Remove the verified boot limitation that only allows a single
RSA public exponent of 65537 (F4). This change allows use with
existing PKI infrastructure and has been tested with HSM-based
PKI.
Change the configuration OF tree format to store the RSA public
exponent as a 64 bit integer and implement backward compatibility
for verified boot configuration trees without this extra field.
Parameterise vboot_test.sh to test different public exponents.
Mathematics and other hard work by Andrew Bott.
Tested with the following public exponents: 3, 5, 17, 257, 39981,
50457, 65537 and 4294967297.
Signed-off-by: Andrew Bott <Andrew.Bott@ipaccess.com>
Signed-off-by: Andrew Wishart <Andrew.Wishart@ipaccess.com>
Signed-off-by: Neil Piercy <Neil.Piercy@ipaccess.com>
Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com>
Cc: Simon Glass <sjg@chromium.org>
Aliases are used to provide U-Boot's numbering of devices, such as:
aliases {
spi0 = "/spi@12330000";
}
spi@12330000 {
...
}
This tells us that the SPI controller at 12330000 is considered to be the
first SPI controller (SPI 0). So we have a numbering for the SPI node.
Add a function that returns the numbering for a node assume that it exists
in the list of aliases.
Signed-off-by: Simon Glass <sjg@chromium.org>
If we are to have driver model before relocation we need to support some
way of calling memory allocation routines.
The standard malloc() is pretty complicated:
1. It uses some BSS memory for its state, and BSS is not available before
relocation
2. It supports algorithms for reducing memory fragmentation and improving
performace of free(). Before relocation we could happily just not support
free().
3. It includes about 4KB of code (Thumb 2) and 1KB of data. However since
this has been loaded anyway this is not really a problem.
The simplest way to support pre-relocation malloc() is to reserve an area
of memory and allocate it in increasing blocks as needed. This
implementation does this.
To enable it, you need to define the size of the malloc() pool as described
in the README. It will be located above the pre-relocation stack on
supported architectures.
Note that this implementation is only useful on machines which have some
memory available before dram_init() is called - this includes those that
do no DRAM init (like tegra) and those that do it in SPL (quite a few
boards). Enabling driver model preior to relocation for the rest of the
boards is left for a later exercise.
Signed-off-by: Simon Glass <sjg@chromium.org>
When this option is enabled, CRLF is treated like LF when importing environments
from text files, which means CRs ('\r') in front of LFs ('\n') are just ignored.
Drawback of enabling this option is that (maybe exported) variables which have
a trailing CR in their content will get imported without that CR. But this
drawback is very unlikely and the big advantage of letting Windows user create
a *working* uEnv.txt too is likely more welcome.
Signed-off-by: Alexander Holler <holler@ahsoftware.de>
As I initially suspected overflow in time handling, I took a detailed
look at lib/time.c. This adds comments about units being used, reduces
amount of type casting being done, and makes __udelay() always wait at
least one tick. (Current code could do no delaying at all for short
delays).
Signed-off-by: Pavel Machek <pavel@denx.de>
pack_hex_byte is only used when CONFIG_CMD_NET is
defined so limit it to that scope. This prevents
a clang warning.
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
move fdtdec_get_int() out of lib/fdtdec.c into lib/fdtdec_common.c
as this function is also used, if CONFIG_OF_CONTROL is not
used. Poped up on the ids8313 board using signed FIT images,
and activating CONFIG_SYS_GENERIC_BOARD. Without this patch
it shows on boot:
No valid FDT found - please append one to U-Boot binary, use u-boot-dtb.bin or define CONFIG_OF_EMBED. For sandbox, use -d <file.dtb>
With this patch, it boots again with CONFIG_SYS_GENERIC_BOARD
enabled.
Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@ti.com>
commit 18b06652cd "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.
cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
The original code did not cover every case and there was a missing negative
sign in one case. Expand the coverage and fix the bug.
Signed-off-by: Simon Glass <sjg@chromium.org>
It has been observed that fit_check_format() will fail when passed a
corrupt FIT image. This was tracked down to _fdt_string_eq():
return (strlen(p) == len) && (memcmp(p, s, len) == 0);
In the case of a corrupt FIT image one can't depend on 'p' being NULL
terminated. I changed it to use strnlen() to fix the issue.
Signed-off-by: Tom Rini <trini@ti.com>
It seems the code tries to trick the compiler the argument
is actually used. However compilers became too smart to
fool them so easily an now warn. Gcc and clang don't seem
to emit a warning when the argument is unused. If so it
should be decorated with unused / (void).
Signed-off-by: Jeroen Hofstee <jeroen@myspectrum.nl>
When writing values into an FDT it is possible that there will be
insufficient space. If the caller gets a useful error then it can
potentially deal with the situation.
Adjust these functions to return -ENOSPC when the FDT is full.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add the ability to display the code offset of an initcall even after it
is relocated. This makes it much easier to relate initcalls back to the
U-Boot System.map file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
The backlight uses FETs on the TPS65090. Enable this so that the display
is visible.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Lukasz Majewski <l.majewski@samsung.com>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
This adds driver support for the TPS65090 PMU. Support includes
hooking into the pmic infrastructure so that the pmic commands
can be used on the console. The TPS65090 supports the following
functionality:
- fet enable/disable/querying
- getting and setting of charge state
Even though it is connected to the pmic infrastructure it does
not hook into the pmic charging charging infrastructure.
The device tree binding is from Linux, but only a small subset of
functionality is supported.
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Hatim Ali <hatim.rv@samsung.com>
Signed-off-by: Katie Roberts-Hoffman <katierh@chromium.org>
Signed-off-by: Rong Chang <rongchang@chromium.org>
Signed-off-by: Sean Paul <seanpaul@chromium.org>
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
This patch adds functions for read, write and authentication
key programming for the Replay Protected Memory Block partition
in the eMMC.
Acked-by: Pantelis Antoniou <panto@antoniou-consulting.com>
Signed-off-by: Pierre Aubert <p.aubert@staubli.com>
Exynos serise can be supported the dw-mmc controller.
So, it's good that used the general prefix as "_EXYNOS_DWMMC".
Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Commit 2842c1c242 introduced lib/sha256 into
mkimage. Since then it will be compiled with HOSTCC which may produce errors
on some systems. Most BSD systems (like OS X for me) do not ship a
linux/string.h which will lead to take the U-Boot provided
include/linux/string.h in the end. This header howver is completely wrong
here. Just take the string.h if compiling with HOSTCC and linux/string.h when
not.
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Cc: Heiko Schocher <hs@denx.de>
Acked-by: Heiko Schocher<hs@denx.de>
Tegra's crypto.c uses apply_cbc_chain_data() to sign the warm restart
code. This function was recently moved into the core aes.c and made
static, which prevents the Tegra code from compiling. Make it public
again to avoid the compile errors:
arch/arm/cpu/tegra20-common/crypto.c: In function ‘sign_object’:
arch/arm/cpu/tegra20-common/crypto.c:74:3: warning: implicit declaration of function ‘apply_cbc_chain_data’ [-Wimplicit-function-declaration]
arch/arm/cpu/built-in.o: In function `sign_object':
.../arch/arm/cpu/tegra20-common/crypto.c:74: undefined reference to `apply_cbc_chain_data'
.../arch/arm/cpu/tegra20-common/crypto.c:78: undefined reference to `apply_cbc_chain_data'
Fixes: 6e7b9f4fa0 ("aes: Move the AES-128-CBC encryption function to common code")
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Marek Vasut <marex@denx.de>
Changes:
- randomly generate partition uuid if any is undefined and CONFIG_RAND_UUID
is defined
- print debug info about set/unset/generated uuid
- update doc/README.gpt
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Acked-by: Lukasz Majewski <l.majewski@samsung.com>
Cc: Piotr Wilczek <p.wilczek@samsung.com>
Cc: Tom Rini <trini@ti.com>
Cc: Stephen Warren <swarren@nvidia.com>
Cc: Lukasz Majewski <l.majewski@samsung.com>
Those commands basis on implementation of random UUID generator version 4
which is described in RFC4122. The same algorithm is used for generation
both ids but string representation is different as below.
char: 0 9 14 19 24 36
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
UUID: be be be be be
GUID: le le le be be
Commands usage:
- uuid [<varname>]
- guid [<varname>]
The result is saved in environment as a "varname" variable if argument is given,
if not then it is printed.
New config:
- CONFIG_CMD_UUID
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Stephen Warren <swarren@nvidia.com>
Cc: Lukasz Majewski <l.majewski@samsung.com>
Cc: trini@ti.com
This patch adds support to generate UUID (Universally Unique Identifier)
in version 4 based on RFC4122, which is randomly.
Source: https://www.ietf.org/rfc/rfc4122.txt
Changes:
- new configs:
- CONFIG_LIB_UUID for compile lib/uuid.c
- CONFIG_RANDOM_UUID for functions gen_rand_uuid() and gen_rand_uuid_str()
- add configs dependency to include/config_fallbacks.h for lib uuid.
lib/uuid.c:
- add gen_rand_uuid() - this function writes 16 bytes len binary representation
of UUID v4 to the memory at given address.
- add gen_rand_uuid_str() - this function writes 37 bytes len hexadecimal
ASCII string representation of UUID v4 to the memory at given address.
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Stephen Warren <swarren@nvidia.com>
Cc: Lukasz Majewski <l.majewski@samsung.com>
[trini: Add CONFIG_EFI_PARTITION to fallbacks]
Signed-off-by: Tom Rini <trini@ti.com>
Changes in lib/uuid.c to:
- uuid_str_to_bin()
- uuid_bin_to_str()
New parameter is added to specify input/output string format in listed functions
This change allows easy recognize which UUID type is or should be stored in given
string array. Binary data of UUID and GUID is always stored in big endian, only
string representations are different as follows.
String byte: 0 36
String char: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
string UUID: be be be be be
string GUID: le le le be be
This patch also updates functions calls and declarations in a whole code.
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Stephen Warren <swarren@nvidia.com>
Cc: Lukasz Majewski <l.majewski@samsung.com>
Cc: trini@ti.com
This commit introduces cleanup for uuid library.
Changes:
- move uuid<->string conversion functions into lib/uuid.c so they can be
used by code outside part_efi.c.
- rename uuid_string() to uuid_bin_to_str() for consistency with existing
uuid_str_to_bin()
- add an error return code to uuid_str_to_bin()
- update existing code to the new library functions.
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Stephen Warren <swarren@nvidia.com>
Cc: Lukasz Majewski <l.majewski@samsung.com>
Cc: trini@ti.com
New configs:
- CONFIG_LIB_RAND - to enable implementation of rand library in lib/rand.c
- CONFIG_LIB_HW_RAND - to enable hardware based implementations of lib rand
Other changes:
- add CONFIG_LIB_RAND to boards configs which needs rand()
- put only one rand.o dependency in lib/Makefile
CONFIG_LIB_HW_RAND should be defined for drivers which implements rand library
(declared in include/common.h):
- void srand(unsigned int seed)
- unsigned int rand(void)
- unsigned int rand_r(unsigned int *seedp)
Signed-off-by: Przemyslaw Marczak <p.marczak@samsung.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Tom Rini <trini@ti.com>
Cc: Masahiro Yamada <yamada.m@jp.panasonic.com>
Since TIZEN group has been used 450 X 140 bmp logo for lunchbox,
this patch tries to change the logo size from 500 X 150 to official size.
By reducing image size, we also save about 35KB.
To make row aligned 4 bytes, add 2 pixels to row. Therefore the real width
of image size is 452.
Signed-off-by: Jonghwa Lee <jonghwa3.lee@samsung.com>
Reviewed-by : Przemyslaw Marczak <p.marczak@samsung.com>
Implement support for encrypting/decrypting the environment block
into the tools/env/fw_* tools. The cipher used is AES 128 CBC and
the implementation depends solely on components internal to U-Boot.
To allow building against the internal AES library, the library did
need minor adjustments to not include U-Boot's headers which are not
wanted to be included and define missing types.
Signed-off-by: Marek Vasut <marex@denx.de>
Implement a compatible AES-128-CBC decryption function as a counterpart
of the encryption function pulled from tegra20-common/crypto.c .
Signed-off-by: Marek Vasut <marex@denx.de>
Move the AES-128-CBC encryption function implemented in
tegra20-common/crypto.c into lib/aes.c . This is well re-usable common
code. Moreover, clean the code up a bit and fix the kerneldoc-style
annotations.
Signed-off-by: Marek Vasut <marex@denx.de>
add host tool "fit_check_sign" which verifies, if a fit image is
signed correct.
Signed-off-by: Heiko Schocher <hs@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Add support for sha256,rsa4096 signatures in u-boot.
Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Simon Glass <sjg@chromium.org>
Cc: andreas@oetken.name
based on patch from andreas@oetken.name:
http://patchwork.ozlabs.org/patch/294318/
commit message:
I currently need support for rsa-sha256 signatures in u-boot and found out that
the code for signatures is not very generic. Thus adding of different
hash-algorithms for rsa-signatures is not easy to do without copy-pasting the
rsa-code. I attached a patch for how I think it could be better and included
support for rsa-sha256. This is a fast first shot.
aditionally work:
- removed checkpatch warnings
- removed compiler warnings
- rebased against current head
Signed-off-by: Heiko Schocher <hs@denx.de>
Cc: andreas@oetken.name
Cc: Simon Glass <sjg@chromium.org>
Add a simple LCD driver which uses SDL to display the image. We update the
image regularly, while still providing for reasonable performance.
Adjust the common lcd code to support sandbox.
For command-line runs we do not want the LCD to be displayed, so add a
--show_lcd option to enable it.
Tested-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a simple emulation of the Chrome OS EC for sandbox, so that it can
perform various EC tasks such as keyboard handling.
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
A flash map describes the layout of flash memory in terms of offsets and
sizes for each region. Add a function to read a flash map entry from the
device tree.
Reviewed-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch enables support for device tree for sdhci driver.
Non DT case is still supported.
Signed-off-by: Piotr Wilczek <p.wilczek@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
This patch enables parsing mipi data from device tree.
Non device tree case is still supported.
Signed-off-by: Piotr Wilczek <p.wilczek@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Many (but not all) of Blackfin boards give -O2 option
to compile under lib/ directory.
That means lib/ should be speed-optimized,
whereas other parts should be size-optimized.
We want to keep the same behavior,
but do not want to parse board/*/config.mk again and again.
We've got no choice but to invent a new method.
CONFIG_CC_OPTIMIZE_LIBS_FOR_SPEED, if it is enabled,
gives -O2 flag only for building under lib/ directory.
Dirty codes which I had marked as "FIX ME"
in board/${BOARD}/config.mk have been deleted.
Instead, CONFIG_CC_OPTIMIZE_LIBS_FOR_SPEED has been
defined in include/configs/${BOARD}.h.
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Cc: Sonic Zhang <sonic.zhang@analog.com>
Add 64-bit data for memory commands, such as md, mw, mm, cmp. The new
size ".q " is introduced.
For 64-bit architecture, 64-bit data is enabled by default, by detecting
compiler __LP64__. It is optional for other architectures.
Signed-off-by: York Sun <yorksun@freescale.com>
When we tell the compiler to optimize for ARMv7 (and ARMv6 for that
matter) it assumes a default of SCTRL.A being cleared and unaligned
accesses being allowed and fast at the hardware level. We set this bit
and must pass along -mno-unaligned-access so that the compiler will
still breakdown accesses and not trigger a data abort.
To better help understand the requirements of the project with respect
to unaligned memory access, the
Documentation/unaligned-memory-access.txt file has been added as
doc/README.unaligned-memory-access.txt and is taken from the v3.14-rc1
tag of the kernel.
Cc: Albert ARIBAUD <albert.u.boot@aribaud.net>
Cc: Mans Rullgard <mans@mansr.com>
Signed-off-by: Tom Rini <trini@ti.com>
Now we are ready to switch over to real Kbuild.
This commit disables temporary scripts:
scripts/{Makefile.build.tmp, Makefile.host.tmp}
and enables real Kbuild scripts:
scripts/{Makefile.build,Makefile.host,Makefile.lib}.
This switch is triggered by the line in scripts/Kbuild.include
-build := -f $(if $(KBUILD_SRC),$(srctree)/)scripts/Makefile.build.tmp obj
+build := -f $(if $(KBUILD_SRC),$(srctree)/)scripts/Makefile.build obj
We need to adjust some build scripts for U-Boot.
But smaller amount of modification is preferable.
Additionally, we need to fix compiler flags which are
locally added or removed.
In Kbuild, it is not allowed to change CFLAGS locally.
Instead, ccflags-y, asflags-y, cppflags-y,
CFLAGS_$(basetarget).o, CFLAGS_REMOVE_$(basetarget).o
are prepared for that purpose.
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Tested-by: Gerhard Sittig <gsi@denx.de>