Merge branch '2021-05-17-assorted-fixes'
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 3f221dc..63665d2 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -158,7 +158,14 @@
config SIFIVE_CLINT
bool
- depends on RISCV_MMODE || SPL_RISCV_MMODE
+ depends on RISCV_MMODE
+ help
+ The SiFive CLINT block holds memory-mapped control and status registers
+ associated with software and timer interrupts.
+
+config SPL_SIFIVE_CLINT
+ bool
+ depends on SPL_RISCV_MMODE
help
The SiFive CLINT block holds memory-mapped control and status registers
associated with software and timer interrupts.
@@ -271,6 +278,8 @@
config OF_BOARD_FIXUP
default y if OF_SEPARATE && RISCV_SMODE
+menu "Use assembly optimized implementation of memory routines"
+
config USE_ARCH_MEMCPY
bool "Use an assembly optimized implementation of memcpy"
default y
@@ -350,3 +359,5 @@
but may increase the binary size.
endmenu
+
+endmenu
diff --git a/arch/riscv/cpu/fu540/Kconfig b/arch/riscv/cpu/fu540/Kconfig
index 616b256..dcf0994 100644
--- a/arch/riscv/cpu/fu540/Kconfig
+++ b/arch/riscv/cpu/fu540/Kconfig
@@ -11,7 +11,7 @@
imply CPU
imply CPU_RISCV
imply RISCV_TIMER if (RISCV_SMODE || SPL_RISCV_SMODE)
- imply SIFIVE_CLINT if (RISCV_MMODE || SPL_RISCV_MMODE)
+ imply SPL_SIFIVE_CLINT
imply CMD_CPU
imply SPL_CPU
imply SPL_OPENSBI
diff --git a/arch/riscv/cpu/generic/Kconfig b/arch/riscv/cpu/generic/Kconfig
index 198e36e..6f73bdd 100644
--- a/arch/riscv/cpu/generic/Kconfig
+++ b/arch/riscv/cpu/generic/Kconfig
@@ -8,7 +8,8 @@
imply CPU
imply CPU_RISCV
imply RISCV_TIMER if (RISCV_SMODE || SPL_RISCV_SMODE)
- imply SIFIVE_CLINT if (RISCV_MMODE || SPL_RISCV_MMODE)
+ imply SIFIVE_CLINT if RISCV_MMODE
+ imply SPL_SIFIVE_CLINT if SPL_RISCV_MMODE
imply CMD_CPU
imply SPL_CPU
imply SPL_OPENSBI
diff --git a/arch/riscv/include/asm/global_data.h b/arch/riscv/include/asm/global_data.h
index d3a0b1d..095484a 100644
--- a/arch/riscv/include/asm/global_data.h
+++ b/arch/riscv/include/asm/global_data.h
@@ -18,7 +18,7 @@
struct arch_global_data {
long boot_hart; /* boot hart id */
phys_addr_t firmware_fdt_addr;
-#ifdef CONFIG_SIFIVE_CLINT
+#if CONFIG_IS_ENABLED(SIFIVE_CLINT)
void __iomem *clint; /* clint base address */
#endif
#ifdef CONFIG_ANDES_PLIC
diff --git a/arch/riscv/lib/Makefile b/arch/riscv/lib/Makefile
index d08cbe9..c4cc414 100644
--- a/arch/riscv/lib/Makefile
+++ b/arch/riscv/lib/Makefile
@@ -11,7 +11,7 @@
obj-$(CONFIG_CMD_GO) += boot.o
obj-y += cache.o
ifeq ($(CONFIG_$(SPL_)RISCV_MMODE),y)
-obj-$(CONFIG_SIFIVE_CLINT) += sifive_clint.o
+obj-$(CONFIG_$(SPL_)SIFIVE_CLINT) += sifive_clint.o
obj-$(CONFIG_ANDES_PLIC) += andes_plic.o
else
obj-$(CONFIG_SBI) += sbi.o
diff --git a/arch/riscv/lib/fdt_fixup.c b/arch/riscv/lib/fdt_fixup.c
index 1f3f236..f636b28 100644
--- a/arch/riscv/lib/fdt_fixup.c
+++ b/arch/riscv/lib/fdt_fixup.c
@@ -151,14 +151,17 @@
}
chosen_offset = fdt_path_offset(blob, "/chosen");
if (chosen_offset < 0) {
- err = fdt_add_subnode(blob, 0, "chosen");
- if (err < 0) {
+ chosen_offset = fdt_add_subnode(blob, 0, "chosen");
+ if (chosen_offset < 0) {
log_err("chosen node cannot be added\n");
- return err;
+ return chosen_offset;
}
}
/* Overwrite the boot-hartid as U-Boot is the last stage BL */
- fdt_setprop_u32(blob, chosen_offset, "boot-hartid", gd->arch.boot_hart);
+ err = fdt_setprop_u32(blob, chosen_offset, "boot-hartid",
+ gd->arch.boot_hart);
+ if (err < 0)
+ return log_msg_ret("could not set boot-hartid", err);
#endif
/* Copy the reserved-memory node to the DT used by OS */
diff --git a/arch/riscv/lib/memcpy.S b/arch/riscv/lib/memcpy.S
index 51ab716..00672c1 100644
--- a/arch/riscv/lib/memcpy.S
+++ b/arch/riscv/lib/memcpy.S
@@ -9,100 +9,151 @@
/* void *memcpy(void *, const void *, size_t) */
ENTRY(__memcpy)
WEAK(memcpy)
- move t6, a0 /* Preserve return value */
+ /* Save for return value */
+ mv t6, a0
- /* Defer to byte-oriented copy for small sizes */
- sltiu a3, a2, 128
- bnez a3, 4f
- /* Use word-oriented copy only if low-order bits match */
- andi a3, t6, SZREG-1
- andi a4, a1, SZREG-1
- bne a3, a4, 4f
-
- beqz a3, 2f /* Skip if already aligned */
/*
- * Round to nearest double word-aligned address
- * greater than or equal to start address
+ * Register allocation for code below:
+ * a0 - start of uncopied dst
+ * a1 - start of uncopied src
+ * t0 - end of uncopied dst
*/
- andi a3, a1, ~(SZREG-1)
- addi a3, a3, SZREG
- /* Handle initial misalignment */
- sub a4, a3, a1
+ add t0, a0, a2
+
+ /*
+ * Use bytewise copy if too small.
+ *
+ * This threshold must be at least 2*SZREG to ensure at least one
+ * wordwise copy is performed. It is chosen to be 16 because it will
+ * save at least 7 iterations of bytewise copy, which pays off the
+ * fixed overhead.
+ */
+ li a3, 16
+ bltu a2, a3, .Lbyte_copy_tail
+
+ /*
+ * Bytewise copy first to align a0 to word boundary.
+ */
+ addi a2, a0, SZREG-1
+ andi a2, a2, ~(SZREG-1)
+ beq a0, a2, 2f
1:
- lb a5, 0(a1)
- addi a1, a1, 1
- sb a5, 0(t6)
- addi t6, t6, 1
- bltu a1, a3, 1b
- sub a2, a2, a4 /* Update count */
-
+ lb a5, 0(a1)
+ addi a1, a1, 1
+ sb a5, 0(a0)
+ addi a0, a0, 1
+ bne a0, a2, 1b
2:
- andi a4, a2, ~((16*SZREG)-1)
- beqz a4, 4f
- add a3, a1, a4
-3:
- REG_L a4, 0(a1)
- REG_L a5, SZREG(a1)
- REG_L a6, 2*SZREG(a1)
- REG_L a7, 3*SZREG(a1)
- REG_L t0, 4*SZREG(a1)
- REG_L t1, 5*SZREG(a1)
- REG_L t2, 6*SZREG(a1)
- REG_L t3, 7*SZREG(a1)
- REG_L t4, 8*SZREG(a1)
- REG_L t5, 9*SZREG(a1)
- REG_S a4, 0(t6)
- REG_S a5, SZREG(t6)
- REG_S a6, 2*SZREG(t6)
- REG_S a7, 3*SZREG(t6)
- REG_S t0, 4*SZREG(t6)
- REG_S t1, 5*SZREG(t6)
- REG_S t2, 6*SZREG(t6)
- REG_S t3, 7*SZREG(t6)
- REG_S t4, 8*SZREG(t6)
- REG_S t5, 9*SZREG(t6)
- REG_L a4, 10*SZREG(a1)
- REG_L a5, 11*SZREG(a1)
- REG_L a6, 12*SZREG(a1)
- REG_L a7, 13*SZREG(a1)
- REG_L t0, 14*SZREG(a1)
- REG_L t1, 15*SZREG(a1)
- addi a1, a1, 16*SZREG
- REG_S a4, 10*SZREG(t6)
- REG_S a5, 11*SZREG(t6)
- REG_S a6, 12*SZREG(t6)
- REG_S a7, 13*SZREG(t6)
- REG_S t0, 14*SZREG(t6)
- REG_S t1, 15*SZREG(t6)
- addi t6, t6, 16*SZREG
- bltu a1, a3, 3b
- andi a2, a2, (16*SZREG)-1 /* Update count */
-4:
- /* Handle trailing misalignment */
- beqz a2, 6f
- add a3, a1, a2
+ /*
+ * Now a0 is word-aligned. If a1 is also word aligned, we could perform
+ * aligned word-wise copy. Otherwise we need to perform misaligned
+ * word-wise copy.
+ */
+ andi a3, a1, SZREG-1
+ bnez a3, .Lmisaligned_word_copy
- /* Use word-oriented copy if co-aligned to word boundary */
- or a5, a1, t6
- or a5, a5, a3
- andi a5, a5, 3
- bnez a5, 5f
-7:
- lw a4, 0(a1)
- addi a1, a1, 4
- sw a4, 0(t6)
- addi t6, t6, 4
- bltu a1, a3, 7b
+ /* Unrolled wordwise copy */
+ addi t0, t0, -(16*SZREG-1)
+ bgeu a0, t0, 2f
+1:
+ REG_L a2, 0(a1)
+ REG_L a3, SZREG(a1)
+ REG_L a4, 2*SZREG(a1)
+ REG_L a5, 3*SZREG(a1)
+ REG_L a6, 4*SZREG(a1)
+ REG_L a7, 5*SZREG(a1)
+ REG_L t1, 6*SZREG(a1)
+ REG_L t2, 7*SZREG(a1)
+ REG_L t3, 8*SZREG(a1)
+ REG_L t4, 9*SZREG(a1)
+ REG_L t5, 10*SZREG(a1)
+ REG_S a2, 0(a0)
+ REG_S a3, SZREG(a0)
+ REG_S a4, 2*SZREG(a0)
+ REG_S a5, 3*SZREG(a0)
+ REG_S a6, 4*SZREG(a0)
+ REG_S a7, 5*SZREG(a0)
+ REG_S t1, 6*SZREG(a0)
+ REG_S t2, 7*SZREG(a0)
+ REG_S t3, 8*SZREG(a0)
+ REG_S t4, 9*SZREG(a0)
+ REG_S t5, 10*SZREG(a0)
+ REG_L a2, 11*SZREG(a1)
+ REG_L a3, 12*SZREG(a1)
+ REG_L a4, 13*SZREG(a1)
+ REG_L a5, 14*SZREG(a1)
+ REG_L a6, 15*SZREG(a1)
+ addi a1, a1, 16*SZREG
+ REG_S a2, 11*SZREG(a0)
+ REG_S a3, 12*SZREG(a0)
+ REG_S a4, 13*SZREG(a0)
+ REG_S a5, 14*SZREG(a0)
+ REG_S a6, 15*SZREG(a0)
+ addi a0, a0, 16*SZREG
+ bltu a0, t0, 1b
+2:
+ /* Post-loop increment by 16*SZREG-1 and pre-loop decrement by SZREG-1 */
+ addi t0, t0, 15*SZREG
+ /* Wordwise copy */
+ bgeu a0, t0, 2f
+1:
+ REG_L a5, 0(a1)
+ addi a1, a1, SZREG
+ REG_S a5, 0(a0)
+ addi a0, a0, SZREG
+ bltu a0, t0, 1b
+2:
+ addi t0, t0, SZREG-1
+
+.Lbyte_copy_tail:
+ /*
+ * Bytewise copy anything left.
+ */
+ beq a0, t0, 2f
+1:
+ lb a5, 0(a1)
+ addi a1, a1, 1
+ sb a5, 0(a0)
+ addi a0, a0, 1
+ bne a0, t0, 1b
+2:
+
+ mv a0, t6
ret
-5:
- lb a4, 0(a1)
- addi a1, a1, 1
- sb a4, 0(t6)
- addi t6, t6, 1
- bltu a1, a3, 5b
-6:
- ret
+.Lmisaligned_word_copy:
+ /*
+ * Misaligned word-wise copy.
+ * For misaligned copy we still perform word-wise copy, but we need to
+ * use the value fetched from the previous iteration and do some shifts.
+ * This is safe because we wouldn't access more words than necessary.
+ */
+
+ /* Calculate shifts */
+ slli t3, a3, 3
+ sub t4, x0, t3 /* negate is okay as shift will only look at LSBs */
+
+ /* Load the initial value and align a1 */
+ andi a1, a1, ~(SZREG-1)
+ REG_L a5, 0(a1)
+
+ addi t0, t0, -(SZREG-1)
+ /* At least one iteration will be executed here, no check */
+1:
+ srl a4, a5, t3
+ REG_L a5, SZREG(a1)
+ addi a1, a1, SZREG
+ sll a2, a5, t4
+ or a2, a2, a4
+ REG_S a2, 0(a0)
+ addi a0, a0, SZREG
+ bltu a0, t0, 1b
+
+ /* Update pointers to correct value */
+ addi t0, t0, SZREG-1
+ add a1, a1, a3
+
+ j .Lbyte_copy_tail
END(__memcpy)
diff --git a/arch/riscv/lib/memmove.S b/arch/riscv/lib/memmove.S
index 07d1d21..fbe6701 100644
--- a/arch/riscv/lib/memmove.S
+++ b/arch/riscv/lib/memmove.S
@@ -5,60 +5,124 @@
ENTRY(__memmove)
WEAK(memmove)
- move t0, a0
- move t1, a1
+ /*
+ * Here we determine if forward copy is possible. Forward copy is
+ * preferred to backward copy as it is more cache friendly.
+ *
+ * If a0 >= a1, t0 gives their distance, if t0 >= a2 then we can
+ * copy forward.
+ * If a0 < a1, we can always copy forward. This will make t0 negative,
+ * so a *unsigned* comparison will always have t0 >= a2.
+ *
+ * For forward copy we just delegate the task to memcpy.
+ */
+ sub t0, a0, a1
+ bltu t0, a2, 1f
+ tail __memcpy
+1:
- beq a0, a1, exit_memcpy
- beqz a2, exit_memcpy
- srli t2, a2, 0x2
+ /*
+ * Register allocation for code below:
+ * a0 - end of uncopied dst
+ * a1 - end of uncopied src
+ * t0 - start of uncopied dst
+ */
+ mv t0, a0
+ add a0, a0, a2
+ add a1, a1, a2
- slt t3, a0, a1
- beqz t3, do_reverse
+ /*
+ * Use bytewise copy if too small.
+ *
+ * This threshold must be at least 2*SZREG to ensure at least one
+ * wordwise copy is performed. It is chosen to be 16 because it will
+ * save at least 7 iterations of bytewise copy, which pays off the
+ * fixed overhead.
+ */
+ li a3, 16
+ bltu a2, a3, .Lbyte_copy_tail
- andi a2, a2, 0x3
- li t4, 1
- beqz t2, byte_copy
+ /*
+ * Bytewise copy first to align t0 to word boundary.
+ */
+ andi a2, a0, ~(SZREG-1)
+ beq a0, a2, 2f
+1:
+ addi a1, a1, -1
+ lb a5, 0(a1)
+ addi a0, a0, -1
+ sb a5, 0(a0)
+ bne a0, a2, 1b
+2:
-word_copy:
- lw t3, 0(a1)
- addi t2, t2, -1
- addi a1, a1, 4
- sw t3, 0(a0)
- addi a0, a0, 4
- bnez t2, word_copy
- beqz a2, exit_memcpy
- j byte_copy
+ /*
+ * Now a0 is word-aligned. If a1 is also word aligned, we could perform
+ * aligned word-wise copy. Otherwise we need to perform misaligned
+ * word-wise copy.
+ */
+ andi a3, a1, SZREG-1
+ bnez a3, .Lmisaligned_word_copy
-do_reverse:
- add a0, a0, a2
- add a1, a1, a2
- andi a2, a2, 0x3
- li t4, -1
- beqz t2, reverse_byte_copy
+ /* Wordwise copy */
+ addi t0, t0, SZREG-1
+ bleu a0, t0, 2f
+1:
+ addi a1, a1, -SZREG
+ REG_L a5, 0(a1)
+ addi a0, a0, -SZREG
+ REG_S a5, 0(a0)
+ bgtu a0, t0, 1b
+2:
+ addi t0, t0, -(SZREG-1)
-reverse_word_copy:
- addi a1, a1, -4
- addi t2, t2, -1
- lw t3, 0(a1)
- addi a0, a0, -4
- sw t3, 0(a0)
- bnez t2, reverse_word_copy
- beqz a2, exit_memcpy
+.Lbyte_copy_tail:
+ /*
+ * Bytewise copy anything left.
+ */
+ beq a0, t0, 2f
+1:
+ addi a1, a1, -1
+ lb a5, 0(a1)
+ addi a0, a0, -1
+ sb a5, 0(a0)
+ bne a0, t0, 1b
+2:
-reverse_byte_copy:
- addi a0, a0, -1
- addi a1, a1, -1
+ mv a0, t0
+ ret
-byte_copy:
- lb t3, 0(a1)
- addi a2, a2, -1
- sb t3, 0(a0)
- add a1, a1, t4
- add a0, a0, t4
- bnez a2, byte_copy
+.Lmisaligned_word_copy:
+ /*
+ * Misaligned word-wise copy.
+ * For misaligned copy we still perform word-wise copy, but we need to
+ * use the value fetched from the previous iteration and do some shifts.
+ * This is safe because we wouldn't access more words than necessary.
+ */
-exit_memcpy:
- move a0, t0
- move a1, t1
- ret
+ /* Calculate shifts */
+ slli t3, a3, 3
+ sub t4, x0, t3 /* negate is okay as shift will only look at LSBs */
+
+ /* Load the initial value and align a1 */
+ andi a1, a1, ~(SZREG-1)
+ REG_L a5, 0(a1)
+
+ addi t0, t0, SZREG-1
+ /* At least one iteration will be executed here, no check */
+1:
+ sll a4, a5, t4
+ addi a1, a1, -SZREG
+ REG_L a5, 0(a1)
+ srl a2, a5, t3
+ or a2, a2, a4
+ addi a0, a0, -SZREG
+ REG_S a2, 0(a0)
+ bgtu a0, t0, 1b
+
+ /* Update pointers to correct value */
+ addi t0, t0, -(SZREG-1)
+ add a1, a1, a3
+
+ j .Lbyte_copy_tail
+
END(__memmove)
diff --git a/board/emulation/common/qemu_capsule.c b/board/emulation/common/qemu_capsule.c
index 5cb461d..6b8a870 100644
--- a/board/emulation/common/qemu_capsule.c
+++ b/board/emulation/common/qemu_capsule.c
@@ -41,9 +41,3 @@
return 0;
}
-
-bool efi_capsule_auth_enabled(void)
-{
- return env_get("capsule_authentication_enabled") != NULL ?
- true : false;
-}
diff --git a/common/Kconfig.boot b/common/Kconfig.boot
index 5a18d62..5660822 100644
--- a/common/Kconfig.boot
+++ b/common/Kconfig.boot
@@ -80,6 +80,7 @@
select RSA_VERIFY
select IMAGE_SIGN_INFO
select FIT_FULL_CHECK
+ select HASH_CALCULATE
help
This option enables signature verification of FIT uImages,
using a hash signed and verified using RSA. If
diff --git a/common/hash.c b/common/hash.c
index 10dff7d..90cf46b 100644
--- a/common/hash.c
+++ b/common/hash.c
@@ -260,12 +260,12 @@
.name = "sha384",
.digest_size = SHA384_SUM_LEN,
.chunk_size = CHUNKSZ_SHA384,
-#ifdef CONFIG_SHA_HW_ACCEL
+#ifdef CONFIG_SHA512_HW_ACCEL
.hash_func_ws = hw_sha384,
#else
.hash_func_ws = sha384_csum_wd,
#endif
-#ifdef CONFIG_SHA_PROG_HW_ACCEL
+#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
.hash_init = hw_sha_init,
.hash_update = hw_sha_update,
.hash_finish = hw_sha_finish,
@@ -281,12 +281,12 @@
.name = "sha512",
.digest_size = SHA512_SUM_LEN,
.chunk_size = CHUNKSZ_SHA512,
-#ifdef CONFIG_SHA_HW_ACCEL
+#ifdef CONFIG_SHA512_HW_ACCEL
.hash_func_ws = hw_sha512,
#else
.hash_func_ws = sha512_csum_wd,
#endif
-#ifdef CONFIG_SHA_PROG_HW_ACCEL
+#if defined(CONFIG_SHA512_HW_ACCEL) && defined(CONFIG_SHA_PROG_HW_ACCEL)
.hash_init = hw_sha_init,
.hash_update = hw_sha_update,
.hash_finish = hw_sha_finish,
diff --git a/doc/board/AndesTech/ax25-ae350.rst b/doc/board/AndesTech/ax25-ae350.rst
index f795476..9236492 100644
--- a/doc/board/AndesTech/ax25-ae350.rst
+++ b/doc/board/AndesTech/ax25-ae350.rst
@@ -343,7 +343,7 @@
cd opensbi
make PLATFORM=andes/ae350
-Copy OpenSBI FW_DYNAMIC image (build\platform\andes\ae350\firmware\fw_dynamic.bin)
+Copy OpenSBI FW_DYNAMIC image (build/platform/andes/ae350/firmware/fw_dynamic.bin)
into U-Boot root directory
@@ -532,4 +532,4 @@
Sat Apr 6 23:33:53 CST 2019
nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering...
-~ #
+ ~ #
diff --git a/doc/usage/index.rst b/doc/usage/index.rst
index 528b3c7..c1f9b6a 100644
--- a/doc/usage/index.rst
+++ b/doc/usage/index.rst
@@ -26,6 +26,7 @@
conitrace
echo
exception
+ extension
exit
false
fatinfo
@@ -38,6 +39,7 @@
pstore
qfw
sbi
+ size
true
scp03
reset
diff --git a/doc/usage/size.rst b/doc/usage/size.rst
new file mode 100644
index 0000000..f0c35e4
--- /dev/null
+++ b/doc/usage/size.rst
@@ -0,0 +1,40 @@
+.. SPDX-License-Identifier: GPL-2.0+
+
+size command
+============
+
+Synopsis
+--------
+
+::
+
+ size <interface> <dev[:part]> <filename>
+
+Description
+-----------
+
+The size command determines the size of a file and sets the environment variable
+filesize to this value. If filename points to a directory, the value is set to
+zero.
+
+If the command fails, the filesize environment variable is not changed.
+
+dev
+ device number
+
+part
+ partition number, defaults to 1
+
+filename
+ path to file
+
+Configuration
+-------------
+
+The size command is only available if CONFIG_CMD_FS_GENERIC=y.
+
+Return value
+------------
+
+The return value $? is set to 0 (true) if the command succeded and to 1 (false)
+otherwise.
diff --git a/drivers/timer/Makefile b/drivers/timer/Makefile
index eb5c48c..2ebdeab 100644
--- a/drivers/timer/Makefile
+++ b/drivers/timer/Makefile
@@ -19,7 +19,7 @@
obj-$(CONFIG_RISCV_TIMER) += riscv_timer.o
obj-$(CONFIG_ROCKCHIP_TIMER) += rockchip_timer.o
obj-$(CONFIG_SANDBOX_TIMER) += sandbox_timer.o
-obj-$(CONFIG_SIFIVE_CLINT) += sifive_clint_timer.o
+obj-$(CONFIG_$(SPL_)SIFIVE_CLINT) += sifive_clint_timer.o
obj-$(CONFIG_STI_TIMER) += sti-timer.o
obj-$(CONFIG_STM32_TIMER) += stm32_timer.o
obj-$(CONFIG_X86_TSC_TIMER) += tsc_timer.o
diff --git a/lib/Kconfig b/lib/Kconfig
index 6d2d41d..b057b9d 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -389,21 +389,32 @@
(digest).
config SHA_HW_ACCEL
- bool "Enable hashing using hardware"
+ bool "Enable hardware acceleration for SHA hash functions"
help
- This option enables hardware acceleration for SHA hashing.
- This affects the 'hash' command and also the hash_lookup_algo()
- function.
+ This option enables hardware acceleration for the SHA1 and SHA256
+ hashing algorithms. This affects the 'hash' command and also the
+ hash_lookup_algo() function.
+
+if SHA_HW_ACCEL
+
+config SHA512_HW_ACCEL
+ bool "Enable hardware acceleration for SHA512"
+ depends on SHA512_ALGO
+ help
+ This option enables hardware acceleration for the SHA384 and SHA512
+ hashing algorithms. This affects the 'hash' command and also the
+ hash_lookup_algo() function.
config SHA_PROG_HW_ACCEL
bool "Enable Progressive hashing support using hardware"
- depends on SHA_HW_ACCEL
help
This option enables hardware-acceleration for SHA progressive
hashing.
Data can be streamed in a block at a time and the hashing is
performed in hardware.
+endif
+
config MD5
bool "Support MD5 algorithm"
help
@@ -428,6 +439,9 @@
config XXHASH
bool
+config HASH_CALCULATE
+ bool
+
endmenu
menu "Compression Support"
diff --git a/lib/Makefile b/lib/Makefile
index 6825671..0835ea2 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -61,7 +61,7 @@
obj-$(CONFIG_$(SPL_)ACPIGEN) += acpi/
obj-$(CONFIG_$(SPL_)MD5) += md5.o
obj-$(CONFIG_$(SPL_)RSA) += rsa/
-obj-$(CONFIG_FIT_SIGNATURE) += hash-checksum.o
+obj-$(CONFIG_HASH_CALCULATE) += hash-checksum.o
obj-$(CONFIG_SHA1) += sha1.o
obj-$(CONFIG_SHA256) += sha256.o
obj-$(CONFIG_SHA512_ALGO) += sha512.o
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index 0b99d7c..eb5c4d6 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -174,6 +174,7 @@
select PKCS7_MESSAGE_PARSER
select PKCS7_VERIFY
select IMAGE_SIGN_INFO
+ select HASH_CALCULATE
default n
help
Select this option if you want to enable capsule
@@ -300,7 +301,13 @@
config EFI_TCG2_PROTOCOL
bool "EFI_TCG2_PROTOCOL support"
+ default y
depends on TPM_V2
+ select SHA1
+ select SHA256
+ select SHA512_ALGO
+ select SHA384
+ select SHA512
help
Provide a EFI_TCG2_PROTOCOL implementation using the TPM hardware
of the platform.
@@ -336,6 +343,7 @@
select X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER
select PKCS7_VERIFY
+ select HASH_CALCULATE
default n
help
Select this option to enable EFI secure boot support.
diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index 204105e..6b3f596 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -554,7 +554,7 @@
efi_status_t ret = EFI_SUCCESS;
u64 bs;
- if (!this || !buffer_size || !buffer)
+ if (!this || !buffer_size)
return EFI_INVALID_PARAMETER;
bs = *buffer_size;
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index 7a3cca2..a1b88db 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -190,7 +190,7 @@
IMAGE_ATTRIBUTE_IMAGE_UPDATABLE;
/* Check if the capsule authentication is enabled */
- if (env_get("capsule_authentication_enabled"))
+ if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE))
image_info[0].attributes_setting |=
IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED;
@@ -421,8 +421,7 @@
return EFI_EXIT(EFI_INVALID_PARAMETER);
/* Authenticate the capsule if authentication enabled */
- if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE) &&
- env_get("capsule_authentication_enabled")) {
+ if (IS_ENABLED(CONFIG_EFI_CAPSULE_AUTHENTICATE)) {
capsule_payload = NULL;
capsule_payload_size = 0;
status = efi_capsule_authenticate(image, image_size,
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 94e8f22..39ef250 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -771,8 +771,8 @@
pcr_index = efi_tcg_event->header.pcr_index;
event_type = efi_tcg_event->header.event_type;
- ret = tcg2_create_digest((u8 *)data_to_hash, data_to_hash_len,
- &digest_list);
+ ret = tcg2_create_digest((u8 *)(uintptr_t)data_to_hash,
+ data_to_hash_len, &digest_list);
if (ret != EFI_SUCCESS)
goto out;
@@ -999,6 +999,11 @@
event_log.final_pos = sizeof(*final_event);
ret = efi_install_configuration_table(&efi_guid_final_events,
final_event);
+ if (ret != EFI_SUCCESS) {
+ efi_free_pool(event_log.final_buffer);
+ event_log.final_buffer = NULL;
+ }
+
out:
return ret;
}
@@ -1047,18 +1052,21 @@
ret = create_specid_event(dev, (void *)((uintptr_t)event_log.buffer + sizeof(*event_header)),
&spec_event_size);
if (ret != EFI_SUCCESS)
- goto out;
+ goto free_pool;
put_unaligned_le32(spec_event_size, &event_header->event_size);
event_log.pos = spec_event_size + sizeof(*event_header);
event_log.last_event_size = event_log.pos;
ret = create_final_event();
if (ret != EFI_SUCCESS)
- goto out;
+ goto free_pool;
- return EFI_SUCCESS;
out:
- tcg2_uninit();
+ return ret;
+
+free_pool:
+ efi_free_pool(event_log.buffer);
+ event_log.buffer = NULL;
return ret;
}
@@ -1107,8 +1115,7 @@
ret = platform_get_tpm2_device(&dev);
if (ret != EFI_SUCCESS) {
log_warning("Unable to find TPMv2 device\n");
- ret = EFI_SUCCESS;
- goto out;
+ return EFI_SUCCESS;
}
ret = efi_init_event_log();
@@ -1116,19 +1123,29 @@
goto fail;
ret = efi_append_scrtm_version(dev);
- if (ret != EFI_SUCCESS)
- goto out;
+ if (ret != EFI_SUCCESS) {
+ tcg2_uninit();
+ goto fail;
+ }
ret = efi_add_protocol(efi_root, &efi_guid_tcg2_protocol,
(void *)&efi_tcg2_protocol);
if (ret != EFI_SUCCESS) {
- log_err("Cannot install EFI_TCG2_PROTOCOL\n");
+ tcg2_uninit();
goto fail;
}
+ return ret;
-out:
- return ret;
fail:
- tcg2_uninit();
- return ret;
+ log_err("Cannot install EFI_TCG2_PROTOCOL\n");
+ /*
+ * Return EFI_SUCCESS and don't stop the EFI subsystem.
+ * That's done for 2 reasons
+ * - If the protocol is not installed the PCRs won't be extended. So
+ * someone later in the boot flow will notice that and take the
+ * necessary actions.
+ * - The TPM sandbox is limited and we won't be able to run any efi
+ * related tests with TCG2 enabled
+ */
+ return EFI_SUCCESS;
}