The use of strcpy() to remove characters at the start of a string is safe
in U-Boot, since we know the implementation. But in os.c we are using the
C library's strcpy() function, where this behaviour is not permitted.
Update the code to use memmove() instead.
Reported-by: Coverity (CID: 173279)
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
Most architectures use jump_to_image_no_args() to jump from SPL to U-Boot.
At present sandbox is special in that it jumps in its
spl_board_load_image() call. This is not strictly correct, and means that
sandbox misses out some parts of board_init_r(), just as calling
bloblist_finish(), for example.
Change spl_board_load_image() to just identify the filename to boot, and
implement jump_to_image_no_args() to actually jump to it.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current method of starting U-Boot from U-Boot adds arguments to pass
the memory file through, so that memory is preserved. This is fine for a
single call, but if we call from TPL -> SPL -> U-Boot the arguments build
up and we have several memory files in the argument list.
Adjust the implementation to filter out arguments that we want to replace
with new ones. Also print a useful error if the exec() call fails.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present sandbox calls malloc() from various places in the OS layer and
this results in calls to U-Boot's malloc() implementation. It is better to
use the on in the OS layer, since it does not mix allocations with the
main U-Boot code.
Fix this by replacing calls with malloc() to os_malloc(), etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
At present os_jump_to_image() jumps to a given image, and this is written
to a file. But it is useful to be able to jump to a file also.
To avoid duplicating code, split out the implementation of
os_jump_to_image() into a new function that jumps to a file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a way to read a file from the host filesystem. This can be useful for
reading test data, for example. Also fix up the writing function which was
not the right version, and drop the debugging lines.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use a starting address of 256MB which should be available. This helps to
make sandbox RAM buffers pointers more recognisable.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present sandbox sets non-blocking I/O as soon as any input is read
from the terminal. However it does not restore the previous state on
exit. Fix this and drop the old os_read_no_block() function.
This means that we always enable blocking I/O in sandbox (if input is a
terminal) whereas previously it would only happen on the first call to
tstc() or getc(). However, the difference is likely not important.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we support booting from SPL to U-Boot proper. Add support for
the previous stage too, so sandbox can be started with TPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
For debugging it is sometimes useful to write out data for inspection
using an external tool. Add a function which can write this data to a
given file.
Signed-off-by: Simon Glass <sjg@chromium.org>
On my Ubuntu 18.04.1 machine two driver-model bus tests have started
failing recently. The problem appears to be that the DATA region of the
executable is protected. This does not seem correct, but perhaps there
is a reason.
To work around it, unprotect the regions in these tests before accessing
them.
Signed-off-by: Simon Glass <sjg@chromium.org>
With efi_loader, we may want to execute payloads from RAM. By default,
permissions on the RAM region don't allow us to execute from there though.
So let's change the default allocation scheme for RAM to also allow
execution from it. That way payloads that live in U-Boot RAM can be
directly executed.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
In sandbox, longjmp returns to itself in an endless loop because
os_longjmp() calls into longjmp() which is provided by U-Boot which
again calls os_longjmp().
Setjmp on the other hand must not return because otherwise the
return freees up stack elements that we need during longjmp().
The only straight forward fix that doesn't involve nasty hacks I
could find is to directly link against the system setjmp/longjmp
implementations. That means we just provide the compiler with
hints that the symbol will be available and actually fill them
out with versions from libc.
This approach should be reasonably platform agnostic
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This function is useful to signal that the application needs to exit
immediate. It can be caught with a debugger (e.g. gdb). Add a stub for it
so that it can be called from within sandbox when an internal error
occurs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
At present the sandbox RAM buffer is not aligned to any particular
address boundary. This makes the internal pointers somewhat random with
respect to the associated RAM buffer addresses.
Align the buffer to the page size of the machine to help with this. Note
that there is a header at the start of the allocated pointer. To avoid
returning a pointer which is not aligned to a page boundary, we waste
almost an entire page of memory for each allocation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add an implementation of setjmp() and longjmp() which rely on the
underlying host C library. Since we cannot know how large the jump buffer
needs to be, pick something that should be suitable and check it at
runtime. At present we need access to the underlying struct as well.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
While sandbox works OK without the special-case code, it does result in
console output being stored in the pre-console buffer while sandbox starts
up. If there is a crash or a problem then there is no indication of what
is going on.
For ease of debugging it seems better to revert this change.
This reverts commit 47b98ad0f6.
Signed-off-by: Simon Glass <sjg@chromium.org>
Realloc does not free the old memory area if it fails.
Identified by cppcheck.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
They are unused since commit d8c6fb8ced ("sandbox: Drop special
case console code for sandbox").
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Simon Glass <sjg@chromium.org>
In os_dirent_get_typename() we are checking that type falls within the
known values of the enum os_dirent_t. With clang-3.8 testing this value
as being >= 0 results in a warning as it will always be true. This
assumes of course that we are only given valid data. Given that we want
to sanity check the input, we change this to check that it falls within
the range of the first to the last entry in the given enum.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The "hostfs ls" command prefixes each directory entry with either DIR,
LNK or " " if it is a directory, symlink resp. regular file, or
"???" for any other or unknown type.
The latter only works if the type is set correctly, as the entry defaults
to OS_FILET_REG and e.g. socket files show up as regular files.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
Using readdir_r limits the maximum file name length and may even be
unsafe, and is thus deprecated in since glibc 2.24.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
The readdir linux manpage explicitly states (quoting POSIX.1) that
sizeof(d_name) is not correct for determining the required size, but to
always use strlen. Grow the buffer if needed.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
Previously, after reading/creating the second dirent, the second entry
would be chained to the first entry and the first entry would be linked
to head. Instead, immediately link the first entry to head.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Acked-by: Simon Glass <sjg@chromium.org>
SPL is expected to load and run U-Boot. This needs to work with sandbox also.
Provide a function to locate the U-Boot image, and another to start it. This
allows SPL to function on sandbox as it does on other archs.
Signed-off-by: Simon Glass <sjg@chromium.org>
For some reason 'u-boot -D' does not restore the terminal correctly when
the 'reset' command is used. Call the terminal restore function explicitly
in this case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
This fixes the following two problems:
cppcheck reports:
[arch/sandbox/cpu/start.c:132]: (error) Uninitialized variable: err
[arch/sandbox/cpu/os.c:371]: (error) Memory leak: fname
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Wolfgang Denk <wd@denx.de>
Change the internal sandbox functions to use loff_t for file offsets.
Signed-off-by: Suriyan Ramasami <suriyan.r@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Each node in the linked-list that os_dirent_ls() returns has its next
pointer set only when the next node is created. For the last node in the
list, there is no next node, so this never happens, and the next pointer
is never initialized. Explicitly initialize the next pointer so that it
isn't dangling. Without this, "sb ls" might crash.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Acked-by: Simon Glass <sjg@chromium.org>
When jumping from one sandbox U-Boot to another in sandbox, the RAM buffer
is preserved in the jump by using a temporary file. Add an option to tell
the receiving U-Boot to remove this file when it is no longer needed.
Similarly the old U-Boot image is left behind in this case. We cannot delete
it immediately since gdb cannot then find its debug symbols. Delete it just
before exiting.
Together these changes ensure that temporary files are removed both for
memory and U-Boot.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is useful for Cltl-C to be handled by U-Boot as it is on other boards.
But it is also useful to be able to terminate U-Boot with Ctrl-C.
Add an option to enable signals while in raw mode, and make this the
default. Add an option to leave the terminal cooked, which is useful for
redirecting output.
Signed-off-by: Simon Glass <sjg@chromium.org>
For some tests it is useful to be able to run U-Boot again but pass on the
same memory contents. Add a function to achieve this.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
The unit-test for hush's "test -e" currently relies upon being run in
the U-Boot build directory, because it tests for the existence of a file
that exists in that directory.
Fix this by explicitly creating the file we use for the existence test,
and deleting it afterwards so that multiple successive unit-test
invocations succeed. This required adding an os.c function to erase
files.
Reported-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
The function os_free() returns nothing.
Its return type should be "void" rather than "void *".
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
It is useful to be able to save and restore the RAM contents of sandbox
U-Boot either for setting up tests, for later analysys, or for chaining
together multiple tests which need to keep the same memory contents.
Add a function to provide a memory file for U-Boot. This is read on
start-up and written when shutting down. If the file does not exist
on start-up, it will be created when shutting down.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
With sandbox, errors and problems may be reported before console_init_f()
is executed. For example, an argument may not parse correctly or U-Boot may
panic(). At present this output is swallowed so there is no indication what
is going wrong.
Adjust the console to deal with a very early sandbox setup, by detecting that
there is no global_data yet, and calling os functions in that case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Implement realloc() and free() for sandbox, by adding a header to each
block which contains the block size.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Che-Liang Chiou <clchiou@chromium.org>
Reviewed-by: Hung-ying Tyan <tyanh@chromium.org>
The new name is longer but more clearly related to sandbox.
This is in a separate patch within the same series since some comments on the
SPI series rely on it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Hung-ying Tyan <tyanh@chromium.org>
The uint64_t type is defined in linux/types.h, so is safer than u64, which
is not actually a Linux type.
Change-Id: Ifc9a369e6543250c49117b8d3cb3a676eee43e04
Signed-off-by: Simon Glass <sjg@chromium.org>
Support tracing on sandbox by adding suitable CONFIG options. To enable it,
compile U-Boot with FTRACE=1.
The timer functions are marked to skip tracing, since these are called from
the tracing code itself, and we want to avoid an infinite loop.
Signed-off-by: Simon Glass <sjg@chromium.org>
This implementation uses opendir()/readdir() to access the directory
information and then puts it in a linked list for the caller's use.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@ti.com>
Implements the tstc() interface for the serial driver. Multiplexing
the console between the serial port and a keyboard uses a polling
method of checking if characters are available; this means that the
serial console must be non-blocking when attempting to read
characters.
Signed-off-by: Taylor Hutt <thutt@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
This adds simple command-line parsing to sandbox. The idea is that it
sets up the state with options provided, and this state can then be
queried later, as needed.
New flags are declared with the SB_CMDLINE_OPT_SHORT helper macro,
pointers are automatically gathered up in a special section, and
then the core code takes care of gathering them up and processing
at runtime. This way there is no central place where we have to
store a list of flags with ifdefs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
This provides a way for callers to create files for writing. The flags
are translated at runtime, for the ones we support.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
