tpm: Support boot measurements

Add TPM2 functions to support boot measurement. This includes
starting up the TPM, initializing/appending the event log, and
measuring the U-Boot version. Much of the

tpm: Support boot measurements

Add TPM2 functions to support boot measurement. This includes
starting up the TPM, initializing/appending the event log, and
measuring the U-Boot version. Much of the code was used in the
EFI subsystem, so remove it there and use the common functions.

Signed-off-by: Eddie James <eajames@linux.ibm.com>
Link: https://lore.kernel.org/r/20230308212537.1725343-4-eajames@linux.ibm.com
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

tpm: add a function that performs selftest + startup

As described in [0] if a command requires use of an untested algorithm
or functional module, the TPM performs the test and then completes the
com

tpm: add a function that performs selftest + startup

As described in [0] if a command requires use of an untested algorithm
or functional module, the TPM performs the test and then completes the
command actions.

Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of
the TPM in that case) and even if we would, it would complicate our TPM
code for no apparent reason, add a wrapper function that performs both
the selftest and the startup sequence of the TPM.

It's worth noting that this is implemented on TPMv2.0. The code for
1.2 would look similar, but I don't have a device available to test.

[0]
https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf
§12.3 Self-test modes

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Link: https://lore.kernel.org/r/20230218152741.528191-1-ilias.apalodimas@linaro.org
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

tpm: Pull in upstream changes

Get the TPM driver into the same state as upstream as of v2023.04-rc3.

FILES="cmd/tpm-user-utils.h include/tpm-common.h include/tpm-v1.h \
include/tpm-v2.h include/

tpm: Pull in upstream changes

Get the TPM driver into the same state as upstream as of v2023.04-rc3.

FILES="cmd/tpm-user-utils.h include/tpm-common.h include/tpm-v1.h \
include/tpm-v2.h include/tpm_api.h cmd/tpm-common.c cmd/tpm-v1.c \
cmd/tpm-v2.c drivers/tpm/tpm-uclass.c lib/tpm-v1.c lib/tpm-v2.c \
lib/tpm_api.c"

git checkout v2023.04-rc3 -- $FILES

sed -i 's/struct cmd_tbl/cmd_tbl_t/' $FILES
sed -i 's/env.h/environment.h/' $FILES

The tpm-uclass.c had tpm_uclass_post_probe and other references to
UCLASS_RNG removed, as that class does not exist in v2019.04.

Signed-off-by: Eddie James <eajames@linux.ibm.com>
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

version: Move version_string[] from version.h to version_string.h

More C files do not use compile time timestamp macros and do not have to be
recompiled every time when SOURCE_DATE_EPOCH changes.

T

version: Move version_string[] from version.h to version_string.h

More C files do not use compile time timestamp macros and do not have to be
recompiled every time when SOURCE_DATE_EPOCH changes.

This patch moves version_string[] from version.h to version_string.h and
updates other C files which only needs version_string[] string to include
version_string.h instead of version.h. After applying this patch these
files are not recompiled every time when SOURCE_DATE_EPOCH changes.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

arm32: Fix relocation of env_addr if POSITION_INDEPENDENT=y

Apply commit 534f0fbd6520 ("arm64: Fix relocation of env_addr if
POSITION_INDEPENDENT=y") also for 32-bit ARM.

This change fixes crashing

arm32: Fix relocation of env_addr if POSITION_INDEPENDENT=y

Apply commit 534f0fbd6520 ("arm64: Fix relocation of env_addr if
POSITION_INDEPENDENT=y") also for 32-bit ARM.

This change fixes crashing of U-Boot on ARMv7 (Omap3 / Cortex-A8) Nokia N900
phone (real HW). Note that qemu emulator of this board with same u-boot.bin
binary has not triggered this crash.

Crash happened after U-Boot printed following debug lines to serial console:

initcall: 0001ea8c (relocated to 8fe0aa8c)
Loading Environment from <NULL>... Using default environment
Destroy Hash Table: 8fe25a98 table = 00000000
Create Hash Table: N=387

Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: Ib3afcc2a81ad598efbfe750a3dcae2c6dad2167e

show more ...

aspeed: cosmetic: Rename ARCY to ACRY

v2: Fix typo in defconfigs

v1: Fix the typo of ARCY to ACRY.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: Ieeada4ff502fa6d327831a4b7e

aspeed: cosmetic: Rename ARCY to ACRY

v2: Fix typo in defconfigs

v1: Fix the typo of ARCY to ACRY.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: Ieeada4ff502fa6d327831a4b7e4dd5001c1f26c3

show more ...

crypto: Add Aspeed ARCY support

ARCY is the HW ECC/RSA crypto engine supported by
Aspeed AST26xx SoCs. This patch enables ARCY clock
and add RSA exponent/modulus HW acceleration.

Signed-off-by: Chi

crypto: Add Aspeed ARCY support

ARCY is the HW ECC/RSA crypto engine supported by
Aspeed AST26xx SoCs. This patch enables ARCY clock
and add RSA exponent/modulus HW acceleration.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: I806b677c9d6f885e91f6d87afbc1e4c0b8fa9393

show more ...

hash: Allow for SHA512 hardware implementations

Similar to support for SHA1 and SHA256, allow the use of hardware hashing
engine by enabling the algorithm and setting CONFIG_SHA_HW_ACCEL /
CONFIG_S

hash: Allow for SHA512 hardware implementations

Similar to support for SHA1 and SHA256, allow the use of hardware hashing
engine by enabling the algorithm and setting CONFIG_SHA_HW_ACCEL /
CONFIG_SHA_PROG_HW_ACCEL.

(cherry picked from commit a479f103dc1c801d0c6fe90bbaf99ae1700a84dc)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

Add support for SHA384 and SHA512

The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in

Add support for SHA384 and SHA512

The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX

The SHA implementation is adapted from the linux kernel implementation.

[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
(cherry picked from commit d16b38f42704fe3cc94fbee1601be96045013151)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

spi: aspeed: Add SPI DMA Kconfig

This option is added for the flexibility to
disable SPI DMA on demands.

spi: aspeed: enable SPI DMA by default

This patch enables SPI DAM feature by default
to speed up image loading.

spi: aspeed: Add DMA support

Embed DMA operation in memory move if the ASPEED SPI DMA is enabled.

fix compile error on macOS Mojave

lib: time: update module enable MACRO

We'd better use correct way to check if module has enabled.
for we have 3 timer MACRO:
- CONFIG_TIMER
- CONFIG_SPL_TIMER
- CONFIG_TPL_TIMER

Signed-off-by: Keve

lib: time: update module enable MACRO

We'd better use correct way to check if module has enabled.
for we have 3 timer MACRO:
- CONFIG_TIMER
- CONFIG_SPL_TIMER
- CONFIG_TPL_TIMER

Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>

show more ...

efi_loader: TODO for the EFI file protocol

We currently only support EFI_FILE_PROTOCOL_REVISION while
UEFI specs 2.4 - 2.7 prescribe EFI_FILE_PROTOCOL_REVISION2.
Add a todo.

Add missing constants f

efi_loader: TODO for the EFI file protocol

We currently only support EFI_FILE_PROTOCOL_REVISION while
UEFI specs 2.4 - 2.7 prescribe EFI_FILE_PROTOCOL_REVISION2.
Add a todo.

Add missing constants for the EFI file protocol revision.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_selftest: avoid double free in dp utilities test

Avoid duplicate FreePool() in unit test for the device patch utilities
protocol.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

rsa: check that pointer checksum isn't NULL before using it

The pointer checksum were used before checking that it
isn't NULL. We move the code that use it after the check.

Reported-by: Coverity (C

rsa: check that pointer checksum isn't NULL before using it

The pointer checksum were used before checking that it
isn't NULL. We move the code that use it after the check.

Reported-by: Coverity (CID: 185835)
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

efi_selftest: fix test_hii_string_get_string()

The check testing the string result of get_string() returned the wrong
result. The result was ignored.

Use efi_st_strcmp_16_8() for the string compari

efi_selftest: fix test_hii_string_get_string()

The check testing the string result of get_string() returned the wrong
result. The result was ignored.

Use efi_st_strcmp_16_8() for the string comparison.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: superfluous conversion in efi_file_open()

printf("%ls", ..) expects u16 * as argument to print. There is not need for
a conversion to wchar_t *.

Signed-off-by: Heinrich Schuchardt <xypr

efi_loader: superfluous conversion in efi_file_open()

printf("%ls", ..) expects u16 * as argument to print. There is not need for
a conversion to wchar_t *.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: remove superfluous check in efi_setup_loaded_image()

It does not make any sense to check if a pointer is NULL if we have
dereferenced it before.

Reported-by: Coverity (CID 185827)
Signe

efi_loader: remove superfluous check in efi_setup_loaded_image()

It does not make any sense to check if a pointer is NULL if we have
dereferenced it before.

Reported-by: Coverity (CID 185827)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: missing return in efi_get_next_variable_name()

Add a missing return statement in efi_get_next_variable_name().

Reported-by: Coverity (CID 185834)
Signed-off-by: Heinrich Schuchardt <xyp

efi_loader: missing return in efi_get_next_variable_name()

Add a missing return statement in efi_get_next_variable_name().

Reported-by: Coverity (CID 185834)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: endless loop in add_strings_package()

Avoid an endless loop in add_strings_package().

Suggested-by: Takahiro Akashi <takahiro.akashi@linaro.org>
Reported-by: Coverity (CID 185833)
Signe

efi_loader: endless loop in add_strings_package()

Avoid an endless loop in add_strings_package().

Suggested-by: Takahiro Akashi <takahiro.akashi@linaro.org>
Reported-by: Coverity (CID 185833)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: correct parameter size in efi_allocate_pool

efi_allocate_pages() expects a (uint64_t *) pointer to pass the address of
the assigned memory. If we pass the address of a pointer here, an i

efi_loader: correct parameter size in efi_allocate_pool

efi_allocate_pages() expects a (uint64_t *) pointer to pass the address of
the assigned memory. If we pass the address of a pointer here, an illegal
memory access occurs on 32bit systems.

Fixes: 282a06cbcae8 ("efi_loader: Expose U-Boot addresses in memory map
for sandbox")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: fix build error for freestanding.o

Since commit f51a226436a87 ("efi_loader: provide freestanding library") in
parallel builds errors

lib/efi_selftest/../efi_loader/efi_freestanding.

efi_loader: fix build error for freestanding.o

Since commit f51a226436a87 ("efi_loader: provide freestanding library") in
parallel builds errors

lib/efi_selftest/../efi_loader/efi_freestanding.o:
file not recognized: File truncated

occur. Obviously make cannot correctly sequence parallel builds with a
dependency like ../efi_loader/efi_freestanding.o.

Fixes: f51a226436a87 ("efi_loader: provide freestanding library")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...

efi_loader: Fix serial console size detection

Function term_read_reply tries to read from the serial console until
the end_char was read. This can hang forever if we are, for some reason,
not able t

efi_loader: Fix serial console size detection

Function term_read_reply tries to read from the serial console until
the end_char was read. This can hang forever if we are, for some reason,
not able to read the full response (e.g. serial buffer too small,
frame error). This patch moves the timeout detection into
term_read_reply() to assure we will make progress.

Fixes: 6bb591f704 ("efi_loader: query serial console size reliably")
Signed-off-by: Matthias Brugger <mbrugger@suse.com>

Throw missing error when an incomplete reply for the cursor position is
received.

Change type of argument of term_get_char() *s32. This renders the function
reusable in efi_cin_read_key().

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

show more ...