Merge branch pull request #7 into aspeed-dev-v2019.04

Change-Id: I4c4f36b8edf63beb7b3afea6e4ba71f254b895c5

Add support for SHA384 and SHA512

The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in

Add support for SHA384 and SHA512

The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX

The SHA implementation is adapted from the linux kernel implementation.

[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
(cherry picked from commit d16b38f42704fe3cc94fbee1601be96045013151)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

Merge branch 'aspeed-master-v2019.04' into aspeed-dev-v2019.04

spl: fit: select SPL_CRYPTO_SUPPORT for SPL_FIT_SIGNATURE

Verifying FIT images obviously needs the rsa parts of crypto
support and while main uboot always compiles crypto support,
it's optional for

spl: fit: select SPL_CRYPTO_SUPPORT for SPL_FIT_SIGNATURE

Verifying FIT images obviously needs the rsa parts of crypto
support and while main uboot always compiles crypto support,
it's optional for SPL and we should thus select the necessary
option to not end up in compile errors like:

u-boot/lib/rsa/rsa-verify.c:328: undefined reference to `rsa_mod_exp'

So select SPL_CRYPTO_SUPPORT in SPL_FIT_SIGNATURE.

Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit c076faba141eb5ec45c447ccb8cd10014c719ee6)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

spl: fit: select SPL_HASH_SUPPORT for SPL_FIT_SIGNATURE

rsa-checsum needs support for hash functions or else will run into
compile errors like:
u-boot/lib/rsa/rsa-checksum.c:28: undefined reference

spl: fit: select SPL_HASH_SUPPORT for SPL_FIT_SIGNATURE

rsa-checsum needs support for hash functions or else will run into
compile errors like:
u-boot/lib/rsa/rsa-checksum.c:28: undefined reference to `hash_progressive_lookup_algo'

So similar to the main FIT_SIGNATURE entry selects HASH,
select SPL_HASH_SUPPORT for SPL_FIT_SIGNATURE.

Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 051cc09ea1fe37eba2204d62de6d35bbe5f5d919)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

Merge branch 'master' of git://git.denx.de/u-boot

Signed-off-by: Stefano Babic <sbabic@denx.de>

Merge branch 'master' of git://git.denx.de/u-boot-socfpga

- ARM: socfpga: Build sfp image only for Gen5 and Arria10 devices

ARM: socfpga: Build sfp image only for Gen5 and Arria10 devices

The sfp file is only valid for Gen5 (Cyclone5 & Arria5) and Arria10
devices. The file should only be built for these devices.

Signed

ARM: socfpga: Build sfp image only for Gen5 and Arria10 devices

The sfp file is only valid for Gen5 (Cyclone5 & Arria5) and Arria10
devices. The file should only be built for these devices.

Signed-off-by: Dalon Westergreen <dalon.westergreen@intel.com>

show more ...

Merge git://git.denx.de/u-boot-marvell

- Fix BUILD_TARGET for ARCH_MVEBU from Baruch
- Fix MVEBU PCIe reset issues from Baruch
- Increase DDR stability on x530 from Chris

Kconfig: fix BUILD_TARGET for ARCH_MVEBU

Commit dc146ca11187 ("Kconfig: Migrate CONFIG_BUILD_TARGET") made the
mvebu default build target depend on CONFIG_SPL_BUILD. Unfortunately,
there is no such

Kconfig: fix BUILD_TARGET for ARCH_MVEBU

Commit dc146ca11187 ("Kconfig: Migrate CONFIG_BUILD_TARGET") made the
mvebu default build target depend on CONFIG_SPL_BUILD. Unfortunately,
there is no such Kconfig symbol. Use the CONFIG_SPL symbol instead to
fix that.

Cc: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

Merge branch '2019-02-01-master-imports'

- Various TI platforms have been updated and DTS files re-synced and
options disabled if not used or migrated to the DM versions
- Improvements to the dump

Merge branch '2019-02-01-master-imports'

- Various TI platforms have been updated and DTS files re-synced and
options disabled if not used or migrated to the DM versions
- Improvements to the dumpimage tool
- Rename SPL FAT/EXT filesystem support symbols for consistency and then
allow them to be used to save more space in SPL.
- More lmb fixes
- Partial migration of CONFIG_BUILD_TARGET

show more ...

Kconfig: set default BUILD_TARGET for kirkwood

Now that BUILD_TARGET is in Kconfig we can define a default for boards
using the Kirkwood SoC.

Signed-off-by: Chris Packham <judge.packham@gmail.com>

Kconfig: set default BUILD_TARGET for kirkwood

Now that BUILD_TARGET is in Kconfig we can define a default for boards
using the Kirkwood SoC.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>

show more ...

Kconfig: Migrate CONFIG_BUILD_TARGET

Migrate CONFIG_BUILD_TARGET into Kconfig.

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>

Merge branch '2019-01-18-master-imports'

- Bugfix for SPI environment optimization
- Spelling fixes
- Remove some defconfigs per various maintainers
- Minor db410, bananapi r2 fixes
- Bump QEMU to v

Merge branch '2019-01-18-master-imports'

- Bugfix for SPI environment optimization
- Spelling fixes
- Remove some defconfigs per various maintainers
- Minor db410, bananapi r2 fixes
- Bump QEMU to v3.1.0 for most platforms

show more ...

Kconfig: fix spelling

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Merge tag 'u-boot-imx-20190101' of git://www.denx.de/git/u-boot-imx

imx for 2019.01

- introduce support for i.MX8M
- fix size limit for Vhybrid / pico boards
- several board fixes
- w1 driver for M

Merge tag 'u-boot-imx-20190101' of git://www.denx.de/git/u-boot-imx

imx for 2019.01

- introduce support for i.MX8M
- fix size limit for Vhybrid / pico boards
- several board fixes
- w1 driver for MX2x / MX5x

show more ...

Introduce CONFIG_FIT_EXTERNAL_OFFSET

Introduce CONFIG_FIT_EXTERNAL_OFFSET to give user a choice to choose
where to put the external data.

Signed-off-by: Peng Fan <peng.fan@nxp.com>

Merge tag 'dm-pull-14dec18' of git://git.denx.de/u-boot-dm

Complete conversion of sound to driver model

sandbox: Increase the pre-relocation memory

This is close to full now, so increase it to avoid problems with adding
more devices.

Signed-off-by: Simon Glass <sjg@chromium.org>

Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot

Patch queue for efi - 2018-12-03

This release is fully packed with lots of glorious improvements in UEFI
land again!

- Make PE images

Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot

Patch queue for efi - 2018-12-03

This release is fully packed with lots of glorious improvements in UEFI
land again!

- Make PE images more standards compliant
- Improve sandbox support
- Improve correctness
- Fix RISC-V execution on virt model
- Honor board defined top of ram (fixes a few boards)
- Imply DM USB access when distro boot is available
- Code cleanups

show more ...

Merge branch '2018-12-03-master-imports'

- Baltos platform updates
- rtc m41t62 converted to DM.
- PowerPC MPC8xx DM conversion
- Verified boot updates

rsa: add support of padding pss

We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.

Signed-off-by: Philippe Reynes <philippe.reynes@s

rsa: add support of padding pss

We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

distro: Imply USB_STORAGE when USB is available

When you support distro boot and you support USB, you usually want to
also support booting from USB storage.

Reflect that in the Kconfig, so that we

distro: Imply USB_STORAGE when USB is available

When you support distro boot and you support USB, you usually want to
also support booting from USB storage.

Reflect that in the Kconfig, so that we don't have to explicitly add
USB storage support to every defconfig individually.

Reported-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>

show more ...

Merge git://git.denx.de/u-boot-microblaze

Xilinx changes for v2018.11-rc2-v2

FPGA:
- Fix SPL fpga loading from FIT

ARM64:
- Fix gic accesses in EL2/EL1

Xilinx:
- Add dlc20 board support
- Add Ver

Merge git://git.denx.de/u-boot-microblaze

Xilinx changes for v2018.11-rc2-v2

FPGA:
- Fix SPL fpga loading from FIT

ARM64:
- Fix gic accesses in EL2/EL1

Xilinx:
- Add dlc20 board support
- Add Versal board support
- Sync defconfigs
- Enable MP via Kconfig
- Add missing efuse node
- Enable CDC for zcu100

cmd:
- Fix kgdb Kconfig dependency

show more ...

arm64: versal: Add support for new Xilinx Versal ACAPs

Xilinx is introducing Versal, an adaptive compute acceleration platform
(ACAP), built on 7nm FinFET process technology. Versal ACAPs combine
Sc

arm64: versal: Add support for new Xilinx Versal ACAPs

Xilinx is introducing Versal, an adaptive compute acceleration platform
(ACAP), built on 7nm FinFET process technology. Versal ACAPs combine
Scalar Processing Engines, Adaptable Hardware Engines, and Intelligent
Engines with leading-edge memory and interfacing technologies to deliver
powerful heterogeneous acceleration for any application. The Versal AI
Core series has five devices, offering 128 to 400 AI Engines. The series
includes dual-core Arm Cortex™-A72 application processors, dual-core Arm
Cortex-R5 real-time processors, 256KB of on-chip memory with ECC, more
than 1,900 DSP engines optimized for high-precision floating point with
low latency.

The patch is adding necessary infrastructure in place without enabling
platform which is done in separate patch.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>

show more ...