Commit Graph

247 Commits

Author SHA1 Message Date
Stefano Babic
24431adc36 Restore compatibility of image type IDs
Commit a2b96ece5b breaks the enumeration
of the Image Types. New image types can be appended, but they cannot be
inserted in the list else backward compatibility is broken.

This restores the images types as before 2018.11 and move i.MX8 related
images at the end.

Signed-off-by: Robert Berger <robert.berger@ReliableEmbeddedSystems.com>
Signed-off-by: Stefano Babic <sbabic@denx.de>
CC: Tom Rini <trini@konsulko.com>
2018-12-17 07:09:29 -05:00
Philippe Reynes
061daa0b61 rsa: add support of padding pss
We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-03 10:44:10 -05:00
Philippe Reynes
20031567e1 rsa: add a structure for the padding
The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-03 10:44:10 -05:00
Ryder Lee
3b975a147c tools: MediaTek: add MTK boot header generation to mkimage
This patch adds support for MTK boot image generation.

Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-11-28 23:04:43 -05:00
Peng Fan
a2b96ece5b tools: add i.MX8/8X image support
i.MX8/8X bootable image type is container type.
The bootable image, containers a container set which supports two
container. The 1st container is for SECO firmware, the 2nd container
needs to include scfw, m4_0/1 image, ACore images per your requirement.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
2018-10-22 13:01:27 +02:00
Alex Kiernan
795f452eef mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures
When generating timestamps in signatures, use imagetool_get_source_date()
so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
images.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Reviewed-by: Simon Glass <sjg@chromum.org>
2018-07-10 16:56:00 -04:00
Marek Vasut
7f13b374fd ARM: image: Add option for ignoring ep bit 3
Add option to the booti_setup() which indicates to it that the caller
requires the image to be relocated to the beginning of the RAM and
that the information whether the image can be located anywhere in RAM
at 2 MiB aligned boundary or not is to be ignored. This is useful ie.
in case the Image is wrapped in another envelope, ie. fitImage and not
relocating it but moving it would corrupt the envelope.

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Bin Chen <bin.chen@linaro.org>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-By: Bin Chen <bin.chen@linaro.org>
2018-06-19 07:31:45 -04:00
Kelvin Cheung
c3c8638804 add FIT data-position & data-offset property support
Add FIT data-position & data-offset property support for bootm,
which were already supported in SPL.

Signed-off-by: Kelvin Cheung <keguang.zhang@gmail.com>
2018-05-26 18:19:19 -04:00
Marek Vasut
0298d20375 fit: Add standalone image type handling
Just add IH_TYPE_STANDALONE to fit_get_image_type_property().

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-05-23 22:06:40 -04:00
Tom Rini
16c4b169af FIT: Make fit_conf_print() be a static function
We only call fit_conf_print from one place in the code, so mark it as
static and move it up to where we call it.  This in turn has us move a
few other already static functions up further as well.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-23 17:30:02 -04:00
Tom Rini
3b52847a45 Xilinx changes for v2018.07
microblaze:
 - Align defconfig
 
 zynq:
 - Rework fpga initialization and cpuinfo handling
 
 zynqmp:
 - Add ZynqMP R5 support
 - Wire and enable watchdog on zcu100-revC
 - Setup MMU map for DDR at run time
 - Show board info based on DT and cleanup IDENT_STRING
 
 zynqmp tools:
 - Add read partition support
 - Add initial support for Xilinx bif format for boot.bin generation
 
 mmc:
 - Fix get_timer usage on 64bit cpus
 - Add support for SD3.0 UHS mode
 
 nand-zynq:
 - Add support for 16bit buswidth
 - Use address cycles from onfi params
 
 scsi:
 - convert ceva sata to UCLASS_AHCI
 
 timer:
 - Add Cadence TTC for ZynqMP r5
 
 watchdog:
 - Minor cadence driver cleanup
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iEYEABECAAYFAlr1ldMACgkQykllyylKDCHioACghoJw6+NqsZXl8zGWRP38yZ5K
 mvgAnihfOQq125mpKPZmcc5yt6wVwYIU
 =8ji9
 -----END PGP SIGNATURE-----

Merge tag 'xilinx-for-v2018.07' of git://www.denx.de/git/u-boot-microblaze

Xilinx changes for v2018.07

microblaze:
- Align defconfig

zynq:
- Rework fpga initialization and cpuinfo handling

zynqmp:
- Add ZynqMP R5 support
- Wire and enable watchdog on zcu100-revC
- Setup MMU map for DDR at run time
- Show board info based on DT and cleanup IDENT_STRING

zynqmp tools:
- Add read partition support
- Add initial support for Xilinx bif format for boot.bin generation

mmc:
- Fix get_timer usage on 64bit cpus
- Add support for SD3.0 UHS mode

nand-zynq:
- Add support for 16bit buswidth
- Use address cycles from onfi params

scsi:
- convert ceva sata to UCLASS_AHCI

timer:
- Add Cadence TTC for ZynqMP r5

watchdog:
- Minor cadence driver cleanup
2018-05-11 11:45:28 -04:00
Alexander Graf
6915dcf359 tools: zynqmpimage: Add bif support
The officially described way to generate boot.bin files for ZynqMP is to
describe the contents of the target binary using a file of the "bif"
format.  This file then links to other files that all get packed into a
bootable image.

This patch adds support to read such a .bif file and generate a respective
ZynqMP boot.bin file that can include the normal image and pmu files, but
also supports image partitions now. This makes it a handy replacement for
the proprietary "bootgen" utility that is currently used to generate
boot.bin files with FSBL.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2018-05-11 09:23:44 +02:00
Marek Vasut
662abc4fc5 image: socfpga: Add SFP image version 1 definition
Add support for the SoCFPGA header v1, which is used on Arria 10.
The layout of the v0 and v1 header is similar, yet there are a few
differences which make it incompatible with previous v0 header, so
add a new entry.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Dinh Nguyen <dinguyen@kernel.org>
Cc: Chin Liang See <chin.liang.see@intel.com>
2018-05-08 21:08:42 +02:00
Tom Rini
83d290c56f SPDX: Convert all of our single license tags to Linux Kernel style
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-07 09:34:12 -04:00
Michal Simek
1f8e4bf55e image: fit: Show firmware configuration property if present
SPL ATF support requires to have firmware property which should be also
listed by mkimage -l when images is created.

The patch is also using this macro in spl_fit to match keyword.

When image is created:
 Default Configuration: 'config'
 Configuration 0 (config)
  Description:  ATF with full u-boot
  Kernel:       unavailable
  Firmware:     atf
  FDT:          dtb

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jun Nie <jun.nie@linaro.org>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
2018-04-06 20:45:44 -04:00
Masahiro Yamada
641599a63d image.h: add forward declaration of struct fdt_region
This header needs to know 'fdt_region' is a struct for the
fit_region_make_list() prototype.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-04-01 22:19:10 +08:00
Bryan O'Donoghue
45b55712d4 image: Add IH_OS_TEE for TEE chain-load boot
This patch adds a new type IH_OS_TEE. This new OS type will be used for
chain-loading to Linux via a TEE.

With this patch in-place you can generate a bootable OPTEE image like this:

mkimage -A arm -T kernel -O tee -C none -d tee.bin uTee.optee

where "tee.bin" is the input binary prefixed with an OPTEE header and
uTee.optee is the output prefixed with a u-boot wrapper header.

This image type "-T kernel -O tee" is differentiated from the existing
IH_TYPE_TEE "-T tee" in that the IH_TYPE is installed by u-boot (flow
control returns to u-boot) whereas for the new IH_OS_TEE control passes to
the OPTEE firmware and the firmware chainloads onto Linux.

Andrew Davis gave the following ASCII diagram:

IH_OS_TEE: (mkimage -T kernel -O tee)
Non-Secure       Secure

                 BootROM
                   |
      -------------
     |
     v
    SPL
     |
     v
   U-Boot ------>
          <-----  OP-TEE
      |
      V
    Linux

IH_TYPE_TEE: (mkimage -T tee)
Non-Secure       Secure

                 BootROM
                   |
      -------------
     |
     v
    SPL ------->
         <-----  OP-TEE
     |
     v
   U-Boot
      |
      V
    Linux

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Suggested-by: Andrew F. Davis <afd@ti.com>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Link: http://mrvan.github.io/optee-imx6ul
2018-03-19 16:14:25 -04:00
Patrick Delaunay
81260e3331 tools/mkimage: add support for STM32 image format
STM32MP157 bootrom needs a specific header for first boot stage.
This patch adds support of this header in mkimage.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
2018-03-19 16:14:19 -04:00
Jun Nie
5c643db4cc SPL: Add signature verification when loading image
U-boot proper signature is not verified by SPL on most platforms
even config SPL_FIT_SIGNATURE is enabled. Only fsl-layerscape
platform support secure boot in platform specific code. So
verified boot cannot be achieved if u-boot proper is loaded by
SPL.

This patch add signature verification to u-boot proper images
when loading FIT image in SPL. It is tested on Allwinner bananapi
zero board with H2+ SoC.

Signed-off-by: Jun Nie <jun.nie@linaro.org>
2018-03-19 09:59:32 -04:00
Masahiro Yamada
b08c8c4870 libfdt: move headers to <linux/libfdt.h> and <linux/libfdt_env.h>
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.

This commit moves the header code:
  include/libfdt.h         -> include/linux/libfdt.h
  include/libfdt_env.h     -> include/linux/libfdt_env.h

and replaces include directives:
  #include <libfdt.h>      -> #include <linux/libfdt.h>
  #include <libfdt_env.h>  -> #include <linux/libfdt_env.h>

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2018-03-05 10:16:28 -05:00
Bin Chen
6808ef9ac2 move booti_setup to arch/arm/lig/image.c
Follow bootz's pattern by moving the booti_setup to arch/arm/lib.
This allows to use booti_setup in other paths, e.g booting
an Android image containing Image format.

Note that kernel relocation is move out of booti_setup and it is the
caller's responsibility to do it and allows them do it differently. say,
cmd/booti.c just do a manually, while in the bootm path, we can use
bootm_load_os(with some changes).

Signed-off-by: Bin Chen <bin.chen@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2018-02-07 22:06:11 -05:00
Bin Chen
104816142f parse the second area of android image
The second area of android image was intended to put a 2nd stage
bootloader but in practice were rarely used (in my knowledge).

An proposal was made to the AOSP to (re)use the second area as the dtb[1],
This patch itself doesn't depend on that proposal being accepted but it won't
be that helpful as well if that proposal won't be accepted. But don't do
any harm as well.

[1] https://android-review.googlesource.com/#/c/417447/
Signed-off-by: Bin Chen <bin.chen@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
2018-02-07 21:58:26 -05:00
Andre Przywara
b2267e8a22 fix incorrect usage of DT node unit address in comments
The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the tree where node names were mentioned in
comments, to not give bad examples to the reader.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2018-01-15 18:29:21 -07:00
Rick Chen
068feb9b86 riscv: Modify generic codes to support RISC-V
Support common commands bdinfo and image format,
also modify common generic flow for RISC-V.

Signed-off-by: Rick Chen <rick@andestech.com>
Signed-off-by: Rick Chen <rickchen36@gmail.com>
Signed-off-by: Greentime Hu <green.hu@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2018-01-12 08:05:12 -05:00
Peng Fan
a1be94b654 SPL: Add FIT data-position property support
For external data, FIT has a optional property "data-position" which
can set the external data to a fixed offset to FIT beginning.
Add the support for this property in SPL FIT.

Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tomas Melin <tomas.melin@vaisala.com>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: "Andrew F. Davis" <afd@ti.com>
Cc: Igor Grinberg <grinberg@compulab.co.il>
Cc: "tomas.melin@vaisala.com" <tomas.melin@vaisala.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Lokesh Vutla <lokeshvutla@ti.com>
Cc: "Cooper Jr., Franklin" <fcooper@ti.com>
Cc: George McCollister <george.mccollister@gmail.com>
Cc: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
Cc: Jean-Jacques Hiblot <jjhiblot@ti.com>
Cc: Rick Altherr <raltherr@google.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: York Sun <york.sun@nxp.com>
2017-12-12 21:33:38 -05:00
Philipp Tomsich
4914af1286 image: add IH_OS_ARM_TRUSTED_FIRMWARE for ARM Trusted Firmware
To boot on ARMv8 systems with ARM Trusted Firmware, we need to
assemble an ATF-specific parameter structure and also provide the
address of the images started by ATF (e.g. BL3-3, which may be the
full U-Boot).

To allow us to identify an ARM Trusted Firmware contained in a FIT
image, this adds the necessary definitions.

Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-11-26 00:39:06 +01:00
Tuomas Tynkkynen
137aefba03 common: Remove genimg_get_image()
Removal of the legacy DataFlash code turned genimg_get_image() into a
no-op. Drop all calls to it and the function itself.

Signed-off-by: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
2017-10-16 09:42:51 -04:00
Jean-Jacques Hiblot
02035d0086 fit: If no matching config is found in fit_find_config_node(), use the default one
If board_fit_config_name_match() doesn't match any configuration node,
then use the default one (if provided).

Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-10-05 21:31:04 -04:00
Pantelis Antoniou
169043d826 fit: Introduce methods for applying overlays on fit-load
Introduce an overlay based method for constructing a base DT blob
to pass to the kernel.

It is based on a specific method now to get the FDT from a FIT image
named boot_get_fdt_fit().

Signed-off-by: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
2017-09-15 05:27:49 -06:00
Andrew F. Davis
6442c9643e image: Add TI PMMC image type
Add a new image type representing TI Power Management
Micro-Controller (PMMC) Firmware image type.

Signed-off-by: Andrew F. Davis <afd@ti.com>
2017-09-12 17:58:02 -04:00
Simon Glass
723806cc5b env: Rename some other getenv()-related functions
We are now using an env_ prefix for environment functions. Rename these
other functions as well, for consistency:

   getenv_vlan()
   getenv_bootm_size()
   getenv_bootm_low()
   getenv_bootm_mapsize()
   env_get_default()

Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
2017-08-16 08:31:11 -04:00
Simon Glass
00caae6d47 env: Rename getenv/_f() to env_get()
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.

Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.

Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
2017-08-16 08:30:24 -04:00
Cooper Jr., Franklin
92926bc80c boot_fit: Create helper functions that can be used to select DTB out of FIT
Some platforms may append a FIT image to the U-boot image. This function
aids in parsing the FIT image and selecting the correct DTB at runtime.

Signed-off-by: Franklin S Cooper Jr <fcooper@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2017-07-10 14:25:50 -04:00
Cooper Jr., Franklin
3863f840fa spl: fit: Break out some functions into a common file
Some of the functions within spl_fit will be used for non spl purposes.
Instead of duplicating functions simply break the functions to be reused
into its own file.

Signed-off-by: Franklin S Cooper Jr <fcooper@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Only add the new define to image.h, otherwise we see breakage
due to massive include leakage into host tools in some cases]
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-07-10 14:24:39 -04:00
Alison Wang
4ac0a32e24 armv8: Support loading 32-bit OS which is not in the form of FIT
As only FIT image is supported now, this patch is to support loading
32-bit uImage, dtb and rootfs separately.

Signed-off-by: Alison Wang <alison.wang@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2017-06-09 20:34:56 -04:00
Tom Rini
089df18bfe lib: move hash CONFIG options to Kconfig
Commit 94e3c8c4fd ("crypto/fsl - Add progressive hashing support
using hardware acceleration.") created entries for CONFIG_SHA1,
CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and CONFIG_SHA_PROG_HW_ACCEL.
However, no defconfig has migrated to it.  Complete the move by first
adding additional logic to various Kconfig files to select this when
required and then use the moveconfig tool.  In many cases we can select
these because they are required to implement other drivers.  We also
correct how we include the various hashing algorithms in SPL.

This commit was generated as follows (after Kconfig additions):

[1] tools/moveconfig.py -y SHA1 SHA256 SHA_HW_ACCEL
[2] tools/moveconfig.py -y SHA_PROG_HW_ACCEL

Note:
We cannot move SHA_HW_ACCEL and SHA_PROG_HW_ACCEL simultaneously
because there is dependency between them.

Cc: Poonam Aggrwal <poonam.aggrwal@freescale.com>
Cc: Naveen Burmi <NaveenBurmi@freescale.com>
Cc: Po Liu <po.liu@freescale.com>
Cc: Shengzhou Liu <Shengzhou.Liu@freescale.com>
Cc: Priyanka Jain <Priyanka.Jain@freescale.com>
Cc: Shaohui Xie <Shaohui.Xie@freescale.com>
Cc: Chunhe Lan <Chunhe.Lan@freescale.com>
Cc: Chander Kashyap <k.chander@samsung.com>
Cc: Steve Rae <steve.rae@raedomain.com>
Cc: Dirk Eibach <eibach@gdsys.de>
Cc: Feng Li <feng.li_2@nxp.com>
Cc: Alison Wang <alison.wang@freescale.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Cc: Mingkai Hu <Mingkai.Hu@freescale.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Cc: Jaehoon Chung <jh80.chung@samsung.com>
Cc: Akshay Saraswat <akshay.s@samsung.com>
Cc: Heiko Schocher <hs@denx.de>
Cc: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-22 08:36:58 -04:00
Tom Rini
0db7f6859f FIT: Rename FIT_DISABLE_SHA256 to FIT_ENABLE_SHA256_SUPPORT
We rename CONFIG_FIT_DISABLE_SHA256 to CONFIG_FIT_ENABLE_SHA256_SUPPORT which
is enabled by default and now a positive option.  Convert the handful of boards
that were disabling it before to save space.

Cc: Dirk Eibach <eibach@gdsys.de>
Cc: Lukasz Dalek <luk0104@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-05-22 07:29:55 -04:00
Madan Srinivas
a5c7e41be3 image: Fixes build warning with CONFIG_FIT_IMAGE_POST_PROCESS
The function 'board_fit_image_post_process' is defined only when the
config option CONFIG_FIT_IMAGE_POST_PROCESS is enabled. For secure
systems that do not use SPL but do use FIT kernel images, only
CONFIG_FIT_IMAGE_POST_PROCESS will be defined, which will result in an
implicit declaration of function 'board_fit_image_post_process' warning
while building u-boot. Fix this warning.

Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
2017-04-08 21:35:04 -04:00
Andre Przywara
aeb9c53cae Kconfig: define MD5 dependency for FIT support
FIT images require MD5 support to verify image checksums. So far this
was expressed by defining a CPP symbol in image.h. Since MD5 is now a
first class Kconfig citizen, express that in Kconfig instead.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2017-03-17 09:09:40 -04:00
Rick Altherr
c2e7e72bb9 bootm: relocate ramdisk if CONFIG_SYS_BOOT_RAMDISK_HIGH set
In 35fc84f, bootm was refactored so plain 'bootm' and
'bootm <subcommand>' shared a common implementation.
The 'bootm ramdisk' command implementation is now part of the common
implementation but not invoke by plain 'bootm' since the original
implementation never did ramdisk relocation.  Instead, ramdisk
relocation happened in image_setup_linux() which is typically called
during the OS portion of 'bootm'.

On ARM, parameters to the Linux kernel can either be passed by FDT or
ATAGS. When using FDT, image_setup_linux() is called which also triggers
ramdisk relocation.  When using ATAGS, image_setup_linux() is _not_
called because it mostly does FDT setup.

Instead of calling image_setup_linux() in both FDT and ATAGS cases,
include BOOTM_STATE_RAMDISK in the requested states during a plain
'bootm' if CONFIG_SYS_BOOT_RAMDISK_HIGH is set and remove the ramdisk
relocation from image_setup_linux().  This causes ramdisk relocation to
happen on any system where CONFIG_SYS_BOOT_RAMDISK_HIGH regardless of
the OS being booted. Also remove IMAGE_ENABLE_RAMDISK_HIGH as it was
only used by the now-removed code from image_setup_linux().

Signed-off-by: Rick Altherr <raltherr@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
2017-01-20 09:15:20 -05:00
Tom Rini
f253f2933b Merge branch 'master' of git://git.denx.de/u-boot-video 2017-01-16 20:23:14 -05:00
George McCollister
f1ca1fdebf mkimage: Add support for signing with pkcs11
Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.

Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.

Signed-off-by: George McCollister <george.mccollister@gmail.com>
2017-01-14 16:47:13 -05:00
tomas.melin@vaisala.com
db1b79b886 splash: add support for loading splash from a FIT image
Enable support for loading a splash image from within a FIT image.
The image is assumed to be generated with mkimage -E flag to hold
the data external to the FIT.

Signed-off-by: Tomas Melin <tomas.melin@vaisala.com>
Acked-by: Igor Grinberg <grinberg@compulab.co.il>
2017-01-13 17:40:38 +01:00
Sven Ebenfeld
d21bd69b6e tools: mkimage: add firmware-ivt image type for HAB verification
When we want to use Secure Boot with HAB from SPL over U-Boot.img,
we need to append the IVT to the image and leave space for the CSF.
Images generated as firmware_ivt can directly be signed using the
Freescale code signing tool. For creation of a CSF, mkimage outputs
the correct HAB Blocks for the image.
The changes to the usual firmware image class are quite small,
that is why I implemented that directly into the default_image.

Cc: sbabic@denx.de

v2-Changes: None

Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
2017-01-02 17:06:57 +01:00
Andrew F. Davis
7e719ee7d8 image: Add Trusted Execution Environment image type
Add a new image type representing Trusted Execution Environment (TEE)
image types. For example, an OP-TEE OS binary image.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-12-03 13:21:20 -05:00
Andrew F. Davis
d7be50921e image: Add FIT image loadable section custom processing
To help automate the loading of custom image types we add the ability
to define custom handlers for the loadable section types. When we find
a compatible type while loading a "loadable" image from a FIT image we
run its associated handlers to perform any additional steps needed for
loading this image.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-12-03 13:21:19 -05:00
Andrew Duda
83dd98e012 image: Combine image_sig_algo with image_sign_info
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA
pairings will still fail on verify operations when the hash length is
longer than the key length.

Follow the same naming scheme "checksum,crytpo" without explicitly
defining the string.

Indirectly adds support for "sha1,rsa4096" signing/verification.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:31 -05:00
Andrew Duda
0c1d74fda7 image: Add crypto_algo struct for RSA info
Cut down on the repetition of algorithm information by defining separate
checksum and crypto structs. image_sig_algos are now simply pairs of
unique checksum and crypto algos.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:31 -05:00
Andrew Duda
da29f2991d rsa: Verify RSA padding programatically
Padding verification was done against static SHA/RSA pair arrays which
take up a lot of static memory, are mostly 0xff, and cannot be reused
for additional SHA/RSA pairings. The padding can be easily computed
according to PKCS#1v2.1 as:

  EM = 0x00 || 0x01 || PS || 0x00 || T

where PS is (emLen - tLen - 3) octets of 0xff and T is DER encoding
of the hash.

Store DER prefix in checksum_algo and create rsa_verify_padding
function to handle verification of a message for any SHA/RSA pairing.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:30 -05:00
Andrew Duda
5300a4f933 rsa: cosmetic: rename pad_len to key_len
checksum_algo's pad_len field isn't actually used to store the length of
the padding but the total length of the RSA key (msg_len + pad_len)

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:30 -05:00