image: Be a little more verbose when checking signatures

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-o

image: Be a little more verbose when checking signatures

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-off-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 382cf62039f775a1aec771645e3cbc32e1e2f0e3)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

image: Be a little more verbose when checking signatures

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-o

image: Be a little more verbose when checking signatures

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-off-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 382cf62039f775a1aec771645e3cbc32e1e2f0e3)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

image: Be a little more verbose when checking signatures

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-o

image: Be a little more verbose when checking signatures

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-off-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 382cf62039f775a1aec771645e3cbc32e1e2f0e3)
Signed-off-by: Joel Stanley <joel@jms.id.au>

show more ...

Merge branch 'master' of git://git.denx.de/u-boot-spi

- Various MTD fixes from Boris
- Zap various unused / legacy paths.
- pxa3xx NAND update from Miquel

Signed-off-by: Tom

Merge branch 'master' of git://git.denx.de/u-boot-spi

- Various MTD fixes from Boris
- Zap various unused / legacy paths.
- pxa3xx NAND update from Miquel

Signed-off-by: Tom Rini <trini@konsulko.com>

show more ...

Merge tag 'video-updates-for-2019.01-rc2' of git://git.denx.de/u-boot-video

video, bmp and cls command updates

Merge tag 'xilinx-for-v2019.01' of git://git.denx.de/u-boot-microblaze

Xilinx changes for v2019.01

microblaze:
- Use default functions for memory decoding
- Showing model fr

Merge tag 'xilinx-for-v2019.01' of git://git.denx.de/u-boot-microblaze

Xilinx changes for v2019.01

microblaze:
- Use default functions for memory decoding
- Showing model from DT

zynq:
- Fix spi flash DTs
- Fix zynq_help_text with CONFIG_SYS_LONGHELP
- Tune cse/mini configurations
- Enabling cse/mini testing with current targets

zynqmp:
- Enable gzip SPL support
- Fix chip detection logic
- Tune mini configurations
- DT fixes(spi-flash, models, clocks, etc)
- Add support for OF_SEPARATE configurations
- Enabling mini testing with current targets
- Add mini mtest configuration
- Some minor config setting

nand:
- arasan: Add subpage configuration

net:
- gem: Add 64bit DMA support

show more ...

Merge tag 'signed-rpi-next' of git://github.com/agraf/u-boot

Patch queue for rpi - 2018-12-03

A few Raspberry Pi specific changes this time:

- Allow 2nd MMC device

Merge tag 'signed-rpi-next' of git://github.com/agraf/u-boot

Patch queue for rpi - 2018-12-03

A few Raspberry Pi specific changes this time:

- Allow 2nd MMC device
- Support RPi 3 Model A+
- Allow UUID to find filesystem

show more ...

Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot

Patch queue for efi - 2018-12-03

This release is fully packed with lots of glorious improvements in UEFI
land again!

Merge tag 'signed-efi-next' of git://github.com/agraf/u-boot

Patch queue for efi - 2018-12-03

This release is fully packed with lots of glorious improvements in UEFI
land again!

- Make PE images more standards compliant
- Improve sandbox support
- Improve correctness
- Fix RISC-V execution on virt model
- Honor board defined top of ram (fixes a few boards)
- Imply DM USB access when distro boot is available
- Code cleanups

show more ...

Merge branch 'master' of git://git.denx.de/u-boot-sh

- MMC fixes for R-Car Gen3

rsa: add a structure for the padding

The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding

rsa: add a structure for the padding

The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

Merge branch 'master' of git://git.denx.de/u-boot-mips

Merge git://git.denx.de/u-boot-dm

mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures

When generating timestamps in signatures, use imagetool_get_source_date()
so we can be overridden by SOURCE_DATE_EPOCH

mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures

When generating timestamps in signatures, use imagetool_get_source_date()
so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
images.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Reviewed-by: Simon Glass <sjg@chromum.org>

show more ...

vboot: Do not use hashed-strings offset

The hashed-strings signature property includes two uint32_t values.
The first is unneeded as there should never be a start offset into the
str

vboot: Do not use hashed-strings offset

The hashed-strings signature property includes two uint32_t values.
The first is unneeded as there should never be a start offset into the
strings region. The second, the size, is needed because the added
signature node appends to this region.

See tools/image-host.c, where a static 0 value is used for the offset.

Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

show more ...

Merge git://git.denx.de/u-boot-sunxi

SPDX: Convert all of our single license tags to Linux Kernel style

When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borro

SPDX: Convert all of our single license tags to Linux Kernel style

When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>

show more ...

Merge git://git.denx.de/u-boot-spi

Merge git://git.denx.de/u-boot-fsl-qoriq

Merge git://git.denx.de/u-boot-i2c

Merge git://git.denx.de/u-boot-dm

fix incorrect usage of DT node unit address in comments

The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings

fix incorrect usage of DT node unit address in comments

The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the tree where node names were mentioned in
comments, to not give bad examples to the reader.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge branch 'master' of git://git.denx.de/u-boot-sunxi

tools: image: fix message when fail to add verification data for config

This function is called when signing configuration nodes. Adjust
the error message.

I do not know why we

tools: image: fix message when fail to add verification data for config

This function is called when signing configuration nodes. Adjust
the error message.

I do not know why we do not need to show the error message in case of
ENOSPC. Remove the if-conditional that seems unnecessary.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

tools: image: allow to sign image nodes without -K option

If -K option is missing when you sign image nodes, it fails with
an unclear error message:

tools/mkimage Can't add ha

tools: image: allow to sign image nodes without -K option

If -K option is missing when you sign image nodes, it fails with
an unclear error message:

tools/mkimage Can't add hashes to FIT blob: -1

It is hard to figure out the cause of the failure.

In contrast, when you sign configuration nodes, -K is optional because
fit_config_process_sig() returns successfully if keydest is unset.
Probably this is a preferred behavior when you want to update FIT with
the same key; you do not have to update the public key in this case.

So, this commit changes fit_image_process_sig() to continue signing
without keydest. If ->add_verify_data() fails, show a clearer error
message, which has been borrowed from fit_config_process_sig().

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

tools: image: fix "algo" property of public key for verified boot

The "algo_name" points to a property in a blob being edited. The
pointer becomes stale when fit_image_write_sig() inser

tools: image: fix "algo" property of public key for verified boot

The "algo_name" points to a property in a blob being edited. The
pointer becomes stale when fit_image_write_sig() inserts signatures.
Then crypto->add_verify_data() writes wrong data to the public key
destination.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...