Simon Glass | 83b9be6 | 2022-04-24 23:31:26 -0600 | [diff] [blame] | 1 | .. SPDX-License-Identifier: GPL-2.0+: |
| 2 | |
| 3 | U-Boot Standard Boot |
| 4 | ==================== |
| 5 | |
| 6 | Introduction |
| 7 | ------------ |
| 8 | |
| 9 | Standard boot provides a built-in way for U-Boot to automatically boot |
| 10 | an Operating System without custom scripting and other customisation. It |
| 11 | introduces the following concepts: |
| 12 | |
| 13 | - bootdev - a device which can hold or access a distro (e.g. MMC, Ethernet) |
| 14 | - bootmeth - a method to scan a bootdev to find bootflows (e.g. distro boot) |
| 15 | - bootflow - a description of how to boot (provided by the distro) |
| 16 | |
| 17 | For Linux, the distro (Linux distribution, e.g. Debian, Fedora) is responsible |
| 18 | for creating a bootflow for each kernel combination that it wants to offer. |
| 19 | These bootflows are stored on media so they can be discovered by U-Boot. This |
| 20 | feature is typically called `distro boot` (see :doc:`distro`) because it is |
| 21 | a way for distributions to boot on any hardware. |
| 22 | |
| 23 | Traditionally U-Boot has relied on scripts to implement this feature. See |
| 24 | disto_boodcmd_ for details. This is done because U-Boot has no native support |
| 25 | for scanning devices. While the scripts work remarkably well, they can be hard |
| 26 | to understand and extend, and the feature does not include tests. They are also |
| 27 | making it difficult to move away from ad-hoc CONFIGs, since they are implemented |
| 28 | using the environment and a lot of #defines. |
| 29 | |
| 30 | Standard boot is a generalisation of distro boot. It provides a more built-in |
| 31 | way to boot with U-Boot. The feature is extensible to different Operating |
| 32 | Systems (such as Chromium OS) and devices (beyond just block and network |
| 33 | devices). It supports EFI boot and EFI bootmgr too. |
| 34 | |
| 35 | |
| 36 | Bootflow |
| 37 | -------- |
| 38 | |
| 39 | A bootflow is a file that describes how to boot a distro. Conceptually there can |
| 40 | be different formats for that file but at present U-Boot only supports the |
| 41 | BootLoaderSpec_ format. which looks something like this:: |
| 42 | |
| 43 | menu autoboot Welcome to Fedora-Workstation-armhfp-31-1.9. Automatic boot in # second{,s}. Press a key for options. |
| 44 | menu title Fedora-Workstation-armhfp-31-1.9 Boot Options. |
| 45 | menu hidden |
| 46 | |
| 47 | label Fedora-Workstation-armhfp-31-1.9 (5.3.7-301.fc31.armv7hl) |
| 48 | kernel /vmlinuz-5.3.7-301.fc31.armv7hl |
| 49 | append ro root=UUID=9732b35b-4cd5-458b-9b91-80f7047e0b8a rhgb quiet LANG=en_US.UTF-8 cma=192MB cma=256MB |
| 50 | fdtdir /dtb-5.3.7-301.fc31.armv7hl/ |
| 51 | initrd /initramfs-5.3.7-301.fc31.armv7hl.img |
| 52 | |
| 53 | As you can see it specifies a kernel, a ramdisk (initrd) and a directory from |
| 54 | which to load devicetree files. The details are described in disto_boodcmd_. |
| 55 | |
| 56 | The bootflow is provided by the distro. It is not part of U-Boot. U-Boot's job |
| 57 | is simply to interpret the file and carry out the instructions. This allows |
| 58 | distros to boot on essentially any device supported by U-Boot. |
| 59 | |
| 60 | Typically the first available bootflow is selected and booted. If that fails, |
| 61 | then the next one is tried. |
| 62 | |
| 63 | |
| 64 | Bootdev |
| 65 | ------- |
| 66 | |
| 67 | Where does U-Boot find the media that holds the operating systems? That is the |
| 68 | job of bootdev. A bootdev is simply a layer on top of a media device (such as |
| 69 | MMC, NVMe). The bootdev accesses the device, including partitions and |
| 70 | filesystems that might contain things related to an operating system. |
| 71 | |
| 72 | For example, an MMC bootdev provides access to the individual partitions on the |
| 73 | MMC device. It scans through these to find filesystems, then provides a list of |
| 74 | these for consideration. |
| 75 | |
| 76 | |
| 77 | Bootmeth |
| 78 | -------- |
| 79 | |
| 80 | Once the list of filesystems is provided, how does U-Boot find the bootflow |
| 81 | files in these filesystems. That is the job of bootmeth. Each boot method has |
| 82 | its own way of doing this. |
| 83 | |
| 84 | For example, the distro bootmeth simply looks through the provided filesystem |
| 85 | for a file called `extlinux/extlinux.conf`. This files constitutes a bootflow. |
| 86 | If the distro bootmeth is used on multiple partitions it may produce multiple |
| 87 | bootflows. |
| 88 | |
| 89 | Note: it is possible to have a bootmeth that uses a partition or a whole device |
| 90 | directly, but it is more common to use a filesystem. |
| 91 | |
| 92 | |
| 93 | Boot process |
| 94 | ------------ |
| 95 | |
| 96 | U-Boot tries to use the 'lazy init' approach whereever possible and distro boot |
| 97 | is no exception. The algorithm is:: |
| 98 | |
| 99 | while (get next bootdev) |
| 100 | while (get next bootmeth) |
| 101 | while (get next bootflow) |
| 102 | try to boot it |
| 103 | |
| 104 | So U-Boot works its way through the bootdevs, trying each bootmeth in turn to |
| 105 | obtain bootflows, until it either boots or exhausts the available options. |
| 106 | |
| 107 | Instead of 500 lines of #defines and a 4KB boot script, all that is needed is |
| 108 | the following command:: |
| 109 | |
| 110 | bootflow scan -lb |
| 111 | |
| 112 | which scans for available bootflows, optionally listing each find it finds (-l) |
| 113 | and trying to boot it (-b). |
| 114 | |
| 115 | |
| 116 | Controlling ordering |
| 117 | -------------------- |
| 118 | |
| 119 | Several options are available to control the ordering of boot scanning: |
| 120 | |
| 121 | |
| 122 | boot_targets |
| 123 | ~~~~~~~~~~~~ |
| 124 | |
| 125 | This environment variable can be used to control the list of bootdevs searched |
| 126 | and their ordering, for example:: |
| 127 | |
| 128 | setenv boot_targets "mmc0 mmc1 usb pxe" |
| 129 | |
| 130 | Entries may be removed or re-ordered in this list to affect the boot order. If |
| 131 | the variable is empty, the default ordering is used, based on the priority of |
| 132 | bootdevs and their sequence numbers. |
| 133 | |
| 134 | |
| 135 | bootmeths |
| 136 | ~~~~~~~~~ |
| 137 | |
| 138 | This environment variable can be used to control the list of bootmeths used and |
| 139 | their ordering for example:: |
| 140 | |
| 141 | setenv bootmeths "syslinux efi" |
| 142 | |
| 143 | Entries may be removed or re-ordered in this list to affect the order the |
| 144 | bootmeths are tried on each bootdev. If the variable is empty, the default |
| 145 | ordering is used, based on the bootmeth sequence numbers, which can be |
| 146 | controlled by aliases. |
| 147 | |
| 148 | The :ref:`usage/cmd/bootmeth:bootmeth command` (`bootmeth order`) operates in |
| 149 | the same way as setting this variable. |
| 150 | |
| 151 | |
| 152 | Bootdev uclass |
| 153 | -------------- |
| 154 | |
| 155 | The bootdev uclass provides an simple API call to obtain a bootflows from a |
| 156 | device:: |
| 157 | |
| 158 | int bootdev_get_bootflow(struct udevice *dev, struct bootflow_iter *iter, |
| 159 | struct bootflow *bflow); |
| 160 | |
| 161 | This takes a iterator which indicates the bootdev, partition and bootmeth to |
| 162 | use. It returns a bootflow. This is the core of the bootdev implementation. The |
| 163 | bootdev drivers that implement this differ depending on the media they are |
| 164 | reading from, but each is responsible for returning a valid bootflow if |
| 165 | available. |
| 166 | |
| 167 | A helper called `bootdev_find_in_blk()` makes it fairly easy to implement this |
| 168 | function for each media device uclass, in a few lines of code. |
| 169 | |
| 170 | |
| 171 | Bootdev drivers |
| 172 | --------------- |
| 173 | |
| 174 | A bootdev driver is typically fairly simple. Here is one for mmc:: |
| 175 | |
| 176 | static int mmc_get_bootflow(struct udevice *dev, struct bootflow_iter *iter, |
| 177 | struct bootflow *bflow) |
| 178 | { |
| 179 | struct udevice *mmc_dev = dev_get_parent(dev); |
| 180 | struct udevice *blk; |
| 181 | int ret; |
| 182 | |
| 183 | ret = mmc_get_blk(mmc_dev, &blk); |
| 184 | /* |
| 185 | * If there is no media, indicate that no more partitions should be |
| 186 | * checked |
| 187 | */ |
| 188 | if (ret == -EOPNOTSUPP) |
| 189 | ret = -ESHUTDOWN; |
| 190 | if (ret) |
| 191 | return log_msg_ret("blk", ret); |
| 192 | assert(blk); |
| 193 | ret = bootdev_find_in_blk(dev, blk, iter, bflow); |
| 194 | if (ret) |
| 195 | return log_msg_ret("find", ret); |
| 196 | |
| 197 | return 0; |
| 198 | } |
| 199 | |
| 200 | static int mmc_bootdev_bind(struct udevice *dev) |
| 201 | { |
| 202 | struct bootdev_uc_plat *ucp = dev_get_uclass_plat(dev); |
| 203 | |
| 204 | ucp->prio = BOOTDEVP_0_INTERNAL_FAST; |
| 205 | |
| 206 | return 0; |
| 207 | } |
| 208 | |
| 209 | struct bootdev_ops mmc_bootdev_ops = { |
| 210 | .get_bootflow = mmc_get_bootflow, |
| 211 | }; |
| 212 | |
| 213 | static const struct udevice_id mmc_bootdev_ids[] = { |
| 214 | { .compatible = "u-boot,bootdev-mmc" }, |
| 215 | { } |
| 216 | }; |
| 217 | |
| 218 | U_BOOT_DRIVER(mmc_bootdev) = { |
| 219 | .name = "mmc_bootdev", |
| 220 | .id = UCLASS_BOOTDEV, |
| 221 | .ops = &mmc_bootdev_ops, |
| 222 | .bind = mmc_bootdev_bind, |
| 223 | .of_match = mmc_bootdev_ids, |
| 224 | }; |
| 225 | |
| 226 | The implementation of the `get_bootflow()` method is simply to obtain the |
| 227 | block device and call a bootdev helper function to do the rest. The |
| 228 | implementation of `bootdev_find_in_blk()` checks the partition table, and |
| 229 | attempts to read a file from a filesystem on the partition number given by the |
| 230 | `@iter->part` parameter. |
| 231 | |
| 232 | Each bootdev has a priority, which indicates the order in which it is used. |
| 233 | Faster bootdevs are used first, since they are more likely to be able to boot |
| 234 | the device quickly. |
| 235 | |
| 236 | |
| 237 | Device hierarchy |
| 238 | ---------------- |
| 239 | |
| 240 | A bootdev device is a child of the media device. In this example, you can see |
| 241 | that the bootdev is a sibling of the block device and both are children of |
| 242 | media device:: |
| 243 | |
| 244 | mmc 0 [ + ] bcm2835-sdhost | |-- mmc@7e202000 |
| 245 | blk 0 [ + ] mmc_blk | | |-- mmc@7e202000.blk |
| 246 | bootdev 0 [ ] mmc_bootdev | | `-- mmc@7e202000.bootdev |
| 247 | mmc 1 [ + ] sdhci-bcm2835 | |-- sdhci@7e300000 |
| 248 | blk 1 [ ] mmc_blk | | |-- sdhci@7e300000.blk |
| 249 | bootdev 1 [ ] mmc_bootdev | | `-- sdhci@7e300000.bootdev |
| 250 | |
| 251 | The bootdev device is typically created automatically in the media uclass' |
| 252 | `post_bind()` method by calling `bootdev_setup_for_dev()`. The code typically |
| 253 | something like this:: |
| 254 | |
| 255 | ret = bootdev_setup_for_dev(dev, "eth_bootdev"); |
| 256 | if (ret) |
| 257 | return log_msg_ret("bootdev", ret); |
| 258 | |
| 259 | Here, `eth_bootdev` is the name of the Ethernet bootdev driver and `dev` |
| 260 | is the ethernet device. This function is safe to call even if standard boot is |
| 261 | not enabled, since it does nothing in that case. It can be added to all uclasses |
| 262 | which implement suitable media. |
| 263 | |
| 264 | |
| 265 | The bootstd device |
| 266 | ------------------ |
| 267 | |
| 268 | Standard boot requires a single instance of the bootstd device to make things |
| 269 | work. This includes global information about the state of standard boot. See |
| 270 | `struct bootstd_priv` for this structure, accessed with `bootstd_get_priv()`. |
| 271 | |
| 272 | Within the devicetree, if you add bootmeth devices or a system bootdev, they |
| 273 | should be children of the bootstd device. See `arch/sandbox/dts/test.dts` for |
| 274 | an example of this. |
| 275 | |
| 276 | |
| 277 | The system bootdev |
| 278 | ------------------ |
| 279 | |
| 280 | Some bootmeths don't operate on individual bootdevs, but on the whole system. |
| 281 | For example, the EFI boot manager does its own device scanning and does not |
| 282 | make use of the bootdev devices. Such bootmeths can make use of the system |
| 283 | bootdev, typically considered last, after everything else has been tried. |
| 284 | |
| 285 | |
| 286 | .. _`Automatic Devices`: |
| 287 | |
| 288 | Automatic devices |
| 289 | ----------------- |
| 290 | |
| 291 | It is possible to define all the required devices in the devicetree manually, |
| 292 | but it is not necessary. The bootstd uclass includes a `dm_scan_other()` |
| 293 | function which creates the bootstd device if not found. If no bootmeth devices |
| 294 | are found at all, it creates one for each available bootmeth driver as well as a |
| 295 | system bootdev. |
| 296 | |
| 297 | If your devicetree has any bootmeth device it must have all of them that you |
| 298 | want to use, as well as the system bootdev if needed, since no bootmeth devices |
| 299 | will be created automatically in that case. |
| 300 | |
| 301 | |
| 302 | Using devicetree |
| 303 | ---------------- |
| 304 | |
| 305 | If a bootdev is complicated or needs configuration information, it can be |
| 306 | added to the devicetree as a child of the media device. For example, imagine a |
| 307 | bootdev which reads a bootflow from SPI flash. The devicetree fragment might |
| 308 | look like this:: |
| 309 | |
| 310 | spi@0 { |
| 311 | flash@0 { |
| 312 | reg = <0>; |
| 313 | compatible = "spansion,m25p16", "jedec,spi-nor"; |
| 314 | spi-max-frequency = <40000000>; |
| 315 | |
| 316 | bootdev { |
| 317 | compatible = "u-boot,sf-bootdev"; |
| 318 | offset = <0x2000>; |
| 319 | size = <0x1000>; |
| 320 | }; |
| 321 | }; |
| 322 | }; |
| 323 | |
| 324 | The `sf-bootdev` driver can implement a way to read from the SPI flash, using |
| 325 | the offset and size provided, and return that bootflow file back to the caller. |
| 326 | When distro boot wants to read the kernel it calls disto_getfile() which must |
| 327 | provide a way to read from the SPI flash. See `distro_boot()` at distro_boot_ |
| 328 | for more details. |
| 329 | |
| 330 | Of course this is all internal to U-Boot. All the distro sees is another way |
| 331 | to boot. |
| 332 | |
| 333 | |
| 334 | Configuration |
| 335 | ------------- |
| 336 | |
| 337 | Standard boot is enabled with `CONFIG_BOOTSTD`. Each bootmeth has its own CONFIG |
| 338 | option also. For example, `CONFIG_BOOTMETH_DISTRO` enables support for distro |
| 339 | boot from a disk. |
| 340 | |
| 341 | |
| 342 | Available bootmeth drivers |
| 343 | -------------------------- |
| 344 | |
| 345 | Bootmeth drivers are provided for: |
| 346 | |
| 347 | - distro boot from a disk (syslinux) |
| 348 | - distro boot from a network (PXE) |
| 349 | - EFI boot using bootefi |
| 350 | - EFI boot using boot manager |
| 351 | |
| 352 | |
| 353 | Command interface |
| 354 | ----------------- |
| 355 | |
| 356 | Three commands are available: |
| 357 | |
| 358 | `bootdev` |
| 359 | Allows listing of available bootdevs, selecting a particular one and |
| 360 | getting information about it. See :doc:`../usage/cmd/bootdev` |
| 361 | |
| 362 | `bootflow` |
| 363 | Allows scanning one or more bootdevs for bootflows, listing available |
| 364 | bootflows, selecting one, obtaining information about it and booting it. |
| 365 | See :doc:`../usage/cmd/bootflow` |
| 366 | |
| 367 | `bootmeth` |
| 368 | Allow listing of available bootmethds and setting the order in which they |
| 369 | are tried. See :doc:`../usage/cmd/bootmeth` |
| 370 | |
| 371 | .. _BootflowStates: |
| 372 | |
| 373 | Bootflow states |
| 374 | --------------- |
| 375 | |
| 376 | Here is a list of states that a bootflow can be in: |
| 377 | |
| 378 | ======= ======================================================================= |
| 379 | State Meaning |
| 380 | ======= ======================================================================= |
| 381 | base Starting-out state, indicates that no media/partition was found. For an |
| 382 | SD card socket it may indicate that the card is not inserted. |
| 383 | media Media was found (e.g. SD card is inserted) but no partition information |
| 384 | was found. It might lack a partition table or have a read error. |
| 385 | part Partition was found but a filesystem could not be read. This could be |
| 386 | because the partition does not hold a filesystem or the filesystem is |
| 387 | very corrupted. |
| 388 | fs Filesystem was found but the file could not be read. It could be |
| 389 | missing or in the wrong subdirectory. |
| 390 | file File was found and its size detected, but it could not be read. This |
| 391 | could indicate filesystem corruption. |
| 392 | ready File was loaded and is ready for use. In this state the bootflow is |
| 393 | ready to be booted. |
| 394 | ======= ======================================================================= |
| 395 | |
| 396 | |
| 397 | Theory of operation |
| 398 | ------------------- |
| 399 | |
| 400 | This describes how standard boot progresses through to booting an operating |
| 401 | system. |
| 402 | |
| 403 | To start. all the necessary devices must be bound, including bootstd, which |
| 404 | provides the top-level `struct bootstd_priv` containing optional configuration |
| 405 | information. The bootstd device is also holds the various lists used while |
| 406 | scanning. This step is normally handled automatically by driver model, as |
| 407 | described in `Automatic Devices`_. |
| 408 | |
| 409 | Bootdevs are also required, to provide access to the media to use. These are not |
| 410 | useful by themselves: bootmeths are needed to provide the means of scanning |
| 411 | those bootdevs. So, all up, we need a single bootstd device, one or more bootdev |
| 412 | devices and one or more bootmeth devices. |
| 413 | |
| 414 | Once these are ready, typically a `bootflow scan` command is issued. This kicks |
| 415 | of the iteration process, which involves looking through the bootdevs and their |
| 416 | partitions one by one to find bootflows. |
| 417 | |
| 418 | Iteration is kicked off using `bootflow_scan_first()`, which calls |
| 419 | `bootflow_scan_bootdev()`. |
| 420 | |
| 421 | The iterator is set up with `bootflow_iter_init()`. This simply creates an |
| 422 | empty one with the given flags. Flags are used to control whether each |
| 423 | iteration is displayed, whether to return iterations even if they did not result |
| 424 | in a valid bootflow, whether to iterate through just a single bootdev, etc. |
| 425 | |
| 426 | Then the ordering of bootdevs is determined, by `bootdev_setup_iter_order()`. By |
| 427 | default, the bootdevs are used in the order specified by the `boot_targets` |
| 428 | environment variable (e.g. "mmc2 mmc0 usb"). If that is missing then their |
| 429 | sequence order is used, as determined by the `/aliases` node, or failing that |
| 430 | their order in the devicetree. For BOOTSTD_FULL, if there is a `bootdev-order` |
| 431 | property in the bootstd node, then this is used as a final fallback. In any |
| 432 | case, the iterator ends up with a `dev_order` array containing the bootdevs that |
| 433 | are going to be used, with `num_devs` set to the number of bootdevs and |
| 434 | `cur_dev` starting at 0. |
| 435 | |
| 436 | Next, the ordering of bootdevs is determined, by `bootmeth_setup_iter_order()`. |
| 437 | By default the ordering is again by sequence number, i.e. the `/aliases` node, |
| 438 | or failing that the order in the devicetree. But the `bootmeth order` command |
| 439 | or `bootmeths` environment variable can be used to set up an ordering. If that |
| 440 | has been done, the ordering is in `struct bootstd_priv`, so that ordering is |
| 441 | simply copied into the iterator. Either way, the `method_order` array it set up, |
| 442 | along with `num_methods`. Then `cur_method` is set to 0. |
| 443 | |
| 444 | At this point the iterator is ready to use, with the first bootdev and bootmeth |
| 445 | selected. All the other fields are 0. This means that the current partition is |
| 446 | 0, which is taken to mean the whole device, since partition numbers start at 1. |
| 447 | It also means that `max_part` is 0, i.e. the maximum partition number we know |
| 448 | about is 0, meaning that, as far as we know, there is no partition table on this |
| 449 | bootdev. |
| 450 | |
| 451 | With the iterator ready, `bootflow_scan_bootdev()` checks whether the current |
| 452 | settings produce a valid bootflow. This is handled by `bootflow_check()`, which |
| 453 | either returns 0 (if it got something) or an error if not (more on that later). |
| 454 | If the `BOOTFLOWF_ALL` iterator flag is set, even errors are returned as |
| 455 | incomplete bootflows, but normally an error results in moving onto the next |
| 456 | iteration. |
| 457 | |
| 458 | The `bootflow_scan_next()` function handles moving onto the next iteration and |
| 459 | checking it. In fact it sits in a loop doing that repeatedly until it finds |
| 460 | something it wants to return. |
| 461 | |
| 462 | The actual 'moving on' part is implemented in `iter_incr()`. This is a very |
| 463 | simple function. It increments the first counter. If that hits its maximum, it |
| 464 | sets it to zero and increments the second counter. You can think of all the |
| 465 | counters together as a number with three digits which increment in order, with |
| 466 | the least-sigificant digit on the right, counting like this: |
| 467 | |
| 468 | ======== ======= ======= |
| 469 | bootdev part method |
| 470 | ======== ======= ======= |
| 471 | 0 0 0 |
| 472 | 0 0 1 |
| 473 | 0 0 2 |
| 474 | 0 1 0 |
| 475 | 0 1 1 |
| 476 | 0 1 1 |
| 477 | 1 0 0 |
| 478 | 1 0 1 |
| 479 | ======== ======= ======= |
| 480 | |
| 481 | The maximum value for `method` is `num_methods - 1` so when it exceeds that, it |
| 482 | goes back to 0 and the next `part` is considered. The maximum value for that is |
| 483 | `max_part`, which is initially zero for all bootdevs. If we find a partition |
| 484 | table on that bootdev, `max_part` can be updated during the iteration to a |
| 485 | higher value - see `bootdev_find_in_blk()` for that, described later. If that |
| 486 | exceeds its maximum, then the next bootdev is used. In this way, iter_incr() |
| 487 | works its way through all possibilities, moving forward one each time it is |
| 488 | called. |
| 489 | |
| 490 | There is no expectation that iteration will actually finish. Quite often a |
| 491 | valid bootflow is found early on. With `bootflow scan -b`, that causes the |
| 492 | bootflow to be immediately booted. Assuming it is successful, the iteration never |
| 493 | completes. |
| 494 | |
| 495 | Also note that the iterator hold the **current** combination being considered. |
| 496 | So when `iter_incr()` is called, it increments to the next one and returns it, |
| 497 | the new **current** combination. |
| 498 | |
| 499 | Note also the `err` field in `struct bootflow_iter`. This is normally 0 and has |
| 500 | thus has no effect on `iter_inc()`. But if it is non-zero, signalling an error, |
| 501 | it indicates to the iterator what it should do when called. It can force moving |
| 502 | to the next partition, or bootdev, for example. The special values |
| 503 | `BF_NO_MORE_PARTS` and `BF_NO_MORE_DEVICES` handle this. When `iter_incr` sees |
| 504 | `BF_NO_MORE_PARTS` it knows that it should immediately move to the next bootdev. |
| 505 | When it sees `BF_NO_MORE_DEVICES` it knows that there is nothing more it can do |
| 506 | so it should immediately return. The caller of `iter_incr()` is responsible for |
| 507 | updating the `err` field, based on the return value it sees. |
| 508 | |
| 509 | The above describes the iteration process at a high level. It is basically a |
| 510 | very simple increment function with a checker called `bootflow_check()` that |
| 511 | checks the result of each iteration generated, to determine whether it can |
| 512 | produce a bootflow. |
| 513 | |
| 514 | So what happens inside of `bootflow_check()`? It simply calls the uclass |
| 515 | method `bootdev_get_bootflow()` to ask the bootdev to return a bootflow. It |
| 516 | passes the iterator to the bootdev method, so that function knows what we are |
| 517 | talking about. At first, the bootflow is set up in the state `BOOTFLOWST_BASE`, |
| 518 | with just the `method` and `dev` intiialised. But the bootdev may fill in more, |
| 519 | e.g. updating the state, depending on what it finds. |
| 520 | |
| 521 | Based on what the bootdev responds with, `bootflow_check()` either |
| 522 | returns a valid bootflow, or a partial one with an error. A partial bootflow |
| 523 | is one that has some fields set up, but did not reach the `BOOTFLOWST_READY` |
| 524 | state. As noted before, if the `BOOTFLOWF_ALL` iterator flag is set, then all |
| 525 | bootflows are returned, even partial ones. This can help with debugging. |
| 526 | |
| 527 | So at this point you can see that total control over whether a bootflow can |
| 528 | be generated from a particular iteration, or not, rests with the bootdev. |
| 529 | Each one can adopt its own approach. |
| 530 | |
| 531 | Going down a level, what does the bootdev do in its `get_bootflow()` method? |
| 532 | Let us consider the MMC bootdev. In that case the call to |
| 533 | `bootdev_get_bootflow()` ends up in `mmc_get_bootflow()`. It locates the parent |
| 534 | device of the bootdev, i.e. the `UCLASS_MMC` device itself, then finds the block |
| 535 | device associated with it. It then calls the helper function |
| 536 | `bootdev_find_in_blk()` to do all the work. This is common with just about any |
| 537 | bootdev that is based on a media device. |
| 538 | |
| 539 | The `bootdev_find_in_blk()` helper is implemented in the bootdev uclass. It |
| 540 | names the bootflow and copies the partition number in from the iterator. Then it |
| 541 | calls the bootmeth device to check if it can support this device. This is |
| 542 | important since some bootmeths only work with network devices, for example. If |
| 543 | that check fails, it stops. |
| 544 | |
| 545 | Assuming the bootmeth is happy, or at least indicates that it is willing to try |
| 546 | (by returning 0 from its `check()` method), the next step is to try the |
| 547 | partition. If that works it tries to detect a file system. If that works then it |
| 548 | calls the bootmeth device once more, this time to read the bootflow. |
| 549 | |
| 550 | Note: At present a filesystem is needed for the bootmeth to be called on block |
| 551 | devices, simply because we don't have any examples where this is not the case. |
| 552 | This feature can be added as needed. |
| 553 | |
| 554 | If we take the example of the `bootmeth_distro` driver, this call ends up at |
| 555 | `distro_read_bootflow()`. It has the filesystem ready, so tries various |
| 556 | filenames to try to find the `extlinux.conf` file, reading it if possible. If |
| 557 | all goes well the bootflow ends up in the `BOOTFLOWST_READY` state. |
| 558 | |
| 559 | At this point, we fall back from the bootmeth driver, to |
| 560 | `bootdev_find_in_blk()`, then back to `mmc_get_bootflow()`, then to |
| 561 | `bootdev_get_bootflow()`, then to `bootflow_check()` and finally to its caller, |
| 562 | either `bootflow_scan_bootdev()` or `bootflow_scan_next()`. In either case, |
| 563 | the bootflow is returned as the result of this iteration, assuming it made it to |
| 564 | the `BOOTFLOWST_READY` state. |
| 565 | |
| 566 | That is the basic operation of scanning for bootflows. The process of booting a |
| 567 | bootflow is handled by the bootmeth driver for that bootflow. In the case of |
| 568 | distro boot, this parses and processes the `extlinux.conf` file that was read. |
| 569 | See `distro_boot()` for how that works. The processing may involve reading |
| 570 | additional files, which is handled by the `read_file()` method, which is |
| 571 | `distro_read_file()` in this case. All bootmethds should support reading files, |
| 572 | since the bootflow is typically only the basic instructions and does not include |
| 573 | the operating system itself, ramdisk, device tree, etc. |
| 574 | |
| 575 | The vast majority of the bootstd code is concerned with iterating through |
| 576 | partitions on bootdevs and using bootmethds to find bootflows. |
| 577 | |
| 578 | How about bootdevs which are not block devices? They are handled by the same |
| 579 | methods as above, but with a different implementation. For example, the bootmeth |
| 580 | for PXE boot (over a network) uses `tftp` to read files rather than `fs_read()`. |
| 581 | But other than that it is very similar. |
| 582 | |
| 583 | |
| 584 | Tests |
| 585 | ----- |
| 586 | |
| 587 | Tests are located in `test/boot` and cover the core functionality as well as |
| 588 | the commands. All tests use sandbox so can be run on a standard Linux computer |
| 589 | and in U-Boot's CI. |
| 590 | |
| 591 | For testing, a DOS-formatted disk image is used with a single FAT partition on |
| 592 | it. This is created in `setup_bootflow_image()`, with a canned one from the |
| 593 | source tree used if it cannot be created (e.g. in CI). |
| 594 | |
| 595 | |
| 596 | Bootflow internals |
| 597 | ------------------ |
| 598 | |
| 599 | The bootstd device holds a linked list of scanned bootflows as well as the |
| 600 | currently selected bootdev and bootflow (for use by commands). This is in |
| 601 | `struct bootstd_priv`. |
| 602 | |
| 603 | Each bootdev device has its own `struct bootdev_uc_plat` which holds a |
| 604 | list of scanned bootflows just for that device. |
| 605 | |
| 606 | The bootflow itself is documented in bootflow_h_. It includes various bits of |
| 607 | information about the bootflow and a buffer to hold the file. |
| 608 | |
| 609 | |
| 610 | Future |
| 611 | ------ |
| 612 | |
| 613 | Apart from the to-do items below, different types of bootflow files may be |
| 614 | implemented in future, e.g. Chromium OS support which is currently only |
| 615 | available as a script in chromebook_coral. |
| 616 | |
| 617 | |
| 618 | To do |
| 619 | ----- |
| 620 | |
| 621 | Some things that need to be done to completely replace the distro-boot scripts: |
| 622 | |
| 623 | - add bootdev drivers for dhcp, sata, scsi, ide, virtio |
| 624 | - PXE boot for EFI |
| 625 | - support for loading U-Boot scripts |
| 626 | |
| 627 | Other ideas: |
| 628 | |
| 629 | - `bootflow prep` to load everything preparing for boot, so that `bootflow boot` |
| 630 | can just do the boot. |
| 631 | - automatically load kernel, FDT, etc. to suitable addresses so the board does |
| 632 | not need to specify things like `pxefile_addr_r` |
| 633 | |
| 634 | |
| 635 | .. _disto_boodcmd: https://github.com/u-boot/u-boot/blob/master/include/config_distro_bootcmd.h |
| 636 | .. _BootLoaderSpec: http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec/ |
| 637 | .. _distro_boot: https://github.com/u-boot/u-boot/blob/master/boot/distro.c |
| 638 | .. _bootflow_h: https://github.com/u-boot/u-boot/blob/master/include/bootflow.h |