From 0df27d687c4639208d6e378907ca00f68cd06da6 Mon Sep 17 00:00:00 2001 From: Lihua Zhao Date: Wed, 18 Mar 2020 07:32:07 -0700 Subject: image-fit: Allow loading FIT image for VxWorks This adds the check against IH_OS_VXWORKS during FIT image load, to allow loading FIT image for VxWorks. Signed-off-by: Lihua Zhao Signed-off-by: Bin Meng Reviewed-by: Bin Meng --- common/image-fit.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'common') diff --git a/common/image-fit.c b/common/image-fit.c index 4435bc4f1d9..6da69d25ffe 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -2007,7 +2007,8 @@ int fit_image_load(bootm_headers_t *images, ulong addr, fit_image_check_os(fit, noffset, IH_OS_LINUX) || fit_image_check_os(fit, noffset, IH_OS_U_BOOT) || fit_image_check_os(fit, noffset, IH_OS_OPENRTOS) || - fit_image_check_os(fit, noffset, IH_OS_EFI); + fit_image_check_os(fit, noffset, IH_OS_EFI) || + fit_image_check_os(fit, noffset, IH_OS_VXWORKS); /* * If either of the checks fail, we should report an error, but -- cgit v1.2.3 From 390b26dc270aa3159df0c31775f91cd374a3dd3a Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 18 Mar 2020 11:43:55 -0600 Subject: image: Correct comment for fit_conf_get_node() This should mention that conf_uname can be NULL and should be in the header file. Fix this. Signed-off-by: Simon Glass --- common/image-fit.c | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'common') diff --git a/common/image-fit.c b/common/image-fit.c index 6da69d25ffe..3d0cd564d83 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1712,24 +1712,6 @@ int fit_conf_find_compat(const void *fit, const void *fdt) return best_match_offset; } -/** - * fit_conf_get_node - get node offset for configuration of a given unit name - * @fit: pointer to the FIT format image header - * @conf_uname: configuration node unit name - * - * fit_conf_get_node() finds a configuration (within the '/configurations' - * parent node) of a provided unit name. If configuration is found its node - * offset is returned to the caller. - * - * When NULL is provided in second argument fit_conf_get_node() will search - * for a default configuration node instead. Default configuration node unit - * name is retrieved from FIT_DEFAULT_PROP property of the '/configurations' - * node. - * - * returns: - * configuration node offset when found (>=0) - * negative number on failure (FDT_ERR_* code) - */ int fit_conf_get_node(const void *fit, const char *conf_uname) { int noffset, confs_noffset; -- cgit v1.2.3 From 382cf62039f775a1aec771645e3cbc32e1e2f0e3 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 18 Mar 2020 11:43:56 -0600 Subject: image: Be a little more verbose when checking signatures It is useful to be a little more specific about what is being checked. Update a few messages to help with this. Signed-off-by: Simon Glass --- common/image-fit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'common') diff --git a/common/image-fit.c b/common/image-fit.c index 3d0cd564d83..47fc84aa4e3 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1951,7 +1951,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr, fit_uname = fit_get_name(fit, noffset, NULL); } if (noffset < 0) { - puts("Could not find subimage node\n"); + printf("Could not find subimage node type '%s'\n", prop_name); bootstage_error(bootstage_id + BOOTSTAGE_SUB_SUBNODE); return -ENOENT; } -- cgit v1.2.3 From 472f9113dbbbed88345f3d38de3ff37ca163508e Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 18 Mar 2020 11:43:57 -0600 Subject: image: Return an error message from fit_config_verify_sig() This function only returns an error message sometimes. Update it to always return an error message if one is available. This makes it easier to see what went wrong. Signed-off-by: Simon Glass --- common/image-sig.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index 639a1124504..13ccd50bc50 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -499,13 +499,14 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, goto error; } - return verified ? 0 : -EPERM; + if (verified) + return 0; error: printf(" error!\n%s for '%s' hash node in '%s' config node\n", err_msg, fit_get_name(fit, noffset, NULL), fit_get_name(fit, conf_noffset, NULL)); - return -1; + return -EPERM; } int fit_config_verify_required_sigs(const void *fit, int conf_noffset, -- cgit v1.2.3 From 67acad3db71bb372458fbb8a77749f5eb88aa324 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 18 Mar 2020 11:44:01 -0600 Subject: image: Check hash-nodes when checking configurations It is currently possible to use a different configuration's signature and thus bypass the configuration check. Make sure that the configuration node that was hashed matches the one being checked, to catch this problem. Also add a proper function comment to fit_config_check_sig() and make it static. Signed-off-by: Simon Glass --- common/image-sig.c | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) (limited to 'common') diff --git a/common/image-sig.c b/common/image-sig.c index 13ccd50bc50..03143a40401 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -359,20 +359,39 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, return 0; } -int fit_config_check_sig(const void *fit, int noffset, int required_keynode, - char **err_msgp) +/** + * fit_config_check_sig() - Check the signature of a config + * + * @fit: FIT to check + * @noffset: Offset of configuration node (e.g. /configurations/conf-1) + * @required_keynode: Offset in the control FDT of the required key node, + * if any. If this is given, then the configuration wil not + * pass verification unless that key is used. If this is + * -1 then any signature will do. + * @conf_noffset: Offset of the configuration subnode being checked (e.g. + * /configurations/conf-1/kernel) + * @err_msgp: In the event of an error, this will be pointed to a + * help error string to display to the user. + * @return 0 if all verified ok, <0 on error + */ +static int fit_config_check_sig(const void *fit, int noffset, + int required_keynode, int conf_noffset, + char **err_msgp) { char * const exc_prop[] = {"data"}; const char *prop, *end, *name; struct image_sign_info info; const uint32_t *strings; + const char *config_name; uint8_t *fit_value; int fit_value_len; + bool found_config; int max_regions; int i, prop_len; char path[200]; int count; + config_name = fit_get_name(fit, conf_noffset, NULL); debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(), fit_get_name(fit, noffset, NULL), fit_get_name(gd_fdt_blob(), required_keynode, NULL)); @@ -413,9 +432,20 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode, char *node_inc[count]; debug("Hash nodes (%d):\n", count); + found_config = false; for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) { debug(" '%s'\n", name); node_inc[i] = (char *)name; + if (!strncmp(FIT_CONFS_PATH, name, strlen(FIT_CONFS_PATH)) && + name[sizeof(FIT_CONFS_PATH) - 1] == '/' && + !strcmp(name + sizeof(FIT_CONFS_PATH), config_name)) { + debug(" (found config node %s)", config_name); + found_config = true; + } + } + if (!found_config) { + *err_msgp = "Selected config not in hashed nodes"; + return -1; } /* @@ -483,7 +513,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, if (!strncmp(name, FIT_SIG_NODENAME, strlen(FIT_SIG_NODENAME))) { ret = fit_config_check_sig(fit, noffset, sig_offset, - &err_msg); + conf_noffset, &err_msg); if (ret) { puts("- "); } else { -- cgit v1.2.3 From 8a9d03732e6d0f68107c80919096e7cf956dcb3d Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 18 Mar 2020 11:44:02 -0600 Subject: image: Load the correct configuration in fit_check_sign At present bootm_host_load_images() is passed the configuration that has been verified, but ignores it and just uses the default configuration. This may not be the same. Update this function to use the selected configuration. Signed-off-by: Simon Glass --- common/bootm.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'common') diff --git a/common/bootm.c b/common/bootm.c index 902c13880dd..db4362a6430 100644 --- a/common/bootm.c +++ b/common/bootm.c @@ -819,7 +819,8 @@ void __weak switch_to_non_secure_mode(void) #else /* USE_HOSTCC */ #if defined(CONFIG_FIT_SIGNATURE) -static int bootm_host_load_image(const void *fit, int req_image_type) +static int bootm_host_load_image(const void *fit, int req_image_type, + int cfg_noffset) { const char *fit_uname_config = NULL; ulong data, len; @@ -831,6 +832,7 @@ static int bootm_host_load_image(const void *fit, int req_image_type) void *load_buf; int ret; + fit_uname_config = fdt_get_name(fit, cfg_noffset, NULL); memset(&images, '\0', sizeof(images)); images.verify = 1; noffset = fit_image_load(&images, (ulong)fit, @@ -878,7 +880,7 @@ int bootm_host_load_images(const void *fit, int cfg_noffset) for (i = 0; i < ARRAY_SIZE(image_types); i++) { int ret; - ret = bootm_host_load_image(fit, image_types[i]); + ret = bootm_host_load_image(fit, image_types[i], cfg_noffset); if (!err && ret && ret != -ENOENT) err = ret; } -- cgit v1.2.3 From 72188f546291cfadea99e9383c133d6aaa37d87d Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 18 Mar 2020 11:44:06 -0600 Subject: image: Use constants for 'required' and 'key-name-hint' These are used in multiple places so update them to use a shared #define. Signed-off-by: Simon Glass Reviewed-by: Philippe Reynes --- common/image-cipher.c | 2 +- common/image-fit.c | 6 +++--- common/image-sig.c | 8 +++++--- 3 files changed, 9 insertions(+), 7 deletions(-) (limited to 'common') diff --git a/common/image-cipher.c b/common/image-cipher.c index cee3b03ee50..f50c3d31bd5 100644 --- a/common/image-cipher.c +++ b/common/image-cipher.c @@ -88,7 +88,7 @@ static int fit_image_setup_decrypt(struct image_cipher_info *info, return -1; } - info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, cipher_noffset, FIT_KEY_HINT, NULL); if (!info->keyname) { printf("Can't get key name\n"); return -1; diff --git a/common/image-fit.c b/common/image-fit.c index 47fc84aa4e3..0fef0a918da 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -168,7 +168,7 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p, int value_len; char *algo; const char *padding; - int required; + bool required; int ret, i; debug("%s %s node: '%s'\n", p, type, @@ -179,8 +179,8 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p, return; } printf("%s", algo); - keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); - required = fdt_getprop(fit, noffset, "required", NULL) != NULL; + keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); + required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL; if (keyname) printf(":%s", keyname); if (required) diff --git a/common/image-sig.c b/common/image-sig.c index 03143a40401..6563effcf34 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -229,7 +229,7 @@ static int fit_image_setup_verify(struct image_sign_info *info, padding_name = RSA_DEFAULT_PADDING_NAME; memset(info, '\0', sizeof(*info)); - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); info->fit = (void *)fit; info->node_offset = noffset; info->name = algo_name; @@ -340,7 +340,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, const char *required; int ret; - required = fdt_getprop(sig_blob, noffset, "required", NULL); + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, + NULL); if (!required || strcmp(required, "image")) continue; ret = fit_image_verify_sig(fit, image_noffset, data, size, @@ -557,7 +558,8 @@ int fit_config_verify_required_sigs(const void *fit, int conf_noffset, const char *required; int ret; - required = fdt_getprop(sig_blob, noffset, "required", NULL); + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, + NULL); if (!required || strcmp(required, "conf")) continue; ret = fit_config_verify_sig(fit, conf_noffset, sig_blob, -- cgit v1.2.3 From 61853a7ac7e167d90899ec4e99d2e07db7bc72c1 Mon Sep 17 00:00:00 2001 From: Jagan Teki Date: Thu, 2 Apr 2020 17:11:23 +0530 Subject: rockchip: Enable pre console for rk3399 Enable pre console buffer for rk3399 platform. This would help to capture the console messages prior to the console being initialised. Enabling this would help to capture all the console messages on video output source like HDMI. So we can find the full console messages of U-Boot proper on HDMI display when enabled it for RK3399 platform boards. Buffer address used for pre console is 0x0f200000 which is ram base plus 240MiB. right now the Allwinner SoC is using similar computation. Signed-off-by: Jagan Teki Reviewed-by: Kever Yang Tested-by: Peter Robinson --- common/Kconfig | 1 + 1 file changed, 1 insertion(+) (limited to 'common') diff --git a/common/Kconfig b/common/Kconfig index 46e4193fc83..bd35de30560 100644 --- a/common/Kconfig +++ b/common/Kconfig @@ -568,6 +568,7 @@ config PRE_CON_BUF_ADDR default 0x2f000000 if ARCH_SUNXI && MACH_SUN9I default 0x4f000000 if ARCH_SUNXI && !MACH_SUN9I default 0x0f000000 if ROCKCHIP_RK3288 + default 0x0f200000 if ROCKCHIP_RK3399 help This sets the start address of the pre-console buffer. This must be in available memory and is accessed before relocation and -- cgit v1.2.3 From 9d15d1d1c24f6d3a2bcc7f35c706d8c76c2960b0 Mon Sep 17 00:00:00 2001 From: Ye Li Date: Wed, 1 Apr 2020 07:42:04 -0700 Subject: Revert "common: spl_fit: Default to IH_OS_U_BOOT if FIT_IMAGE_TINY enabled" Commit cf8dcc5d02c3 ("common: spl_fit: Default to IH_OS_U_BOOT if FIT_IMAGE_TINY enabled") is not correct, it will append fdt to each loadable image. Actually when using TINY FIT, the first loadable image is thought as u-boot and already have fdt appended. Signed-off-by: Ye Li Tested-by: Fabio Estevam --- common/spl/spl_fit.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'common') diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c index aef1dbdd49a..69dabd27f6d 100644 --- a/common/spl/spl_fit.c +++ b/common/spl/spl_fit.c @@ -646,10 +646,6 @@ int spl_load_simple_fit(struct spl_image_info *spl_image, if (!spl_fit_image_get_os(fit, node, &os_type)) debug("Loadable is %s\n", genimg_get_os_name(os_type)); -#if CONFIG_IS_ENABLED(FIT_IMAGE_TINY) - else - os_type = IH_OS_U_BOOT; -#endif if (os_type == IH_OS_U_BOOT) { spl_fit_append_fdt(&image_info, info, sector, -- cgit v1.2.3