TPM command library implements a subset of TPM commands defined in TCG
Main Specification 1.2 that are useful for implementing secure boot.
More TPM commands could be added out of necessity.
You may exercise these commands through the 'tpm' command. However, the
raw TPM commands are too primitive for writing secure boot in command
interpreter scripts; so the 'tpm' command also provides helper functions
to make scripting easier.
For example, to define a counter in TPM non-volatile storage and
initialize it to zero:
$ tpm init
$ tpm startup TPM_ST_CLEAR
$ tpm nv_define d 0x1001 0x1
$ tpm nv_write d 0x1001 0
And then increment the counter by one:
$ tpm nv_read d 0x1001 i
$ setexpr.l i $i + 1
$ tpm nv_write d 0x1001 $i
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Add a driver for the I2C TPM from Infineon.
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Rong Chang <rongchang@chromium.org>
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
When building for the Sandbox version, the casts in this change are
necessary to avoid compilation issues.
Signed-off-by: Taylor Hutt <thutt@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
UBI is a better place for the environment on NAND devices because it
handles wear-leveling and bad blocks.
Gluebi is needed in Linux to access the env as an MTD partition.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
The env in UBI needs to look up the mtd partition as part of relocation,
which happens before relocation. Make the mtdparts code capable of
working on the default env to start with.
The code tries to set values in the env as well, but again, the env
isn't there yet, so add a check to setenv to not allow sets before the
env is relocated.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
The unwind code was not reversing operations correctly and was causing
a hang on any error condition.
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Apparently due to a missed rebase conflict resolution
board_early_init_f() is included twice in the list of initialization
functions.
Leave only the first occurrence.
. built and boot an Exynos 5250 target
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
If watchdog is enabled, the arch/powerpc/lib/ticks.S::wait_ticks() function
calls the function specified by the WATCHDOG_RESET macro.
The wait_ticks function depends on the registers r0, r6 and r7 being
preserved however that is not guaranteed, e.g. if the reset function is a
C function this will probably overwrite r0 and cause an endless loop.
The following patch changes to using r14+r15 instead of r6+r7 (to resemble
what would have been generated by a C compiler) and saves all necessary
registers on the stack.
The patch has been tested on a custom MPC5125 based machine using the 512x
powerpc architecture.
Signed-off-by: Mats Karrman <mats.karrman@tritech.se>
Cc: Wolfgang Denk <wd@denx.de>
Acked-by: Joakim Tjernlund <joakim.tjernlund@transmode.se>
Tested-by: Stefan Roese <sr@denx.de>
Fix USB device-tree fixup to properly handle device-tree fixup and
print appropriate message when wrong/junk "dr_mode" or "phy_type"
are mentioned in hwconfig string
Signed-off-by: Ramneek Mehresh <ramneek.mehresh@freescale.com>
- Add CONFIG_DFU_NAND, CONFIG_DFU_MMC
- Set dfu_alt_info_nand, dfu_alt_info_emmc and dfu_alt_info_mmc to show
working examples for those cases.
- Increase CONFIG_SYS_MAXARGS due to hush parsing bugs that would
otherwise disallow 'setenv dfu_alt_info ${dfu_alt_info_nand}'.
- Enable CONFIG_FAT_WRITE to allow updating on MMC
Signed-off-by: Pantelis Antoniou <panto@antoniou-consulting.com>
Signed-off-by: Tom Rini <trini@ti.com>
drivers/usb/gadget/composite.c requires that this is defined early.
Signed-off-by: Pantelis Antoniou <panto@antoniou-consulting.com>
Signed-off-by: Tom Rini <trini@ti.com>
Acked-by: Tom Rini <trini@ti.com>
Support for NAND storage devices to work with the DFU framework.
Signed-off-by: Pantelis Antoniou <panto@antoniou-consulting.com>
Signed-off-by: Tom Rini <trini@ti.com>
Acked-by: Scott Wood <scottwood@freescale.com>
We make these two functions take a size_t pointer to how much space
was used on NAND to read or write the buffer (when reads/writes happen)
so that bad blocks can be accounted for. We also make them take an
loff_t limit on how much data can be read or written. This means that
we can now catch the case of when writing to a partition would exceed
the partition size due to bad blocks. To do this we also need to make
check_skip_len count not just complete blocks used but partial ones as
well. All callers of nand_(read|write)_skip_bad are adjusted to call
these with the most sensible limits available.
The changes were started by Pantelis and finished by Tom.
Signed-off-by: Pantelis Antoniou <panto@antoniou-consulting.com>
Signed-off-by: Tom Rini <trini@ti.com>
Previously we didn't support upload/download larger than available
memory. This is pretty bad when you have to update your root filesystem
for example.
This patch removes that limitation (and the crashes when you transfered
any file larger than 4MB) by making raw image writes be done in chunks
and making file maximum size be configurable.
The sequence number is a 16 bit counter; make sure we handle rollover
correctly. This fixes the wrong transfers for large (> 256MB) images.
Also utilize a variable to handle initialization, so that we don't rely
on just the counter sent by the host.
Signed-off-by: Pantelis Antoniou <panto@antoniou-consulting.com>
Signed-off-by: Tom Rini <trini@ti.com>
Add documentation for the current DFU config options. DFU is a standard
USB device class so more information is available from usb.org
Signed-off-by: Tom Rini <trini@ti.com>
For some series with lots of changes it is annoying that duplicate change
log items are not caught. It is also helpful sometimes to sort the change
logs.
Add a Series-process-log tag to enable this, which can be placed in a
commit to control this.
The change to the Cc: line is to fix a checkpatch warning.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
Especially with the Linux kernel, it takes a long time (a minute or more)
to test-apply the patches, so patman becomes significantly less useful.
The only real problem that is found with this apply step is trailing spaces.
Provide a -a option to skip this step, for those working with clean patches.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
Patman's regular expression for detecting the start of a
commit in a git log was a little simplistic and could be
confused if the git log itself had the word "commit" as
the start of a line (as this commit does). Make patman
a little more robust.
Signed-off-by: Doug Anderson <dianders@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Often it happens that patches include tags which don't have aliases. It
is annoying that patman fails in this case, and provides no option to
continue other than adding empty tags to the .patman file.
Correct this by adding a '-t' option to ignore tags that don't exist.
Print a warning instead.
Since running the tests is not a common operation, move this to --test
instead, to reserve -t for this new option.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
The header file div64.h includes <asm/types.h> which defines
the phys_addr_t according to the macro CONFIG_PHYS_64BIT, while
the macro CONFIG_PHYS_64BIT is included in common.h which comes
after div64.h, so in order to get consistent type definition for
phys_addr_t, common.h should be included before div64.h, Or else,
the parameters of phys_addr_t type will be passed wrongly when
CONFIG_PHYS_64BIT is defined.
Signed-off-by: Mingkai Hu <Mingkai.Hu@freescale.com>
Increase size of DMA buffer from 4MiB to 8MiB. This is necessary due to
uImage size increase.
Signed-off-by: Lukasz Majewski <l.majewski@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Following commit:
"cmd_ext4: BREAK and correct ext4write parameter order"
SHA1:0171d52c410cbaa9290b1b214e695697c835bfe5
introduced cleanup of ext4write semantics to be consistent with other
filesystem's writing commands (e.g. fatwrite).
This commit provides correct ext4write command generation at DFU eMMC
code.
Signed-off-by: Lukasz Majewski <l.majewski@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Wolfgang requested this be reverted and Rob agreed after further
discussion. This was a symptom of a larger problem we need to deal
with.
This reverts commit 60d7d5a631.
Signed-off-by: Tom Rini <trini@ti.com>
This tool handles building U-Boot to check that you have not broken it
with your patch series. It can build each individual commit and report
which boards fail on which commits, and which errors come up. It also
shows differences in image sizes due to particular commits.
Buildman aims to make full use of multi-processor machines.
Documentation and caveats are in tools/buildman/README.
Signed-off-by: Simon Glass <sjg@chromium.org>
These tags are used by Gerrit, so let's ignore all of them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
A few of the help messages are not quite right, and there is a typo
in the README. Fix these.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
This comment is less than helpful. Since multiple tags are supported, add
an example of how multiple tags work.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
At present something like:
Revert "arm: Add cache operations"
will try to use
Revert "arm
as a tag. Clearly this is wrong, so fix it.
If the revert is intended to be tagged, then the tag can come before
the revert, perhaps. Alternatively the 'Cc' tag can be used in the commit
messages.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
checkpatch has a new type of warning, a 'CHECK'. At present patman fails
with these, which makes it less than useful.
Add support for checks, making it backwards compatible with the old
checkpatch.
At the same time, clean up formatting of the CheckPatches() output,
fix erroneous "internal error" if multiple patches have warnings and
be more robust to new types of problems.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
The cover letter is sent to everyone who is on the Cc list for any of
the patches in the series. Sometimes it is useful to send just the cover
letter to additional people, so that they are aware of the series, but
don't need to wade through all the individual patches.
Add a new Cover-letter-cc tag for this purpose.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Doug Anderson <dianders@chromium.org>
Some versions of git don't seem to prompt you for the message ID that
your series is in reply to. Allow specifying this from the command
line.
Signed-off-by: Doug Anderson <dianders@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Although "Reviewed-by:" is a tag that gerrit adds, it's also a tag
used by upstream. Stripping it is undesirable. In fact, we should
treat it as important.
Signed-off-by: Doug Anderson <dianders@chromium.org>
Reviewed-by: Otavio Salvador <otavio@ossystems.com.br>
Acked-by: Simon Glass <sjg@chromium.org>
We normally read from the current branch, but buildman will need to look
at commits from another branch. Allow the metadata to be read from any
list of commits, to provide this flexibility.
Signed-off-by: Simon Glass <sjg@chromium.org>
Make raise_on_error a parameter so that we can control which commands
raise and which do not. If we get an error reading the alias file, just
continue.
Signed-off-by: Simon Glass <sjg@chromium.org>
Rather than returning a list of things, return an object. That makes it
easier to access the returned items, and easier to extend the return
value later.
Signed-off-by: Simon Glass <sjg@chromium.org>