Patrick Delaunay [Mon, 13 Jan 2020 10:34:58 +0000 (11:34 +0100)]
dt-bindings: gpio: document the new pull-up/pull-down flags
This commit extends the flags that can be used in GPIO specifiers to
indicate if a pull-up resistor or pull-down resistor should be
enabled.
It is the backport of linux commit ede033e1e863c ('dt-bindings:
gpio: document the new pull-up/pull-down flags')
from Thomas Petazzoni <thomas.petazzoni@bootlin.com>
and integrated in v5.1-rc1
https://github.com/torvalds/linux/commit/ede033e1e863c
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Patrick Delaunay [Mon, 13 Jan 2020 10:34:57 +0000 (11:34 +0100)]
dm: pinctrl: migrate pinctrl-generic to livetree
Migrate pinctrl-generic to livetree:
- dev_for_each_property
- dev_read_prop_by_prop
- dev_read_string_count
- dev_read_string_index
and get rid of DECLARE_GLOBAL_DATA_PTR.
This patch solves the parsing issue during sandbox tests for pin
configuration (OF_LIVE is activated in sandbox_defconfig
and sub node are not correctly parsed in
pinctrl_generic_set_state_subnode with fdt lib API).
Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Patrick Delaunay [Mon, 13 Jan 2020 10:34:56 +0000 (11:34 +0100)]
dm: core: add ofnode and dev function to iterate on node property
Add functions to iterate on all property with livetree
- dev_read_first_prop
- dev_read_next_prop
- dev_read_prop_by_prop
and
- ofnode_get_first_property
- ofnode_get_next_property
- ofnode_get_property_by_prop
And helper: dev_for_each_property
For example:
struct ofprop property;
dev_for_each_property(property, config) {
value = dev_read_prop_by_prop(&property, &propname, &len);
or:
for (res = ofnode_get_first_property(node, &property);
!res;
res = ofnode_get_next_property(&property))
{
value = ofnode_get_property_by_prop(&property, &propname, &len);
....
}
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Patrick Delaunay [Mon, 13 Jan 2020 10:34:55 +0000 (11:34 +0100)]
dm: pinctrl: convert pinctrl-single to livetree
Convert 'pinctrl-single' using livetree functions
- dev_read_prop
- dev_read_u32_default
- dev_read_u32_array
- dev_read_bool
- dev_read_addr
and get rid of DECLARE_GLOBAL_DATA_PTR.
Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Karl Palsson [Mon, 6 Apr 2020 15:58:02 +0000 (15:58 +0000)]
README: remove requirement for CHANGELOG entry
As indicated elsewhere in the README, the standalone CHANGELOG file was
removed in 2010. Drop the instructions for creating patches on creating
a standalone CHANGELOG entry.
'|' is the "expected" segment header start position.
But in that page, there are only 2 bytes left, can't contain the 4 bytes
segment header.
So btrfs compression will skip that 2 bytes, put the segment header in
next page directly.
Uboot doesn't have such check, and read the header with 2 bytes offset,
result 0x05470000 (88539136), other than the expected result
0x00000547 (1351), resulting above error.
Follow the btrfs-progs restore implementation, by introducing tot_in to
record total processed bytes (including headers), and do proper page
boundary skip to fix it.
Please note that, current code base doesn't parse fs_info thus we can't
grab sector size easily, so it uses PAGE_SIZE, and relying on fs open
time check to exclude unsupported sector size.
Signed-off-by: Qu Wenruo <wqu@suse.com> Cc: Marek Behun <marek.behun@nic.cz> Reviewed-by: Marek Behún <marek.behun@nic.cz>
Qu Wenruo [Thu, 26 Mar 2020 05:35:55 +0000 (13:35 +0800)]
fs: btrfs: Reject fs with sector size other than PAGE_SIZE
Although in theory u-boot fs driver could easily support more sector
sizes, current code base doesn't have good enough way to grab sector
size yet.
This would cause problem for later LZO fixes which rely on sector size.
And considering that most u-boot boards are using 4K page size, which is
also the most common sector size for btrfs, rejecting fs with
non-page-sized sector size shouldn't cause much problem.
This should only be a quick fix before we implement better sector size
support.
Signed-off-by: Qu Wenruo <wqu@suse.com> Cc: Marek Behun <marek.behun@nic.cz> Reviewed-by: Marek Behún <marek.behun@nic.cz>
Tom Rini [Thu, 16 Apr 2020 21:14:44 +0000 (17:14 -0400)]
Merge tag 'arc-fixes-for-2020.07-rc1' of https://gitlab.denx.de/u-boot/custodians/u-boot-arc
This is pretty minor set of changes mostly touching HSDK board:
* Enable on-chip reset controller on HSDK
* Add possibility to turn-on & off L2$ on more
recent ARC HS processors.
* AXI tunnel clock calculation on HSDK
Tom Rini [Thu, 16 Apr 2020 20:41:40 +0000 (16:41 -0400)]
Merge tag 'efi-2020-07-rc1' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-07-rc1
This pull request
* provides an implementation of UEFI secure booting
* fixes a problem with the rsa_mod_exp driver which stops some boards
from booting when CONFIG_RSA is enabled which is needed for UEFI
secure booting
* enables the EFI_RNG_PROTOCOL if DM_RNG is enabled
* fixes some function comments
Tom Rini [Thu, 16 Apr 2020 17:45:03 +0000 (13:45 -0400)]
Merge tag 'dm-pull-10apr20-take2' of git://git.denx.de/u-boot-dm
Functions for reading indexed values from device tree
Enhancements to 'dm' command
Log test enhancements and syslog driver
DM change to read parent ofdata before children
Minor fixes
Simon Glass [Sun, 5 Apr 2020 21:38:19 +0000 (15:38 -0600)]
dm: core: Read parent ofdata before children
At present a device can read its ofdata before its parent has done the
same. This can cause problems in the case where the parent has a 'ranges'
property, thus affecting the operation of dev_read_addr(), for example.
We already probe parent devices before children so it does not seem to be
a large step to do the same with ofdata.
Make the change and update the documentation in this area.
Signed-off-by: Simon Glass <sjg@chromium.org> Tested-by: Ley Foon Tan <ley.foon.tan@intel.com>
Signed-off-by: Laurentiu Tudor <laurentiu.tudor@nxp.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Drop blank line at EFO: Signed-off-by: Simon Glass <sjg@chromium.org>
dm: core: remove the duplicated function dm_ofnode_pre_reloc
The content dm_ofnode_pre_reloc() is identical with ofnode_pre_reloc()
defined in drivers/core/ofnode.c and used only three times:
- drivers/core/lists.c:lists_bind_fdt()
- drivers/clk/at91/pmc.c::at91_clk_sub_device_bind
- drivers/clk/altera/clk-arria10.c::socfpga_a10_clk_bind
So this function dm_ofnode_pre_reloc can be removed and replaced
by these function calls by ofnode_pre_reloc().
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Acked-by: Simon Glass <sjg@chromium.org>
Dario Binacchi [Sun, 29 Mar 2020 16:04:41 +0000 (18:04 +0200)]
dm: core: support reading a single indexed u32 value
The patch adds helper functions to allow reading a single indexed u32
value from a device-tree property containing multiple u32 values, that
is an array of integers.
Signed-off-by: Dario Binacchi <dariobin@libero.it> Reviewed-by: Simon Glass <sjg@chromium.org>
Simon Glass [Sat, 28 Mar 2020 20:03:48 +0000 (14:03 -0600)]
dm: core: Add a way to skip powering down power domains
When removing a device the power domains it uses are generally powered
off. But when we are trying to unbind all devices (e.g. for running tests)
we don't want to probe a device in the 'remove' path.
Tom Warren [Thu, 26 Mar 2020 22:20:44 +0000 (15:20 -0700)]
fdt: Fix 'system' command
'fdt systemsetup' wasn't working, due to the fact that the 'set' command
was being parsed in do_fdt() by only testing for the leading 's' instead
of "se", which kept the "sys" test further down from executing. Changed
to test for "se" instead, now 'fdt systemsetup' works (to test the
ft_system_setup proc w/o having to boot a kernel).
Simon Glass [Fri, 28 Feb 2020 01:49:23 +0000 (18:49 -0700)]
patman: Apply the cc limit to the cover letter also
Quite often on a series that has clean-up patches, the individual patches
may fit within the cc limit but the cover letter does not. Apply the same
limit to the cover letter.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Chris Packham <judge.packham@gmail.com>
Provide a log driver that broadcasts RFC 3164 messages to syslog servers.
rsyslog is one implementation of such a server.
The messages are sent to the local broadcast address 255.255.255.255 on
port 514.
The environment variable log_hostname can be used to provide the HOSTNAME
field for the messages. The optional TIMESTAMP field of RFC 3164 is not
provided.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
Patrick Delaunay [Tue, 18 Feb 2020 14:43:46 +0000 (15:43 +0100)]
dm: core: Move "/chosen" and "/firmware" node scan
Use the new function dm_scan_fdt_ofnode_path() to scan all the nodes
which aren't devices themselves but may contain some:
- "/chosen"
- "/clocks"
- "/firmware"
The patch removes the strcmp call in recursive function dm_scan_fdt_live()
and also corrects a conflict with the 2 applied patches in
the commit 1712ca21924b ("dm: core: Scan /firmware node by default")
and in the commit 747558d01457 ("dm: fdt: scan for devices under
/firmware too"): the subnodes of "/firmware" (optee for example)
are bound 2 times.
For example the dm tree command result on STM32MP1 is:
STM32MP> dm tree
Class Index Probed Driver Name
-----------------------------------------------------------
root 0 [ + ] root_driver root_driver
firmware 0 [ ] psci |-- psci
sysreset 0 [ ] psci-sysreset | `-- psci-sysreset
simple_bus 0 [ + ] generic_simple_bus |-- soc
...
tee 0 [ + ] optee |-- optee
...
tee 1 [ ] optee `-- optee
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Tested-by: Michal Simek <michal.simek@xilinx.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Variable count is initialized at the start of every round of the while
loop and it is not used after the while loop. So there is no need to
initialize it beforehand.
Identified by cppcheck.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
Rasmus Villemoes [Fri, 14 Feb 2020 10:58:37 +0000 (10:58 +0000)]
sandbox: also restore terminal settings when killed by SIGINT
Hitting Ctrl-C is a documented way to exit the sandbox, but it is not
actually equivalent to the reset command. The latter, since it follows
normal process exit, takes care to reset terminal settings and
restoring the O_NONBLOCK behaviour of stdin (and, in a terminal, that
is usually the same file description as stdout and stderr, i.e. some
/dev/pts/NN).
Failure to restore (remove) O_NONBLOCK from stdout/stderr can cause
very surprising and hard to debug problems back in the terminal. For
example, I had "make -j8" consistently failing without much
information about just exactly what went wrong, but sometimes I did
get a "echo: write error". I was at first afraid my disk was getting
bad, but then a simple "dmesg" _also_ failed with write error - so it
was writing to the terminal that was buggered. And both "make -j8" and
dmesg in another terminal window worked just fine.
So install a SIGINT handler so that if the chosen terminal
mode (cooked or raw-with-sigs) means Ctrl-C sends a SIGINT, we will
still call os_fd_restore(), then reraise the signal and die as usual
from SIGINT.
Tom Rini [Tue, 11 Feb 2020 17:41:23 +0000 (12:41 -0500)]
sandbox: Update PCI nodes in dts files
The way the PCI nodes are written today causes a number of warnings if
we stop disabling some of the warnings we pass to DTC. As these
warnings aren't disabled in current Linux Kernel builds, we should aim
to not disable them here either, so rewrite these slightly. Update the
driver model doc as well.
Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
Sean Anderson [Sun, 2 Feb 2020 18:15:17 +0000 (13:15 -0500)]
serial: Set baudrate on boot
Currently, the baud rate is never set on boot. This works ok when a previous
bootloader has configured the baudrate properly, or when the baudrate is set to
a reasonable default in the serial driver's probe(). However, when this is not
the case, we could be using a different baud rate than what was configured.
Simon Glass [Wed, 8 Apr 2020 22:57:39 +0000 (16:57 -0600)]
acpi: Add support for DMAR
The DMA Remapping Reporting (DMAR) table contains information about DMA
remapping.
Add a version simple version of this table with only the minimum fields
filled out. i.e. no entries.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Simon Glass [Wed, 8 Apr 2020 22:57:38 +0000 (16:57 -0600)]
acpi: Add a central location for table version numbers
Each ACPI table has its own version number. Add the version numbers in a
single function so we can keep them consistent and easily see what
versions are supported.
Start a new acpi_table file in a generic directory to house this function.
We can move things over to this file from x86 as needed.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Simon Glass [Wed, 8 Apr 2020 22:57:37 +0000 (16:57 -0600)]
acpi: Add an __ACPI__ preprocessor symbol
The ASL compiler cannot handle C structures and the like so needs some
sort of header guard around these.
We already have an __ASSEMBLY__ #define but it seems best to create a new
one for ACPI since the rules may be different.
Add the check to a few files that ACPI always includes.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Simon Glass [Wed, 8 Apr 2020 22:57:36 +0000 (16:57 -0600)]
x86: Move acpi_table header to main include/ directory
This file is potentially useful to other architectures saddled with ACPI
so move most of its contents to a common location.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Simon Glass [Wed, 8 Apr 2020 22:57:35 +0000 (16:57 -0600)]
x86: Move acpi_s3.h to include/acpi/
This header relates to ACPI and we are about to add some more ACPI
headers. Move this one into a new directory so they are together.
The header inclusion in pci_rom.c is not specific to x86 anymore, so drop
the #ifdef CONFIG_X86.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Simon Glass [Wed, 8 Apr 2020 22:57:34 +0000 (16:57 -0600)]
acpi: Add a simple sandbox test
Add a sandbox test for the basic ACPI functionality we have so far.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Simon Glass [Thu, 9 Apr 2020 16:27:38 +0000 (10:27 -0600)]
dm: core: Add basic ACPI support
ACPI (Advanced Configuration and Power Interface) is a standard for
specifying information about a platform. It is a little like device
tree but the bindings are part of the specification and it supports an
interpreted bytecode language.
Driver model does not use ACPI for U-Boot's configuration, but it is
convenient to have it support generation of ACPI tables for passing to
Linux, etc.
As a starting point, add an optional set of ACPI operations to each
device. Initially only a single operation is available, to obtain the
ACPI name for the device. More operations are added later.
Enable ACPI for sandbox to ensure build coverage and so that we can add
tests.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Simon Glass [Thu, 9 Apr 2020 16:27:36 +0000 (10:27 -0600)]
pci: Adjust dm_pci_read_bar32() to return errors correctly
At present if reading a BAR returns 0xffffffff then the value is masked
and a different value is returned. This makes it harder to detect the
problem when debugging.
Update the function to avoid masking in this case.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Simon Glass [Wed, 8 Apr 2020 22:57:28 +0000 (16:57 -0600)]
x86: apl: Move p2sb ofdata reading to the correct method
With P2SB the initial BAR (base-address register) is set up by TPL and
this is used unchanged right through U-Boot.
At present the reading of this address is split between the ofdata() and
probe() methods. There are a few problems that are unique to the p2sb.
One is that its children need to call pcr_read32(), etc. which needs to
have the p2sb address correct. Also some of its children are pinctrl
devices and pinctrl is used when any device is probed. So p2sb really
needs to get its base address set up in ofdata_to_platdata(), before it is
probed.
Another point is that reading the p2sb BAR will not work if the p2sb is
hidden. The FSP-S seems to hide it, presumably to avoid confusing PCI
enumeration.
Reading ofdata in ofdata_to_platdata() is the correct place anyway, so
this is easy to fix.
Move the code into one place and use the early-regs property in all cases
for simplicity and to avoid needing to probe any PCI devices just to read
the BAR.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com> Tested-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Simon Glass [Wed, 8 Apr 2020 22:57:27 +0000 (16:57 -0600)]
x86: Correct wording of coreboot source code
Some files are taken or modified from coreboot, but the files are
no-longer part of the coreboot project. Fix the wording in a few places.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Simon Glass [Wed, 8 Apr 2020 22:57:25 +0000 (16:57 -0600)]
tpm: Don't cleanup unless an error happens
At present the cleanup() method is called on every transfer. It should
only be called on failing transfers. Fix this and tidy up the error
handling a little.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Simon Glass [Wed, 8 Apr 2020 22:57:22 +0000 (16:57 -0600)]
tpm: cr50: Release locality on exit
At present the cr50 driver claims the locality and does not release it for
Linux. This causes problems. Fix this by tracking what is claimed, and
adding a 'remove' method.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Simon Glass [Wed, 8 Apr 2020 22:57:21 +0000 (16:57 -0600)]
spi: Add SPI mode enums
With ACPI we need to describe the settings of the SPI bus. Add enums to
handle this.
Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Wolfgang Wallner <wolfgang.wallner@br-automation.com>
Andy Shevchenko [Thu, 27 Feb 2020 15:21:56 +0000 (17:21 +0200)]
x86: acpi: Let OS know that console already had been initialized
SPCR has no clue if the UART base clock speed is different to
the default one. However, the SPCR 1.04 defines baud rate 0 as
a preconfigured state of UART and OS is supposed not to touch
the configuration of the serial device.
Linux kernel supports that starting from v5.0, see commit b413b1abeb21 ("ACPI: SPCR: Consider baud rate 0 as preconfigured state")
for the details.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Andy Shevchenko [Thu, 27 Feb 2020 15:21:55 +0000 (17:21 +0200)]
serial: ns16550: Provide UART base clock speed in ->getinfo()
Some callers may need the UART base clock speed value.
Provide it in the ->getinfo() callback.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Andy Shevchenko [Thu, 27 Feb 2020 15:21:54 +0000 (17:21 +0200)]
dm: serial: Add clock member to struct serial_device_info
Some callers of serial_getinfo() would like to know the UART base
clock speed in order to make decision what to pass to OS in some
cases. In particular, ACPI SPCR table expects only certain base
clock speed and thus we have to act accordingly.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Pytest for UEFI secure boot will use several host commands.
In particular, Test setup relies on efitools, whose version must be v1.5.2
or later. So fetch a new version of deb package directly.
Please note it has a dependency on mtools, which must also be installed
along wih efitools.
In addition, the path, '/sbin', is added to PATH for use of sgdisk and
mkfs.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Tom Rini <trini@konsulko.com>
Provide test cases for
* image authentication for signed images
(test_efi_secboot/test_signed.py)
* image authentication for unsigned images
(test_efi_secboot/test_unsigned.py)
efi_loader, pytest: set up secure boot environment
A fixture for UEFI secure boot tests (image authentication and variable
authentication) is defined. A small file system with test data in a single
partition formatted in fat is created.
This test requires efitools v1.5.2 or later. If the system's efitools
is older, you have to build it on your own and define EFITOOLS_PATH.
This sub-command will be used to test image authentication,
in particular, a case where efi_load_image() failed with
EFI_SECURITY_VIOLATION but we still want to try efi_start_image().
We won't run such a case under normal bootmgr because it simply
refuses to call efi_start_image() if anything but EFI_SUCCESS
is returned when loading an image.
cmd: env: use appropriate guid for authenticated UEFI variable
A signature database variable is associated with a specific guid.
For convenience, if user doesn't supply any guid info, "env set|print -e"
should complement it.
The following variable is exported as UEFI specification defines:
SignatureSupport: array of GUIDs representing the type of signatures
supported by the platform firmware
efi_loader: image_loader: support image authentication
With this commit, image validation can be enforced, as UEFI specification
section 32.5 describes, if CONFIG_EFI_SECURE_BOOT is enabled.
Currently we support
* authentication based on db and dbx,
so dbx-validated image will always be rejected.
* following signature types:
EFI_CERT_SHA256_GUID (SHA256 digest for unsigned images)
EFI_CERT_X509_GUID (x509 certificate for signed images)
Timestamp-based certificate revocation is not supported here.
Internally, authentication data is stored in one of certificates tables
of PE image (See efi_image_parse()) and will be verified by
efi_image_authenticate() before loading a given image.
It seems that UEFI specification defines the verification process
in a bit ambiguous way. I tried to implement it as closely to as
EDK2 does.
The following variable is exported as UEFI specification defines:
VendorKeys: whether the system is configured to use only vendor-provided
keys or not
The value will have to be modified if a platform has its own way of
initializing signature database, in particular, PK.
efi_loader: variable: add secure boot state transition
UEFI specification defines several global variables which are related to
the current secure boot state. In this commit, those values will be
maintained according to operations. Currently, AuditMode and DeployedMode
are defined but not implemented.
efi_loader: variable: support variable authentication
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
is supported for authenticated variables and the system secure state
will transfer between setup mode and user mode as UEFI specification
section 32.3 describes.
Internally, authentication data is stored as part of authenticated
variable's value. It is nothing but a pkcs7 message (but we need some
wrapper, see efi_variable_parse_signature()) and will be validated by
efi_variable_authenticate(), hence efi_signature_verify_with_db().
Associated time value will be encoded in "{...,time=...}" along with
other UEFI variable's attributes.
efi_signature_parse_sigdb() is a helper function will be used to parse
signature database variable and instantiate a signature store structure
in later patches.
In this commit, implemented are a couple of helper functions which will be
used to materialize variable authentication as well as image authentication
in later patches.
Tom Rini [Wed, 15 Apr 2020 16:10:51 +0000 (12:10 -0400)]
Merge tag 'u-boot-stm32-20200415' of https://gitlab.denx.de/u-boot/custodians/u-boot-stm
- Replace STM32MP1_TRUSTED by TFABOOT flag
- Enable bootd, iminfo, imxtract on ST defconfig
- Rename LEDs to match silkscreen on AV96
- Add KS8851-16MLL ethernet on FMC2
- Define FMC2 base address
- net: dwc_eth_qos: implement reset-gpios for stm32
- net: dwc_eth_qos: implement phy reg and max-speed for stm32
configs: stm32mp1: replace STM32MP1_TRUSTED by TFABOOT
Activate ARCH_SUPPORT_TFABOOT and replace the arch stm32mp
specific config CONFIG_STM32MP1_TRUSTED by the generic CONFIG_TFABOOT
introduced by the commit 535d76a12150 ("armv8: layerscape: Add TFABOOT
support").
This config CONFIG_TFABOOT is activated for the trusted boot chain,
when U-Boot is loaded by TF-A.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> Reviewed-by: Patrice Chotard <patrice.chotard@st.com>