Commit graph

77678 commits

Author SHA1 Message Date
Chris Morgan
eb31a4a141 i2c: mvtwsi: Add compatible string for allwinner, sun4i-a10-i2c
This adds a compatible string for the Allwinner Sun4i-A10 I2C
controller. Without this, boards based on the R8 and A13 (at a
minimum) fail to boot.

Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Acked-by: Akash Gajjar <gajjar04akash@gmail.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2022-01-30 01:03:37 +00:00
Icenowy Zheng
2753b07269 sunxi: call fdt_fixup_ethernet again to set macaddr for more aliases
Sometimes some ethernet aliases do not exist in U-Boot DT but they
exist in the DT used to boot the system (for example, modified via DT
overlays). In this situation setup_environment is called again in
ft_board_setup() to generate macaddr environment variable for them.
However now the call to fdt_fixup_ethernet() is moved before the call
of ft_board_setup().

Call fdt_fixup_ethernet() again to add MAC addresses for the extra
ethernet aliases.

Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
[updated commit message]
Signed-off-by: Jernej Skrabec <jernej.skrabec@gmail.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2022-01-30 01:03:37 +00:00
Daniel Wagenknecht
b106a14e2f sunxi: SPI: fix pinmuxing for Allwinner H6 SoCs
The driver for SPI0 on Allwinner H6 SoCs did not use the correct define
SUN50I_GPC_SPI0 for the pin function, but one for a different Allwinner
SoC series.

Fix the conditionals to use the correct define for H6 SoCs. This matches
the conditional logic in the SPL spi driver.

Tested by probing the spi-flash on a pine64_h64-model-b board with
adapted device-tree (disable mmc2, enable spi0).

Signed-off-by: Daniel Wagenknecht <dwagenk@mailbox.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2022-01-30 01:03:37 +00:00
Tom Rini
c7d042f315 Pull request for efi-2022-04-rc1-3
Documentation:
 
 * update Nokia RX-51 documentation and move it to rst
 * describe boot switch settings for HiFive Unmatched board
 
 UEFI:
 
 * fix the checking of images hashes and signatures
 * provide the RISCV_EFI_BOOT_PROTOCOL
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmH1CY8ACgkQxIHbvCwF
 GsTTXA/+L53FjKHiOQLf9+FrNO7AZ7OcL51brl97eRuQ/jVaF4ClPnDrwPv+uj8m
 rXJHZr6WLRc7A1bIwTYhoetrir07A4pZSHAiKTQuJS2uVFgX25Lp4y5vPt1jgIwF
 BsRyVxF50crNQjDuSDUQF6RHCa5QhvgZ9mZ/WQQ0MjRRysnw6sISvNc9HbZLdbau
 FheOHERJknE1HELeAg/5KKRn1lt3ew6/QdEqPCvKuhsNW4y31zYyHXt1bvpK8cq0
 6m2fRX87nnaIExAb3WLiID91jyPMmrg3ZUndFJfjcAwjelYa50xxHr/vEgw9S1Pb
 xMMZSKTmEFoVdX7umW9uw/p0tWygGOUw8/d9bsZPv7qh1akwoKog2BVl/zRbW+5n
 x4zCNXOllh0p2u8rRQRu8BqVNXZpw+Intk5frVPeazwbnvBrZFd7jN3JyHMtbUkv
 xXJBgHQgbn3z3+zQf9XEa7VjQ+l92x5n0IRWlRxYYEUkMW6o8XZyhzY5Xn1Q7K2z
 kLBx/U7o633D2BPtlt66HmIJa/fH02nD7TmmQy3j0ICQdB2GbHOs2uRF5rATV7v0
 LukLrTr7kSebOhyINvabsLl126URsx2YjUs7lhPy6ILWm+QGUs8tqyKdTe0gQ7AZ
 vneyV2v3CDmMBF3MhE178/kdoJnwk8q7c7JiCQpLNXA33CJCnxw=
 =+edp
 -----END PGP SIGNATURE-----

Merge tag 'efi-2022-04-rc1-3' of https://source.denx.de/u-boot/custodians/u-boot-efi

Pull request for efi-2022-04-rc1-3

Documentation:

* update Nokia RX-51 documentation and move it to rst
* describe boot switch settings for HiFive Unmatched board

UEFI:

* fix the checking of images hashes and signatures
* provide the RISCV_EFI_BOOT_PROTOCOL
2022-01-29 13:50:19 -05:00
Tom Rini
98a90b2730 Merge branch '2022-01-28-assorted-fixes'
- Extend the pci command to support a few more features.
- Add support for custom SPL boot device names (so it's easier for users
  to understand)
- Updates for am64x to address some review comments.
- Migration deadline notice for DM_SERIAL
- coreboot payload test
- Support rsa3072 signatures.
- DFU should skip writing empty UBI pages, bootcount printf format char
  correction.
2022-01-29 13:42:58 -05:00
Lars Weber
1e69db57e6 squashfs: show an error message if the inode_table can't be, allocated
Signed-off-by: Lars Weber <weber@weber-software.com>
2022-01-29 07:46:46 -05:00
Ilias Apalodimas
5ee900c14f efi_loader: hash the image once before checking against db/dbx
We don't have to recalculate the image hash every time we check against a
new db/dbx entry.  So let's add a flag forcing it to run once since we only
support sha256 hashes

Suggested-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Ilias Apalodimas
4b63431323 efi_loader: correctly handle mixed hashes and signatures in db
A mix of signatures and hashes in db doesn't always work as intended.
Currently if the digest algorithm is not explicitly set to sha256 we
stop walking the security database and reject the image.

That's problematic in case we find and try to check a signature before
inspecting the sha256 hash.  If the image is unsigned we will reject it
even if the digest matches.

Since we no longer reject the image on unknown algorithms add an explicit
check and reject the image if any other hash algorithm apart from sha256
is detected on dbx.

Suggested-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Heinrich Schuchardt
8d4c426532 lib: allow printing RISC-V EFI Boot Protocol GUID
On RISC-V a new UEFI protocol has been introduced. Support printing
its GUID using %pUs.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Sunil V L
1ccf87165e efi_loader: Enable RISCV_EFI_BOOT_PROTOCOL support
This adds support for new RISCV_EFI_BOOT_PROTOCOL to
communicate the boot hart ID to bootloader/kernel on RISC-V
UEFI platforms.

The specification of the protocol is hosted at:
https://github.com/riscv-non-isa/riscv-uefi

Signed-off-by: Sunil V L <sunilvl@ventanamicro.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
AKASHI Takahiro
9e63786e2b tools: mkeficapsule: rework the code a little bit
Abstract common routines to make the code easily understandable.
No functional change.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-01-29 10:23:40 +01:00
AKASHI Takahiro
df1ce60fac tools: mkeficapsule: output messages to stderr instead of stdout
All the error messages should be printed out to stderr.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Heinrich Schuchardt
3dd719d4fb efi_loader: correct function comment style
Replace @return and @param.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Heinrich Schuchardt
ab37facd46 doc: describe MSEL settings for booting from SD card
unmatched.rst describes booting from SD card or from SPI. But only for
booting from SPI the boot selection settings are described.

Add the missing information.

Fix a typo 'uSD'.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2022-01-29 10:23:40 +01:00
Pali Rohár
92a0940796 Nokia RX-51: Convert documentation to rst format
Convert documentation to rst format

Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Pali Rohár
41c3ef4858 Nokia RX-51: Update documentation about flashing
This change contains update for doc/README.nokia_rx51 documentation file
with information how to load U-Boot image to device RAM without need to
flash it and also how to flash it into OneNAND via 0xFFFF flasher.

Signed-off-by: Pali Rohár <pali@kernel.org>
2022-01-29 10:23:40 +01:00
Pali Rohár
8f89e194d6 Nokia RX-51: Update documentation about ext2/3/4
Since commit 25c5b65178 ("Nokia RX-51: Do not try calling both ext2load
and ext4load") command ext4load is used for all ext2/3/4 fs variants.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-29 10:23:40 +01:00
Simon Glass
9053374648 dm: serial: Add a migration deadline for serial
This probably should have been done a while back since it is a core
system. Very few boards remain to be migrated.

Addd a migration deadline for a year out.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-28 17:58:41 -05:00
Simon Glass
bfb2a7fbd1 gitlab/azure: x86: Add a coreboot test
Coreboot supports U-Boot as a payload and this recently got a bit of a
facelist. Add a test for this.

For now this uses a binary build of coreboot (v4.15). Future work could
potentially build it from source, but we need to figure out the
toolchain problems first, since coreboot uses its own toolchain. It
turns out that this is tricky, because coreboot fails to build with a
vanilla gcc.

This needs some changes to the hooks scripts as well. An example build
is at https://source.denx.de/u-boot/custodians/u-boot-dm/-/jobs/359687

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2022-01-28 17:58:41 -05:00
Vignesh Raghavendra
c506ef1b0b configs: am64x_evm_r5/a53_defconfig: Enable configs required for Ethboot
Enable config options needed to support Ethernet boot on AM64x SK.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2022-01-28 17:58:41 -05:00
Vignesh Raghavendra
f621ff8504 configs: am64xx_evm: Increase BSS max size to 16K
With Ethboot support in SPL, network stack requires more BSS area, so
increase BSS max size to 16K

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2022-01-28 17:58:41 -05:00
Vignesh Raghavendra
afe5163449 ARM: dts: k3-am642-sk: Disable cpsw_port1 in SPL
ROM supports cpsw_port2 for Ethernet boot and SPL stages continue to
download images on the same port, therefore there is no need to enable
cpsw_port1. Disable the same.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2022-01-28 17:58:41 -05:00
Vignesh Raghavendra
5022a2ef1b net: ti: am65-cpsw-nuss: Fix err msg for port bind failures
Replace error case print with meaning full message.

Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
2022-01-28 17:58:41 -05:00
Jamin Lin
2a4b0d5890 rsa: adds rsa3072 algorithm
Add to support rsa 3072 bits algorithm in tools
for image sign at host side and adds rsa 3072 bits
verification in the image binary.

Add test case in vboot for sha384 with rsa3072 algorithm testing.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-01-28 17:58:41 -05:00
Heinrich Schuchardt
05ec899140 bootcount: fix printf() code
For printing phys_addr_t we should use %pa to avoid warning like:

drivers/bootcount/bootcount_syscon.c:110:17: note: in expansion of macro ‘dev_err’
  110 |                 dev_err(dev, "%s: Unsupported register size: %d\n", __func__,
      |                 ^~~~~~~

seen for sandbox_defconfig with CONFIG_PHYS_64BIT=y.

Cf. commit 1eebd14b79 ("vsprintf: Add modifier for phys_addr_t")

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2022-01-28 17:58:41 -05:00
Patrick Delaunay
562274730a dfu: mtd: skip empty pages when writing page for UBI partition
Align the DFU MTD backend for the UBI partitions with the mtd command write
behavior when the option .dontskipff is not used: don't write the empty
pages (full of 0xFF); it is not required for UBI, see [1] for details.

This patch avoids the "free space fixup" procedure in the kernel [2]
and allows to program a UBIFS volume generated by mkfs.ubifs without the
option -F, --space-fixup.

The MTD DFU backend implements this behavior introduced on DFU NAND
backend by the commit 13cb7cc9e8 ("dfu: Add option to skip empty pages
when flashing UBI images to NAND") and also supported by the command nand
by CONFIG_CMD_NAND_TRIMFFS and by commit c9494866df ("cmd_nand: add nand
write.trimffs command").

[1] http://www.linux-mtd.infradead.org/doc/ubi.html#L_flasher_algo
[2] http://www.linux-mtd.infradead.org/faq/ubifs.html#L_free_space_fixup

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2022-01-28 17:58:41 -05:00
Pali Rohár
1a4942f1d9 pci: Extend 'pci' command with bus option '*'
Allow to call 'pci' and 'pci regions' commands with bus option '*' which
cause pci to process all buses.

PCIe is point-to-point HW and so on each bus is maximally one physical
device. Therefore for PCIe it is common to have multiple buses.

This change allows to easily print all available PCIe devices in system.

Make '*' as default option when no bus argument is specified.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-01-28 17:58:41 -05:00
Pali Rohár
6850a5a8e2 pci: Add checks for valid cmdline arguments
Currently pci command ignores invalid cmdline arguments and do something.
Add checks that all passed arguments were processed.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-01-28 17:58:41 -05:00
Pali Rohár
39320935cc pci: Extend 'pci regions' command with bus number
'pci regions' currently prints only region information from bus 0 which
belongs to controller 0. Parser for 'pci regions' cmdline currently ignores
any additional arguments and so U-Boot always uses bus 0.

Regions are stored in controller (not on the bus) and therefore to retrieve
controller from the bus, it is needed to call pci_get_controller() which
returns root bus. Because bus 0 is root bus, current code worked fine for
controller 0.

Extend cmdline parser for 'pci regions' to allows specifying bus number,
extend pci_show_regions() code to accept also non-zero bus number and
print bus ranges for which is regions configuration assigned.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-01-28 17:58:41 -05:00
Pali Rohár
8c303bc6e0 pci: Fix setting controller's last_busno
Initially it is set to dev_seq but update to the last bus number is
missing. Fix it.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2022-01-28 17:58:41 -05:00
Heiko Thiery
c592292385 spl: add support for custom boot method names
Currently the names MMC1, MMC2 and MMC2_2 are output in the SPL. To
achieve more userbility here the name of the boot source can be returned.
E.g. for "MMC1" -> "eMMC" or "MMC2" -> "SD card".

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Michael Walle <michael@walle.cc>
Tested-by: Michael Walle <michael@walle.cc>
2022-01-28 17:58:41 -05:00
Tom Rini
2d0953c0e0 Merge branch '2022-01-28-fastboot-updates'
- 3 DFU/fastboot bugfixes
2022-01-28 12:13:23 -05:00
Matthias Schiffer
7e90f77173 fastboot: only look up real partition names when no alias exists
Having U-Boot look up the passed partition name even though an alias
exists is unexpected, leading to warning messages (when the alias name
doesn't exist as a real partition name) or the use of the wrong
partition.

Change part_get_info_by_name_or_alias() to consider real partitions
names only if no alias of the same name exists, allowing to use aliases
to override the configuration for existing partition names.

Also change one use of strcpy() to strlcpy().

Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
2022-01-28 11:30:39 -05:00
Patrick Delaunay
86b6a38863 dfu: handle short frame result of UPLOAD in state_dfu_idle
In DFU v1.1 specification [1] the DFU_UPLOAD (Short Frame)
is handled only in dfuUPLOADIDLE state:

- Figure A.1 Interface state transition diagram

- the state description in chapter A.2

A.2.3 State 2 dfuIDLE
  on Receipt of the DFU_UPLOAD request,and bitCanUpload = 1
  the Next State is dfuUPLOADIDLE

A.2.10 State 9 dfuUPLOAD-IDLE
  When the length of the data transferred by the device in response
  to a DFU_UPLOAD request is less than wLength. (Short frame)
  the Next State is dfuIDLE

In current code, when an UPLOAD is completely performed after the first
request (for example with wLength=200 and data read = 9), the DFU state
stay at dfuUPLOADIDLE until receiving a DFU_UPLOAD or a DFU_ABORT request
even it is unnecessary as the previous DFU_UPLOAD request already reached
the EOF.

This patch proposes to finish the DFU uploading (don't go to dfuUPLOADIDLE)
and completes the control-read operation (go to DFU_STATE_dfuIDLE) when
the first UPLOAD response has a short frame as an end of file (EOF)
indicator even if it is not explicitly allowed in the DFU specification
but this seems logical.

[1] https://www.usb.org/sites/default/files/DFU_1.1.pdf

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
2022-01-28 10:21:51 -05:00
Roman Stratiienko
51566bc8c3 fastboot: fix fastboot_set_reboot_flag()
In case CONFIG_FASTBOOT_FLASH_MMC_DEV == 0, compile-time condition
is not met and fastboot_set_reboot_flag() fails.

Fixes: a362ce214f ("fastboot: Implement generic fastboot_set_reboot_flag")
Signed-off-by: Roman Stratiienko <r.stratiienko@gmail.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
Tested-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
2022-01-28 10:11:54 -05:00
Tom Rini
761a1786e1 acpi refactoring to allow non-x86 use
binman support for bintools (binary tools)
 minor tools improvements in preparation for FDT signing
 various minor fixes and improvements
 -----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmHyEeYRHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreYYlgf8C7tQVklXz9ZHhxVrFaPHWwgmBzEZJSrc
 7SWhDX9yBrAYBUk8Q4OMnJz6nXW8Rz5Td9GfBNWcJag1HjJqno4BxkqwGk2tshgj
 GIY0D1cGfKJzB4E6/rK/ETwmX4KVUyEf7S2IdJ0oydkn9t7OwDkUX5WtGXo70E7q
 ZJGYlX5NQCVBRAF9NYDuyVFljrPzAiyT58VCtXY3q63C7PmRYvag8r56ug+8lkk3
 9EbOTcwETqq9SbT1vucyBxwbUmoKhb2BF32jEcIhozowIM3GNsSpkdzQCUnylqfa
 LYI/p0oVTKLfFRBRvQjLgdB/OQP8MLkby8A++Db2OW49mBXhn/5JWA==
 =PdpE
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-26jan22' of https://source.denx.de/u-boot/custodians/u-boot-dm

acpi refactoring to allow non-x86 use
binman support for bintools (binary tools)
minor tools improvements in preparation for FDT signing
various minor fixes and improvements
2022-01-27 14:14:47 -05:00
Tom Rini
9a1dd6dcfe Merge https://source.denx.de/u-boot/custodians/u-boot-usb 2022-01-26 20:41:38 -05:00
Loic Poulain
fc2b399ac0 usb: gadget: Add CDC ACM function
Add support for CDC ACM using the new UDC and gadget API. This protocol
can be used for serial over USB data transfer and is widely supported
by various OS (GNU/Linux, MS-Windows, OSX...). The usual purpose of
such link is to access device debug console and can be useful for
products not exposing regular UART to the user.

A default stdio device named 'usbacm' is created, and can be used
to redirect console to USB link over CDC ACM:

> setenv stdin usbacm; setenv stdout usbacm

Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
2022-01-26 23:23:17 +01:00
Loic Poulain
334a9b9d6a lib/circbuf: Make circbuf selectable symbol
It is currenly only used from usbtty driver but make it properly
selectable via Kconfig symbol, for future usage.

Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
2022-01-26 23:23:17 +01:00
Lukasz Majewski
07791e8d05 usb: ehci: dm: Convert i.MX28 ehci code to driver model
This commit converts i.MX28's EHCI USB host driver to driver model
(DM_USB). It is a straightforward conversion (to reuse as much code
as possible), based on ehci-mx5.c code.

Signed-off-by: Lukasz Majewski <lukma@denx.de>
2022-01-26 23:22:59 +01:00
Lukasz Majewski
2d431e33dc usb: ehci: Move common mxs code to separate functions (ehci_hcd_{stop|start})
Those functions will be re-used when the ehci MXS driver (for imx28)
will be converted to also support CONFIG_DM_USB.

No functional changes introduced - only cosmetic changes (u32 type)
and alignment to pass checkpatch.

Signed-off-by: Lukasz Majewski <lukma@denx.de>
2022-01-26 23:22:59 +01:00
Lukasz Majewski
fc313d345a usb: ehci: Refactor the ehci_mxs_toggle_clock function to be reused with DM
This function is going to be reused with the CONFIG_DM_USB enabled in
the imx28 mxs USB ehci driver.

No functional changes introduced.

Signed-off-by: Lukasz Majewski <lukma@denx.de>
2022-01-26 23:22:59 +01:00
Lukasz Majewski
f82feb7f27 usb: Modify Kconfig of the USB_EHCI_MXS to use this driver with imx28
The ehci-mxs driver can be also used with imx28 SoC, not only
imx23.

Signed-off-by: Lukasz Majewski <lukma@denx.de>
2022-01-26 23:22:59 +01:00
Simon Glass
2d2384bbaf tools: mkimage: Show where signatures/keys are written
At present mkimage displays the node information but it is not clear what
signing action was taken. Add a message that shows it. For now it only
supports showing a single signing action, since that is the common case.

Sample:

   Signature written to 'sha1-basic/test.fit',
       node '/configurations/conf-1/signature'
   Public key written to 'sha1-basic/sandbox-u-boot.dtb',
       node '/signature/key-dev'

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:44 -07:00
Simon Glass
9737c2d1eb tools: Pass public-key node through to caller
Update the two functions that call add_verify_data() so that the caller
can see the node that was written to.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:44 -07:00
Simon Glass
c033dc8c0c image: Return destination node for add_verify_data() method
It is useful to know where the verification data was written. Update the
API to return this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:44 -07:00
Simon Glass
99f844ba3a tools: Pass the key blob around
At present we rely on the key blob being in the global_data fdt_blob
pointer. This is true in U-Boot but not with tools. For clarity, pass the
parameter around.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:44 -07:00
Simon Glass
2ad90b3953 tools: Tidy up argument order in fit_config_check_sig()
Put the parent node first in the parameters as this is more natural. Also
add a comment to explain what is going on.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:44 -07:00
Simon Glass
e8aa5580d4 tools: Avoid confusion between keys and signatures
We should be consistent in using the term 'signature' to describe a value
added to sign something and 'key' to describe the key that can be used to
verify the signature.

Tidy up the code to stick to this.

Add some comments to fit_config_verify_key() and its callers while we are
here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:43 -07:00
Simon Glass
48422343c8 tools: Drop unused name in image-host
The name is created but never used. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2022-01-26 08:50:43 -07:00