Extend the tpm library with support for single authorized (AUTH1) commands
as specified in the TCG Main Specification 1.2. (The internally used helper
functions are implemented in a way that they could also be used for double
authorized commands if someone needs it.)
Provide enums with the return codes from the TCG Main specification.
For now only a single OIAP session is supported.
OIAP authorized version of the commands TPM_LoadKey2 and TPM_GetPubKey are
provided. Both features are available using the 'tpm' command, too.
Authorized commands are enabled with CONFIG_TPM_AUTH_SESSIONS. (Note that
this also requires CONFIG_SHA1 to be enabled.)
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Acked-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Andy Fleming <afleming@freescale.com>
Fix a trivial conflict in arch/arm/dts/exynos5250.dtsi about gpio and
serial.
Conflicts:
arch/arm/dts/exynos5250.dtsi
Signed-off-by: Tom Rini <trini@ti.com>
Tegra30 and Tegra114 are compatible except PLL parameters.
Tested on Tegra30 Cardhu, and Tegra114 Dalmore
platforms. All works well.
Signed-off-by: Jim Lin <jilin@nvidia.com>
Signed-off-by: Tom Warren <twarren@nvidia.com>
Interfaces exposed by error.h seems not to be used in rsa-sig.c, remove it.
This also fixes an compile error on OS X:
---8<---
u-boot/lib/rsa/rsa-sign.c:23:19: error: error.h: No such file or directory
--->8---
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Acked-by: Jeroen Hofstee <jeroen@myspectrum.nl>
Tested-by: Lubomir Popov <lpopov@mm-sol.com>
Add a function to find regions in device tree given a list of nodes to
include and properties to exclude.
See the header file for full documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
RSA provides a public key encryption facility which is ideal for image
signing and verification.
Images are signed using a private key by mkimage. Then at run-time, the
images are verified using a private key.
This implementation uses openssl for the host part (mkimage). To avoid
bringing large libraries into the U-Boot binary, the RSA public key
is encoded using a simple numeric representation in the device tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a library which supports tracing of execution using built-in gcc
features and a microsecond timer. This can be used to record a list of
function which are executed, along with a timestamp for each. Later
this information can be sent to the host for processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch adds the driver for keyboard that's controlled by ChromeOS EC.
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Hung-ying Tyan <tyanh@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
This patch adds the cros_ec driver that implements the protocol for
communicating with Google's ChromeOS embedded controller.
Signed-off-by: Bernie Thompson <bhthompson@chromium.org>
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Doug Anderson <dianders@chromium.org>
Signed-off-by: Gabe Black <gabeblack@chromium.org>
Signed-off-by: Hung-ying Tyan <tyanh@chromium.org>
Signed-off-by: Louis Yung-Chieh Lo <yjlou@chromium.org>
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Signed-off-by: Sean Paul <seanpaul@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Add required compatible information for s5p serial driver
Signed-off-by: Abhilash Kesavan <a.kesavan@samsung.com>
Signed-off-by: Rajeshwari Shinde <rajeshwari.s@samsung.com>
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Move the common makefile line shared by the SPL and non-SPL to the public area,
so that we can avoid excessive SPL symbols. Some of them will be used by the
SPL later.
This patch is on top of the patch "common/Makefile: Add new symbol
CONFIG_SPL_ENV_SUPPORT for environment in SPL".
Signed-off-by: Ying Zhang <b40530@freescale.com>
Acked-by: Tom Rini <trini@ti.com>
Acked-by: Tom Rini <trini@ti.com>
Signed-off-by: Andy Fleming <afleming@freescale.com>
Add support for Infineon's new SLB 9645 TT 1.2 I2C TPMs,
which supports clockstretching, combined reads and a bus speed of
up to 400khz. The device also has a new device id.
This is based on the kernel patch provided by Infineon :
https://gerrit.chromium.org/gerrit/42332
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
This patch is essentially an update of u-boot MTD subsystem to
the state of Linux-3.7.1 with exclusion of some bits:
- the update is concentrated on NAND, no onenand or CFI/NOR/SPI
flashes interfaces are updated EXCEPT for API changes.
- new large NAND chips support is there, though some updates
have got in Linux-3.8.-rc1, (which will follow on top of this patch).
To produce this update I used tag v3.7.1 of linux-stable repository.
The update was made using application of relevant patches,
with changes relevant to U-Boot-only stuff sticked together
to keep bisectability. Then all changes were grouped together
to this patch.
Signed-off-by: Sergey Lapin <slapin@ossfans.org>
[scottwood@freescale.com: some eccstrength and build fixes]
Signed-off-by: Scott Wood <scottwood@freescale.com>
Iterating through subnodes with libfdt is a little painful to write as we
need something like this:
for (depth = 0, count = 0,
offset = fdt_next_node(fdt, parent_offset, &depth);
(offset >= 0) && (depth > 0);
offset = fdt_next_node(fdt, offset, &depth)) {
if (depth == 1) {
/* code body */
}
}
Using fdt_next_subnode() we can instead write this, which is shorter and
easier to get right:
for (offset = fdt_first_subnode(fdt, parent_offset);
offset >= 0;
offset = fdt_next_subnode(fdt, offset)) {
/* code body */
}
Also, it doesn't require two levels of indentation for the loop body.
Signed-off-by: Simon Glass <sjg@chromium.org>
(Cherry-picked from dtc commit 4e76ec79)
Acked-by: Gerald Van Baren <vanbaren@cideas.com>
This function is useful outside libfdt, so export it.
Ref: DTC commit b7aa300e
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
If the environment contains an entry like "=value" "\0" we should throw
an error when parsing the environment. Otherwise, U-Boot will enter in
an infinite loop.
Signed-off-by: Lucian Cojocar <cojocar@gmail.com>
This patch adds the bitrev library from the linux kernel. This is a simple
algorithm that uses an 8 bit look-up table to reverse the bits in data types of
8, 16, or 32 bit widths. The docg4 nand flash driver uses it.
[port from linux kernel v3.9 commit 7ee32a6d30d1c8a3b7a07a6269da8f0a08662927]
[originally added: v2.6.20 by commit a5cfc1ec58a07074dacb6aa8c79eff864c966d12]
Signed-off-by: Mike Dunn <mikedunn@newsguy.com>
Delete all occurrences of hang() and provide a generic function.
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Acked-by: Albert ARIBAUD <albert.u.boot@aribaud.net>
[trini: Modify check around puts() in hang.c slightly]
Signed-off-by: Tom Rini <trini@ti.com>
When CONFIG_REGEX is enabled, the new option "-e" becomes available
which causes regular expression matches to be used. This allows for
example things like these:
- print all MAC addresses:
=> env grep -e eth.*addr
eth1addr=00:10:ec:80:c5:15
ethaddr=00:10:ec:00:c5:15
- print all variables that have at least 2 colons in their value:
=> env grep -v -e :.*:
addip=setenv bootargs ${bootargs} ip=${ipaddr}:${serverip}:${gatewayip}:${netmask}:${hostname}:${netdev}:off
panic=1
eth1addr=00:10:ec:80:c5:15
ethaddr=00:10:ec:00:c5:15
ver=U-Boot 2013.04-rc1-00289-g497746b-dirty (Mar 22 2013 - 12:50:25)
etc.
Signed-off-by: Wolfgang Denk <wd@denx.de>
Downloaded from http://slre.sourceforge.net/
and adapted for U-Boot environment.
Used to implement regex operations on environment variables.
Code size is ~ 3.5 KiB on PPC.
To enable this code, define the CONFIG_REGEX option in your board
config file.
Note: There are more recent versions of the SLRE library available at
http://slre.googlecode.com ; unfortunately, the new code has a heavily
reorked API which makes it less usable for our purposes:
- the return code is strings, which are more difficult to process
- we don't get any information any more which sub-string of the data
was matched by the given regex
- it is much more cumbersome to work with arbitrary expressions, where
for example the number of substrings for capturing are not known at
compile time
Also, there does not seem to be any real changes or improvements of
the functionality.
Because of this, we deliberately stick with the older code.
Note 2: the test code (built when SLRE_TEST is defined) was modified
to allow for more extensive testing; now we can test the regexp
matching on all lines on a text file (instead of the whole data in the
file as a single block).
Signed-off-by: Wolfgang Denk <wd@denx.de>
The output of "env grep" is unsorted, and printing is done by a
private implementation to parse the hash table. We have all the
needed code in place in hexport_r() alsready, so let's use this
instead. Here we prepare the code for this, without any functional
changes yet.
Signed-off-by: Wolfgang Denk <wd@denx.de>
Add generic board support for sandbox. and remove the old board init code.
Select CONFIG_SYS_GENERIC_BOARD for sandbox now that this is supported.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@ti.com>
When crc32 is handled by the hash library, it requires the data to be in
big-endian format, since it reads it byte-wise. Thus at present the 'crc32'
command reports incorrect data. For example, previously we might see:
Peach # crc32 40000000 100
CRC32 for 40000000 ... 400000ff ==> 0d968558
but instead with the hash library we see:
Peach # crc32 40000000 100
CRC32 for 40000000 ... 400000ff ==> 5885960d
Correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@google.com>
TPM command library implements a subset of TPM commands defined in TCG
Main Specification 1.2 that are useful for implementing secure boot.
More TPM commands could be added out of necessity.
You may exercise these commands through the 'tpm' command. However, the
raw TPM commands are too primitive for writing secure boot in command
interpreter scripts; so the 'tpm' command also provides helper functions
to make scripting easier.
For example, to define a counter in TPM non-volatile storage and
initialize it to zero:
$ tpm init
$ tpm startup TPM_ST_CLEAR
$ tpm nv_define d 0x1001 0x1
$ tpm nv_write d 0x1001 0
And then increment the counter by one:
$ tpm nv_read d 0x1001 i
$ setexpr.l i $i + 1
$ tpm nv_write d 0x1001 $i
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Add a driver for the I2C TPM from Infineon.
Signed-off-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Rong Chang <rongchang@chromium.org>
Signed-off-by: Tom Wai-Hong Tam <waihong@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
The kernel states:
---8<---
The OMAP3 GPMC hardware BCH engine computes remainder polynomials, it does not
provide automatic error location and correction: this step is implemented using
the BCH library.
--->8---
And we do so in u-boot.
This implementation uses the same layout for BCH8 but it is fix. The current
provided layout does only work with 64 Byte OOB.
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Cc: Tom Rini <trini@ti.com>
Cc: Ilya Yanok <ilya.yanok@cogentembedded.com>
Cc: Scott Wood <scottwood@freescale.com>
Cc: Mansoor Ahamed <mansoor.ahamed@ti.com>
Cc: Thomas Weber <thomas.weber.linux@googlemail.com>
Add "nvidia,tegra114-spi" to represent t114 SPI controller hardware.
Signed-off-by: Allen Martin <amartin@nvidia.com>
Signed-off-by: Tom Warren <twarren@nvidia.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Enable device tree control of SPI flash, and use this to implement
memory-mapped SPI flash, which is supported on Intel chips.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is common to have a "reg = <address size>" property in the FDT.
Add a function to handle this, similar to the existing
fdtdec_get_addr();
Signed-off-by: Simon Glass <sjg@chromium.org>
Albert's rework of the linker scripts conflicted with Simon's making
everyone use __bss_end. We also had a minor conflict over
README.scrapyard being added to in mainline and enhanced in
u-boot-arm/master with proper formatting.
Conflicts:
arch/arm/cpu/ixp/u-boot.lds
arch/arm/cpu/u-boot.lds
arch/arm/lib/Makefile
board/actux1/u-boot.lds
board/actux2/u-boot.lds
board/actux3/u-boot.lds
board/dvlhost/u-boot.lds
board/freescale/mx31ads/u-boot.lds
doc/README.scrapyard
include/configs/tegra-common.h
Build tested for all of ARM and run-time tested on am335x_evm.
Signed-off-by: Tom Rini <trini@ti.com>
This library supports calling a list of functions one after the
other.
It is intended that we move to a more powerful initcall implementation
as proposed by Graeme Russ <graeme.russ@gmail.com>. For now, this allows
us to do the basics.
Signed-off-by: Simon Glass <sjg@chromium.org>