The previous patch adds support for rejecting images when the sha384/512
of an x.509 certificate is present in dbx. Update the sandbox selftests
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Currently we don't support sha384/512 for the X.509 certificate
in dbx. Moreover if we come across such a hash we skip the check
and approve the image, although the image might needs to be rejected.
Rework the code a bit and fix it by adding an array of structs with the
supported GUIDs, len and literal used in the U-Boot crypto APIs instead
of hardcoding the GUID types.
It's worth noting here that efi_hash_regions() can now be reused from
efi_signature_lookup_digest() and add sha348/512 support there as well
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This commit moves the user input handling from cmd/bootmenu.c
to common/menu.c to reuse it from other modules.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Fixes
WARNING: unmet direct dependencies detected for EVENT_DYNAMIC
Depends on [n]: EVENT [=n]
Selected by [y]:
- EFI_LOADER [=y] && OF_LIBFDT [=y] && ...
and the succeeding build breakage.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Building with OpenSSL 3.0 produces warnings like:
../tools/sunxi_toc0.c:846:17: warning: ‘RSA_get0_d’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]
846 | if (root_key && RSA_get0_d(root_key)) {
| ^~
As OpenSSL 3.0 is not available in elder Linux distributions
just silence the warning.
Add missing #include <openssl/bn.h>.
Fixes: e9e87ec47c ("tools: mkimage: Add Allwinner TOC0 support")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Andre Przywara <andre.przywara@arm.com>
Over the years, several options have not made it into the help message.
Document them. Do the same for the man page.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Use [:space:] instead of \s and \S in regular expression that
determines the sandbox target architecture. Fixes the build
failure on OpenBSD introduced with commit 4e65ca00f3
("efi_loader: bootmgr: add booting from removable media").
Fixes: f7691a6d73 ("sandbox: allow cross-compiling sandbox")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This has been deprecated for over 10 years and everything now uses the
plain "phandle" property in preference. There's no need to set
linux,phandle when creating phandles for nodes that do not have one.
dtc changed the default to creating just phandle in version 1.4.5
released in September 2017 with the justification that the new style had
already been supported for 7 years by that point (see dtc commit 0016f8c
("dtc: change default phandles to ePAPR style instead of both")).
Signed-off-by: John Keeping <john@metanate.com>
Adds a sub-command repair to the command gpt
that allow to repair a corrupted gpt table. If
the both gpt table (primary and backup) are
valid, then the command does nothing.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
If a gpt table is corrupted (after a power cut
for example), then the gpt table should repaired.
The function gpt_repair_headers check if at least
one gpt table is valid, and then only write the
corrupted gpt table.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Since commit 16cc5ad0b4 ("power: regulator: add dummy helper")
regulator dummy helper are always available even if DM_REGULATOR
is not set.
DM_REGULATOR flag is no more needed to protect no DM core,
remove it.
Signed-off-by: Patrice Chotard <patrice.chotard@foss.st.com>
MAX6370 watchdog is available e.g. on Freescale P1/P2 RDB-PC boards.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
- Assorted minor code cleanups.
- Clean-up the reset uclass code slightly and fix some issues with a
lack of handlers for a case in the driver.
- Y2038 RTC fix
drivers/misc/fs_loader.c: In function ‘mount_ubifs’:
drivers/misc/fs_loader.c:46:12: warning: implicit declaration of function ‘ubi_part’ [-Wimplicit-function-declaration]
int ret = ubi_part(mtdpart, NULL);
^~~~~~~~
drivers/misc/fs_loader.c:53:9: warning: implicit declaration of function ‘cmd_ubifs_mount’ [-Wimplicit-function-declaration]
return cmd_ubifs_mount(ubivol);
^~~~~~~~~~~~~~~
drivers/misc/fs_loader.c: In function ‘umount_ubifs’:
drivers/misc/fs_loader.c:58:9: warning: implicit declaration of function ‘cmd_ubifs_umount’ [-Wimplicit-function-declaration]
return cmd_ubifs_umount();
^~~~~~~~~~~~~~~~
Signed-off-by: Pali Rohár <pali@kernel.org>
In case the ops is not implemented, return 0 in the core right away.
This is better than having multiple copies of functions which just
return 0 in each reset driver. Drop all those empty functions.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Local variable out.name lives on the stack and therefore cannot
be returned directly. Move the strdup() call into the function.
(Coverity 352460)
Fixes: 7c33f78983 ("clk: scmi: register scmi clocks with CCF")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
tm_mon has a range from 0..11, but the RTC expects 1..12. So we adapt
the month accordingly. This was determined when comparing the driver
with the corresponding linux kernel driver.
Signed-off-by: Oliver Graute <oliver.graute@kococonnector.com>
Reviewed-by: Michael Walle <michael@walle.cc>
Reviewed-by: Heiko Schocher <hs@denx.de>
If argc is not < 3, it must be >= 3.
If argc >= 3, argv[2] cannot be NULL.
Fixes: 9de612ae4d ("cmd: adc: Add support for storing ADC result in env variable")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
We don't have an option -cq but two distinct options -c and -q.
Fixes: e9496ec374 ("fdt: Add -q option to fdt addr for distro_bootcmd")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
We currently overflow due to wrong types used internally in rtc_mktime,
on all platforms, and we return a too small type on 32-bit.
One consumer that directly benefits from this is mktime64. Many others
may still store the result in a wrong type.
While at it, drop the redundant cast of mon in rtc_mktime (obsoleted by
714209832d).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
On some image types like i.MX8 and i.MX8M, the verify_header function
is not implemented.
Before this commit, no check on tparams->verify_header was done causing
a segfault if NULL. Now, a proper error message is printed.
Signed-off-by: Nicolas Heemeryck <nicolas.heemeryck@gmail.com>
Currently, in case of arm64 bootloader and U-Boot the stack pointer is
initialized at an offset of NON_SECURE_MSRAM_SIZE from arm64 SPL's text
base address. After jumping to arm64, execution is done out of DDR.
Therefore, having an offset corresponding to the size of MSRAM does not
have any significance.
Instead, initialize the stack pointer after an offset of 4MB from the SPL
text base address. This helps in allocating larger memory for stack.
┌────────────────────┐0x80080000
│ │
│ arm64 SPL │
├────────────────────┤
│ ▲ │
│ │ │
│ STACK │
├────────────────────┤0x80480000
│ Memory for Load │
│ Buffer Allocation │
├────────────────────┤0x80800000
│ │
│ U-Boot Image │
│ │
└────────────────────┘
Signed-off-by: Aswath Govindraju <a-govindraju@ti.com>
There are many pins in an SoC, and register usage may vary by pins.
This patch introduces a concept of "io type" and "io type group"
to mediatek pinctrl drivers. This can provide different pinconf
handlers implementation (eg: "bias-pull-up/down", "driving" and
"input-enable") for IO pins that belong to different types.
Signed-off-by: Sam Shih <sam.shih@mediatek.com>
Pinctrl design of some mediatek SoC need to access registers that
distribute in multiple memory base address. this patch introduce new
mechanism in mediatek pinctrl driver to support the chips which have
the new design.
This patch add a member 'base_calc' in pinctrl private data, and changed
original 'base' private data to an array of *iomem.
When 'base_calc' attribute is set, it will requests multiplue regs base
from the DT, if 'base_calc' attribute is not set, it only use legacy way
to request single reg resource from the DT.
Signed-off-by: Sam Shih <sam.shih@mediatek.com>
There are many pins in a SoCs, and different pin may belong
to different "io_type", For example: some pins of MT7622 belongs
to "io_type A", the other belongs to "io_type B", and pinctrl "V0"
means handle pinconf via "io_type A" or "io_type B", so SoCs that
contain "io_type A" and "io_type B" pins, use "V0" in pinctrl driver.
This patch separates the implementation of register operations
(e.g: "bias-pull-up/down", "driving" and "input-enable") into
different functions, and lets the original V0/V1
ops to call the new functions.
Signed-off-by: Sam Shih <sam.shih@mediatek.com>
With sandbox, U-Boot can be run without a device tree (i.e. no -d or -T
parameter). In this case an empty device tree is created for convenience.
With a recent change this causes an error due to the missing '/binman'
node.
Add this node to avoid the problem, as well as a test that U-Boot can
be run without a device tree.
Fixes: 059df5624b ("arch: Kconfig: imply BINMAN for SANDBOX")
Fixes: https://source.denx.de/u-boot/u-boot/-/issues/11
Signed-off-by: Simon Glass <sjg@chromium.org>
This is useful sometimes when running a specific test. Add support for it
in the existing restart_uboot_with_flags() function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Remove Masami Hiramatsu from MAINTAINERS since he will leave
Linaro and his email will be not available anymore.
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
SPL_SYS_MALLOC_F_LEN defaults to SYS_MALLOC_F_LEN. 0x10000 is 64 KiB, or
around half of the total OCRAM size. Revert to the default of 0x2000. This
fixes SPL boot.
Fixes: 545eceb520 ("imx8/ls10xx: Use a sane SYS_MALLOC_F_LEN default")
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Fabio Estevam <festevam@denx.de>
Add clock controller driver for NPCM750
Signed-off-by: Jim Liu <JJLIU0@nuvoton.com>
Signed-off-by: Stanley Chu <yschu@nuvoton.com>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
* Test
Unit test for 'bootmenu' command
* UEFI
Preparatory patches for implementing a UEFI boot options based menu
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmJyoMcACgkQxIHbvCwF
GsTbjA/+J+mQg5Rl8AkWwxnBynshNbOsQjsekJjoQTKN9XdvA4Rest2cP7AZ7LP7
yi2jks4qMKex5NyGSt2wV51snwZJ6ikZshYpEl59wzoOa4DNlBktH/emOVPNhHqm
n+By+m1Uer7I1NBATfGLjgp7Pwk910OkX9sXdFBtg3OlQwBnoCgNARmxxz7ifWwa
BxZP2w7l8BfejeZyS/HBzvUc8tPHljukidZoXANXJ/wbJmiU1JR+MBU4+iJmAwCi
rt4loje8ynIiPd0NsfDdasqsNGXNtKf1ikY9xH7UBmv8lmkM1BLE+SSufb+8ihUV
5/hn4Q/nXze4klNM/owkglfsiBzs1tGIh1EBmuD9BBjBKKTHMUqSCU1f30cqc+oh
80heH8J6GicqlQlaN5WyYbimH7WvGz48dr8VrWM5AuFf8FjZlNfIlkt86h4yQBjc
v6aTvNOXyLriFUh1p9DaQi1+U2ZdB2UO7wpEuWdVbgTE/yH9ZqmBNCB8kGTH1TPk
pOwMDZPIFTvHp3WirztpxZRcPus/Eo7s1noMGzM/gdQjmIMRlkEbP8T617hoXWdZ
/T4xwRyArQFCkx5xhd5nNqpLd3Lgq4ezpw5ZFAmULJZaGYpp6Iaf+IWiTYghrZ2/
z5cfeQZVL7Sb7vb/yajtVdaZzKg8Eq1FeZdDnoBayvL9UdFTBWA=
=bl7A
-----END PGP SIGNATURE-----
Merge tag 'efi-2022-07-rc2-2' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-07-rc2-2
* Test
Unit test for 'bootmenu' command
* UEFI
Preparatory patches for implementing a UEFI boot options based menu
Macro MVNETA_GMAC_FORCE_LINK_UP can be dropped from value assignment in
fixed link case, since it's value is written into the register later in
the function for link-down-to-link-up case. The value is written as
MVNETA_GMAC_FORCE_LINK_DOWN | MVNETA_GMAC_FORCE_LINK_PASS, and so the
macro definition can also be dropped.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Guard the code handling the fixed PHY case by
CONFIG_IS_ENABLED(PHY_FIXED).
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>