- 17 7月, 2021 3 次提交
-
-
由 Simon Glass 提交于
Drop the ENABLE and SUPPORT parts of this, which are redundant. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com>
-
由 Simon Glass 提交于
These option are named inconsistently with other SPL options, thus making them incompatible with the CONFIG_IS_ENABLED() macro. Rename them. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com>
-
由 Simon Glass 提交于
The ENABLE part of this name is redundant, since all boolean Kconfig options serve to enable something. The SUPPORT part is also redundant since Kconfigs can be assumed to enable support for something. Together they just serve to make these options overly long and inconsistent with other options. Rename FIT_ENABLE_SHAxxx_SUPPORT to FIT_SHAxxx Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com>
-
- 11 6月, 2021 1 次提交
-
-
由 Lokesh Vutla 提交于
board_fit_image_post_process() passes only start and size of the image, but type of the image is not passed. So pass fit and node_offset, to derive information about image to be processed. Signed-off-by: NLokesh Vutla <lokeshvutla@ti.com> Reviewed-by: NTom Rini <trini@konsulko.com> Signed-off-by: NTero Kristo <kristo@kernel.org>
-
- 23 4月, 2021 1 次提交
-
-
由 Patrick Delaunay 提交于
Migrate CONFIG_LMB in Kconfig. Signed-off-by: NPatrick Delaunay <patrick.delaunay@foss.st.com>
-
- 15 4月, 2021 3 次提交
-
-
由 Alexandru Gagniuc 提交于
It's not always desirable to use 'keydir' and some ad-hoc heuristics to get the filename of the signing key. More often, just passing the filename is the simpler, easier, and logical thing to do. Since mkimage doesn't use long options, we're slowly running out of letters. I've chosen '-G' because it was available. Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
由 Alexandru Gagniuc 提交于
mkimage supports rsa2048, and rsa4096 signatures. With newer silicon now supporting hardware-accelerated ECDSA, it makes sense to expand signing support to elliptic curves. Implement host-side ECDSA signing and verification with libcrypto. Device-side implementation of signature verification is beyond the scope of this patch. Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
由 Alexandru Gagniuc 提交于
rsa-checksum.c sontains the hash_calculate() implementations. Despite the "rsa-" file prefix, this function is useful for other algorithms. To prevent confusion, move this file to lib/, and rename it to hash-checksum.c, to give it a more "generic" feel. Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
- 27 3月, 2021 1 次提交
-
-
由 Simon Glass 提交于
Sandbox is special in that it is used for testing and it does not match any particular target architecture. Allow it to load an image from any architecture, so that 'bootm' can be used as needed. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
- 18 3月, 2021 1 次提交
-
-
由 Simon Glass 提交于
Unfortunately -ENODATA is not available in OpenBSD. Use -EBADMSG instead, to indicate a missing timestamp. Fixes: c5819701 image: Adjust the workings of fit_check_format() Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NMark Kettenis <kettenis@openbsd.org>
-
- 18 2月, 2021 1 次提交
-
-
由 Alexandru Gagniuc 提交于
There's no point in guarding function prototypes with #ifdefs. If a function is not defined, the linker will notice. Having the prototype does not affect code size. What the #if guard takes away is the ability to use IS_ENABLED: if (CONFIG_IS ENABLED(FIT_IMAGE_POST_PROCESS)) board_fit_image_post_process(...) When the prototype is guarded, the above form cannot be used. This leads to the proliferation of #ifdefs, and unreadable code. The opportunity cost of the #if guard outweighs any benefits. Remove it. Since the original version of this patch, an empty definition was added by commit f14e6eec ("image: cleanup pre-processor usage"). The empty definition can cause silent failures, when an implementation of board_fit_image_post_process() is expected because the linker will not catch the missing function. Thus this patch removes this empty inline declaration. Fixes: f14e6eec ("image: cleanup pre-processor usage") Signed-off-by: NAlexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
- 16 2月, 2021 1 次提交
-
-
由 Simon Glass 提交于
At present this function does not accept a size for the FIT. This means that it must be read from the FIT itself, introducing potential security risk. Update the function to include a size parameter, which can be invalid, in which case fit_check_format() calculates it. For now no callers pass the size, but this can be updated later. Also adjust the return value to an error code so that all the different types of problems can be distinguished by the user. Signed-off-by: NSimon Glass <sjg@chromium.org> Reported-by: NBruce Monroe <bruce.monroe@intel.com> Reported-by: NArie Haenel <arie.haenel@intel.com> Reported-by: NJulien Lenoir <julien.lenoir@intel.com>
-
- 12 1月, 2021 1 次提交
-
-
由 Andre Przywara 提交于
So far we used the separate mksunxiboot tool for generating a bootable image for Allwinner SPLs, probably just for historical reasons. Use the mkimage framework to generate a so called eGON image the Allwinner BROM expects. The new image type is called "sunxi_egon", to differentiate it from the (still to be implemented) secure boot TOC0 image. Signed-off-by: NAndre Przywara <andre.przywara@arm.com> Reviewed-by: NJernej Skrabec <jernej.skrabec@siol.net> Reviewed-by: NSamuel Holland <samuel@sholland.org> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
- 05 1月, 2021 1 次提交
-
-
由 Sebastian Reichel 提交于
Replace most #ifdef checks for USE_HOSTCC and CONFIG_* with normal if instructions. Reviewed-by: NSimon Glass <sjg@chromium.org> Signed-off-by: NSebastian Reichel <sebastian.reichel@collabora.com>
-
- 30 10月, 2020 1 次提交
-
-
由 AKASHI Takahiro 提交于
The main purpose of this patch is to separate a generic interface for updating firmware using DFU drivers from "auto-update" via tftp. This function will also be used in implementing UEFI capsule update in a later commit. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: NTom Rini <trini@konsulko.com>
-
- 22 10月, 2020 2 次提交
-
-
由 Naoki Hayama 提交于
Fix some comments about functions. Move genimg_get_comp_name() above genimg_get_short_name() because genimg_get_comp_name() is related to get_table_entry_name(). Signed-off-by: NNaoki Hayama <naoki.hayama@lineo.co.jp> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
由 Naoki Hayama 提交于
Add a generic function which can check whether a category has an entry ID. Signed-off-by: NNaoki Hayama <naoki.hayama@lineo.co.jp> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
- 13 10月, 2020 1 次提交
-
-
由 Philippe Reynes 提交于
Binaries may be encrypted in a FIT image with AES. This algo needs a key and an IV (Initialization Vector). The IV is provided in a file (pointer by iv-name-hint in the ITS file) when building the ITB file. This commits adds provide an alternative way to manage the IV. If the property iv-name-hint is not provided in the ITS file, the tool mkimage will generate an random IV and store it in the FIT image. Signed-off-by: NPhilippe Reynes <philippe.reynes@softathome.com>
-
- 17 7月, 2020 1 次提交
-
-
由 Masahiro Yamada 提交于
The Linux coding style guide (Documentation/process/coding-style.rst) clearly says: It's a **mistake** to use typedef for structures and pointers. Besides, using typedef for structures is annoying when you try to make headers self-contained. Let's say you have the following function declaration in a header: void foo(bd_t *bd); This is not self-contained since bd_t is not defined. To tell the compiler what 'bd_t' is, you need to include <asm/u-boot.h> #include <asm/u-boot.h> void foo(bd_t *bd); Then, the include direcective pulls in more bloat needlessly. If you use 'struct bd_info' instead, it is enough to put a forward declaration as follows: struct bd_info; void foo(struct bd_info *bd); Right, typedef'ing bd_t is a mistake. I used coccinelle to generate this commit. The semantic patch that makes this change is as follows: <smpl> @@ typedef bd_t; @@ -bd_t +struct bd_info </smpl> Signed-off-by: NMasahiro Yamada <masahiroy@kernel.org>
-
- 08 7月, 2020 1 次提交
-
-
由 Robert Marko 提交于
This patch adds support for ZSTD decompression of FIT images. Signed-off-by: NRobert Marko <robert.marko@sartura.hr> Cc: Luka Perkov <luka.perkov@sartura.hr>
-
- 13 6月, 2020 1 次提交
-
-
由 Reuben Dowle 提交于
The current recommendation for best security practice from the US government is to use SHA384 for TOP SECRET [1]. This patch adds support for SHA384 and SHA512 in the hash command, and also allows FIT images to be hashed with these algorithms, and signed with sha384,rsaXXXX and sha512,rsaXXXX The SHA implementation is adapted from the linux kernel implementation. [1] Commercial National Security Algorithm Suite http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfmSigned-off-by: NReuben Dowle <reuben.dowle@4rf.com>
-
- 19 5月, 2020 1 次提交
-
-
由 Simon Glass 提交于
We should not use typedefs in U-Boot. They cannot be used as forward declarations which means that header files must include the full header to access them. Drop the typedef and rename the struct to remove the _s suffix which is now not useful. This requires quite a few header-file additions. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
- 18 4月, 2020 1 次提交
-
-
由 Atish Patra 提交于
Currently, there is no method that can detect compression types given a file. This is very useful where a compressed kernel image is loaded directly to the memory. Inspect initial few bytes to figure out compression type of the image. It will be used in booti method for now but can be reused any other function in future as well. Signed-off-by: NAtish Patra <atish.patra@wdc.com> Reviewed-by: NTom Rini <trini@konsulko.com>
-
- 01 4月, 2020 2 次提交
-
-
由 Simon Glass 提交于
These are used in multiple places so update them to use a shared #define. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NPhilippe Reynes <philippe.reynes@softathome.com>
-
由 Simon Glass 提交于
This should mention that conf_uname can be NULL and should be in the header file. Fix this. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
- 12 3月, 2020 3 次提交
-
-
由 AKASHI Takahiro 提交于
For FIT verification, all the properties of a public key come from "control fdt" pointed to by fdt_blob. In UEFI secure boot, on the other hand, a public key is located and retrieved from dedicated signature database stored as UEFI variables. Added two fields may hold values of a public key if fdt_blob is NULL, and will be used in rsa_verify_with_pkey() to verify a signature in UEFI sub-system. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
由 AKASHI Takahiro 提交于
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
由 Eugeniu Rosca 提交于
On Feb. 16, 2020, Tom reported [1] build failure of U-Boot in-tree tooling after applying https://patchwork.ozlabs.org/cover/1229663/ ("[v6,0/7] rsa: extend rsa_verify() for UEFI secure boot"). Later on, Heinrich stressed the urgency of the issue in https://patchwork.ozlabs.org/patch/1250858/#2379069: >>>>>>>>> We should finalize the topic as it stops EFI patches from being merged >>>>>>>>> On the surface, the problem is caused by U-Boot commits [2-3], which employed 'u32' in 'include/image.h', while historically U-Boot tooling stayed agnostic on the {u,s}{8,16,32} types. Thanks to Tom, Yamada-san and Heinrich, the following solutions have been put head-to-head ('+' pros, '-' cons): A. Use an equivalent fixed-size type, i.e. s/u32/uint32_t/ in both android function prototypes (image.h) and definitions (c file): + quick and low-line-count - creates a 'soup' of fixed-sized types in the Android C file - will confuse contributors - is going against Linux kernel best practices [4] B. Guard Android functions by '!defined(USE_HOSTCC)' in image.h: + quick and low-line-count + reflects the reality (no android function is used by tooling) + zero impact on other subsystems - ifdeffery may look annoying (pre-existing problem of image.h) C. Make {u8,u16,u32} available in U-Boot tooling: + quick and low-line-count + [Yamada-san][5]: * forbidding u32 for tools is questionable to me * Linux kernel and Barebox use {u8,u16,u32} for the tools space - breaks U-Boot tradition? - has larger impact than [A] and [B] - adds type complexity/inconsistency in the tooling space D. [Yamada-san] Refactor the headers to minimize the code shared between U-Boot space and tooling space: + probably the long-term solution - high effort - can be seen/done as an incremental update on top of [B] Looking at the above, [B] looks like the natural way to go forward. [1] https://patchwork.ozlabs.org/patch/1238245/#2363052 [2] commit 7f253150 ("image: android: Add routine to get dtbo params") [3] commit c3bfad82 ("image: android: Add functions for handling dtb field") [4] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6176fa4728fb6d ("checkpatch: add --strict warning for c99 fixed size typedefs : int<size>_t") [5] https://patchwork.ozlabs.org/patch/1238245/#2363340 Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Sam Protsenko <joe.skb7@gmail.com> Cc: Lokesh Vutla <lokeshvutla@ti.com> Cc: Simon Glass <sjg@chromium.org> Cc: AKASHI Takahiro <takahiro.akashi@linaro.org> Reported-by: NTom Rini <trini@konsulko.com> Signed-off-by: NEugeniu Rosca <erosca@de.adit-jv.com> Tested-by: NHeinrich Schuchardt <xpyron.glpk@gmx.de>
-
- 04 2月, 2020 2 次提交
-
-
由 Sam Protsenko 提交于
Android Boot Image v1 adds "Recovery DTB" field in image header and associate payload in boot image itself [1]. Payload should be in Android DTB/DTBO format [2]. That "Recovery DTB" area should be only populated for non-A/B devices, and only in recovery image. Add function to get an address and size of that payload. That function can be further used e.g. in 'abootimg' command to provide the user a way to get the address of recovery dtbo from U-Boot shell, which can be further parsed using 'adtimg' command. [1] https://source.android.com/devices/bootloader/boot-image-header [2] https://source.android.com/devices/architecture/dto/partitionsSigned-off-by: NSam Protsenko <joe.skb7@gmail.com> Signed-off-by: NLokesh Vutla <lokeshvutla@ti.com>
-
由 Sam Protsenko 提交于
Android Boot Image v2 adds "DTB" payload (and corresponding field in the image header). Provide functions for its handling: - android_image_get_dtb_by_index(): Obtain DTB blob from "DTB" part of boot image, by blob's index - android_image_print_dtb_contents(): Iterate over all DTB blobs in "DTB" part of boot image and print those blobs info "DTB" payload might be in one of the following formats: 1. concatenated DTB blobs 2. Android DTBO format The latter requires "android-image-dt.c" functionality, so this commit selects that file for building for CONFIG_ANDROID_BOOT_IMAGE option. Right now this new functionality isn't used, but it can be used further. As it's required to apply some specific dtbo blob(s) from "dtbo" partition, we can't automate this process inside of "bootm" command. But we can do next: - come up with some new command like "abootimg" to extract dtb blob from boot image (using functions from this patch) - extract desired dtbo blobs from "dtbo" partition using "adtimg" command - merge dtbo blobs into dtb blob using "fdt apply" command - pass resulting dtb blob into bootm command in order to boot the Android kernel with Android ramdisk from boot image Signed-off-by: NSam Protsenko <joe.skb7@gmail.com> Signed-off-by: NLokesh Vutla <lokeshvutla@ti.com>
-
- 25 1月, 2020 2 次提交
-
-
由 Simon Glass 提交于
This function has a very generic name which does not adequately describe its purpose. Rename it and move it to image.h, since it relates to reading a script from an image. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
These three globals relate to image handling. Move them to the image header file. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
- 18 1月, 2020 2 次提交
-
-
由 Simon Glass 提交于
This function has a very generic name which does not adequately describe its purpose. Rename it and move it to image.h, since it relates to reading a script from an image. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
These three globals relate to image handling. Move them to the image header file. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
- 17 1月, 2020 2 次提交
-
-
由 Philippe Reynes 提交于
This commit add to u-boot the support to decrypt fit image encrypted with aes. The FIT image contains the key name and the IV name. Then u-boot look for the key and IV in his device tree and decrypt images before moving to the next stage. Signed-off-by: NPhilippe Reynes <philippe.reynes@softathome.com>
-
由 Philippe Reynes 提交于
This commit add the support of encrypting image with aes in mkimage. To enable the ciphering, a node cipher with a reference to a key and IV (Initialization Vector) must be added to the its file. Then mkimage add the encrypted image to the FIT and add the key and IV to the u-boot device tree. Signed-off-by: NPhilippe Reynes <philippe.reynes@softathome.com>
-
- 08 1月, 2020 1 次提交
-
-
由 Cristian Ciocaltea 提交于
Add a new OS type to be used for chain-loading an EFI compatible firmware or boot loader like GRUB2, possibly in a verified boot scenario. Bellow is sample ITS file that generates a FIT image supporting secure boot. Please note the presence of 'os = "efi";' line, which identifies the currently introduced OS type: / { #address-cells = <1>; images { efi-grub { description = "GRUB EFI"; data = /incbin/("bootarm.efi"); type = "kernel_noload"; arch = "arm"; os = "efi"; compression = "none"; load = <0x0>; entry = <0x0>; hash-1 { algo = "sha256"; }; }; }; configurations { default = "config-grub"; config-grub { kernel = "efi-grub"; signature-1 { algo = "sha256,rsa2048"; sign-images = "kernel"; }; }; }; }; Signed-off-by: NCristian Ciocaltea <cristian.ciocaltea@gmail.com> Reviewed-by: NHeinrich Schuchardt <xypron.glpk@gmx.de>
-
- 29 10月, 2019 1 次提交
-
-
由 Bin Meng 提交于
__be32 has Linux kernel specific __attribute__((bitwise)) which is not portable. Use uint32_t instead. Signed-off-by: NBin Meng <bmeng.cn@gmail.com>
-
- 27 8月, 2019 1 次提交
-
-
由 Patrick Delaunay 提交于
Define new image type for coprocessor images. It is used in FIT to identify the files loaded with remoteproc command (elf or bin). Signed-off-by: NLoic Pallardy <loic.pallardy@st.com> Signed-off-by: NPatrick Delaunay <patrick.delaunay@st.com> Reviewed-by: NSimon Glass <sjg@chromium.org>
-
- 26 8月, 2019 1 次提交
-
-
由 Lukas Auer 提交于
RISC-V OpenSBI is an open-source implementation of the RISC-V Supervisor Binary Interface (SBI) specification. It is required by Linux and U-Boot running in supervisor mode. This patch adds support for booting via the OpenSBI FW_DYNAMIC firmware. It supports OpenSBI version 0.4 and higher. In this configuration, U-Boot SPL starts in machine mode. After loading OpenSBI and U-Boot proper, it will start OpenSBI. All necessary parameters are generated by U-Boot SPL and are passed to OpenSBI. U-Boot proper is started in supervisor mode by OpenSBI. Support for OpenSBI is enabled with CONFIG_SPL_OPENSBI. An additional configuration entry, CONFIG_SPL_OPENSBI_LOAD_ADDR, is used to specify the load address of the OpenSBI firmware binary. It is not used directly in U-Boot and instead is intended to make the value available to scripts such as FIT configuration generators. The header file include/opensbi.h is based on header files from the OpenSBI project. They are recent, as of commit bae54f764570 ("firmware: Add fw_dynamic firmware"). Signed-off-by: NLukas Auer <lukas.auer@aisec.fraunhofer.de> Reviewed-by: NBin Meng <bmeng.cn@gmail.com> Tested-by: NBin Meng <bmeng.cn@gmail.com> Reviewed-by: NAnup Patel <anup.patel@wdc.com>
-