:34 [PATCH v5 0/5] Add support for booting EFI FIT images Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 1/5] image: Add IH_OS_EFI for EFI chain-load boot Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 2/5] bootm: Add a bootm command for type IH_OS_EFI Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 3/5] doc: Add sample uefi.its image description file Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 4/5] doc: uefi.rst: Document launching UEFI binaries from FIT images Cristian Ciocaltea
2019-12-30 1:34 ` [PATCH v5 5/5] test/py: Create a test for " Cristian Ciocaltea
2019-12-30 10:02 ` Heinrich Schuchardt
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.