summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2020-05-04lib/crypto, efi_loader: move some headers to include/cryptoAKASHI Takahiro
Pkcs7_parse.h and x509_parser.h are used in UEFI subsystem, in particular, secure boot. So move them to include/crypto to avoid relative paths. Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Don't include include x509_parser.h twice. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-05-04lib/crypto, efi_loader: avoid multiple inclusions of header filesAKASHI Takahiro
By adding extra symbols, we can now avoid including x509_parser and pkcs7_parser.h files multiple times. Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Don't include include x509_parser.h twice. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-05-01tiny-printf: Support %iMarek Vasut
The most basic printf("%i", value) formating string was missing, add it for the sake of convenience. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Simon Glass <sjg@chromium.org> Cc: Stefan Roese <sr@denx.de>
2020-04-30Merge tag 'efi-2020-07-rc2' of ↵Tom Rini
https://gitlab.denx.de/u-boot/custodians/u-boot-efi Pull request for UEFI sub-system for efi-2020-07-rc2 This pull request contains bug fixes needed due to the merged changes for EFI secure boot. Patches are supplied to identify EFI system partitions.
2020-04-30acpi: Add an acpi commandSimon Glass
It is useful to dump ACPI tables in U-Boot to see what has been generated. Add a command to handle this. To allow the command to find the tables, add a position into the global data. Support subcommands to list and dump the tables. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-30acpi: Move the xsdt pointer to acpi_ctxSimon Glass
Put this in the context along with the other important pointers. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-30acpi: Put table-setup code in its own functionSimon Glass
We always write three basic tables to ACPI at the start. Move this into its own function, along with acpi_fill_header(), so we can write a test for this code. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-04-30acpi: Move acpi_add_table() to generic codeSimon Glass
Move this code to a generic location so that we can test it with sandbox. This requires adding a few new fields to acpi_ctx, so drop the local variables used in the original code. Also use mapmem to avoid pointer-to-address casts which don't work on sandbox. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-30acpi: Convert part of acpi_table to use acpi_ctxSimon Glass
The current code uses an address but a pointer would result in fewer casts. Also it repeats the alignment code in a lot of places so this would be better done in a helper function. Update write_acpi_tables() to make use of the new acpi_ctx structure, adding a few helpers to clean things up. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-30acpi: Add a method to write tables for a deviceSimon Glass
A device may want to write out ACPI tables to describe itself to Linux. Add a method to permit this. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-30efi_loader: identify EFI system partitionHeinrich Schuchardt
In subsequent patches UEFI variables shalled be stored on the EFI system partition. Hence we need to identify the EFI system partition. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-28Merge tag 'dm-pull-27apr20' of git://git.denx.de/u-boot-dmTom Rini
Move Python tools to use absolute paths Minor buildman fixes for new features Make libfdt code more similar to upsteam
2020-04-27Merge branch '2020-04-27-master-imports'Tom Rini
- Assorted bugfixes. - Documentation improvements including support for https://u-boot.readthedocs.io/
2020-04-27lib: zlib: fix formatting, referenceHeinrich Schuchardt
Provide a valid reference for the deflate format. Reformat the ALGORITHM and REFERENCES comments. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-27lib: enable lzma decompression support for SPL buildWeijie Gao
This patch enables LZMA decompression support for SPL build Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
2020-04-26fdt_region: move fdt_region.c to common/ from lib/libfdt/Masahiro Yamada
My goal is to sync lib/libfdt/ with scripts/dtc/libfdt/, that is, make lib/libfdt/ contain only wrapper files. fdt_region.c was written only for U-Boot to implement the verified boot. So, this belongs to the same group as common/fdt_support.c, which is a collection of U-Boot own fdt helpers. Move lib/libfdt/fdt_region.c to common/fdt_region.c . This is necessary only when CONFIG_(SPL_TPL_)_FIT_SIGNATURE is enabled. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
2020-04-26libfdt: migrate fdt_ro.c to a wrapper of scripts/dtc/libfdt/fdt_ro.cMasahiro Yamada
There is no essential difference between scripts/dtc/libfdt/fdt_ro.c and lib/libfdt/fdt_ro.c Migrate to a simple wrapper like the other files. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
2020-04-24uuid: Use const char * where possibleSimon Glass
Update the arguments of these functions so they can be called from code which uses constant strings. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-04-24lib: Add a function to convert a string to upper caseSimon Glass
Add a helper function for this operation. Update the strtoul() tests to check upper case as well. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-24lib: strto: Stop detection when invalid char is usedMichal Simek
This issue has been found when mtd partition are specified. Autodetection code should stop when the first invalid char is found. Here is the example of commands: setenv mtdids nand0=memory-controller@e000e000 setenv mtdparts "mtdparts=nand0:4m(boot),4m(env),64m(kernel),96m(rootfs)" mtd list Before: Zynq> mtd list List of MTD devices: * nand0 - type: NAND flash - block size: 0x20000 bytes - min I/O: 0x800 bytes - OOB size: 64 bytes - OOB available: 16 bytes - ECC strength: 1 bits - ECC step size: 2048 bytes - bitflip threshold: 1 bits - 0x000000000000-0x000010000000 : "nand0" - 0x000000000000-0x000000400000 : "boot" - 0x000000400000-0x000000800000 : "env" - 0x000000800000-0x000006c00000 : "kernel" - 0x000006c00000-0x000010000000 : "rootfs" Where it is visible that kernel partition has 100m instead of 64m After: Zynq> mtd list * nand0 - type: NAND flash - block size: 0x20000 bytes - min I/O: 0x800 bytes - OOB size: 64 bytes - OOB available: 16 bytes - ECC strength: 1 bits - ECC step size: 2048 bytes - bitflip threshold: 1 bits - 0x000000000000-0x000010000000 : "nand0" - 0x000000000000-0x000000400000 : "boot" - 0x000000400000-0x000000800000 : "env" - 0x000000800000-0x000004800000 : "kernel" - 0x000004800000-0x00000a800000 : "rootfs" Signed-off-by: Michal Simek <michal.simek@xilinx.com> Fixes: 0486497e2b5f ("lib: Improve _parse_integer_fixup_radix base 16 detection") Tested-by: Heiko Schocher <hs@denx.de> Tested-by: Pali Rohár <pali@kernel.org>
2020-04-24lib: do not provide hexdump in SPLHeinrich Schuchardt
SPL should not be enlarged by building with CONFIG_HEXDUMP=y. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Tom Rini <trini@konsulko.com>
2020-04-24lib: do not build OID registry in SPLHeinrich Schuchardt
The OID registry is only used by crypto functions that are not built in SPL. So we should not build it in SPL. Fixes: a9b45e6e8382 ("lib: add oid registry utility") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Tom Rini <trini@konsulko.com>
2020-04-24libfdt: Make fdtdec_get_child_count() available for HOSTKever Yang
The tool need to use fdtdec_get_child_count(), make it available for HOST_CC. Signed-off-by: Kever Yang <kever.yang@rock-chips.com> Reviewed-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-24make env_entry::callback conditional on !CONFIG_SPL_BUILDRasmus Villemoes
The callback member of struct env_entry is always NULL for an SPL build. Removing it thus saves a bit of run-time memory in the SPL (when CONFIG_SPL_ENV_SUPPORT=y) since struct env_entry is embedded in struct env_entry_node - i.e. about 2KB for the normal case of 512+change hash table entries. Two small fixups are needed for this, all other references to the callback member are already under !CONFIG_SPL_BUILD: Don't initialize .callback in set_flags() - hsearch_r doesn't use that value anyway. And make env_callback_init() initialize ->callback to NULL for a new entry instead of relying on an unused or deleted entry having NULL in ->callback. Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-24lib/hashtable.c: don't test ->callback in SPLRasmus Villemoes
In SPL, environment callbacks are not supported, so e->callback is always NULL. Removing this makes the SPL a little smaller (about 400 bytes in my ppc build) with no functional change. Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-24lib/hashtable.c: create helper for calling env_entry::callbackRasmus Villemoes
This is preparation for compiling out the "call the callback" code and associated error handling for SPL, where ->callback is always NULL. Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-23fdtdec: Fix boundary checkAtish Patra
In U-Boot, the reserved memory end address is considered as a inclusive address. This notion is followed while adding a reserved memory node to the DT. For example: end_address = start_address + size - 1 Follow the same notion and fix the end address computation while checking for existing nodes. Signed-off-by: Atish Patra <atish.patra@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-17lib: kconfig: Add option to set BZIP2 compression methodAtish Patra
There is no way to select BZIP2 compression method. Add it under library/compression config where all other compression related configs are present. Signed-off-by: Atish Patra <atish.patra@wdc.com> Reviewed-by: Tom Rini <trini@konsulko.com>
2020-04-16Merge tag 'efi-2020-07-rc1' of ↵Tom Rini
https://gitlab.denx.de/u-boot/custodians/u-boot-efi Pull request for UEFI sub-system for efi-2020-07-rc1 This pull request * provides an implementation of UEFI secure booting * fixes a problem with the rsa_mod_exp driver which stops some boards from booting when CONFIG_RSA is enabled which is needed for UEFI secure booting * enables the EFI_RNG_PROTOCOL if DM_RNG is enabled * fixes some function comments
2020-04-16Merge tag 'dm-pull-10apr20-take2' of git://git.denx.de/u-boot-dmTom Rini
Functions for reading indexed values from device tree Enhancements to 'dm' command Log test enhancements and syslog driver DM change to read parent ofdata before children Minor fixes
2020-04-16fdtdec: support multiple phandles in memory carveoutLaurentiu Tudor
fdtdec_set_carveout() is limited to only one phandle. Fix this limitation by adding support for multiple phandles. Signed-off-by: Laurentiu Tudor <laurentiu.tudor@nxp.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-04-16acpi: Add support for DMARSimon Glass
The DMA Remapping Reporting (DMAR) table contains information about DMA remapping. Add a version simple version of this table with only the minimum fields filled out. i.e. no entries. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-16acpi: Add a central location for table version numbersSimon Glass
Each ACPI table has its own version number. Add the version numbers in a single function so we can keep them consistent and easily see what versions are supported. Start a new acpi_table file in a generic directory to house this function. We can move things over to this file from x86 as needed. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-04-16x86: Move acpi_table header to main include/ directorySimon Glass
This file is potentially useful to other architectures saddled with ACPI so move most of its contents to a common location. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
2020-04-16efi_loader: set up secure bootAKASHI Takahiro
The following variable is exported as UEFI specification defines: SignatureSupport: array of GUIDs representing the type of signatures supported by the platform firmware Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: image_loader: support image authenticationAKASHI Takahiro
With this commit, image validation can be enforced, as UEFI specification section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled. Currently we support * authentication based on db and dbx, so dbx-validated image will always be rejected. * following signature types: EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images) EFI_CERT_X509_GUID (x509 certificate for signed images) Timestamp-based certificate revocation is not supported here. Internally, authentication data is stored in one of certificates tables of PE image (See efi_image_parse()) and will be verified by efi_image_authenticate() before loading a given image. It seems that UEFI specification defines the verification process in a bit ambiguous way. I tried to implement it as closely to as EDK2 does. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: variable: add VendorKeys variableAKASHI Takahiro
The following variable is exported as UEFI specification defines: VendorKeys: whether the system is configured to use only vendor-provided keys or not The value will have to be modified if a platform has its own way of initializing signature database, in particular, PK. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: variable: add secure boot state transitionAKASHI Takahiro
UEFI specification defines several global variables which are related to the current secure boot state. In this commit, those values will be maintained according to operations. Currently, AuditMode and DeployedMode are defined but not implemented. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: variable: support variable authenticationAKASHI Takahiro
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is supported for authenticated variables and the system secure state will transfer between setup mode and user mode as UEFI specification section 32.3 describes. Internally, authentication data is stored as part of authenticated variable's value. It is nothing but a pkcs7 message (but we need some wrapper, see efi_variable_parse_signature()) and will be validated by efi_variable_authenticate(), hence efi_signature_verify_with_db(). Associated time value will be encoded in "{...,time=...}" along with other UEFI variable's attributes. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: add signature database parserAKASHI Takahiro
efi_signature_parse_sigdb() is a helper function will be used to parse signature database variable and instantiate a signature store structure in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: add signature verification functionsAKASHI Takahiro
In this commit, implemented are a couple of helper functions which will be used to materialize variable authentication as well as image authentication in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: add CONFIG_EFI_SECURE_BOOT config optionAKASHI Takahiro
Under this configuration, UEFI secure boot support will be added in later patches. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-04-16efi_loader: function descriptions efi_watchdog.cHeinrich Schuchardt
Correct function descriptions in efi_watchdog.c. Add the descriptions to the generated HTML documentation. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: add missing doc comments in efi_disk.cHeinrich Schuchardt
Add missing descriptions for functions in efi_disk.c. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: function descriptions efi_unicode_collation.cHeinrich Schuchardt
Correct function descriptions in efi_unicode_collation.c Add the Unicode collation protocol to the generated HTML documentation. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-16efi_loader: enable RNG if DM_RNG is enabledPeter Robinson
Enable EFI_RNG_PROTOCOL by default if DM_RNG is set. Signed-off-by: Peter Robinson <pbrobinson@gmail.com> Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org> Remove superfluous 'if DM_RNG' Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-04-07Merge tag 'xilinx-for-v2020.07' of ↵Tom Rini
https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-06lib: Improve _parse_integer_fixup_radix base 16 detectionMichal Simek
Base autodetection is failing for this case: if test 257 -gt 3ae; then echo first; else echo second; fi It is because base for 3ae is recognized by _parse_integer_fixup_radix() as 10. The code detects the first char which is not between 'a'/'A' or 'f'/'F' to change base from dec to hex. Signed-off-by: Michal Simek <michal.simek@xilinx.com> Signed-off-by: Shiril Tichkule <shirilt@xlinx.com>
2020-04-01image: Use constants for 'required' and 'key-name-hint'Simon Glass
These are used in multiple places so update them to use a shared #define. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-03-31Merge branch 'next' of git://git.denx.de/u-boot-usb into nextTom Rini