| Age | Commit message (Collapse) | Author |
|---|
|
Under the current implementation, all the signatures, if any, in
a signed image must be verified before loading it.
Meanwhile, UEFI specification v2.8b section 32.5.3.3 says,
Multiple signatures are allowed to exist in the binary’s certificate
table (as per PE/COFF Section “Attribute Certificate Table”). Only
one hash or signature is required to be present in db in order to pass
validation, so long as neither the SHA-256 hash of the binary nor any
present signature is reflected in dbx.
This patch makes the semantics of signature verification compliant with
the specification mentioned above.
Signed-off-by: AKASHI Takahiro <[email protected]>
Reported-by: Heinrich Schuchardt <[email protected]>
|
|
In this commit, efi_signature_verify(with_sigdb) will be re-implemented
using pcks7_verify_one() in order to support certificates chain, where
the signer's certificate will be signed by an intermediate CA (certificate
authority) and the latter's certificate will also be signed by another CA
and so on.
What we need to do here is to search for certificates in a signature,
build up a chain of certificates and verify one by one. pkcs7_verify_one()
handles most of these steps except the last one.
pkcs7_verify_one() returns, if succeeded, the last certificate to verify,
which can be either a self-signed one or one that should be signed by one
of certificates in "db". Re-worked efi_signature_verify() will take care
of this step.
Signed-off-by: AKASHI Takahiro <[email protected]>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-ti
- Added support for J7200 evm
- DM_ETH and DM_USB migrations for omap3
- USB DFU and mass storage support for AM65x evm
- RTI watchdog support for K3 devices
- Fix an issue with L3 cache on K3 devices
|
|
j7200-evm has minor differences with j721e-evm based on the IPs
available in the SoC. Introduce separate build targets for j7200-evm
to incorporate the differences.
Signed-off-by: Lokesh Vutla <[email protected]>
Reviewed-by: Suman Anna <[email protected]>
|
|
Enable configs to facilitate booting from USB Mass Storage devices
as well as USB peripheral boot
Signed-off-by: Faiz Abbas <[email protected]>
|
|
Add offset and environment related configs used for booting
from DFU.
Signed-off-by: Faiz Abbas <[email protected]>
|
|
Create a new API spl_usb_load() that takes the filename as a parameter
instead of taking the default U-boot PAYLOAD_NAME
Signed-off-by: Faiz Abbas <[email protected]>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-10-rc3
Bugs in the UEFI sub-system are fixed:
* use the optional data of the BootXXXX variables as load options
* simplify function public_key_verify_signature()
* amend a copyright notice
|
|
Up to now we used the value of the bootargs environment variable as load
options in the boot manager. This is not correct. The data has to be taken
from the Boot#### variable.
Let the boot manager copy the optional data of the EFI_LOAD_OPTION as load
options to the loaded image protocol.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The bootefi bootmgr command has to set the load options for a loaded image
from the value of BootXXXX variable. If the boot manager is not used, the
value is set from the environment variable bootargs (or efi_selftest).
Factor out a common function efi_set_load_options().
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
This converts the following to Kconfig:
CONFIG_SYS_MMC_ENV_DEV
CONFIG_SYS_MMC_ENV_PART
Note that with this conversion we now have consistent behavior with
respect to ensuring that we have always selected the correct MMC
device and hardware partition.
Signed-off-by: Tom Rini <[email protected]>
|
|
Add zlib (v1.2.11) uncompr() function to U-Boot. SquashFS depends on
this function to decompress data from a raw disk image. The actual
support for zlib into SquashFS sources will be added in a follow-up
commit.
Signed-off-by: Joao Marcos Costa <[email protected]>
|
|
Add support for SquashFS filesystem. Right now, it does not support
compression but support for zlib will be added in a follow-up commit.
Signed-off-by: Joao Marcos Costa <[email protected]>
|
|
Add various fixes and improvements to this command that were missed in
the original version. Unfortunately I forgot to send v2.
- Fix Kconfig name
- Use a separate variable for the remaining search length
- Correct a minor bug
- Move into a separate test suite
- Add -q flag to the 'quiet' test to test operation when console is enabled
- Enable the feature for sandbox
Signed-off-by: Simon Glass <[email protected]>
|
|
Allow tests that need console recording to be marked, so they can be
skipped if it is not available.
Signed-off-by: Simon Glass <[email protected]>
|
|
The test flags used by driver model are currently not available to other
tests. Rather than creating two sets of flags, make these flags generic
by changing the DM_ prefix to UT_ and moving them to the test.h header.
This will allow adding other test flags without confusion.
Signed-off-by: Simon Glass <[email protected]>
|
|
On boards without console recording these function are currently missing.
It is more convenient for them to be present but to return dummy values.
That way if we know that a test needs recording, we can check if it is
available, and skip the test if not, while avoiding #ifdefs.
Update the header file according and adjust console_record_reset_enable()
to return an error if recording is not available.
Signed-off-by: Simon Glass <[email protected]>
|
|
Some lines of the output are not worth testing, or not worth testing in
their entirety. For example, when checking a hex dump we know that the
hex-dump routine can display ASCII so we only need to check the hex bytes,
not the ASCII dump. Add a new test macros which can check only part of
a console line.
Sometimes it is useful to skip a line altogether, so add a macro for that
also.
Signed-off-by: Simon Glass <[email protected]>
|
|
serial_initialize is called only during the common init sequence, after
relocation (in common/board_r.c). Because it has a void return value, it
has to wrapped in initr_serial. In order to be able to get rid of this
indirection, make serial_initialize return int.
Remove extern from prototype in order to silence the following checkpatch
warning:
check: extern prototypes should be avoided in .h files
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ovidiu Panait <[email protected]>
|
|
Certain architectures (ppc, mips, sh, m68k) use setup board_part1 and
setup_board_part2 calls during pre-relocation init to populate gd->bd
boardinfo fields. This makes the generic init sequence cluttered with
arch-specific ifdefs.
In order to clean these arch-specific sequences from generic init,
introduce arch_setup_bdinfo weak initcall so that everyone can define their
own bdinfo setup routines.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ovidiu Panait <[email protected]>
|
|
Introduce setup_bdinfo initcall as a generic routine to populate bdinfo
fields.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ovidiu Panait <[email protected]>
|
|
Remove ad-hoc CONFIG_SYS_SRAM_START and use CONFIG_SYS_SRAM_BASE instead.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ovidiu Panait <[email protected]>
|
|
This converts ad-hoc CONFIG_SYS_SRAM_SIZE to Kconfig.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ovidiu Panait <[email protected]>
|
|
This converts ad-hoc CONFIG_SYS_SRAM_BASE to Kconfig.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Ovidiu Panait <[email protected]>
|
|
- r2dplus updates
|
|
Add 4 new phy types which are present in Linux kernel.
DP and SGMII types are used on Xilinx ZynqMP devices.
Signed-off-by: Michal Simek <[email protected]>
|
|
This commit moves CONFIG_PREBOOT="usb start" to common/KConfig
for all boards also declaring USB_KEYBOARD.
Besides simplifying defconfig files, this also enables support for
board-specific CONFIG_PREBOOT for sunxi boards:
commit 37304aaf60bf ("Convert CONFIG_USE_PREBOOT and CONFIG_PREBOOT to
Kconfig") intended to support CONFIG_PREBOOT, but
include/configs/sunxi-common.h hardcodes preboot as part of internally
defined CONSOLE_STDIN_SETTINGS, silently ignoring any board-specific
CONFIG_PREBOOT.
Signed-off-by: Jonas Smedegaard <[email protected]>
Reviewed-by: Neil Armstrong <[email protected]>
Series-Cc: Jagan Teki <[email protected]>
Series-Cc: Lukasz Majewski <[email protected]>
Series-Cc: Andre Przywara <[email protected]>
|
|
Dump lmb status from the bdinfo command. This is useful for seeing the
reserved memory regions from the u-boot cmdline.
Signed-off-by: Tero Kristo <[email protected]>
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-imx
For 2020.10
-----------
- fixes for Toradex board
- fix warnings from previous PR
- HAB: reset instead of panic after failure
- new board: MYiR Tech MYS-6ULX
- mx6cuboxi: use OF_PLATDATA
- further changes for DM
Travis: https://travis-ci.org/github/sbabic/u-boot-imx/builds/714513163
|
|
- add DM based reset driver for SiFive SoC's.
|
|
https://gitlab.denx.de/u-boot/custodians/u-boot-mips
- doc: fix qemu-mips build instructions
- MIPS: add GPIO, CLK and SPI drivers for Octeon MIPS64
|
|
Header files generally should not include header files just for a struct,
since forward declarations work just as well and reduce overhead.
Add a warning for dm.h being included, since this has crept into U-Boot.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration and un-inlining of dev_get_clk_ptr()
instead.
Fix up the kendryte header files to avoid build errors.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Sean Anderson <[email protected]>
|
|
Two files relies on efi_driver.h to include common.h and dm.h which is
incorrect. The former should always be included in a non-host C file and
the latter should be included if driver model is used.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use other headers and C inclusions instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
These header file should not be included in other header files. Remove
them and add to each individual file. Add test/test.h to test/ui.h since
that is a reasonable place.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and add it to the cmd file instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
These two defines are no-longer supported. Drop them.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
This header file should not be included in other header files. Remove it
and use a forward declaration instead.
Also remove the other headers that are not needed, since the inline code
was removed in a recent commit:
b4d9452c4 ("watchdog: move initr_watchdog() to wdt-uclass.c")
Signed-off-by: Simon Glass <[email protected]>
|
|
Add bit indexes for reset signals within the PRCI module
on FU540-C000 SoC.
The DDR and ethernet sub-system's have reset signals
indicated by these reset indexes.
Signed-off-by: Sagar Shrikant Kadam <[email protected]>
Reviewed-by: Pragnesh Patel <[email protected]>
Reviewed-by: Bin Meng <[email protected]>
|
|
This patch adds a simple clock driver for the Marvell Octeon MIPS SoC
family. Its for IO clock rate passing via DT in some of the Octeon
driver, like I2C. So that we don't need to use the non-mainline API
octeon_get_io_clock().
Signed-off-by: Stefan Roese <[email protected]>
Cc: Lukasz Majewski <[email protected]>
|
|
Enlarge CONFIG_SYS_BOOTM_LEN when booting FIT image with AArch32 mode
Linux kernel.
Signed-off-by: Peng Fan <[email protected]>
|
|
MYS-6ULX is single board computer (SBC) comes with eMMC or NAND based
on imx6ULL SoC from NXP and provision for expansion board. This
commit adds support only for SBC with NAND.
CPU: Freescale i.MX6ULL rev1.1 528 MHz (running at 396 MHz)
CPU: Commercial temperature grade (0C to 95C) at 45C
Reset cause: WDOG
Model: MYiR i.MX6ULL MYS-6ULX Single Board Computer with NAND
Board: MYiR MYS-6ULX 6ULL Single Board Computer
DRAM: 256 MiB
NAND: 256 MiB
MMC: FSL_SDHC: 0
In: serial@2020000
Out: serial@2020000
Err: serial@2020000
Net: FEC0
Working:
- Eth0
- MMC/SD
- NAND
- UART 1
- USB host
Signed-off-by: Parthiban Nallathambi <[email protected]>
|
|
Switch r2dplus to DM and DT probing for serial and clock.
Signed-off-by: Marek Vasut <[email protected]>
Cc: Nobuhiro Iwamatsu <[email protected]>
|
