We want to sign and verify images using sandbox, so enable these options.
Signed-off-by: Simon Glass
---
Changes in v3: None
Changes in v2: None
include/configs/sandbox.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/configs/sandbox.h b/include/configs/sandbox.h
index d704329..9
Normally, multiple public keys can be provided and U-Boot is not
required to use all of them for verification. This is because some
images may not be signed, or may be optionally signed.
But we still need a mechanism to determine when a key must be used.
This feature cannot be implemented in the F
Add a structure to describe an algorithm which can sign and (later) verify
images.
Signed-off-by: Simon Glass
---
Changes in v3: None
Changes in v2:
- Adjust how signing enable works in image.h
- Rebase on previous patches
- Tweak tools/Makefile to make image signing optional
- Update README to f
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.
Signed-off-by: Simon Glass
---
Changes in v3:
- Use new fdt_first/next_subnode()
Changes in v2:
- Adjust how si
FIT image verification requires public keys. Add a convenient option to
mkimage to write the public keys to an FDT blob when it uses then for
signing an image. This allows us to use:
mkimage -f test.its -K dest.dtb -k keys test.fit
and have the signatures written to test.fit and the correspond
Add a function to find regions in device tree given a list of nodes to
include and properties to exclude.
See the header file for full documentation.
Signed-off-by: Simon Glass
---
Changes in v3: None
Changes in v2:
- Fix checkpatch checks about parenthesis alignment
include/libfdt.h | 64
RSA provides a public key encryption facility which is ideal for image
signing and verification.
Images are signed using a private key by mkimage. Then at run-time, the
images are verified using a private key.
This implementation uses openssl for the host part (mkimage). To avoid
bringing large l
When signing images it is sometimes necessary to sign with different keys
at different times, or make the signer entirely separate from the FIT
creation to avoid needing the private keys to be publicly available in
the system.
Add a -F option so that key signing can be a separate step, and possibl
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to s
Add a description of how to implement verified boot using signed FIT images,
and a simple test which verifies operation on sandbox.
The test signs a FIT image and verifies it, then signs a FIT configuration
and verifies it. Then it corrupts the signature to check that this is
detected.
Signed-off
When signing an image, it is useful to add some details about which tool
or person is authorising the signing. Add a comment field which can take
care of miscellaneous requirements.
Signed-off-by: Simon Glass
Reviewed-by: Marek Vasut
---
Changes in v3: None
Changes in v2:
- Adjust mkimage help t
This series implemented a verified boot system based around FIT images
as discussed on the U-Boot mailing list, including on this thread:
http://permalink.gmane.org/gmane.comp.boot-loaders.u-boot/147830
RSA is used to implement the encryption. Images are signed by mkimage
using private keys creat
Hi Jagan, Simon - Adding Bacem and Gernot from Spansion. Would you be able to
add them to the other open threads as well? --Max
-
Max Willis, PhD
Division Marketing Manager
Software Marketing
Spansion Inc.
--
On 13/06/13 07:37, Karsten Jeppesen wrote:
I have a (to me) serious problem.
When U-Boot encounters a UbiFS system that needs cleaning, then it is not
always capable of it despite the kernel (I understand it's the same code)
having no problems cleaning the filesystem.
I think I have traced it
Hi Tom,
On Thu, Jun 13, 2013 at 3:10 PM, Simon Glass wrote:
> Add a description of how to implement verified boot using signed FIT
> images,
> and a simple test which verifies operation on sandbox.
>
> The test signs a FIT image and verifies it, then signs a FIT configuration
> and verifies it.
On Thu, Jun 13, 2013 at 11:24 PM, Albert ARIBAUD
wrote:
> Hi Chris,
>
> On Thu, 13 Jun 2013 22:19:54 +1200, Chris Packham
> wrote:
>
>> Hi Albert,
>>
>> On 13/06/13 17:43, Albert ARIBAUD wrote:
>> > Hi Chris,
>> >
>> > On Thu, 13 Jun 2013 13:16:17 +1200, Chris Packham
>> > wrote:
>> >
>> >> On T
From: Stephen Warren
Some ARM compilers may emit code that makes unaligned accesses when
faced with constructs such as:
const char format[] = "r5g6b5";
Make this data static since it doesn't chagne; the compiler will simply
place it into the .rodata section directly, and avoid any unaligned run
On Fri, Jun 14, 2013 at 10:48 AM, Chris Packham wrote:
> On Thu, Jun 13, 2013 at 11:24 PM, Albert ARIBAUD
> wrote:
>> Hi Chris,
>>
>> On Thu, 13 Jun 2013 22:19:54 +1200, Chris Packham
>> wrote:
>>
>>> Hi Albert,
>>>
>>> On 13/06/13 17:43, Albert ARIBAUD wrote:
>>> > Hi Chris,
>>> >
>>> > On Thu,
Hi All,
In mips,i dont see the .reloc section in u-boot.lds.But in other
architechtures(like ppc),I see in u-boot.lds:
.reloc :
{
PROVIDE(_GOT2_TABLE_ = .);
KEEP(*(.got2))
KEEP(*(.got))
PROVIDE(_GLOBAL_OFFSET_TABLE_ = . + 4);
_FIXUP_TABLE_ = .;
On Tue, May 28, 2013 at 03:09:42PM -0300, Fabio Estevam wrote:
> Since commit 48e0b2bd (powerpc/esdhc: Correct judgement for DATA PIO mode)
> we see mx6 systems to hang after doing a 'save' command.
>
> Revert this commit since the original 'ifdef' logic from 7b43db92
> (drivers/mmc/fsl_esdhc.c:
On Fri, May 24, 2013 at 06:15:34PM +0530, Rajeshwari Shinde wrote:
> Current DWMMC driver used to give FIFO underrun/overrun error every 3rd time
> for mmc rescan command.
> In current code FIFO_DEPTH is getting calculated after reading the default
> FIFOTH
> register and extracting the RX_WMARK b
On Tue, May 21, 2013 at 03:01:36PM +0530, Jagannadha Sutradharudu Teki wrote:
> CAP register don't have any information for 8-bit buswidth support
> on 2.0 sdhci spec, only from 3.0 onwards bit[18] got this information.
>
> Due to this misassignment in sdhci, mmc is setting 8-bit buswidth using
>
On Wed, May 15, 2013 at 09:38:16AM +0800, Bo Shen wrote:
> The commit d196bd8 (env_mmc: add support for redundant environment)
> introduce the following compile error when enable redundant
> environment support with MMC
> ---8<---
> env_mmc.c:149: error: 'env_t' has no member named 'flags'
> env_mm
On Wed, May 22, 2013 at 01:19:43PM +0200, Ruud Commandeur wrote:
> This patch fixes a bug related to mmc writes.
>
> When doing fatwrites on an SD-Card, MMC bus problems can occur. Depending
> on the size of the file, "MMC0: Bus busy timeout!" is reported, resulting
> in an SD-Card that is no long
2013/6/11 Albert ARIBAUD :
> Hi Kuo-Jung,
>
> On Tue, 11 Jun 2013 11:09:57 +0800, Kuo-Jung Su
> wrote:
>
>> 2013/6/11 Albert ARIBAUD :
>> > Hi Kuo-Jung,
>> >
>> > On Tue, 7 May 2013 14:25:07 +0800, Kuo-Jung Su
>> > wrote:
>> >
>> >> diff --git a/arch/arm/include/asm/dma-mapping.h
>> >> b/arch/a
Hello Tom,
Am 13.06.2013 17:53, schrieb Tom Rini:
> On Thu, Jun 13, 2013 at 05:53:17AM +0200, Heiko Schocher wrote:
>
>> move s_init from every board code to a common place.
>>
>> Signed-off-by: Heiko Schocher
>> Cc: Tom Rini
>> Cc: Matt Porter
>> Cc: Lars Poeschel
>> Cc: Tom Rini
>> Cc: Enr
2013/6/13 Jagan Teki :
> Hi,
>
> Few comments, please get back your inputs.
>
> Use commit header as "spi: ftssp010_spi: "
>
Got it, thanks
>
> On 07-05-2013 12:04, Kuo-Jung Su wrote:
>>
>> From: Kuo-Jung Su
>>
>> The Faraday FTSSP010 is a multi-function controller
>> which supports I2S/SPI/SSP/
101 - 127 of 127 matches
Mail list logo
