2019-10-15 |
fit-image: Use compiled-in keys
...
The compiled-in keys can be retrieved with rsa_get_key(). Try to use
them first before falling back to looking up the keys in the device
tree.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 15 Oct 2019
|
rsa: let rsa_of_read_key() return a fully allocated key
...
Until now rsa_of_read_key() took a pointer to a key and filled the
struct rsa_public_key members with allocated values. So far we have
never freed these values. Change rsa_of_read_key() to always return
a fully allocated key and provide rsa_key_free() to free it. Let the
FIT image code free the key after usage.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 15 Oct 2019
|
2019-01-21 |
treewide: Remove trailing whitespaces and tabs
...
Just a cleanup over barebox tree
Signed-off-by: Alexander Shiyan <shc_work@mail.ru>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Alexander Shiyan
authored
on 20 Jan 2019
Sascha Hauer
committed
on 21 Jan 2019
|
2018-11-23 |
FIT: support hash-1/signature-1 nodes in signature check
...
The examples in the U-boot docs use "hash-N" and "signature-N" as the names
for hash/signature nodes. It seems "@N" was used instead at some point
during the development of the FIT format and "-N" is more correct (in fact,
dtc throws warnings when using "@N" without a reg attribute). Support for
the "@N" node names is preserved for backward compatibility.
Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Matthias Schiffer
authored
on 22 Nov 2018
Sascha Hauer
committed
on 23 Nov 2018
|
2018-08-10 |
FIT: be more verbose when RSA signature check fails
...
Tell the user what device tree node we're looking for.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Roland Hieber
authored
on 9 Aug 2018
Sascha Hauer
committed
on 10 Aug 2018
|
2018-02-08 |
FIT: Use const dtb unflatten variant
...
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: Allow to open buffer as FIT image
...
This adds fit_open_buf() which can open a buffer as FIT image.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: Implement opening images with no configuration
...
different images can be grouped together to build a FIT configuration.
So far we only supported opening images as parts of configurations.
This patch adds support for opening images that are not part of a
configuration. This mode is used when the configuration parameter of
fit_open_image is NULL.
The main difference is in the way the RSA signature is checked. When
being part of a configuration all involved nodes (including the hash
nodes of the images, but not the image itself) are covered by the
signature, thus during opening an image only the validity of the image
data hash has to be checked. When not being part of a configuration,
the image data itself is signed and must be checked.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: factor out some helper functions
...
Create and use fit_alloc_digest() and fit_read_rsa_public_key()
which we can use a second time in the next step.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: move handle->verify check to fit_verify_hash()
...
Preparation for the next step which will allow to open
images which are not part of a configuration.
This has one change inside: We used to iterate over all
subnodes of a image expecting all of them containing a hash,
so it could happen that we check multiple hashes if more exist
or that we falsely interpret some unrelated subnode as hash node.
With this patch we expect the hash in a subnode named "hash@1"
as required by the FIT image format description.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: store device_nodes in fit_handle
...
We need the /images and /configurations nodes more than once,
so store them in the fit_handle rather than searching for them
each time again.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: Let user specify the configuration to use
...
The images in FIT images can be opened in two different ways. They
can be either opened directly based on their names in the images/
node or as part of a configuration based on their names in the
corresponding /configuration/ node.
So far we only supported the latter. To prepare supporting the former
we return a cookie belonging to the configuration from
fit_open_configuration() which we use in fit_open_image() to refer
to the desired configuration.
While at it document fit_open_configuration().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
FIT: Do not pre-open images
...
Only do what fit_open_configuration() suggests: open the configuration,
but not the images in it.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 8 Feb 2018
|
2018-01-22 |
Merge branch 'for-next/misc'
Sascha Hauer
committed
on 22 Jan 2018
|
2018-01-18 |
FIT: export fit_open_configuration() and fit_open_image()
...
Currently only fit_open() is exported which only opens the predefined
images "kernel", "dtb" and "ramdisk". To make the FIT code more usable
for other code which may want to open other images export
fit_open_configuration() and fit_open_image().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 18 Jan 2018
|
2018-01-17 |
FIT: Fix error path
...
In case of error of_unflatten_dtb() returns an ERR_PTR. Make sure
that handle->root contains NULL in this case so that we do not call
of_delete_node on the error pointer in the exit path.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 17 Jan 2018
|
2017-03-31 |
bootm: fit: support multiple configuration nodes
...
Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Steffen Trumtrar
authored
on 29 Mar 2017
Sascha Hauer
committed
on 31 Mar 2017
|
2017-03-30 |
bootm: fit: support rsa2048
...
Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Steffen Trumtrar
authored
on 20 Mar 2017
Sascha Hauer
committed
on 30 Mar 2017
|
2016-07-26 |
include: Move bulk of boot.h to bootm.h
...
The majority of the stuff currently in include/boot.h is about bootm
code implemented common/bootm.c. To be more consistent move it to a
new file include/bootm.h.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 26 Jul 2016
|
2016-05-10 |
bootm: Add verify mode "available"
...
The verify "available" mode checks whatever is available in the
booted image, so when an image has a signature, it is checked and
must be correct and when an image is hashed, it is also checked
for correctness.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 10 May 2016
|
bootm: fit: Print error when image is not signed
...
when fit is configured to force signed images then print an error
message when an unsigned image is opened to give the user a clue
what went wrong.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 10 May 2016
|
bootm: fit: Print error when image is not hashed
...
When fit is configured to check hashes print an error when an image
does not contain hashes instead of failing silently.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sascha Hauer
committed
on 10 May 2016
|
2016-01-26 |
bootm: add initial FIT support
...
This implementation is inspired by U-Boot's FIT support. Instead of
using libfdt (which does not exist in barebox), configuration signatures
are verified by using a simplified DT parser based on barebox's own
code.
Currently, only signed configurations with hashed images are supported,
as the other variants are less useful for verified boot. Compatible FIT
images can be created using U-Boot's mkimage tool.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Jan Luebbe
authored
on 6 Jan 2016
Sascha Hauer
committed
on 26 Jan 2016
|