summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2020-04-16acpi: Add support for DMARSimon Glass
The DMA Remapping Reporting (DMAR) table contains information about DMA remapping. Add a version simple version of this table with only the minimum fields filled out. i.e. no entries. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-16acpi: Add a central location for table version numbersSimon Glass
Each ACPI table has its own version number. Add the version numbers in a single function so we can keep them consistent and easily see what versions are supported. Start a new acpi_table file in a generic directory to house this function. We can move things over to this file from x86 as needed. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-16x86: Move acpi_table header to main include/ directorySimon Glass
This file is potentially useful to other architectures saddled with ACPI so move most of its contents to a common location. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-16efi_loader: set up secure bootAKASHI Takahiro
The following variable is exported as UEFI specification defines: SignatureSupport: array of GUIDs representing the type of signatures supported by the platform firmware Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: image_loader: support image authenticationAKASHI Takahiro
With this commit, image validation can be enforced, as UEFI specification section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled. Currently we support * authentication based on db and dbx, so dbx-validated image will always be rejected. * following signature types: EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images) EFI_CERT_X509_GUID (x509 certificate for signed images) Timestamp-based certificate revocation is not supported here. Internally, authentication data is stored in one of certificates tables of PE image (See efi_image_parse()) and will be verified by efi_image_authenticate() before loading a given image. It seems that UEFI specification defines the verification process in a bit ambiguous way. I tried to implement it as closely to as EDK2 does. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: variable: add VendorKeys variableAKASHI Takahiro
The following variable is exported as UEFI specification defines: VendorKeys: whether the system is configured to use only vendor-provided keys or not The value will have to be modified if a platform has its own way of initializing signature database, in particular, PK. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: variable: add secure boot state transitionAKASHI Takahiro
UEFI specification defines several global variables which are related to the current secure boot state. In this commit, those values will be maintained according to operations. Currently, AuditMode and DeployedMode are defined but not implemented. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: variable: support variable authenticationAKASHI Takahiro
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is supported for authenticated variables and the system secure state will transfer between setup mode and user mode as UEFI specification section 32.3 describes. Internally, authentication data is stored as part of authenticated variable's value. It is nothing but a pkcs7 message (but we need some wrapper, see efi_variable_parse_signature()) and will be validated by efi_variable_authenticate(), hence efi_signature_verify_with_db(). Associated time value will be encoded in "{...,time=...}" along with other UEFI variable's attributes. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: add signature database parserAKASHI Takahiro
efi_signature_parse_sigdb() is a helper function will be used to parse signature database variable and instantiate a signature store structure in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: add signature verification functionsAKASHI Takahiro
In this commit, implemented are a couple of helper functions which will be used to materialize variable authentication as well as image authentication in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: add CONFIG_EFI_SECURE_BOOT config optionAKASHI Takahiro
Under this configuration, UEFI secure boot support will be added in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: function descriptions efi_watchdog.cHeinrich Schuchardt
Correct function descriptions in efi_watchdog.c. Add the descriptions to the generated HTML documentation. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: add missing doc comments in efi_disk.cHeinrich Schuchardt
Add missing descriptions for functions in efi_disk.c. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: function descriptions efi_unicode_collation.cHeinrich Schuchardt
Correct function descriptions in efi_unicode_collation.c Add the Unicode collation protocol to the generated HTML documentation. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: enable RNG if DM_RNG is enabledPeter Robinson
Enable EFI_RNG_PROTOCOL by default if DM_RNG is set. Signed-off-by: Peter Robinson <pbrobinson@gmail.com> Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org> Remove superfluous 'if DM_RNG' Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-07Merge tag 'xilinx-for-v2020.07' of ↵Tom Rini
https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-06lib: Improve _parse_integer_fixup_radix base 16 detectionMichal Simek
Base autodetection is failing for this case: if test 257 -gt 3ae; then echo first; else echo second; fi It is because base for 3ae is recognized by _parse_integer_fixup_radix() as 10. The code detects the first char which is not between 'a'/'A' or 'f'/'F' to change base from dec to hex. Signed-off-by: Michal Simek <michal.simek@xilinx.com> Signed-off-by: Shiril Tichkule <shirilt@xlinx.com>
2020-04-01image: Use constants for 'required' and 'key-name-hint'Simon Glass
These are used in multiple places so update them to use a shared #define. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-03-31Merge branch 'next' of git://git.denx.de/u-boot-usb into nextTom Rini
2020-03-22efi_loader: definition of GetNextVariableName()Heinrich Schuchardt
'vendor' is both an input and an output parameter. So it cannot be constant. Fixes: 0bda81bfdc5c ("efi_loader: use const efi_guid_t * for variable services") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_selftest: test CalculateCrc32, CopyMem, SetMemHeinrich Schuchardt
Provide unit tests for CalculateCrc32(), CopyMem(), SetMem(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_loader: fix freestanding memmove()Heinrich Schuchardt
For EFI binaries we have to provide an implementation of memmove() in efi_freestanding.c. Before this patch the memmove() function was copying in the wrong direction. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_loader: description efi_convert_pointer()Heinrich Schuchardt
Correct the description of function efi_convert_pointer(). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_loader: simplify logical expression in efi_disk_add_dev()Heinrich Schuchardt
To check if a variable is non-zero there is no need for '!= 0'. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_selftest: check length reported by GetNextVariableName()Heinrich Schuchardt
GetNextVariableName should report the length of the variable including the final 0x0000 in bytes. Check this in the unit test. Increase the buffer size for variable names. 40 bytes is too short. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_loader: correct reported length in GetNextVariable()Heinrich Schuchardt
The runtime service GetNextVariable() returns the length of the next variable including the closing 0x0000. This length should be in bytes. Comparing the output of EDK2 and U-Boot shows that this is currently not correctly implemented: EDK2: OsIndicationsSupported: 46 PlatformLang: 26 PlatformLangCodes: 36 U-Boot: OsIndicationsSupported: 23 PlatformLang: 13 PlatformLangCodes: 18 Provide correct length in GetNextVariable(). Fixes: d99a87f84b75 ("efi_loader: implement GetNextVariableName()") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_loader: fix function descriptions in efi_disk.cHeinrich Schuchardt
Use Sphinx style for function descriptions. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-22efi_loader: description of efi_variable.cHeinrich Schuchardt
Correct the file description. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-17Merge tag 'ti-v2020.07-next' of ↵Tom Rini
https://gitlab.denx.de/u-boot/custodians/u-boot-ti into next K3 J721E: * OSPI boot support * Support for loading remote cores in R5 SPL * PMIC ESM Support * Minor fixes for R5F and C7x remoteproc drivers K3 AM654: * Update AVS class 0 voltages. * Add I2C nodes DRA7xx/AM57xx: * Fixed Android boot on AM57xx AM33/AM43/Davinci: * switch to driver model for the net and mdio driver for baltos * Add DM/DTS support for omap video driver * Enable fastboot on am335x-evm
2020-03-17efi_loader: export a couple of protocol related functionsAKASHI Takahiro
This is a preparatory patch. Those functions will be used in an implementation of UEFI firmware management protocol as part of my capsule update patch. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-03-12lib: rsa: add rsa_verify_with_pkey()AKASHI Takahiro
This function, and hence rsa_verify(), will perform RSA verification with two essential parameters for a RSA public key in contract of rsa_verify_with_keynode(), which requires additional three parameters stored in FIT image. It will be used in implementing UEFI secure boot, i.e. image authentication and variable authentication. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-03-12lib: rsa: generate additional parameters for public keyAKASHI Takahiro
In the current implementation of FIT_SIGNATURE, five parameters for a RSA public key are required while only two of them are essential. (See rsa-mod-exp.h and uImage.FIT/signature.txt) This is a result of considering relatively limited computer power and resources on embedded systems, while such a assumption may not be quite practical for other use cases. In this patch, added is a function, rsa_gen_key_prop(), which will generate additional parameters for other uses, in particular UEFI secure boot, on the fly. Note: the current code uses some "big number" routines from BearSSL for the calculation. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-03-12rsa: add CONFIG_RSA_VERIFY_WITH_PKEY configAKASHI Takahiro
In the next couple of commits, under new CONFIG_RSA_VERIFY_WITH_PKEY, rsa_verify() will be extended to be able to perform RSA decryption without additional RSA key properties from FIT image, i.e. rr and n0inv. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-03-12lib: rsa: decouple rsa from FIT image verificationAKASHI Takahiro
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-03-11efi_loader: unnecessary assignment in efi_queue_eventHeinrich Schuchardt
The assigned value NULL is never used. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-11efi_loader: get_memory_map: return parameters whenever possibleAKASHI Takahiro
Currently, if GetMemoryMap API returns EFI_BUFFER_TOO_SMALL, it doesn't set valid values to other parameters, descriptor_size and descriptor_version, except memory_map_size. Some efi applications, however, may use those value; in particular, xen uses descriptor_size to calculate a size of buffer to be allocated. While UEFI specification is ambiguous in this point, it would be better to address this issue proactively to maximize the compatibility with existing efi applications. With this patch, for example, xen.efi (and hence linux kernel) can be started via bootefi without modification. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-03-03lib: elf: Move the generic elf loading/validating functions to libKeerthy
Move the generic elf loading/validating functions to lib/ so that they can be re-used and accessed by code existing outside cmd. While at it remove the duplicate static version of load_elf_image_phdr under arch/arm/mach-imx/imx_bootaux.c. Signed-off-by: Keerthy <j-keerthy@ti.com> Suggested-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com> Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
2020-02-28efi_selftest: add selftests for loadfile2 used to load initramfsIlias Apalodimas
Provide a unit test loading an initial ramdisk using the EFI_LOAD_FILE2_PROTOCOL. The test is only executed on request. An example usage - given a file image with a file system in partition 1 holding file initrd - is: * Configure the sandbox with CONFIG_EFI_SELFTEST=y CONFIG_EFI_LOAD_FILE2_INITRD=y CONFIG_EFI_INITRD_FILESPEC="host 0:1 initrd" * Run ./u-boot and execute host bind 0 image setenv efi_selftest load initrd bootefi selftest This would provide a test output like: Testing EFI API implementation Selected test: 'load initrd' Setting up 'load initrd' Setting up 'load initrd' succeeded Executing 'load initrd' Loaded 12378613 bytes CRC32 2997478465 Executing 'load initrd' succeeded Now the size and CRC32 can be compared to the provided file. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-02-28efi_loader: Implement FileLoad2 for initramfs loadingIlias Apalodimas
Following kernel's proposal for an arch-agnostic initrd loading mechanism [1] let's implement the U-boot counterpart. This new approach has a number of advantages compared to what we did up to now. The file is loaded into memory only when requested limiting the area of TOCTOU attacks. Users will be allowed to place the initramfs file on any u-boot accessible partition instead of just the ESP one. Finally this is an attempt of a generic interface across architectures in the linux kernel so it makes sense to support that. The file location is intentionally only supported as a config option argument(CONFIG_EFI_INITRD_FILESPEC), in an effort to enhance security. Although U-boot is not responsible for verifying the integrity of the initramfs, we can enhance the offered security by only accepting a built-in option, which will be naturally verified by UEFI Secure Boot. This can easily change in the future if needed and configure that via ENV or UEFI variable. [1] https://lore.kernel.org/linux-efi/20200207202637.GA3464906@rani.riverdale.lan/T/#m4a25eb33112fab7a22faa0fd65d4d663209af32f Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-02-26efi_loader: implement EFI_RT_PROPERTIES_TABLEHeinrich Schuchardt
UEFI spec 2.8 errata A replaces the RuntimeServicesSupported variable defined in UEFI spec 2.8 by the configuration table EFI_RT_PROPERTIES_TABLE. So let's follow suit. Cc: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Tested-by: Ard Biesheuvel <ardb@kernel.org>
2020-02-19efi_loader: EFI_RNG_PROTOCOLHeinrich Schuchardt
Do not use quotation marks for Kconfig help text. Replace rng abbreviation by full words. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-02-05dm: core: Create a new header file for 'compat' featuresSimon Glass
At present dm/device.h includes the linux-compatible features. This requires including linux/compat.h which in turn includes a lot of headers. One of these is malloc.h which we thus end up including in every file in U-Boot. Apart from the inefficiency of this, it is problematic for sandbox which needs to use the system malloc() in some files. Move the compatibility features into a separate header file. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05dm: core: Require users of devres to include the headerSimon Glass
At present devres.h is included in all files that include dm.h but few make use of it. Also this pulls in linux/compat which adds several more headers. Drop the automatic inclusion and require files to include devres themselves. This provides a good indication of which files use devres. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Anatolij Gustschin <agust@denx.de>
2020-02-05string: Allow arch override of strndup() alsoSimon Glass
At present architectures can override strdup() but not strndup(). Use the same option for both. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05dm: pci: Update a few more interfaces for const udevice *Simon Glass
Tidy up a few places where const * should be used. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-01-30libfdt: Revert 6dcb8ba4 from upstream libfdtTom Rini
In upstream libfdt, 6dcb8ba4 "libfdt: Add helpers for accessing unaligned words" introduced changes to support unaligned reads for ARM platforms and 11738cf01f15 "libfdt: Don't use memcpy to handle unaligned reads on ARM" improved the performance of these helpers. In practice however, this only occurs when the user has forced the device tree to be placed in memory in a non-aligned way, which in turn violates both our rules and the Linux Kernel rules for how things must reside in memory to function. This "in practice" part is important as handling these other cases adds visible (1 second or more) delay to boot in what would be considered the fast path of the code. Cc: Patrice CHOTARD <patrice.chotard@st.com> Cc: Patrick DELAUNAY <patrick.delaunay@st.com> Link: https://www.spinics.net/lists/devicetree-compiler/msg02972.html Signed-off-by: Tom Rini <trini@konsulko.com> Tested-by: Patrice Chotard <patrice.chotard@st.com>
2020-01-30optee: Replace uninitialized return variable by proper one.Christoph Müllner
As hinted by GCC 9, there is a return statement that returns an uninitialized variable in optee_copy_firmware_node(). This patch addresses this. Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com> Reviewed-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
2020-01-25lib: Kconfig dependencies for pseudo-random libraryHeinrich Schuchardt
drivers/rng/sandbox_rng.c requires rand() to be defined but configuration option CONFIG_CONFIG_LIB_RAND selected in drivers/rng/Kconfig does not exist. test/lib/test_aes.c requires rand() to be defined. Fix the selection criteria for choice "Pseudo-random library support type". Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-25lib: rsa: consider CONFIG_SPL_RSAHeinrich Schuchardt
CONFIG_SPL_RSA is meant to control if lib/rsa/* is used for SPL. Adjust lib/Makefile to consider this setting. This was correctly setup with commit 51c14cd128f4 ("verified-boot: Minimal support for booting U-Boot proper from SPL") and got lost with commit 089df18bfe9d ("lib: move hash CONFIG options to Kconfig"). Fixes: 089df18bfe9d ("lib: move hash CONFIG options to Kconfig") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-01-22trace: provide Sphinx style commentsHeinrich Schuchardt
Correct some function comments. Convert to Sphinx style. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>