u-boot.git/test, branch v2021.04-rc2

image: Check for unit addresses in FITs

2021-02-16T03:31:54Z

Using unit addresses in a FIT is a security risk. Add a check for this and disallow it. CVE-2021-27138 Signed-off-by: Simon Glass Reported-by: Bruce Monroe Reported-by: Arie Haenel Reported-by: Julien Lenoir

libfdt: Check for multiple/invalid root nodes

2021-02-16T03:31:53Z

It is possible to construct a devicetree blob with multiple root nodes. Update fdt_check_full() to check for this, along with a root node with an invalid name. CVE-2021-27097 Signed-off-by: Simon Glass Reported-by: Bruce Monroe Reported-by: Arie Haenel Reported-by: Julien Lenoir

test: Add tests for the 'evil' vboot attacks

2021-02-16T00:17:33Z

Add tests to check that these two attacks are mitigated by recent patches. Signed-off-by: Simon Glass Reported-by: Bruce Monroe Reported-by: Arie Haenel Reported-by: Julien Lenoir

test: Add vboot_evil implementation

2021-02-16T00:17:29Z

Add a library which performs two different attacks on a FIT. Signed-off-by: Julien Lenoir Signed-off-by: Bruce Monroe Signed-off-by: Arie Haenel Signed-off-by: Simon Glass

fit: Don't allow verification of images with @ nodes

2021-02-16T00:17:25Z

When searching for a node called 'fred', any unit address appended to the name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This means that we cannot be sure that the node originally intended is the one that is used. Disallow use of nodes with unit addresses. Update the forge test also, since it uses @ addresses. CVE-2021-27138 Signed-off-by: Simon Glass Reported-by: Bruce Monroe Reported-by: Arie Haenel Reported-by: Julien Lenoir

Merge branch '2021-02-02-drop-asm_global_data-when-unused'

2021-02-15T15:16:45Z

- Merge the patch to take out of

dm: core: Add late driver remove option

2021-02-03T10:38:41Z

Add another flag to the DM core which could be assigned to drivers and which makes those drivers call their remove callbacks last, just before booting OS and after all the other drivers finished with their remove callbacks. This is necessary for things like clock drivers, where the other drivers might depend on the clock driver in their remove callbacks. Prime example is the mmc subsystem, which can reconfigure a card from HS mode to slower modes in the remove callback and for that it needs to reconfigure the controller clock. Signed-off-by: Marek Vasut Signed-off-by: Simon Glass

dm: core: Avoid partially removing devices

2021-02-03T10:38:41Z

At present if device_remove() decides that the device should not actually be removed, it still calls the uclass pre_remove() method and powers the device down. Signed-off-by: Simon Glass

common: Drop asm/global_data.h from common header

2021-02-02T20:33:42Z

Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include at all, so remove that include. Signed-off-by: Simon Glass Signed-off-by: Tom Rini

test/py: fix runtest wrapper for pytest 6

2021-02-01T21:33:02Z

The implementation of pytest_runtest_protocol() must call pytest_runtest_logstart() and pytest_runtest_logfinish(). This appears to be necessary even in pytest 5.2.1 judging by the default version of pytest_runtest_protocol(), but evidently some form of code reorganization in pytest only made this have a practical effect in the newer version. I'd previously been under the impression that 100% of the required work of pytest_runtest_protocol() was handled by the fact it called runtestprotocol() as its implementation. However, it appears that custom implementations do need to do a little more than this. Reported-by: Heinrich Schuchardt Signed-off-by: Stephen Warren Reviewed-by: Simon Glass