| 83dd98e0 | 08-Nov-2016 |
Andrew Duda <aduda@meraki.com> |
image: Combine image_sig_algo with image_sign_info
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA pairings will still fail on verify operations when the hash length is longer th
image: Combine image_sig_algo with image_sign_info
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA pairings will still fail on verify operations when the hash length is longer than the key length.
Follow the same naming scheme "checksum,crytpo" without explicitly defining the string.
Indirectly adds support for "sha1,rsa4096" signing/verification.
Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| da29f299 | 08-Nov-2016 |
Andrew Duda <aduda@meraki.com> |
rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which take up a lot of static memory, are mostly 0xff, and cannot be reused for additional SH
rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which take up a lot of static memory, are mostly 0xff, and cannot be reused for additional SHA/RSA pairings. The padding can be easily computed according to PKCS#1v2.1 as:
EM = 0x00 || 0x01 || PS || 0x00 || T
where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding of the hash.
Store DER prefix in checksum_algo and create rsa_verify_padding function to handle verification of a message for any SHA/RSA pairing.
Signed-off-by: Andrew Duda <aduda@meraki.com> Signed-off-by: aduda <aduda@meraki.com> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| b7b8410a | 17-Nov-2016 |
Alexander Graf <agraf@suse.de> |
ls2080: Exit dpaa only right before exiting U-Boot
On ls2080 we have a separate network fabric component which we need to shut down before we enter Linux (or any other OS). Along with that also come
ls2080: Exit dpaa only right before exiting U-Boot
On ls2080 we have a separate network fabric component which we need to shut down before we enter Linux (or any other OS). Along with that also comes configuration of the fabric using a description file.
Today we always stop and configure the fabric in the boot script and (again) exit it on device tree generation. This works ok for the normal booti case, but with bootefi the payload we're running may still want to access the network.
So let's add a new fsl_mc command that defers configuration and stopping the hardware to when we actually exit U-Boot, so that we can still use the fabric from an EFI payload.
For existing boot scripts, nothing should change with this patch.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: York Sun <york.sun@nxp.com> [agraf: Fix x86 build]
show more ...
|
| 5abd9137 | 07-Nov-2016 |
Simon Glass <sjg@chromium.org> |
x86: Tidy up selection of building the EFI stub
At present we use a CONFIG option in efi.h to determine whether we are building the EFI stub or not. This means that the same header cannot be used fo
x86: Tidy up selection of building the EFI stub
At present we use a CONFIG option in efi.h to determine whether we are building the EFI stub or not. This means that the same header cannot be used for EFI_LOADER support. The CONFIG option will be enabled for the whole build, even when not building the stub.
Use a different define instead, set up just for the files that make up the stub.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| 5be8b0a3 | 08-Nov-2016 |
Emmanuel Vadot <manu@bidouilliste.com> |
efi_loader: console: Correctly report modes
Add support for EFI console modes. Mode 0 is always 80x25 and present by EFI specification. Mode 1 is always 80x50 and not mandatory. Mode 2 and above is
efi_loader: console: Correctly report modes
Add support for EFI console modes. Mode 0 is always 80x25 and present by EFI specification. Mode 1 is always 80x50 and not mandatory. Mode 2 and above is freely usable.
If the terminal can handle mode 1, we mark it as supported. If the terminal size is greater than mode 0 and different than mode 1, we install it as mode 2.
Modes can be switch with cout_set_mode.
Changes in V5: Correctly detect mode before enabling mode 2.
Changes in V4: Reset cursor positon on mode switch Use local variables in console query code
Changes in V3: Valid mode are 0 to EFIMode-1 Fix style
Changes in V2: Add mode switch Report only the modes that we support
Signed-off-by: Emmanuel Vadot <manu@bidouilliste.com> Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| d7608aba | 24-Oct-2016 |
Oleksandr Tymoshenko <gonzo@bluezbox.com> |
efi: Use device device path type Messaging for network interface node
When adding network interface node use Messaging device path with subtype MAC Address and device's MAC address as a value instea
efi: Use device device path type Messaging for network interface node
When adding network interface node use Messaging device path with subtype MAC Address and device's MAC address as a value instead of Media Device path type with subtype File Path and path "Net"
Signed-off-by: Oleksandr Tymoshenko <gonzo@bluezbox.com> Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| 01ae56cf | 17-Oct-2016 |
Masahiro Yamada <yamada.masahiro@socionext.com> |
libfdt: fix fdt_stringlist_search()
If fdt_getprop() fails, negative error code should be returned.
[ DTC commit: daa75e8fa5942caa8e97931aed3a1ee0b7edd74b ]
Signed-off-by: Masahiro Yamada <yamada.
libfdt: fix fdt_stringlist_search()
If fdt_getprop() fails, negative error code should be returned.
[ DTC commit: daa75e8fa5942caa8e97931aed3a1ee0b7edd74b ]
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
show more ...
|
| 3c63db9c | 14-Oct-2016 |
Alexander Graf <agraf@suse.de> |
efi_loader: Rename EFI_RUNTIME_{TEXT, DATA} to __efi_runtime{, _data}
Compiler attributes are more commonly __foo style tags rather than big upper case eye sores like EFI_RUNTIME_TEXT.
Simon Glass
efi_loader: Rename EFI_RUNTIME_{TEXT, DATA} to __efi_runtime{, _data}
Compiler attributes are more commonly __foo style tags rather than big upper case eye sores like EFI_RUNTIME_TEXT.
Simon Glass felt quite strongly about this, so this patch converts our existing defines over to more eye friendly ones.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| 65e4c0b1 | 25-Sep-2016 |
Simon Glass <sjg@chromium.org> |
x86: efi: Add EFI loader support for x86
Add the required pieces to support the EFI loader on x86.
Since U-Boot only builds for 32-bit on x86, only a 32-bit EFI application is supported. If a 64-bi
x86: efi: Add EFI loader support for x86
Add the required pieces to support the EFI loader on x86.
Since U-Boot only builds for 32-bit on x86, only a 32-bit EFI application is supported. If a 64-bit kernel must be booted, U-Boot supports this directly using FIT (see doc/uImage.FIT/kernel.its). U-Boot can act as a payload for both 32-bit and 64-bit EFI.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| 6fb580d7 | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
smbios: Provide serial number
If the system has a valid "serial#" environment variable set (which boards that can find it out programatically set automatically), use that as input for the serial num
smbios: Provide serial number
If the system has a valid "serial#" environment variable set (which boards that can find it out programatically set automatically), use that as input for the serial number and UUID fields in the SMBIOS tables.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| aba5e919 | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
efi_loader: Fix efi_install_configuration_table
So far we were only installing the FDT table and didn't have space to store any other. Hence nobody realized that our efi table allocation was broken
efi_loader: Fix efi_install_configuration_table
So far we were only installing the FDT table and didn't have space to store any other. Hence nobody realized that our efi table allocation was broken in that it didn't set the indicator for the number of tables plus one.
This patch fixes it, allowing code to allocate new efi tables.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| e663b350 | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
smbios: Expose in efi_loader as table
We can pass SMBIOS easily as EFI configuration table to an EFI payload. This patch adds enablement for that case.
While at it, we also enable SMBIOS generation
smbios: Expose in efi_loader as table
We can pass SMBIOS easily as EFI configuration table to an EFI payload. This patch adds enablement for that case.
While at it, we also enable SMBIOS generation for ARM systems, since they support EFI_LOADER.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| e824cf3f | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
smbios: Allow compilation on 64bit systems
The SMBIOS generation code passes pointers as u32. That causes the compiler to warn on casts to pointers. This patch moves all address pointers to uintptr_
smbios: Allow compilation on 64bit systems
The SMBIOS generation code passes pointers as u32. That causes the compiler to warn on casts to pointers. This patch moves all address pointers to uintptr_t instead.
Technically u32 would be enough for the current SMBIOS2 style tables, but we may want to extend the code to SMBIOS3 in the future which is 64bit address capable.
Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|