Commit Graph

271 Commits

Author SHA1 Message Date
Tom Rini
6bd2372094 env: Rework ENV_IS_EMBEDDED and related logic slightly
- Drop CONFIG_BUILD_ENVCRC as this is never set directly but instead
  means ENV_IS_EMBEDDED, so reference that in code and rename the Makefile
  usage to BUILD_ENVCRC.
- Remove extra-$(CONFIG_ENV_IS_EMBEDDED) line as it could never be true,
  and likely why there is an extra- line for CONFIG_ENV_IS_IN_FLASH (the
  only use case today of embedded environments).
- With these slight changes we can then see that using the calculated
  symbol of ENV_IS_EMBEDDED is the right thing to use in any code which
  needs to know this situation and can remove CONFIG_ENV_IS_EMBEDDED
  entirely.

Signed-off-by: Tom Rini <trini@konsulko.com>
2022-12-22 10:31:47 -05:00
Max Krummenacher
486aef08de u-boot-initial-env: rework make target
With LTO enabled the U-Boot initial environment is no longer stored
in an easy accessible section in env/common.o. I.e. the section name
changes from build to build, its content maybe compressed and it is
annotated with additional data.

Drop trying to read the initial env with elf tools from the compiler
specific object file in favour of adding and using a host tool with
the only functionality of printing the initial env to stdout.

See also:
https://lore.kernel.org/all/927b122e-1f62-e790-f5ca-30bae4332c77@foss.st.com/

Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Acked-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-12-08 09:29:02 -05:00
Sughosh Ganu
873cf8ac70 test: dm: Add test cases for FWU Metadata uclass
Add test cases for accessing the FWU Metadata on the sandbox
platform. The sandbox platform also uses the metadata access driver
for GPT partitioned block devices.

The FWU feature will be tested on the sandbox64 variant with a raw
capsule. Remove the FIT capsule testing from sandbox64 defconfig --
the FIT capsule test will be run on the sandbox_flattree variant.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-10-31 14:47:33 -04:00
Simon Glass
b86986c7b3 video: Rename CONFIG_DM_VIDEO to CONFIG_VIDEO
Now that all the old code is gone, rename this option. Driver model
migration is now complete.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-30 20:07:17 +01:00
Simon Glass
1dc6517649 Drop CONFIG_LCD_LOGO
This relies on the old LCD implementation which is to be removed. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-10-30 20:07:16 +01:00
Weijie Gao
cadb1a858d tools: mtk_image: split the code of generating NAND header into a new file
The predefined NAND headers take too much spaces in the mtk_image.c.
Moving them into a new file can significantly improve the readability of
both mtk_image.c and the new mtk_nand_headers.c.

This is a preparation for adding more NAND headers.

Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
2022-09-23 15:09:16 -04:00
Heiko Thiery
2a4fb47533 tools: mkeficapsule: use pkg-config for each lib separat
Call pkg-config for each library individually.
This improves fallback handling.

Suggested-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: 31a7688cbe ("tools: mkeficapsule: use pkg-config to get -luuid and -lgnutls")
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-08-20 08:38:12 +02:00
Heiko Thiery
124b21e7bd tools: kwboot: use pkg-config to get -ltinfo
Instead of hardcoding -ltinfo as the flags needed to build
kwboot, use pkg-config when available.

We gracefully fallback on the previous behavior of hardcoding -ltinfo
if pkg-config is not available or fails with an error.

Reviewed-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
2022-08-04 15:32:20 -04:00
Heiko Thiery
31a7688cbe tools: mkeficapsule: use pkg-config to get -luuid and -lgnutls
Instead of hardcoding -luuid -lgnutls as the flags needed to build
mkeficapsule, use pkg-config when available.

We gracefully fallback on the previous behavior of hardcoding -luuid
-lgnutls if pkg-config is not available or fails with an error.

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
2022-08-04 15:32:20 -04:00
Pali Rohár
bb3d71b7ef crc16-ccitt: Rename file with CRC-16-CCITT implementation to crc16-ccitt.c
U-Boot CRC-16 implementation uses polynomial x^16 + x^12 + x^5 + 1 which is
not standard CRC-16 algorithm, but it is known as CRC-16-CCITT. Rename file
crc16.c to crc16-ccitt.c to reduce confusion.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-04-21 14:32:40 -04:00
Samuel Holland
e9e87ec47c tools: mkimage: Add Allwinner TOC0 support
Most Allwinner sunxi SoCs have separate boot ROMs in non-secure and
secure mode. The "non-secure" or "normal" boot ROM (NBROM) uses the
existing sunxi_egon image type. The secure boot ROM (SBROM) uses a
completely different image type, known as TOC0.

A TOC0 image is composed of a header and two or more items. One item
is the firmware binary. The others form a chain linking the firmware
signature to the root-of-trust public key (ROTPK), which has its hash
burned in the SoC's eFuses. Signatures are made using RSA-2048 + SHA256.

The pseudo-ASN.1 structure is manually assembled; this is done to work
around bugs/quirks in the boot ROM, which vary between SoCs. This TOC0
implementation has been verified to work with the A50, A64, H5, H6,
and H616 SBROMs, and it may work with other SoCs.

Signed-off-by: Samuel Holland <samuel@sholland.org>
Acked-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2022-04-04 23:24:17 +01:00
Pali Rohár
e8d26e8276 tools: kwboot: Add support for backspace key in mini terminal
Marvell BootROM recognize only '\b' byte as backspace. Use terminfo
for retrieving current backspace sequence and replace any occurrence of
backspace sequence by the '\b' byte.

Reading terminfo database is possible via tigetstr() function from system
library libtinfo.so.*. So link kwboot with -ltinfo.

Normally terminfo functions are in <term.h> system header file. But this
header file conflicts with U-Boot "termios_linux.h" header file. So declare
terminfo functions manually.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
2022-03-04 13:12:20 +01:00
Pali Rohár
913866af6c tools: kwboot: Use separate thread for sending boot message pattern
After BootROM successfully detects boot message pattern on UART it waits
until host stop sending data on UART. For example Armada 385 BootROM
requires that host does not send anything on UART at least 24 ms. If host
is still sending something then BootROM waits (possibly infinitely).

BootROM successfully detects boot message pattern if it receives it in
small period of time after power on.

So to ensure that host put BootROM into UART boot mode, host must send
continuous stream of boot message pattern with a small gap (for A385 at
least 24 ms) after series of pattern. But this gap cannot be too often or
too long to ensure that it does not cover whole BootROM time window when it
is detecting for boot message pattern.

Therefore it is needed to do following steps in cycle without any delay:
1. send series of boot message pattern over UART
2. wait until kernel transmit all data
3. sleep small period of time

At the same time, host needs to monitor input queue, data received on the
UART and checking if it contains NAK byte by which BootROM informs that
xmodem transfer is ready.

But it is not possible to wait until kernel transmit all data on UART and
at the same time in the one process to also wait for input data. This is
limitation of POSIX tty API and also by linux kernel that it does not
provide asynchronous function for waiting until all data are transmitted.
There is only synchronous variant tcdrain().

So to correctly implement this handshake on systems with linux kernel, it
is needed to use tcdrain() in separate thread.

Implement sending of boot message pattern in one thread and reading of
reply in the main thread. Use pthread library for threads.

This change makes UART booting on Armada 385 more reliable. It is possible
to start kwboot and power on board after minute and kwboot correctly put
board into UART boot mode.

Old implementation without separate thread has an issue that it read just
one byte from UART input queue and then it send 128 message pattern to the
output queue. If some noise was on UART then kwboot was not able to read
BootROM response as its input queue was just overflowed and kwboot was
sending more data than receiving.

This change basically fixed above issue too.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
2022-03-04 13:12:06 +01:00
AKASHI Takahiro
d9612f4426 tools: mkeficapsule: allow for specifying GUID explicitly
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.

To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
   [--fit <image> | --raw <image>] <capsule file>
NEW:
   [--fit | --raw | --guid <guid-string>] <image> <capsule file>

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-02-11 20:07:55 +01:00
AKASHI Takahiro
16abff246b tools: mkeficapsule: add firmware image signing
With this enhancement, mkeficapsule will be able to sign a capsule
file when it is created. A signature added will be used later
in the verification at FMP's SetImage() call.

To do that, we need specify additional command parameters:
  -monotonic-cout <count> : monotonic count
  -private-key <private key file> : private key file
  -certificate <certificate file> : certificate file
Only when all of those parameters are given, a signature will be added
to a capsule file.

Users are expected to maintain and increment the monotonic count at
every time of the update for each firmware image.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2022-02-11 20:07:55 +01:00
AKASHI Takahiro
9af16cc8f1 tools: build mkeficapsule with tools-only_defconfig
Add CONFIG_TOOLS_MKEFICAPSULE. Then we want to always build mkeficapsule
if tools-only_defconfig is used.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-02-11 20:07:55 +01:00
Simon Glass
19a91f2464 Create a new boot/ directory
Quite a lot of the code in common/relates to booting and images. Before
adding more it seems like a good time to move the code into its own
directory.

Most files with 'boot' or 'image' in them are moved, except:

- autoboot.c which relates to U-Boot automatically running a script
- bootstage.c which relates to U-Boot timing

Drop the removal of boot* files from the output directory, since this
interfers with the symlinks created by tools and there does not appear
to be any such file from my brief testing.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
Tested-by: Artem Lapkin <email2tema@gmail.com>
2021-11-11 19:01:56 -05:00
Tom Rini
4f03a4c766 tools: Stop re-defining -std= when building tools
While we intentionally set -std=gnu11 for building host tools, and have
for quite some time, we never dropped -std=gnu99 from tools/Makefile.
This resulted in passing -std=gnu11 ... -std=gnu99 when building, and
gnu99 would win.  This in turn would result now in warnings such as:
tools/mkeficapsule.c:25:15: warning: redefinition of typedef 'u32' is a C11 feature [-Wtypedef-redefinition]
typedef __u32 u32;
              ^

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-10-19 11:25:25 -04:00
Simon Glass
5d3248a688 image: Split host code out into its own file
To avoid having #ifdefs in a few functions which are completely different
in the board and host code, create a new image-host.c file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-10-08 15:53:26 -04:00
Pali Rohár
ad906753c2 tools: kwbimage: Remove v1 kwbimage SPL padding to CONFIG_SYS_U_BOOT_OFFS bytes
This padding depends on board config file and therefore it makes the
mkimage binary tool board specific, which is not correct. One cannot use
mkimage tool built as a result for board A to generate images for board
B, even if both A and B are on the same platform.

This CONFIG_SYS_U_BOOT_OFFS padding was needed when kwbimage v1 contained
SPL code which loaded U-Boot proper based on CONFIG_SYS_U_BOOT_OFFS,
instead of reading correct offset from kwbimage header.

Now that SPL code parses kwbimage header and deterinate correct offset,
there is no need for this CONFIG_SYS_U_BOOT_OFFS padding anymore.

By removing it we also reduce the size of SPL code and therefore also
decrease the final size of v1 kwbimage. This means there is more space
for U-Boot proper binary.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
2021-07-31 09:59:58 +02:00
Pali Rohár
b4f3cc2c42 tools: kwbimage: Do not hide usage of secure header under CONFIG_ARMADA_38X
The mkimage host tool can be used to generate kwbimage v1 image with
secure header on host system for A38x plaform also when U-Boot is being
compiled for different platform. So there is no reason to not allow
compiling of mkimage/kwbimage with secure header support for e.g. x86-64
host.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
2021-07-31 09:49:31 +02:00
Pali Rohár
8ab9c6be69 tools: kwbimage: Fix compilation without CONFIG_SYS_U_BOOT_OFFS
The CONFIG_SYS_U_BOOT_OFFS option may be defined as empty string.
In this case it causes compilation error:

    tools/kwbimage.c: In function ‘image_headersz_v1’:
    tools/kwbimage.c:1002:39: error: expected expression before ‘)’ token
      if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
                                           ^
    tools/kwbimage.c:1006:41: error: expected expression before ‘)’ token
        (int)headersz, CONFIG_SYS_U_BOOT_OFFS);
                                             ^
    tools/kwbimage.c:1011:35: error: expected expression before ‘;’ token
      headersz = CONFIG_SYS_U_BOOT_OFFS;
                                       ^
    make[1]: *** [scripts/Makefile.host:112: tools/kwbimage.o] Error 1
    make: *** [Makefile:1822: tools] Error 2

Check whether the value of CONFIG_SYS_U_BOOT_OFFS is really set.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
2021-07-31 09:49:31 +02:00
Alexandru Gagniuc
cb9faa6f98 tools: Use a single target-independent config to enable OpenSSL
Host tool features, such as mkimage's ability to sign FIT images were
enabled or disabled based on the target configuration. However, this
misses the point of a target-agnostic host tool.

A target's ability to verify FIT signatures is independent of
mkimage's ability to create those signatures. In fact, u-boot's build
system doesn't sign images. The target code can be successfully built
without relying on any ability to sign such code.

Conversely, mkimage's ability to sign images does not require that
those images will only work on targets which support FIT verification.
Linking mkimage cryptographic features to target support for FIT
verification is misguided.

Without loss of generality, we can say that host features are and
should be independent of target features.

While we prefer that a host tool always supports the same feature set,
we recognize the following
  - some users prefer to build u-boot without a dependency on OpenSSL.
  - some distros prefer to ship mkimage without linking to OpenSSL

To allow these use cases, introduce a host-only Kconfig which is used
to select or deselect libcrypto support. Some mkimage features or some
host tools might not be available, but this shouldn't affect the
u-boot build.

I also considered setting the default of this config based on
FIT_SIGNATURE. While it would preserve the old behaviour it's also
contrary to the goals of this change. I decided to enable it by
default, so that the default build yields the most feature-complete
mkimage.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-07-16 15:39:29 -04:00
Alexandru Gagniuc
e89660f5ec common: Move host-only logic in image-sig.c to separate file
image-sig.c is used to map a hash or crypto algorithm name to a
handler of that algorithm. There is some similarity between the host
and target variants, with the differences worked out by #ifdefs. The
purpose of this change is to remove those ifdefs.

First, copy the file to a host-only version, and remove target
specific code. Although it looks like we are duplicating code,
subsequent patches will change the way target algorithms are searched.
Besides we are only duplicating three string to struct mapping
functions. This isn't something to fuss about.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-07-16 12:58:55 -04:00
Alexandru Gagniuc
ed6c9e0b66 lib: Add support for ECDSA image signing
mkimage supports rsa2048, and rsa4096 signatures. With newer silicon
now supporting hardware-accelerated ECDSA, it makes sense to expand
signing support to elliptic curves.

Implement host-side ECDSA signing and verification with libcrypto.
Device-side implementation of signature verification is beyond the
scope of this patch.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Alexandru Gagniuc
4c17e5f691 lib/rsa: Make fdt_add_bignum() available outside of RSA code
fdt_add_bignum() is useful for algorithms other than just RSA. To
allow its use for ECDSA, move it to a common file under lib/.

The new file is suffixed with '-libcrypto' because it has a direct
dependency on openssl. This is due to the use of the "BIGNUM *" type.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Alexandru Gagniuc
0bcb28dfb9 lib: Rename rsa-checksum.c to hash-checksum.c
rsa-checksum.c sontains the hash_calculate() implementations. Despite
the "rsa-" file prefix, this function is useful for other algorithms.

To prevent confusion, move this file to lib/, and rename it to
hash-checksum.c, to give it a more "generic" feel.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:06:08 -04:00
Pali Rohár
15942805b7 arm: mvebu: a38x: Remove dead code ARMADA_39X
Config option ARMADA_39X is never set so remove all dead code hidden under
ifdef CONFIG_ARMADA_39X blocks.

Also remove useless checks for CONFIG_ARMADA_38X define as this macro is
always defined for a38x code path.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2021-03-12 07:44:21 +01:00
Joel Stanley
5d40d5f12e tools/Makefile: FIT_CIPHER requires libssl
If CONFIG_FIT_CIPHER is enabled without CONFIG_FIT_SIGNATURE then
mkimage/dumpimage will fail to link:

 /usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
 image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
 /usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x10): undefined reference to `EVP_aes_128_cbc'
 /usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x40): undefined reference to `EVP_aes_192_cbc'
 /usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x70): undefined reference to `EVP_aes_256_cbc'
 /usr/bin/ld: tools/lib/aes/aes-encrypt.o: in function `image_aes_encrypt':
 aes-encrypt.c:(.text+0x22): undefined reference to `EVP_CIPHER_CTX_new'
 /usr/bin/ld: aes-encrypt.c:(.text+0x6f): undefined reference to `EVP_EncryptInit_ex'
 /usr/bin/ld: aes-encrypt.c:(.text+0x8d): undefined reference to `EVP_EncryptUpdate'
 /usr/bin/ld: aes-encrypt.c:(.text+0xac): undefined reference to `EVP_CIPHER_CTX_free'
 /usr/bin/ld: aes-encrypt.c:(.text+0xf2): undefined reference to `EVP_EncryptFinal_ex'
 collect2: error: ld returned 1 exit status

Signed-off-by: Joel Stanley <joel@jms.id.au>
2021-01-22 16:17:52 -05:00
Andre Przywara
6d295099cc tools: mkimage: Add Allwinner eGON support
So far we used the separate mksunxiboot tool for generating a bootable
image for Allwinner SPLs, probably just for historical reasons.

Use the mkimage framework to generate a so called eGON image the
Allwinner BROM expects.
The new image type is called "sunxi_egon", to differentiate it
from the (still to be implemented) secure boot TOC0 image.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jernej Skrabec <jernej.skrabec@siol.net>
Reviewed-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-11 23:19:33 +00:00
Tom Rini
720620e691 Prepare v2021.01-rc5
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAl/0YVIACgkQFHw5/5Y0
 tywtEwv/cJWlKgcSnYjuJrxwuJdauUTfXdbUgtCxOtBw/BP4dsKkbGTJPw5q5M+4
 LJJSKyksmJVTX26h1dpkzQjOpWtTDnWqm5CTIxD52oQD7pxK+zCQ9T6S+QbQD0Se
 ogHmZluzFoluxbNgo8tiO52xvMhDO3TVAzxsNDdGfkd5/tAXOHClPc34RmAkdRHU
 VsR89AKdT2q543fiUfrRZYDzdctaNWhRGXMDcJ4+QU/8hQhrpcr8EtHbF+3mWX4K
 pA01pDz150Rn4UI6S2xKEWrjSTHe55fxVj/Qj0rq9z2E/+NqGXemf5s13AR0G/z3
 PqHdVLHzDe64pbOvmyU1pVQ0aMb8vMJUnqx68SQZY3On2c+MjRWQ+7aVVaKOcPGp
 uatk6QMrggHp3Li+3yZrLBE0qPr/sNMVb7mUesdZb6lFd2VIs8siwhfeGXMS+nDI
 xePzsR43Fnn5Q5KIqqvcWUb+TTTqUDUff0wyAU8NBgCaIBIZK8h2ppS1jjnbms0I
 mr8Er2vb
 =Dfum
 -----END PGP SIGNATURE-----

Merge tag 'v2021.01-rc5' into next

Prepare v2021.01-rc5

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-01-05 16:20:26 -05:00
Sughosh Ganu
322c813f4b mkeficapsule: Add support for embedding public key in a dtb
Add options for embedding the public key esl(efi signature list) file
to the platform's dtb. The esl file is then retrieved and used for
authenticating the capsule to be used for updating firmare components
on the platform.

The esl file can now be embedded in the dtb by invoking the following
command
mkeficapsule -K <pub_key.esl> -D <dtb>

In the scenario where the esl file is to be embedded in an overlay,
this can be done through the following command
mkeficapsule -O -K <pub_key.esl> -D <dtb>

This will create a node named 'signature' in the dtb, and the esl file
will be stored as 'capsule-key'

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
2020-12-31 14:41:31 +01:00
AKASHI Takahiro
fab430be2f tools: add mkeficapsule command for UEFI capsule update
This is a utility mainly for test purpose.
  mkeficapsule -f: create a test capsule file for FIT image firmware

Having said that, you will be able to customize the code to fit
your specific requirements for your platform.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03 21:22:50 +01:00
Stefan Roese
540a2bcec1 mips: octeon: tools: Add update_octeon_header tool
Add a tool to update or insert an Octeon specific header into the U-Boot
image. This is needed e.g. for booting via SPI NOR, eMMC and NAND.

While working on this, move enum cvmx_board_types_enum and
cvmx_board_type_to_string() to cvmx-bootloader.h and remove the
unreferenced (unsupported) board definition.

Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Aaron Williams <awilliams@marvell.com>
Cc: Chandrakala Chavva <cchavva@marvell.com>
Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
2020-11-30 18:32:09 +01:00
Reuben Dowle
d16b38f427 Add support for SHA384 and SHA512
The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX

The SHA implementation is adapted from the linux kernel implementation.

[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
2020-06-12 13:14:07 -04:00
Trevor Woerner
bb0fb4c0f4 rename symbol: CONFIG_KIRKWOOD -> CONFIG_ARCH_KIRKWOOD
Have this symbol follow the pattern of all other such symbols.
This patch also removes a TODO from the code.

Reviewed-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
2020-05-15 14:47:35 -04:00
Masahiro Yamada
3e69db1223 fdt_region: move fdt_region.c to common/ from lib/libfdt/
My goal is to sync lib/libfdt/ with scripts/dtc/libfdt/, that is,
make lib/libfdt/ contain only wrapper files.

fdt_region.c was written only for U-Boot to implement the verified
boot. So, this belongs to the same group as common/fdt_support.c,
which is a collection of U-Boot own fdt helpers.

Move lib/libfdt/fdt_region.c to common/fdt_region.c . This is
necessary only when CONFIG_(SPL_TPL_)_FIT_SIGNATURE is enabled.

Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
2020-04-26 14:23:55 -06:00
Masahiro Yamada
bcbdab70a2 libfdt: migrate fdt_ro.c to a wrapper of scripts/dtc/libfdt/fdt_ro.c
There is no essential difference between scripts/dtc/libfdt/fdt_ro.c
and lib/libfdt/fdt_ro.c

Migrate to a simple wrapper like the other files.

Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
2020-04-26 14:23:39 -06:00
Tom Rini
587e4a4296 kconfig / kbuild: Re-sync with Linux 4.19
Align Kconfig and Kbuild logic to Linux 4.19 release with minimal impact
on files outside of this scope.

Our previous Kconfig sync was done by commit 5972ff077e ("kconfig /
kbuild: re-sync with Linux 4.18").

In this particular re-sync in order to keep clang support working a
number of related changes needed to be pulled in that had been missed
previously.  Not all of these changes we easily traceable and so have
been omitted from the list below.

The imported Linux commits are:
[From prior to v4.18]
9f3f1fd29976 kbuild: Add __cc-option macro
d7f14c66c273 kbuild: Enable Large File Support for hostprogs
6d79a7b424a5 kbuild: suppress warnings from 'getconf LFS_*'
24403874316a Shared library support
86a9df597cdd kbuild: fix linker feature test macros when cross compiling with Clang
0294e6f4a000 kbuild: simplify ld-option implementation

[From v4.18 to v4.19]
96f14fe738b6 kbuild: Rename HOSTCFLAGS to KBUILD_HOSTCFLAGS
10844aebf448 kbuild: Rename HOSTCXXFLAGS to KBUILD_HOSTCXXFLAGS
b90a368000ab kbuild: Rename HOSTLDFLAGS to KBUILD_HOSTLDFLAGS
8377bd2b9ee1 kbuild: Rename HOST_LOADLIBES to KBUILD_HOSTLDLIBS
f92d19e0ef9b kbuild: Use HOST*FLAGS options from the command line
4ab3b80159d4 kconfig: check for pkg-config on make {menu,n,g,x}config
693359f7ac90 kconfig: rename SYMBOL_AUTO to SYMBOL_NO_WRITE
f60b992e30ff kbuild: replace $(LDFLAGS) $(ldflags-y) with $(ld_flags)
2fb9279f2c3e kbuild: change ld_flags to contain LDFLAGS_$(@F)
c931d34ea085 arm64: build with baremetal linker target instead of Linux when available
5accd7f3360e kconfig: handle format string before calling conf_message_callback()
a2ff4040151a kconfig: rename file_write_dep and move it to confdata.c
0608182ad542 kconfig: split out useful helpers in confdata.c
adc18acf42a1 kconfig: remove unneeded directory generation from local*config
79123b1389cc kconfig: create directories needed for syncconfig by itself
16952b77d8b5 kconfig: make syncconfig update .config regardless of sym_change_count
d6c6ab93e17f kbuild: remove deprecated host-progs variable
56869d45e364 kconfig: fix the rule of mainmenu_stmt symbol
c151272d1687 kconfig: remove unused sym_get_env_prop() function
1880861226c1 kconfig: remove P_ENV property type
e3fd9b5384f3 scripts/dtc: consolidate include path options in Makefile
4bf6a9af0e91 kconfig: add build-only configurator targets
f1575595d156 kconfig: error out when seeing recursive dependency
5e8c5299d315 kconfig: report recursive dependency involving 'imply'
f498926c47aa kconfig: improve the recursive dependency report
98a4afbfafd2 kconfig: fix "Can't open ..." in parallel build
9a9ddcf47831 kconfig: suppress "configuration written to .config" for syncconfig
87a32e624037 kbuild: pass LDFLAGS to recordmcount.pl
d503ac531a52 kbuild: rename LDFLAGS to KBUILD_LDFLAGS
217c3e019675 disable stringop truncation warnings for now
bc8d2e20a3eb kconfig: remove a spurious self-assignment
fd65465b7016 kconfig: do not require pkg-config on make {menu,n}config
5a4630aadb9a ftrace: Build with CPPFLAGS to get -Qunused-arguments

Note that this adds new cleanup work to do in that we should adapt the
shared library support we have to what is now upstream.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Masahiro Yamada <masahiroy@kernel.org>
2020-04-10 11:18:32 -04:00
AKASHI Takahiro
b983cc2da0 lib: rsa: decouple rsa from FIT image verification
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-03-12 08:20:38 -04:00
Philippe Reynes
4df3578119 u-boot: fit: add support to decrypt fit with aes
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-01-17 10:16:29 -05:00
Philippe Reynes
7298e42250 mkimage: fit: add support to encrypt image with aes
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-01-17 10:15:49 -05:00
AKASHI Takahiro
2b12196dc1 cmd: add asn1_compiler
Imported from linux kernel v5.3:
 asn1.h without changes
 asn1_ber_bytecode.h without changes
 asn1_decoder.h without changes
 asn1_compiler.c without changes

This host command will be used to create a ASN1 parser, for example,
for pkcs7 messages or x509 certificates. More specifically, it will
generate *byte code* which will be interpreted by asn1 decoder library.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-12-06 16:44:20 -05:00
Heinrich Schuchardt
44de15d686 tools: remove easylogo and include/video_logo.h
include/video_logo.h once was created via the tool easylogo and than used
in cpu/mpc8xx/video.c to display Tux. video_logo.h has been replaced by
include/linux_logo.h and is not needed anymore.

Delete the include and the tool,

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-08-26 11:46:30 -04:00
Heiko Schocher
245b1029e1 bmp_logo: support CONFIG_DM_VIDEO
in case of bmp_logo, the video_bmp driver is used for
drawing a bmp logo. This driver supports only "full"
bmp data. Adding a logo with the bmp_logo tool to
u-boot binary adds currently only real data and drops
the bmp header.

This patch adds now the full bmp data to the u-boot
binary, so video_bmp driver works with the logo embedded
into u-boot.

Fixed also some checkpatch error poping up with this
patch.

Signed-off-by: Heiko Schocher <hs@denx.de>
2019-07-29 00:20:31 +02:00
Simon Glass
56bf4f8630 x86: Add ifwitool for Intel Integrated Firmware Image
Some Intel SoCs from about 2016 boot using an internal microcontroller via
an 'IFWI' image. This is a special format which can hold firmware images.
In U-Boot's case it holds u-boot-tpl.bin.

Add this tool, taken from coreboot, so that we can build bootable images
on apollolake SoCs.

This tool itself has no tests. Some amount of coverage will be provided by
the binman tests that use it, so enable building the tool on sandbox.

Signed-off-by: Simon Glass <sjg@chromium.org>
2019-07-23 20:27:56 -07:00
Simon Goldschmidt
2577015dc5 spl: add overall SPL size check
This adds a size check for SPL that can dynamically check generated
SPL binaries (including devicetree) for a size limit that ensures
this image plus global data, heap and stack fit in initial SRAM.

Since some of these sizes are not available to make, a new host tool
'spl_size_limit' is added that dumps the resulting maximum size for
an SPL binary to stdout. This tool is used in toplevel Makefile to
implement the size check on SPL binaries.

Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
2019-06-07 11:03:39 -04:00
Fabrice Fontaine
93e078807f Make FIT support really optional
Due to some mistakes in the source code, it was not possible to really
turn FIT support off. This commit fixes the problem by means of the
following changes:

- Enclose "bootm_host_load_image" and "bootm_host_load_images" between
  checks for CONFIG_FIT_SIGNATURE, in common/bootm.c.

- Enclose the declaration of "bootm_host_load_images" between checks for
  CONFIG_FIT_SIGNATURE, in common/bootm.h.

- Condition the compilation and linking of fit_common.o fit_image.o
  image-host.o common/image-fit.o to CONFIG_FIT=y, in tools/Makefile.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
[fabio: adapt for 2016.07]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Ricardo: fix conditional compilation and linking of the files mentioned above
for 2016.07]
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Jörg: adapt for 2019.01]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/uboot-tools/0003-Make-FIT-support-really-optional.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-05-09 19:52:55 -04:00
Fabrice Fontaine
72c69ea8d6 tools/Makefile: fix HOSTCFLAGS with CROSS_BUILD_TOOLS
When CROSS_BUILD_TOOLS is set, set HOSTCFLAGS to CFLAGS otherwise CC
will be used with HOSTCFLAGS which seems wrong

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-05-03 07:30:31 -04:00
Pierre Bourdon
9bdfe290e9 tools/Makefile: get openssl CFLAGS from pkg-config
Fixes building mkimage on systems where OpenSSL header files do not
live in the standard include path.

Signed-off-by: Pierre Bourdon <delroth@gmail.com>
2019-04-26 17:51:51 -04:00