24 Jan, 2018
1 commit
-
The hash command function were not flushing the dcache before passing data
to CAAM/DMA and not invalidating the dcache when getting data back.Due the data cache incoherency, HW accelerated hash commands used to fail
with CAAM errors like "Invalid KEY Command".Check if pbuf and pout buffers are properly aligned to the cache line size
and flush/invalidate the memory regions to address this issue.This solution is based in a previous work from Clemens Gruber in
commit 598e9dccc75d ("crypto/fsl: fix BLOB encapsulation and
decapsulation")Reported-by: Anatolij Gustschin
Signed-off-by: Breno Lima
Reviewed-by: York Sun
20 Aug, 2017
1 commit
-
Commit 089df18bfe9d ("lib: move hash CONFIG options to Kconfig") moved
CONFIG_SHA1, CONFIG_SHA256, CONFIG_SHA_HW_ACCEL, and
CONFIG_SHA_PROG_HW_ACCEL config options to Kconfig. So in the case of
SPL, CONFIG_SPL_HASH_SUPPORT enables CONFIG_SHA1 and CONFIG_SHA256 which
enables SHA SW library by default. But in the case of platforms with
SHA HW library support, SHA SW library becomes redundant and increases
size of SPL by approx 18K. Rework the code so that we have named
members and only have either software or hardware versions of the
algorithm, depending on the relevant config options. Update the comment
around hash_algo to reflect this as well.Reported-by: Sumit Garg
Cc: Sumit Garg
Signed-off-by: Tom Rini
Reviewed-by: Sumit Garg
16 Aug, 2017
2 commits
-
We are now using an env_ prefix for environment functions. Rename these
two functions for consistency. Also add function comments in common.h.Quite a few places use getenv() in a condition context, provoking a
warning from checkpatch. These are fixed up in this patch also.Suggested-by: Wolfgang Denk
Signed-off-by: Simon Glass -
We are now using an env_ prefix for environment functions. Rename setenv()
for consistency. Also add function comments in common.h.Suggested-by: Wolfgang Denk
Signed-off-by: Simon Glass
01 Jun, 2017
1 commit
-
Currently these (board agnostic) commands cannot be selected using
menuconfig and friends. Fix this the obvious way. As part of this,
don't muddle the meaning of CONFIG_HASH_VERIFY to mean both 'hash -v'
and "we have a hashing command" as this makes the Kconfig logic odd.Signed-off-by: Daniel Thompson
[trini: Re-apply, add imply for a few cases, run moveconfig.py, also
migrate CRC32_VERIFY]
Signed-off-by: Tom Rini
23 May, 2017
1 commit
-
At present CONFIG_CMD_HASH enables the 'hash' command which also brings
in the hashing API. Some boards may wish to enable the API without the
command. Add a separate CONFIG to permit this.Signed-off-by: Simon Glass
Reviewed-by: Tom Rini
24 Sep, 2016
1 commit
-
Now, arch/${ARCH}/include/asm/errno.h and include/linux/errno.h have
the same content. (both just wrap )Replace all include directives for with .
Signed-off-by: Masahiro Yamada
[trini: Fixup include/clk.]
Signed-off-by: Tom Rini
14 Jan, 2016
1 commit
-
The function hash_show is now only called by hash_command, so mark it as
static (and drop from hash.h). We only call hash_command when any of
CONFIG_CMD_CRC32, CONFIG_CMD_SHA1SUM or CONFIG_CMD_HASH are set. Since
hash.c is linked in unconditionally we must take extra care with
functions that bring in read-only strings as these will not be
discarded.Signed-off-by: Tom Rini
09 Jun, 2015
1 commit
-
This patch adds the feature to only stop the autobooting, and therefor
boot into the U-Boot prompt, when the input string / password matches
a values that is encypted via a SHA256 hash and saved in the environment.This feature is enabled by defined these config options:
CONFIG_AUTOBOOT_KEYED
CONFIG_AUTOBOOT_STOP_STR_SHA256Signed-off-by: Stefan Roese
Reviewed-by: Simon Glass
19 Apr, 2015
1 commit
-
In the case where the arch defines a custom map_sysmem(), make sure that
including just mapmem.h is sufficient to have these functions as they
are when the arch does not override it.Also split the non-arch specific functions out of common.h
Signed-off-by: Joe Hershberger
Reviewed-by: Simon Glass
26 Feb, 2015
1 commit
-
Currently only normal hashing is supported using hardware acceleration.
Added support for progressive hashing using hardware.Signed-off-by: Ruchika Gupta
Signed-off-by: Gaurav Rana
CC: Simon Glass
Reviewed-by: Simon Glass
Reviewed-by: York Sun
30 Jan, 2015
2 commits
-
Signed-off-by: Ruchika Gupta
CC: Simon Glass
Acked-by: Simon Glass -
The hash_algo structure has some implementations in which progressive hash
API's are not defined. These are basically the hardware based implementations
of SHA. An API is added to find the algo which has progressive hash API's
defined. This can then be integrated with RSA checksum library which uses
Progressive Hash API's.Signed-off-by: Ruchika Gupta
CC: Simon Glass
Acked-by: Simon Glass
30 Dec, 2014
1 commit
-
Fix issue in parse_verify_sum() which swaps handling of env-var and *address.
Move hash_command() argc check earlier.
Cosmetic change on do_hash() variable declaration.
Improved help message for "hash" command.Signed-off-by: Nikolay Dimitrov
Reviewed-by: Simon Glass
19 Jun, 2014
2 commits
-
commit 18b06652cd "tools: include u-boot version of sha256.h"
unconditionally forced the sha256.h from u-boot to be used
for tools instead of the host version. This is fragile though
as it will also include the host version. Therefore move it
to include/u-boot to join u-boot/md5.h etc which were renamed
for the same reason.cc: Simon Glass
Signed-off-by: Jeroen Hofstee -
This type is more readily available on the host compiler, so use it instead.
Signed-off-by: Simon Glass
12 Jun, 2014
2 commits
-
if algo->digest_size is zero nothing is set in the str_output
buffer. An attempt is made to zero end the buffer, but the
pointer to the buffer is set to zero instead. I am unaware if
it causes any actual problems, but solves the following warning:common/hash.c:217:13: warning: expression which evaluates to zero treated as
a null pointer constant of type 'char *' [-Wnon-literal-null-conversion]
str_ptr = '\0';
^~~~cc: Simon Glass
Signed-off-by: Jeroen Hofstee -
This function is useful for displaying a hash value, so export it.
Signed-off-by: Simon Glass
22 Mar, 2014
1 commit
-
Add hash_init(), hash_update() and hash_finish() to the
hash_algo struct. Add hash_lookup_algo() to look up the
struct given an algorithm name.Signed-off-by: Hung-ying Tyan
Signed-off-by: Simon Glass
Signed-off-by: Heiko Schocher
Acked-by: Simon Glass
25 Nov, 2013
1 commit
-
In the case of not having CONFIG_CMD_HASH but having CONFIG_CMD_CRC32
enabled (and not CONFIG_CRC32_VERIFY), we end up in this part of the
code path on hash_command(). However, we will only have exactly 3 args
here, and 3 > 3 is false, and we will not try and store the hash at the
address given as arg #3. The next problem however is that we've been
moving argv around so the third value is now in argv[0] not argv[3].Confirmed on AM335x Beaglebone White.
Signed-off-by: Tom Rini
24 Jul, 2013
1 commit
-
Signed-off-by: Wolfgang Denk
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini
15 May, 2013
1 commit
-
Rather than needing to call one of many hashing algorithms in U-Boot,
provide a function hash_block() which handles this, and can support all
available hash algorithms.Once we have md5 supported within hashing, we can use this function in
the FIT image code.Signed-off-by: Simon Glass
29 Mar, 2013
1 commit
-
Adding H/W acceleration support to hash which can be used
to test SHA 256 hash algorithm.Signed-off-by: ARUN MANKUZHI
Signed-off-by: Akshay Saraswat
Acked-by: Simon Glass
01 Mar, 2013
4 commits
-
Rather than use strcasecmp() in the hash algorithm search, require the
caller to do this first. Most of U-Boot can use lower case anyway, and
the hash command can convert to lower case before calling hash_command().
This saves needing strcasecmp() for boards that use hashing but not
the hash command.Signed-off-by: Simon Glass
-
Use map_sysmem() so that hashing is possible on sandbox.
Signed-off-by: Simon Glass
-
Add the CRC32 algorithm to the list of available hashes, and make
the crc32 command use hash_command(). Add a new crc32_wd_buf() to
make this possible, which puts its result in a buffer rather than
returning it as a 32-bit value.Note: For some boards the hash command is not enabled, neither
are sha1, sha256 or the verify option. In this case the full
hash implementation adds about 500 bytes of overhead. So as a
special case, we use #ifdef to select very simple bahaviour in
that case. The justification for this is that it is currently
a very common case (virtually all boards enable crc32 but only
some enable more advanced features).Signed-off-by: Simon Glass
-
Some hashing commands permit saving the hash in an environment variable,
and verifying a hash from there. But the crc32 command does not support
this. In order to permit crc32 to use the generic hashing infrastructure,
add a flag to select which behaviour to use.Signed-off-by: Simon Glass
12 Dec, 2012
1 commit
-
We have a SHA1 command and want to add a SHA256 command also. Instead of
duplicating the code, create a generic hash API which can process
commands for different algorithms.Signed-off-by: Simon Glass