| Age | Commit message (Collapse) | Author |
|---|
|
This code is not necessarily needed in VPL, even if SPL uses it, so
adjust the rules to allow it to be dropped.
Do the same for the hash API.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
Add an entry for crc8, with watchdog handling.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
|
|
This reverts commit 1fdf53ace13f745fe8ad4d2d4e79eed98088d555, reversing
changes made to e5aef1bbf11412eebd4c242b46adff5301353c30.
I had missed that this caused too much size growth on rcar3_salvator-x.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Add an entry for crc8, with watchdog handling.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Complete this rename for all directories outside arch/ board/ drivers/
and include/
Use the new symbol to refer to any 'SPL' build, including TPL and VPL
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
As part of bringing the master branch back in to next, we need to allow
for all of these changes to exist here.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
When bringing in the series 'arm: dts: am62-beagleplay: Fix Beagleplay
Ethernet"' I failed to notice that b4 noticed it was based on next and
so took that as the base commit and merged that part of next to master.
This reverts commit c8ffd1356d42223cbb8c86280a083cc3c93e6426, reversing
changes made to 2ee6f3a5f7550de3599faef9704e166e5dcace35.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Remove <common.h> from all "commmon/" files and when needed add
missing include files directly.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Drop old implementation and use hash_command() instead, as
how it's currently done for crc32 and sha1sum cmds.
Test:
=> md5sum 0x60000000 0x200
md5 for 60000000 ... 600001ff ==> e6bbbe95f5b41996f4a9b9af7bbd4050
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
|
|
The last user of the NEEDS_MANUAL_RELOC has been removed in commit
26af162ac8f8 ("arch: m68k: Implement relocation")
Remove now unused NEEDS_MANUAL_RELOC code.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
|
|
Fixes: 3db711085752 ("crc32: Use the crc.h header for crc functions")
Signed-off-by: Ilya Lukin <4.shket@gmail.com>
|
|
memalign() returns a pointer which is to be freed by free(). To call
unmap_sysmem() is incorrect, furthermore it was called in a wrong scope.
Also add a check for allocation error.
Fixes: d7af2baa49c6 ("crypto/fsl: Fix HW accelerated hash commands")
Cc: Breno Lima <breno.lima@nxp.com>
Signed-off-by: Sergei Antonov <saproj@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_CMD_SHA1SUM defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This converts 1 usage of this option to the non-SPL form, since there is
no SPL_CMD_HASH defined in Kconfig
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Sphinx expects Return: and not @return to indicate a return value.
find . -name '*.c' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;
find . -name '*.h' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Add a host Kconfig for CRC32. With this we can use CONFIG_IS_ENABLED(CRC32)
directly in the host build, so drop the unnecessary indirection.
Add a few more conditions to SPL_CRC32 to avoid build failures as well as
TPL_CRC32. Also update hash.c to make crc32 optional and to actually take
notice of SPL_CRC32.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
|
|
We can use the __maybe_unused attribute to avoid some of the #ifdefs in
this file. Update the functions accordingly.
Note: The actual hashing interface is still a mess, with four separate
combinations and lots of #ifdefs. This should really use a driver
approach, e.g. as is done with partition drivers.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
|
|
At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.
For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.
Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.
Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.
This allows us to drop the image.h code and the I_WANT_MD5 hack.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
|
|
Signed-off-by: Wolfgang Denk <wd@denx.de>
|
|
MD5 is being called directly in some places, but it is not available
via hash_lookup_algo("md5"). This is inconsistent with other hasing
routines. To resolve this, add an "md5" entry to hash_algos[].
The #ifdef clause looks funnier than those for other entries. This is
because both MD5 and SPL_MD5 configs exist, whereas the other hashes
do not have "SPL_" entries. The long term plan is to get rid of the
ifdefs, so those should not be expected to survive much longer.
The md5 entry does not have .hash_init/update/finish members. That's
okay because hash_progressive_lookup_algo() will catch that, and
return -EPROTONOSUPPORT, while hash_lookup_algo() will return the
correct pointer.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
[trini: Use CONFIG_IS_ENABLED not IS_ENABLED for MD5 check]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
It is a pain to have to specify the value 16 in each call. Add a new
hextoul() function and update the code to use it.
Add a proper comment to simple_strtoul() while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This function seems to assume that the chr[] variable contains zeros at
the start, which is not always true. Use strlcpy() to be safe.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Commit a479f103dc1c ("hash: Allow for SHA512 hardware implementations")
defined function definitions for hardware accelerated SHA384 and SHA512.
If CONFIG_SHA_HW_ACCEL=y, these functions are used.
We already have boards using CONFIG_SHA_HW_ACCEL=y but none implements the
new functions hw_sha384() and hw_sha512().
For implementing the EFI TCG2 protocol we need SHA384 and SHA512. The
missing hardware acceleration functions lead to build errors on boards like
peach-pi_defconfig.
Introduce a new Kconfig symbol CONFIG_SHA512_HW_ACCEL to control if the
functions hw_sha384() and hw_sha512() shall be used to implement the SHA384
and SHA512 algorithms.
Fixes: a479f103dc1c ("hash: Allow for SHA512 hardware implementations")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Similar to support for SHA1 and SHA256, allow the use of hardware hashing
engine by enabling the algorithm and setting CONFIG_SHA_HW_ACCEL /
CONFIG_SHA_PROG_HW_ACCEL.
Signed-off-by: Joel Stanley <joel@jms.id.au>
|
|
Move this out of the common header and include it only where needed. In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly. Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Remove a left-over debug printf that was introduced with SHA512 support.
Fixes: d16b38f42704 ("Add support for SHA384 and SHA512")
Signed-off-by: Harald Seiler <hws@denx.de>
|
|
The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].
This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX
The SHA implementation is adapted from the linux kernel implementation.
[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm
Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
|
|
Move this header out of the common header.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move this uncommon header out of the common header.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move this header out of the common header. Network support is used in
quite a few places but it still does not warrant blanket inclusion.
Note that this net.h header itself has quite a lot in it. It could be
split into the driver-mode support, functions, structures, checksumming,
etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Drop inclusion of crc.h in common.h and use the correct header directly
instead.
With this we can drop the conflicting definition in fw_env.h and rely on
the crc.h header, which is already included.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
This patch adds manual relocation for struct hash_algo if
CONFIG_NEEDS_MANUAL_RELOC is enabled.
Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
|
|
Move env_set() over to the new header file.
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The CRC16-CCITT checksum function is useful for space-constrained
applications (such as obtaining a checksum across a 2KBit or 4KBit
EEPROM) in boot applications. It has not been accessible from boot
scripts until now (due to not having a dedicated command and not being
supported by the hash infrstructure) limiting its applicability
outside of custom commands.
This adds the CRC16-CCITT (poly 0x1021, init 0x0) algorithm to the
list of available hashes and adds a new crc16_ccitt_wd_buf() to make
this possible.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[trini: Fix building crc16.o for SPL/TPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The hash command function were not flushing the dcache before passing data
to CAAM/DMA and not invalidating the dcache when getting data back.
Due the data cache incoherency, HW accelerated hash commands used to fail
with CAAM errors like "Invalid KEY Command".
Check if pbuf and pout buffers are properly aligned to the cache line size
and flush/invalidate the memory regions to address this issue.
This solution is based in a previous work from Clemens Gruber in
commit 598e9dccc75d ("crypto/fsl: fix BLOB encapsulation and
decapsulation")
Reported-by: Anatolij Gustschin <agust@denx.de>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
|
|
Commit 089df18bfe9d ("lib: move hash CONFIG options to Kconfig") moved
CONFIG_SHA1, CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and
CONFIG_SHA_PROG_HW_ACCEL config options to Kconfig. So in the case of
SPL, CONFIG_SPL_HASH_SUPPORT enables CONFIG_SHA1 and CONFIG_SHA256 which
enables SHA SW library by default. But in the case of platforms with
SHA HW library support, SHA SW library becomes redundant and increases
size of SPL by approx 18K. Rework the code so that we have named
members and only have either software or hardware versions of the
algorithm, depending on the relevant config options. Update the comment
around hash_algo to reflect this as well.
Reported-by: Sumit Garg <sumit.garg@nxp.com>
Cc: Sumit Garg <sumit.garg@nxp.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Sumit Garg <sumit.garg@nxp.com>
|
|
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.
Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Currently these (board agnostic) commands cannot be selected using
menuconfig and friends. Fix this the obvious way. As part of this,
don't muddle the meaning of CONFIG_HASH_VERIFY to mean both 'hash -v'
and "we have a hashing command" as this makes the Kconfig logic odd.
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
[trini: Re-apply, add imply for a few cases, run moveconfig.py, also
migrate CRC32_VERIFY]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
At present CONFIG_CMD_HASH enables the 'hash' command which also brings
in the hashing API. Some boards may wish to enable the API without the
command. Add a separate CONFIG to permit this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
Now, arch/${ARCH}/include/asm/errno.h and include/linux/errno.h have
the same content. (both just wrap <asm-generic/errno.h>)
Replace all include directives for <asm/errno.h> with <linux/errno.h>.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
[trini: Fixup include/clk.]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The function hash_show is now only called by hash_command, so mark it as
static (and drop from hash.h). We only call hash_command when any of
CONFIG_CMD_CRC32, CONFIG_CMD_SHA1SUM or CONFIG_CMD_HASH are set. Since
hash.c is linked in unconditionally we must take extra care with
functions that bring in read-only strings as these will not be
discarded.
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
This patch adds the feature to only stop the autobooting, and therefor
boot into the U-Boot prompt, when the input string / password matches
a values that is encypted via a SHA256 hash and saved in the environment.
This feature is enabled by defined these config options:
CONFIG_AUTOBOOT_KEYED
CONFIG_AUTOBOOT_STOP_STR_SHA256
Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
In the case where the arch defines a custom map_sysmem(), make sure that
including just mapmem.h is sufficient to have these functions as they
are when the arch does not override it.
Also split the non-arch specific functions out of common.h
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Signed-off-by: Gaurav Rana <gaurav.rana@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <yorksun@freescale.com>
|
|
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
The hash_algo structure has some implementations in which progressive hash
API's are not defined. These are basically the hardware based implementations
of SHA. An API is added to find the algo which has progressive hash API's
defined. This can then be integrated with RSA checksum library which uses
Progressive Hash API's.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
|
|
Fix issue in parse_verify_sum() which swaps handling of env-var and *address.
Move hash_command() argc check earlier.
Cosmetic change on do_hash() variable declaration.
Improved help message for "hash" command.
Signed-off-by: Nikolay Dimitrov <picmaster@mail.bg>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
