- 26 6月, 2013 40 次提交
-
-
由 Axel Lin 提交于
Signed-off-by: NAxel Lin <axel.lin@ingics.com>
-
由 Axel Lin 提交于
Signed-off-by: NAxel Lin <axel.lin@ingics.com>
-
由 Axel Lin 提交于
Signed-off-by: NAxel Lin <axel.lin@ingics.com>
-
由 Axel Lin 提交于
Signed-off-by: NAxel Lin <axel.lin@ingics.com>
-
由 Vincent Stehlé 提交于
Align the list of default commands mentioned in the configuration options paragraph of the README with the actual definitions found in include/config_cmd_default.h Signed-off-by: NVincent Stehlé <vincent.stehle@freescale.com>
-
由 Sascha Silbe 提交于
With CONFIG_SYS_64BIT_LBA, lbaint_t gets defined as a 64-bit type, which is required to represent block numbers for storage devices that exceed 2TiB (the block size usually is 512B), e.g. recent hard drives. For some obscure reason, the current U-Boot code uses lbaint_t for the number of blocks to read (a rather optimistic estimation of how RAM sizes will evolve), but not for the starting address. Trying to access blocks beyond the 2TiB boundary will simply wrap around and read a block within the 0..2TiB range. We now use lbaint_t for block start addresses, too. This required changes to all block drivers as the signature of block_read(), block_write() and block_erase() in block_dev_desc_t changed. Signed-off-by: NSascha Silbe <t-uboot@infra-silbe.de>
-
由 Steven Stallion 提交于
This patch introduces support for command line arguments to Plan 9. Plan 9 generally dedicates a small region of kernel memory (known as CONFADDR) for runtime configuration. A new environment variable named confaddr was introduced to indicate this location when copying arguments. Signed-off-by: NSteven Stallion <sstallion@gmail.com> [trini: Adapt for Simon's changes about correcting argc, no need to bump by 2 now] Signed-off-by: NTom Rini <trini@ti.com>
-
由 Simon Glass 提交于
Add a description of how to implement verified boot using signed FIT images, and a simple test which verifies operation on sandbox. The test signs a FIT image and verifies it, then signs a FIT configuration and verifies it. Then it corrupts the signature to check that this is detected. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
We want to sign and verify images using sandbox, so enable these options. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
While signing images is useful, it does not provide complete protection against several types of attack. For example, it it possible to create a FIT with the same signed images, but with the configuration changed such that a different one is selected (mix and match attack). It is also possible to substitute a signed image from an older FIT version into a newer FIT (roll-back attack). Add support for signing of FIT configurations using the libfdt's region support. Please see doc/uImage.FIT/signature.txt for more information. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add a function to find regions in device tree given a list of nodes to include and properties to exclude. See the header file for full documentation. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Normally, multiple public keys can be provided and U-Boot is not required to use all of them for verification. This is because some images may not be signed, or may be optionally signed. But we still need a mechanism to determine when a key must be used. This feature cannot be implemented in the FIT itself, since anyone could change it to mark a key as optional. The requirement for key verification must go in with the public keys, in a place that is protected from modification. Add a -r option which tells mkimage to mark all keys that it uses for signing as 'required'. If some keys are optional and some are required, run mkimage several times (perhaps with different key directories if some keys are very secret) using the -F flag to update an existing FIT. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NMarek Vasut <marex@denx.de>
-
由 Simon Glass 提交于
When signing an image, it is useful to add some details about which tool or person is authorising the signing. Add a comment field which can take care of miscellaneous requirements. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NMarek Vasut <marex@denx.de>
-
由 Simon Glass 提交于
When signing images it is sometimes necessary to sign with different keys at different times, or make the signer entirely separate from the FIT creation to avoid needing the private keys to be publicly available in the system. Add a -F option so that key signing can be a separate step, and possibly done multiple times as different keys are avaiable. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NMarek Vasut <marex@denx.de>
-
由 Simon Glass 提交于
FIT image verification requires public keys. Add a convenient option to mkimage to write the public keys to an FDT blob when it uses then for signing an image. This allows us to use: mkimage -f test.its -K dest.dtb -k keys test.fit and have the signatures written to test.fit and the corresponding public keys written to dest.dtb. Then dest.dtb can be used as the control FDT for U-Boot (CONFIG_OF_CONTROL), thus providing U-Boot with access to the public keys it needs. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: NMarek Vasut <marex@denx.de>
-
由 Simon Glass 提交于
Keys required for signing images will be in a specific directory. Add a -k option to specify that directory. Also update the mkimage man page with this information and a clearer list of available commands. Signed-off-by: NSimon Glass <sjg@chromium.org> Reviewed-by: Marek Vasut <marex@denx.de> (v1)
-
由 Simon Glass 提交于
RSA provides a public key encryption facility which is ideal for image signing and verification. Images are signed using a private key by mkimage. Then at run-time, the images are verified using a private key. This implementation uses openssl for the host part (mkimage). To avoid bringing large libraries into the U-Boot binary, the RSA public key is encoded using a simple numeric representation in the device tree. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add support for signing images using a new signature node. The process is handled by fdt_add_verification_data() which now takes parameters to provide the keys and related information. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add a structure to describe an algorithm which can sign and (later) verify images. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add configs to enable tracing when it is needed. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Some changes are needed to x86 timer functions to support tracing. Add these so that the feature works correctly. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add tracing to Exynos5 boards, so that tracing can be enabled when building with 'make FTRACE=1'. We use a 16MB trace buffer. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
For tracing to work it has to be able to access the microsecond timer without causing a recursive call to the function entry/exit handlers. Add attributes to the relevant functions to support this. Signed-off-by: NSimon Glass <sjg@chromium.org> Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Implement this feature on ARM for tracing. It would be nice to have generic bootm support so that it is easily implemented on any arch. Signed-off-by: NSimon Glass <sjg@chromium.org> Acked-by: NAlbert ARIBAUD <albert.u.boot@aribaud.net>
-
由 Simon Glass 提交于
For tracing it is useful to run as much of U-Boot as possible so as to get a complete picture. Quite a bit of work happens in bootm, and we don't want to have to stop tracing before bootm starts. Add a way of doing a 'fake' boot of the OS - which does everything up to the point where U-Boot is about to jump to the OS image. This allows tracing to record right until the end. This requires arch support to work. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
At present the bootm code is mostly duplicated for the plain 'bootm' command and its sub-command variant. This makes the code harder to maintain and means that changes must be made to several places. Introduce do_bootm_states() which performs selected portions of the bootm work, so that both plain 'bootm' and 'bootm <sub_command>' can use the same code. Additional duplication exists in bootz, so tidy that up as well. This is not intended to change behaviour, apart from minor fixes where the previously-duplicated code missed some chunks of code. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
At present the arguments to bootm are processed in a somewhat confusing way. Sub-functions must know how many arguments their calling functions have processed, and the OS boot function must also have this information. Also it isn't obvious that 'bootm' and 'bootm start' provide arguments in the same way. Adjust the code so that arguments are removed from the list before calling a sub-function. This means that all functions can know that argv[0] is the first argument of which they need to take notice. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
It is difficult to automatically test tracing on most architectures, but with sandbox it is easy enough to do a simple sanity check. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Support tracing on sandbox by adding suitable CONFIG options. To enable it, compile U-Boot with FTRACE=1. The timer functions are marked to skip tracing, since these are called from the tracing code itself, and we want to avoid an infinite loop. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
This tool provides the facility to decode U-Boot trace data and write out a text file in Linux ftrace format for use with pytimechart. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add hooks for tracing to generic board, including: - allow early tracing to start early as possible in U-Boot - reserve memory for trace buffer - copy early trace buffer to main trace buffer after relocation - setup full tracing support after relocation Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Use -finstrument-functions when tracing is enabled (make FTRACE=1). Tracing is not currently supported by SPL even if sufficient memory is available. When tracing is enabled, we #define FTRACE. This can be used by board config files to conditionally enable the tracing options. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add a trace command with sub-commands to start/stop tracing, print out statistics and dump trace information to memory for later upload to a host. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Add a library which supports tracing of execution using built-in gcc features and a microsecond timer. This can be used to record a list of function which are executed, along with a timestamp for each. Later this information can be sent to the host for processing. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Move bootstage's numbering printing code into a generic place so that it can be used by tracing also. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
The unstash code is a bit loose with its printf() types, which gives warnings on sandbox. Correct this. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
When this test fails it is useful to see the output from U-Boot. Add printing of this information on failure. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
For some reason this does not normally cause a compiler warning, but the code seems to be incorrect. Add the missing return. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
Enabling FIT produces a compile error. Fix this. Signed-off-by: NSimon Glass <sjg@chromium.org>
-
由 Simon Glass 提交于
I am not sure of the meaning of extern inline, but this gives errors when building with function instrumenting enabled. Change these functions to static inline. Signed-off-by: NSimon Glass <sjg@chromium.org>
-