u-boot.git/lib, branch v2021.10-rc2 Unnamed repository; edit this file 'description' to name the repository. lib: ecdsa: Implement UCLASS_ECDSA verification on target 2021-08-16T08:49:35+00:00 Alexandru Gagniuc mr.nuke.me@gmail.com 2021-07-29T16:47:16+00:00 928a8be79480b0e2ea2461a7b2533d3e71bcb3e6 Implement the crypto_algo .verify() function for ecdsa256. Because it backends on UCLASS_ECDSA, this change is focused on parsing the keys from devicetree and passing this information to the specific UCLASS driver. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com> 
Implement the crypto_algo .verify() function for ecdsa256. Because
it backends on UCLASS_ECDSA, this change is focused on parsing the
keys from devicetree and passing this information to the specific
UCLASS driver.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
efi_loader: refactor efi_append_scrtm_version() 2021-08-14T18:54:41+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-08-13T07:12:42+00:00 61ee780352e054df587d8781f23b323c967b5d2a Refactor efi_append_scrtm_version() to use common function for adding eventlog and extending PCR. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> 
Refactor efi_append_scrtm_version() to use common
function for adding eventlog and extending PCR.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
efi_loader: add ExitBootServices() measurement 2021-08-14T18:54:41+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-08-13T07:12:41+00:00 fdff03e5b338772b9340b7b2965b9de71c323f24 TCG PC Client PFP spec requires to measure "Exit Boot Services Invocation" if ExitBootServices() is invoked. Depending upon the return code from the ExitBootServices() call, "Exit Boot Services Returned with Success" or "Exit Boot Services Returned with Failure" is also measured. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Swap two ifs in efi_exit_boot_services(). efi_tcg2_notify_exit_boot_services must have EFIAPI signature. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
TCG PC Client PFP spec requires to measure
"Exit Boot Services Invocation" if ExitBootServices() is invoked.
Depending upon the return code from the ExitBootServices() call,
"Exit Boot Services Returned with Success" or "Exit Boot Services
Returned with Failure" is also measured.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>

Swap two ifs in efi_exit_boot_services().
efi_tcg2_notify_exit_boot_services must have EFIAPI signature.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
efi_loader: add boot variable measurement 2021-08-14T18:54:41+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-08-13T07:12:40+00:00 8fc4e0b4273adc741dfd1917970162ca224f98bf TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> 
TCG PC Client PFP spec requires to measure "Boot####"
and "BootOrder" variables, EV_SEPARATOR event prior
to the Ready to Boot invocation.
Since u-boot does not implement Ready to Boot event,
these measurements are performed when efi_start_image() is called.

TCG spec also requires to measure "Calling EFI Application from
Boot Option" for each boot attempt, and "Returning from EFI
Application from Boot Option" if a boot device returns control
back to the Boot Manager.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
efi_loader: add secure boot variable measurement 2021-08-14T18:54:41+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2021-08-13T07:12:39+00:00 cfbcf054a323b692e85e73fc2a57400ee92f6b63 TCG PC Client PFP spec requires to measure the secure boot policy before validating the UEFI image. This commit adds the secure boot variable measurement of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr". Note that this implementation assumes that secure boot variables are pre-configured and not be set/updated in runtime. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> 
TCG PC Client PFP spec requires to measure the secure
boot policy before validating the UEFI image.
This commit adds the secure boot variable measurement
of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr".

Note that this implementation assumes that secure boot
variables are pre-configured and not be set/updated in runtime.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
efi_loader: Uri() device path node 2021-08-14T18:54:41+00:00 Heinrich Schuchardt xypron.glpk@gmx.de 2021-08-05T21:10:05+00:00 148ce20520760d17f1d9db23c0575ffeed60a287 iPXE used Uri() device path nodes. So we should support them in the device path to text protocol. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
iPXE used Uri() device path nodes. So we should support them in the
device path to text protocol.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Merge https://source.denx.de/u-boot/custodians/u-boot-samsung 2021-08-03T13:07:01+00:00 Tom Rini trini@konsulko.com 2021-08-03T13:07:01+00:00 b91c70433386d133c842729c5d9b109cdcc79399 






lib: Allow using 0x when a decimal value is requested
2021-08-02T17:32:14+00:00

Simon Glass
sjg@chromium.org

2021-07-24T15:03:38+00:00

e6951139c0544116330b12e287fe45e30bbab11c

U-Boot mostly uses hex for value input, largely because addresses are much
easier to understand in hex.

But in some cases a decimal value is requested, such as where the value is
small or hex does not make sense in the context. In these cases it is
sometimes useful to be able to provide a hex value in any case, if only to
resolve any ambiguity.

Add this functionality, for increased flexibility.

Signed-off-by: Simon Glass <sjg@chromium.org>





U-Boot mostly uses hex for value input, largely because addresses are much
easier to understand in hex.

But in some cases a decimal value is requested, such as where the value is
small or hex does not make sense in the context. In these cases it is
sometimes useful to be able to provide a hex value in any case, if only to
resolve any ambiguity.

Add this functionality, for increased flexibility.

Signed-off-by: Simon Glass <sjg@chromium.org>







lib: Move common digit-parsing code into a function
2021-08-02T17:32:14+00:00

Simon Glass
sjg@chromium.org

2021-07-24T15:03:35+00:00

5a94546e1cb302842aa0f65be0bb3585fd010ccd

The code to convert a character into a digit is repeated twice in this
file. Factor it out into a separate function. This also makes the code a
little easier to read.

Signed-off-by: Simon Glass <sjg@chromium.org>





The code to convert a character into a digit is repeated twice in this
file. Factor it out into a separate function. This also makes the code a
little easier to read.

Signed-off-by: Simon Glass <sjg@chromium.org>







lib: Drop unnecessary check for hex digit
2021-08-02T17:32:14+00:00

Simon Glass
sjg@chromium.org

2021-07-24T15:03:32+00:00

96b23440c1b74cd95022e3ebb08a60fedb04f3b9

If we see 0x then we can assume this is the start of a hex value. It
does not seem necessary to check for a hex digit after that since it will
happen when parsing the value anyway.

Drop this check to simplify the code and reduce size. Add a few more test
cases for when a 0x prefix is used.

Signed-off-by: Simon Glass <sjg@chromium.org>





If we see 0x then we can assume this is the start of a hex value. It
does not seem necessary to check for a hex digit after that since it will
happen when parsing the value anyway.

Drop this check to simplify the code and reduce size. Add a few more test
cases for when a 0x prefix is used.

Signed-off-by: Simon Glass <sjg@chromium.org>