| 83dd98e0 | 08-Nov-2016 |
Andrew Duda <aduda@meraki.com> |
image: Combine image_sig_algo with image_sign_info
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA
pairings will still fail on verify operations when the hash length is
longer th
image: Combine image_sig_algo with image_sign_info
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA
pairings will still fail on verify operations when the hash length is
longer than the key length.
Follow the same naming scheme "checksum,crytpo" without explicitly
defining the string.
Indirectly adds support for "sha1,rsa4096" signing/verification.
Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| da29f299 | 08-Nov-2016 |
Andrew Duda <aduda@meraki.com> |
rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SH
rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SHA/RSA pairings. The padding can be easily computed
according to PKCS#1v2.1 as:
EM = 0x00 || 0x01 || PS || 0x00 || T
where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
of the hash.
Store DER prefix in checksum_algo and create rsa_verify_padding
function to handle verification of a message for any SHA/RSA pairing.
Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| b7b8410a | 17-Nov-2016 |
Alexander Graf <agraf@suse.de> |
ls2080: Exit dpaa only right before exiting U-Boot
On ls2080 we have a separate network fabric component which we need to
shut down before we enter Linux (or any other OS). Along with that also
come
ls2080: Exit dpaa only right before exiting U-Boot
On ls2080 we have a separate network fabric component which we need to
shut down before we enter Linux (or any other OS). Along with that also
comes configuration of the fabric using a description file.
Today we always stop and configure the fabric in the boot script and
(again) exit it on device tree generation. This works ok for the normal
booti case, but with bootefi the payload we're running may still want to
access the network.
So let's add a new fsl_mc command that defers configuration and stopping
the hardware to when we actually exit U-Boot, so that we can still use
the fabric from an EFI payload.
For existing boot scripts, nothing should change with this patch.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: York Sun <york.sun@nxp.com>
[agraf: Fix x86 build]
show more ...
|
| 5abd9137 | 07-Nov-2016 |
Simon Glass <sjg@chromium.org> |
x86: Tidy up selection of building the EFI stub
At present we use a CONFIG option in efi.h to determine whether we are
building the EFI stub or not. This means that the same header cannot be
used fo
x86: Tidy up selection of building the EFI stub
At present we use a CONFIG option in efi.h to determine whether we are
building the EFI stub or not. This means that the same header cannot be
used for EFI_LOADER support. The CONFIG option will be enabled for the
whole build, even when not building the stub.
Use a different define instead, set up just for the files that make up the
stub.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| 5be8b0a3 | 08-Nov-2016 |
Emmanuel Vadot <manu@bidouilliste.com> |
efi_loader: console: Correctly report modes
Add support for EFI console modes.
Mode 0 is always 80x25 and present by EFI specification.
Mode 1 is always 80x50 and not mandatory.
Mode 2 and above is
efi_loader: console: Correctly report modes
Add support for EFI console modes.
Mode 0 is always 80x25 and present by EFI specification.
Mode 1 is always 80x50 and not mandatory.
Mode 2 and above is freely usable.
If the terminal can handle mode 1, we mark it as supported.
If the terminal size is greater than mode 0 and different than mode 1,
we install it as mode 2.
Modes can be switch with cout_set_mode.
Changes in V5:
Correctly detect mode before enabling mode 2.
Changes in V4:
Reset cursor positon on mode switch
Use local variables in console query code
Changes in V3:
Valid mode are 0 to EFIMode-1
Fix style
Changes in V2:
Add mode switch
Report only the modes that we support
Signed-off-by: Emmanuel Vadot <manu@bidouilliste.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| d7608aba | 24-Oct-2016 |
Oleksandr Tymoshenko <gonzo@bluezbox.com> |
efi: Use device device path type Messaging for network interface node
When adding network interface node use Messaging device path with
subtype MAC Address and device's MAC address as a value instea
efi: Use device device path type Messaging for network interface node
When adding network interface node use Messaging device path with
subtype MAC Address and device's MAC address as a value instead
of Media Device path type with subtype File Path and path "Net"
Signed-off-by: Oleksandr Tymoshenko <gonzo@bluezbox.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| 01ae56cf | 17-Oct-2016 |
Masahiro Yamada <yamada.masahiro@socionext.com> |
libfdt: fix fdt_stringlist_search()
If fdt_getprop() fails, negative error code should be returned.
[ DTC commit: daa75e8fa5942caa8e97931aed3a1ee0b7edd74b ]
Signed-off-by: Masahiro Yamada <yamada.
libfdt: fix fdt_stringlist_search()
If fdt_getprop() fails, negative error code should be returned.
[ DTC commit: daa75e8fa5942caa8e97931aed3a1ee0b7edd74b ]
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
show more ...
|
| 3c63db9c | 14-Oct-2016 |
Alexander Graf <agraf@suse.de> |
efi_loader: Rename EFI_RUNTIME_{TEXT, DATA} to __efi_runtime{, _data}
Compiler attributes are more commonly __foo style tags rather than big
upper case eye sores like EFI_RUNTIME_TEXT.
Simon Glass
efi_loader: Rename EFI_RUNTIME_{TEXT, DATA} to __efi_runtime{, _data}
Compiler attributes are more commonly __foo style tags rather than big
upper case eye sores like EFI_RUNTIME_TEXT.
Simon Glass felt quite strongly about this, so this patch converts our
existing defines over to more eye friendly ones.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| 65e4c0b1 | 25-Sep-2016 |
Simon Glass <sjg@chromium.org> |
x86: efi: Add EFI loader support for x86
Add the required pieces to support the EFI loader on x86.
Since U-Boot only builds for 32-bit on x86, only a 32-bit EFI application
is supported. If a 64-bi
x86: efi: Add EFI loader support for x86
Add the required pieces to support the EFI loader on x86.
Since U-Boot only builds for 32-bit on x86, only a 32-bit EFI application
is supported. If a 64-bit kernel must be booted, U-Boot supports this
directly using FIT (see doc/uImage.FIT/kernel.its). U-Boot can act as a
payload for both 32-bit and 64-bit EFI.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
show more ...
|
| 6fb580d7 | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
smbios: Provide serial number
If the system has a valid "serial#" environment variable set (which boards that
can find it out programatically set automatically), use that as input for the
serial num
smbios: Provide serial number
If the system has a valid "serial#" environment variable set (which boards that
can find it out programatically set automatically), use that as input for the
serial number and UUID fields in the SMBIOS tables.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| aba5e919 | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
efi_loader: Fix efi_install_configuration_table
So far we were only installing the FDT table and didn't have space
to store any other. Hence nobody realized that our efi table allocation
was broken
efi_loader: Fix efi_install_configuration_table
So far we were only installing the FDT table and didn't have space
to store any other. Hence nobody realized that our efi table allocation
was broken in that it didn't set the indicator for the number of tables
plus one.
This patch fixes it, allowing code to allocate new efi tables.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| e663b350 | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
smbios: Expose in efi_loader as table
We can pass SMBIOS easily as EFI configuration table to an EFI payload. This
patch adds enablement for that case.
While at it, we also enable SMBIOS generation
smbios: Expose in efi_loader as table
We can pass SMBIOS easily as EFI configuration table to an EFI payload. This
patch adds enablement for that case.
While at it, we also enable SMBIOS generation for ARM systems, since they support
EFI_LOADER.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|
| e824cf3f | 18-Aug-2016 |
Alexander Graf <agraf@suse.de> |
smbios: Allow compilation on 64bit systems
The SMBIOS generation code passes pointers as u32. That causes the compiler
to warn on casts to pointers. This patch moves all address pointers to
uintptr_
smbios: Allow compilation on 64bit systems
The SMBIOS generation code passes pointers as u32. That causes the compiler
to warn on casts to pointers. This patch moves all address pointers to
uintptr_t instead.
Technically u32 would be enough for the current SMBIOS2 style tables, but
we may want to extend the code to SMBIOS3 in the future which is 64bit
address capable.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
show more ...
|