SPDX: Convert all of our single license tags to Linux Kernel style

When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So

SPDX: Convert all of our single license tags to Linux Kernel style

When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>

show more ...

Merge git://git.denx.de/u-boot-marvell

kwbimage: Fix out of bounds access

The kwbimage format is reading beyond its header structure if it
misdetects a Xilinx Zynq image and tries to read it. Fix it by
sanity checking that the header we

kwbimage: Fix out of bounds access

The kwbimage format is reading beyond its header structure if it
misdetects a Xilinx Zynq image and tries to read it. Fix it by
sanity checking that the header we want to read fits inside our
file size.

Signed-off-by: Alexander Graf <agraf@suse.de>
Tested-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools/kwbimage: fix LibreSSL build

Fix build after addition of RSA_get0_key() to LibreSSL.
Patch from Theo Buehler and Stuart Henderson.

Signed-off-by: Theo Buehler <tb@openbsd.org>
Signed-off-by:

tools/kwbimage: fix LibreSSL build

Fix build after addition of RSA_get0_key() to LibreSSL.
Patch from Theo Buehler and Stuart Henderson.

Signed-off-by: Theo Buehler <tb@openbsd.org>
Signed-off-by: Stuart Henderson <sthen@openbsd.org>

show more ...

Merge git://www.denx.de/git/u-boot-marvell

tools/kwbimage: fix v1 header verification

The verify_header callback in kwbimage.c only verifies v0 headers checksum.
Running 'mkimage -l' on a v1 image gives the following misleading output:

GP H

tools/kwbimage: fix v1 header verification

The verify_header callback in kwbimage.c only verifies v0 headers checksum.
Running 'mkimage -l' on a v1 image gives the following misleading output:

GP Header: Size ae000000 LoadAddr 34160600

Implement support for v1 headers. For that, factor out the header checksum code
to a separate main_hdr_checksum_ok() routine. This routine relies on the fact
that the checksum field offset is the same in both v0 and v1 headers. With this
patch applied 'mkimage -l' correctly identifies the image:

Image Type: MVEBU Boot from sdio Image
Image version:1
Data Size: 398904 Bytes = 389.55 KiB = 0.38 MiB
Load Address: 007fffc0
Entry Point: 00800000

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools/kwbimage: Support building with LibreSSL

The kwbimage utility fails to compile when LibreSSL is present on
the host system instead of OpenSSL. This one-line patch resolves
this.

Signed-off-by

tools/kwbimage: Support building with LibreSSL

The kwbimage utility fails to compile when LibreSSL is present on
the host system instead of OpenSSL. This one-line patch resolves
this.

Signed-off-by: Marek Behun <marek.behun@nic.cz>

show more ...

Merge git://www.denx.de/git/u-boot-marvell

Mostly including the Armada 37xx pinctrl / gpio driver.

arm: mvebu: kwbimage: inline function to fix use-after-free

image_version_file()'s only use is to return the version number of the
specified image, and it's only called by kwbimage_generate(). This

arm: mvebu: kwbimage: inline function to fix use-after-free

image_version_file()'s only use is to return the version number of the
specified image, and it's only called by kwbimage_generate(). This
version function mallocs "image_cfg" and reads the contents of the image
into that buffer. Before return to its caller it frees the buffer.

After extracting the version, kwb_image_generate() tries to calculate
the header size by calling image_headersz_v1(). This function now
accesses "image_cfg", which has already been freed.

Since image_version_file() is only used by a single function, inline it
into kwbimage_generate() and only free the buffer after it is no longer
needed. This also improves code readability since the code is mostly
equal to kwbimage_set_header().

Signed-off-by: Patrick Wildt <patrick@blueri.se>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage fix build with OpenSSL 1.1.x

The rsa_st struct has been made opaque in 1.1.x, add forward compatible
code to access the n, e, d members of rsa_struct.

EVP_MD_CTX_cleanup has been re

tools: kwbimage fix build with OpenSSL 1.1.x

The rsa_st struct has been made opaque in 1.1.x, add forward compatible
code to access the n, e, d members of rsa_struct.

EVP_MD_CTX_cleanup has been removed in 1.1.x and EVP_MD_CTX_reset should be
called to reinitialise an already created structure.

Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>

show more ...

tools: kwbimage: Fix unchecked return value and fd leak

The return value of fstat was not checked in kwbimage, and in the case
of an error, the already open file was not closed. Fix both errors.

Re

tools: kwbimage: Fix unchecked return value and fd leak

The return value of fstat was not checked in kwbimage, and in the case
of an error, the already open file was not closed. Fix both errors.

Reported-by: Coverity (CID: 155971)
Reported-by: Coverity (CID: 155969)
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

Merge git://www.denx.de/git/u-boot-marvell

arm: mvebu: Implement secure boot

The patch implements secure booting for the mvebu architecture.

This includes:
- The addition of secure headers and all needed signatures and keys in
mkimage
- C

arm: mvebu: Implement secure boot

The patch implements secure booting for the mvebu architecture.

This includes:
- The addition of secure headers and all needed signatures and keys in
mkimage
- Commands capable of writing the board's efuses to both write the
needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary
commands to write the efuses

The KAK and CSK keys are expected to reside in the files kwb_kak.key and
kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Refactor line parsing and fix error

The function image_create_config_parse_oneline is pretty complex, and
since more parameters will be added to support secure booting, we
refactor

tools: kwbimage: Refactor line parsing and fix error

The function image_create_config_parse_oneline is pretty complex, and
since more parameters will be added to support secure booting, we
refactor the function to make it more readable.

Also, when a line contained just a keyword without any parameters,
strtok_r returned NULL, which was then indiscriminately fed into atoi,
causing a segfault. To correct this, we add a NULL check before feeding
the extracted token to atoi, and print an error message in case the
token is NULL.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Factor out add_binary_header_v1

In preparation of adding the creation of secure headers, we factor the
add_binary_header_v1 function out of the image_create_v1 function.

Signed-off

tools: kwbimage: Factor out add_binary_header_v1

In preparation of adding the creation of secure headers, we factor the
add_binary_header_v1 function out of the image_create_v1 function.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Remove unused parameter

The parameter 'params' of the image_headersz_v1 function is never used
by the function.

Hence, remove it.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Rev

tools: kwbimage: Remove unused parameter

The parameter 'params' of the image_headersz_v1 function is never used
by the function.

Hence, remove it.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Reduce scope of variables

This patch reduces the scope of some variables.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan

tools: kwbimage: Reduce scope of variables

This patch reduces the scope of some variables.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Fix arithmetic with void pointers

Arithmetic with void pointers, e.g. a - b where both a and b are void
pointers, is undefined in the C standard. Since we are operating with
byte da

tools: kwbimage: Fix arithmetic with void pointers

Arithmetic with void pointers, e.g. a - b where both a and b are void
pointers, is undefined in the C standard. Since we are operating with
byte data here, we switch the void pointers to uint8_t pointers, and add
the necessary casts.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Fix style violations

Fix some style violations:

- nine instances of missing blank lines after declarations
- one overly long line
- one split string (which also rewords an error me

tools: kwbimage: Fix style violations

Fix some style violations:

- nine instances of missing blank lines after declarations
- one overly long line
- one split string (which also rewords an error message more concisely)
- two superfluous else

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools: kwbimage: Fix dest addr

To enable secure boot, we need to jump back into the BootROM to continue
the SoC's boot process instead of letting the SPL load and run the main
U-Boot image.

But, si

tools: kwbimage: Fix dest addr

To enable secure boot, we need to jump back into the BootROM to continue
the SoC's boot process instead of letting the SPL load and run the main
U-Boot image.

But, since the u-boot-spl.img (including the 64 byte header) is loaded
by the SoC as the main image, we need to compensate for the header
length to get a correct entry point.

Thus, we subtract the header size from the destination address, so that
the execution address points at the actual entry point of the image.

The current boards ignore both parameters anyway, so this change shouldn't
concern them.

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

Merge git://www.denx.de/git/u-boot-marvell

tools/kwbimage: add DEBUG option

Offset 0x1 in the generated kwb image file is a set of flags, bit 0
enables debug output from the BootROM firmware. Allow a DEBUG option in
the kwb configuration to

tools/kwbimage: add DEBUG option

Offset 0x1 in the generated kwb image file is a set of flags, bit 0
enables debug output from the BootROM firmware. Allow a DEBUG option in
the kwb configuration to request debug output from the BootROM firmware.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools/kwbimage: add BAUDRATE option

Offset 0x18 in some Marvell datasheets this field is redacted as
"reserved". This offset is actually a set of options and bits 2:0 allow
the selection of the UART

tools/kwbimage: add BAUDRATE option

Offset 0x18 in some Marvell datasheets this field is redacted as
"reserved". This offset is actually a set of options and bits 2:0 allow
the selection of the UART baudrate.

Allow a BAUDRATE option to set the UART baudrate for any messages coming
from the BootROM firmware.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>

show more ...

tools/kwbimage: fix size computations for v1 images

Fix computation of haeder size and binary header size.
Size of opt header and some 32bit values were not taken into account. This could
result in

tools/kwbimage: fix size computations for v1 images

Fix computation of haeder size and binary header size.
Size of opt header and some 32bit values were not taken into account. This could
result in invalid boot images (due to the wrong binary header size, the image could
claim to have another extension header after the binary extension although there
is none).

Use "uint32_t" instead of "unsigned int" for header size computation.

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Cc: Luka Perkov <luka.perkov@sartura.hr>

show more ...

tools/kwbimage: fix endianess issue

KWB image header values are in little endian (LE).
So adding appropriate cpu_to_leXX() calls to allow building those images
on BE hosts, too.

Signed-off-by: Rein

tools/kwbimage: fix endianess issue

KWB image header values are in little endian (LE).
So adding appropriate cpu_to_leXX() calls to allow building those images
on BE hosts, too.

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>

show more ...