- Sep 23, 2021
-
-
The arc/arm/m68k/microblaze/mips/ppc arch_lmb_reserve() implementations are all mostly the same, except for a couple of details. Implement a generic arch_lmb_reserve_generic() function which can be parametrized enough to cater for those differences between architectures. This can also be parametrized enough so it can handle cases where U-Boot is not relocated to the end of DRAM e.g. because there is some other reserved memory past U-Boot (e.g. unmovable firmware for coprocessor), it is not relocated at all, and other such use cases. Signed-off-by:
Marek Vasut <marek.vasut+renesas@gmail.com> Cc: Alexey Brodkin <alexey.brodkin@synopsys.com> Cc: Angelo Dureghello <angelo@sysam.it> Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com> Cc: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com> Cc: Hai Pham <hai.pham.ud@renesas.com> Cc: Michal Simek <monstr@monstr.eu> Cc: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> Cc: Tom Rini <trini@konsulko.com> Cc: Wolfgang Denk <wd@denx.de> Reviewed-by:
Tom Rini <trini@konsulko.com>
-
ARMv8.0 has optional crc32 instruction for crc32 calculation. The instruction is mandatory since ARMv8.1. The crc32 calculation is faster using the dedicated instruction, e.g. 1.4 GHz iMX8MN gives: => time crc32 0x50000000 0x2000000 time: 0.126 seconds # crc32 instruction time: 0.213 seconds # software crc32 Add implementation using the compiler builtin wrapper for the crc32 instruction and enable it by default, since we don't support any platforms which do not implement this instruction. Signed-off-by:
Marek Vasut <marex@denx.de> Cc: Simon Glass <sjg@chromium.org> [trini: Make crc32_table guarded by CONFIG_ARM64_CRC32] Signed-off-by:
-
- Sep 17, 2021
-
-
Header file version.h does not use anything from timestamp.h. Including of timestamp.h has side effect which cause recompiling object file at every make run because timestamp.h changes at every run. So remove timestamp.h from version.h and include timestamp.h in files which needs it. This change reduce recompilation time of final U-Boot binary when U-Boot source files were not changed as less source files needs to be recompiled. Signed-off-by:
Pali Rohár <pali@kernel.org> Reviewed-by:
Simon Glass <sjg@chromium.org> Reviewed-by:
-
More C files do not use compile time timestamp macros and do not have to be recompiled every time when SOURCE_DATE_EPOCH changes. This patch moves version_string[] from version.h to version_string.h and updates other C files which only needs version_string[] string to include version_string.h instead of version.h. After applying this patch these files are not recompiled every time when SOURCE_DATE_EPOCH changes. Signed-off-by:
-
Macro U_BOOT_VERSION_STRING is already stored in variable version_string. So use directly this variable instead of storing U_BOOT_VERSION_STRING into temporary variable. Signed-off-by:
-
- Sep 14, 2021
-
-
We are not guaranteed to have the padding_pkcs_15_verify symbol since commit 92c960bc ("lib: rsa: Remove #ifdefs from rsa.h"), and commit 61416fe9 ("Kconfig: FIT_SIGNATURE should not select RSA_VERIFY") The padding_algos only make sense with RSA verification, which can now be disabled in lieu of ECDSA. In fact this will lead to build failures because of the missing symbol mentioned earlier. To resolve this, move the padding_algos to a linker list, with declarations moved to rsa_verify.c. This is consistent with commit 6909edb4 ("image: rsa: Move verification algorithm to a linker list") One could argue that the added #ifdef USE_HOSTCC is ugly, and should be hidden within the U_BOOT_PADDING_ALGO() macro. However, this would be inconsistent with the "cryptos" list. This logic for was not previously explored: Without knowledge of the U_BOOT_PADDING_ALGO() macro, its use is similar to something being declared. However, should #ifndef USE_HOSTCC be part of the macro, it would not be obvious that it behaves differently on host code and target code. Having the #ifndef outside the macro makes this obvious. Also, the #ifdef is not always necessary. For example ecda-verify makes use of U_BOOT_CRYPTO_ALGO() without any accompanying #ifdefs. The fundamental issue is a lack of separation of host and target code in rsa_verify. Therefore, the declaration of a padding algo with the external #ifdef is more readable and consistent. Signed-off-by:
Alexandru Gagniuc <mr.nuke.me@gmail.com>
-
There are trivial typos in the Kconfig file. Fixed them. Also, fixed grammar in the descriptions with typos. Fixes: d56b4b19 ("configs: Migrate RBTREE, LZO, CMD_MTDPARTS, CMD_UBI and CMD_UBIFS") Fixes: 7264f292 ("spl: fit: Eanble GZIP support for image decompression") Signed-off-by:
Oleksandr Suvorov <oleksandr.suvorov@foundries.io> Reviewed-by:
Bin Meng <bmeng.cn@gmail.com> -
If keydir is not provided but name is we want to use name as key_id. But with the current coding name is only used on its own if it is NULL and keydir is provided which never occurs. Fixes: 824ee745 ("lib/rsa: Use the 'keyfile' argument from mkimage") Signed-off-by:
Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by:
-
- Sep 13, 2021
-
-
We don't need this check anymore since when PCI is enabled, driver model is always used. Sadly this doesn't work with nds32 for some reason to do with the toolchain. Add a work-around for that. Signed-off-by:
-
- Sep 11, 2021
-
-
Heinrich Schuchardt authored
We can call do_reset() directly without invoking the UEFI API. This decreases the code size. Signed-off-by: -
There is two unneeded EFI_CALL references in tcg2_measure_pe_image(). The first one in efi_search_protocol() and the second on in the device path calculation. The second isn't even a function we should be calling, but a pointer assignment, which happens to work with the existing macro. While at it switch the malloc call to a calloc, remove the unnecessary cast and get rid of an unneeded if statement before copying the device path Signed-off-by:
Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by:
-
Heinrich Schuchardt authored
The move to driver model should by now be completed. To be able to remove pre-driver model code from our block IO code require CONFIG_BLK=y for UEFI support. Signed-off-by: -
boot_service_capability_min is constant, it should be capitalized. Signed-off-by:
Masahisa Kojima <masahisa.kojima@linaro.org> Acked-by:
-
- Sep 09, 2021
-
-
Tom Rini authored
When dropping SHA512_ALGO in general, we didn't catch some cases where an option was selecting both SHA512 and SHA512_ALGO and caused them to select SHA512 twice. Kconfig doesn't complain, but this is still wrong and should be corrected. Fixes: e60e4499 ("lib: Drop SHA512_ALGO in lieu of SHA512") Reported-by:
Andreas Schwab <schwab@suse.de> Reviewed-by:
-
- Sep 08, 2021
-
-
MD5 is being called directly in some places, but it is not available via hash_lookup_algo("md5"). This is inconsistent with other hasing routines. To resolve this, add an "md5" entry to hash_algos[]. The #ifdef clause looks funnier than those for other entries. This is because both MD5 and SPL_MD5 configs exist, whereas the other hashes do not have "SPL_" entries. The long term plan is to get rid of the ifdefs, so those should not be expected to survive much longer. The md5 entry does not have .hash_init/update/finish members. That's okay because hash_progressive_lookup_algo() will catch that, and return -EPROTONOSUPPORT, while hash_lookup_algo() will return the correct pointer. Signed-off-by: -
All of these configs exist. Stick to using CONFIG_[ST]PL_HASH, and drop all references to CONFIG_[ST]PL_HASH_SUPPORT. This means we need for CHAIN_OF_TRUST to select SPL_HASH now. Signed-off-by:
-
SHA512_ALGO was used as a "either SHA512 or SHA384", although the implementations of these two algorithms share a majority of code. From a Kconfig interface perspective, it makes sense to present two distinct options. This requires #ifdefing out the SHA512 implementation from sha512.c. The latter doesn't make any sense. It's reasonable to say in Kconfig that SHA384 depends on SHA512, and seems to be the more polite way to handle the selection. Thus, automatically select SHA512 when SHA384 is enabled. Signed-off-by:
-
- Sep 04, 2021
-
-
Rename this option so that CONFIG_IS_ENABLED can be used with it. Signed-off-by: -
Rename these options so that CONFIG_IS_ENABLED can be used with them. Signed-off-by: -
TCG EFI Protocol Specification defines that PCRIndex parameter passed from caller must be 0 to 23. TPM2_MAX_PCRS is currently used to check the range of PCRIndex, but TPM2_MAX_PCRS is tpm2 device dependent and may have larger value. This commit newly adds EFI_TCG2_MAX_PCR_INDEX macro, it is used to check the range of PCRIndex parameter. Signed-off-by:
-
TCG EFI Protocol Specification defines the required parameter checking and return value for each API. This commit adds the missing parameter check and fixes the wrong return value to comply the specification. Signed-off-by:
-
Heinrich Schuchardt authored
When U-Boot is started we have to use the existing variables to determine in which secure boot state we are. * If a platform key PK is present and DeployedMode=1, we are in deployed mode. * If no platform key PK is present and AuditMode=1, we are in audit mode. * Otherwise if a platform key is present, we are in user mode. * Otherwise if no platform key is present, we are in setup mode. Signed-off-by: -
Heinrich Schuchardt authored
Writing variables AuditMode and DeployedMode serves to switch between Secure Boot modes. Provide a separate value for these in efi_auth_var_type. With this patch the variables will not be read from from file even if they are marked as non-volatile by mistake. Signed-off-by:Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
-
Heinrich Schuchardt authored
The UEFI specification requires that the signature database may only be stored in tamper-resistant storage. So these variable may not be read from an unsigned file. Signed-off-by: -
Heinrich Schuchardt authored
We should not first allocate memory and then report a rounded up value as image size. Instead first round up according to section allocation and then allocate the memory. Fixes: 82786754 ("efi_loader: ImageSize must be multiple of SectionAlignment") Signed-off-by:
-
Heinrich Schuchardt authored
In a section header VirtualSize may be zero. This is for instance seen in the .sbat section of shim. In this case use SizeOfRawData as section size. Fixes: 9d30a941 ("efi_loader: don't load beyond VirtualSize") Signed-off-by:
Asherah Connor <ashe@kivikakk.ee>
-
- Sep 02, 2021
-
-
CONFIG_MMC_SPI_CRC_ON needs the crc16 functions, but it was not included in an SPL build. For non-SPL builds, crc16.o is already added unconditionally. This also removes CONFIG_SPL_YMODEM_SUPPORT from the sifive board configs, which is only relevant for some ARM boards and was only set for its side effect of adding crc16.o.
-
- Sep 01, 2021
-
-
With glibc 2.33 (Ubuntu package glibc6 2.33-0ubuntu9) building sifive_unmatched_defconfig results in: In file included from /usr/include/stdio.h:866, from ././include/compiler.h:26, from <command-line>: In function ‘snprintf’, inlined from ‘rsa_engine_get_priv_key’ at ./tools/../^:273:4: /usr/include/riscv64-linux-gnu/bits/stdio2.h:71:10: warning: ‘%s’ directive argument is null [-Wformat-truncation=] 71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 72 | __glibc_objsize (__s), __fmt, | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 73 | __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~ Avoid passing a NULL string. Signed-off-by: -
Export the MD5 hash init/update/finish progressive APIs for better flexibility. Signed-off-by:Chia-Wei Wang <chiawei_wang@aspeedtech.com>
-
Older OpenSSL and libressl versions have a slightly different API. This require #ifdefs to support. However, we still can't support it because the ECDSA path does not compile with these older versions. These #ifdefs are truly a vestigial appendage. Alternatively, the ECDSA path could be updated for older libraries, but this requires significant extra code, and #ifdefs. Those libraries are over three years old, and there concerns whether it makes sense to build modern software for real world use against such old libraries. Thusly, remove #ifdefs and code for old OpenSSL and LibreSSL support. Signed-off-by:
-
- Aug 31, 2021
-
-
default n/no doesn't need to be specified. It is default option anyway. Signed-off-by:
Michal Simek <michal.simek@xilinx.com> [trini: Rework FSP_USE_UPD portion] Signed-off-by:
-
- Aug 21, 2021
-
-
tiny-printf variant doesn't know how to handle %llu format string, but both tiny-printf and print_size can meet in SPL when TFTP is used to obtain main u-boot image. This is known to lead to critical boot issue at AM335x platform when printf is catched in infinite loop. To avoid such issues and make print_size function tiny-printf friendly, use %u instead of %luu. Note, that the size value is guaranteed to be less than 1024 in this conditional branch, so the cast to unsigned int is safe. Signed-off-by:
Matwey V. Kornilov <matwey.kornilov@gmail.com> Reviewed-by:
-
%pM format string is used to print MAC-address and this is required while SPL network boot. This patch fixes the SPL boot issues like the following: Trying to boot from USB eth ## Error: flags type check failure for "ethaddr" <= "40309614M" (type: m) ## Error inserting "ethaddr" variable, errno=1 eth0: eth_cpsw## Error: flags type check failure for "eth1addr" <= "81f01114M" (type: m) ## Error inserting "eth1addr" variable, errno=1 , eth1: usb_ether eth_cpsw Waiting for PHY auto negotiation to complete......... TIMEOUT ! Problem booting with BOOTP SPL: failed to boot from all boot devices ### ERROR ### Please RESET the board ### Signed-off-by:
-
- Aug 17, 2021
-
-
Heinrich Schuchardt authored
Memory allocated in the implementation of the EFI_DEVICE_PATH_TO_TEXT_PROTOCOL must be of type EfiBootServicesData. Signed-off-by: -
Heinrich Schuchardt authored
dp_alloc() was using a constant from the wrong enum resulting in creating device paths in EfiReservedMemory. Signed-off-by: -
Heinrich Schuchardt authored
Use enum efi_memory_type and enum_allocate_type in the definitions of the efi_allocate_pages(), efi_allocate_pool(). In the external UEFI API leave the type as int as the UEFI specification explicitely requires that enums use a 32bit type. Signed-off-by:
-
- Aug 16, 2021
-
-
Implement the crypto_algo .verify() function for ecdsa256. Because it backends on UCLASS_ECDSA, this change is focused on parsing the keys from devicetree and passing this information to the specific UCLASS driver. Signed-off-by:
Patrick Delaunay <patrick.delaunay@foss.st.com>
-
- Aug 14, 2021
-
-
Refactor efi_append_scrtm_version() to use common function for adding eventlog and extending PCR. Signed-off-by: -
TCG PC Client PFP spec requires to measure "Exit Boot Services Invocation" if ExitBootServices() is invoked. Depending upon the return code from the ExitBootServices() call, "Exit Boot Services Returned with Success" or "Exit Boot Services Returned with Failure" is also measured. Signed-off-by:
-
TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by:
-
