[U-Boot] [PATCH] fdt: Fix string property comparison overflow

to strings section Cc: Peter Robinson Cc: David Gibson Signed-off-by: Teddy Reed --- Note this file is not synchronized from upstream dtc when using the scripts/dtc/update-dtc-source.sh script. The file size of the ELF increases with sandbox_spl_defconfig. $ bloaty spl/u-boot-spl -- spl/u-boot

[U-Boot] [PATCH v2] vboot: Do not use hashed-strings offset

is used for the offset. Signed-off-by: Teddy Reed --- common/image-sig.c | 7 +-- tools/image-host.c | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/common/image-sig.c b/common/image-sig.c index f65d883..ad571f9 100644 --- a/common/image-sig.c +++ b/common/image-sig.c

[U-Boot] [PATCH v2] vboot: Add FIT_SIGNATURE_MAX_SIZE protection

checked. If the field is corrupted then the structure or string region reads may have unintended behavior, such as reading from device memory. A default value of 256MB is set and intended to support most max storage sizes. Suggested-by: Simon Glass Signed-off-by: Teddy Reed Reviewed-by: Simon

Re: [U-Boot] [PATCH] vboot: Do not use hashed-strings offset

On Thu, Jun 7, 2018 at 4:28 PM, Simon Glass wrote: > Hi Teddy, > > On 3 June 2018 at 10:46, Teddy Reed wrote: >> >> The hashed-strings signature property includes two uint32_t values. >> The first is unneeded as there should never be a start offset into the &g

Re: [U-Boot] [PATCH] vboot: Add FIT_SIGNATURE_MAX_SIZE protection

On Thu, Jun 7, 2018 at 4:25 PM, Simon Glass wrote: > Hi Teddy, > > On 3 June 2018 at 15:28, Teddy Reed wrote: >> This adds a new config value FIT_SIGNATURE_MAX_SIZE, which controls the >> max size of a FIT header's totalsize field. The max size is checked before >> s

Re: [U-Boot] Verified boot production uses question

On Thu, Jun 7, 2018 at 3:45 PM, Sam Voss wrote: > Teddy, > > On Thu, Jun 7, 2018 at 12:27 PM, Teddy Reed wrote: >> >> Hi all, question, is anyone using the U-Boot verified-boot in production? > > I have been digging into this lately as well, and actually noticed

[U-Boot] Verified boot production uses question

Hi all, question, is anyone using the U-Boot verified-boot in production? I am using configuration verification for several OpenCompute/OpenBMC boards. After a deep-dive review I found some edge cases that in rare circumstances could lead to a signature check bypass. I think this is low-risk at

Re: [U-Boot] [RFC][PATCH] spl: vboot: Verify content before using load_addr

On Wed, Jun 6, 2018 at 4:35 AM, Jun Nie wrote: > 2018-06-06 9:08 GMT+08:00 Teddy Reed : >> When using verified-boot in the SPL, the FIT content must be >> verified before it can be used. >> >> Currently the load_addr FIT property is read and used as input to &g

[U-Boot] [RFC][PATCH] spl: vboot: Verify content before using load_addr

When using verified-boot in the SPL, the FIT content must be verified before it can be used. Currently the load_addr FIT property is read and used as input to memcpy before the property is verified. Signed-off-by: Teddy Reed --- common/spl/spl_fit.c | 19 ++- 1 file changed, 10

Re: [U-Boot] [PATCH] fdt: Fix string property comparison overflow

Ignore this patch (re: below Peter's comment). On Mon, Jun 4, 2018 at 1:42 AM, Peter Robinson wrote: > On Mon, Jun 4, 2018 at 1:22 AM, Teddy Reed wrote: >> FDT property searching can overflow when comparing strings. This will >> result in undefined behavior. >>

[U-Boot] [PATCH] fdt: Fix string property comparison overflow

FDT property searching can overflow when comparing strings. This will result in undefined behavior. This check assures that property name lengths do not overrun the string region or the totalsize. Signed-off-by: Teddy Reed --- lib/libfdt/fdt_ro.c | 5 + scripts/dtc/libfdt/fdt.c | 2

[U-Boot] [PATCH] vboot: Add FIT_SIGNATURE_MAX_SIZE protection

. If the field is corrupted then the structure or string region reads may have unintended behavior, such as reading from device memory. A default value of 256MB is set and intended to support most max storage sizes. Suggested-by: Simon Glass Signed-off-by: Teddy Reed --- Kconfig

[U-Boot] [PATCH] vboot: Do not use hashed-strings offset

is used for the offset. Signed-off-by: Teddy Reed --- common/image-sig.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/common/image-sig.c b/common/image-sig.c index f65d883..9b0a872 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -372,8 +372,7 @@ int

Re: [U-Boot] Signed FIT image boots without public key

gt; [cid:image002.png@01D357D5.908FF380]<http://www.commscope.com/> > Mark Nelson > Principal Engineer > CommScope > 250 Apollo Drive, Suite 100 > Chelmsford, MA 01824 > Mobile: 352-444-0150 > > > ___ > U-Boot mailing list > U-Boot@lists.denx.de > https://lists.denx.de/listinfo/u-boot > -- Teddy Reed V ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot

Re: [U-Boot] U-Boot IPv6 state

On 01/17/2017 09:49 PM, Luka Kovačič wrote: That's great. I could help you to test it. Link-local and maybe auto-configuration on the home router. V tor., 17. jan. 2017 23:19 je oseba Chris Packham > napisala: On 18/01/2017 5:56

[U-Boot] [PATCH] mkimage: fix missing break for -p switch

Signed-off-by: Teddy Reed <teddy.r...@gmail.com> --- tools/mkimage.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/mkimage.c b/tools/mkimage.c index ff3024a..0e501f8 100644 --- a/tools/mkimage.c +++ b/tools/mkimage.c @@ -225,6 +225,7 @@ static void process_args(int argc, char

Re: [U-Boot] [PATCH 14/14] test: Convert the vboot test to test/py

eys -K sandbox-u-boot.dtb \ > - -r test.fit >${tmp} > - > - run_uboot "signed config" "dev+" > - > - echo check signed config on the host > - if ! ${fit_check_sign} -f test.fit -k sandbox-u-boot.dtb >${tmp}; then > - echo > - echo "Verified boot key check on host failed, output follows:" > - cat ${tmp} > - false > - else > - if ! grep -q "dev+" ${tmp}; then > - echo > - echo "Verified boot key check failed, output follows:" > - cat ${tmp} > - false > - else > - echo "OK" > - fi > - fi > - > - run_uboot "signed config" "dev+" > - > - # Increment the first byte of the signature, which should cause > failure > - sig=$(fdtget -t bx test.fit /configurations/conf@1/signature@1 value) > - newbyte=$(printf %x $((0x${sig:0:2} + 1))) > - sig="${newbyte} ${sig:2}" > - fdtput -t bx test.fit /configurations/conf@1/signature@1 value ${sig} > - > - run_uboot "signed config with bad hash" "Bad Data Hash" > -} > - > -sha=sha1 > -do_test > -sha=sha256 > -do_test > - > -popd >/dev/null > - > -echo > -if ${ok}; then > - echo "Test passed" > -else > - echo "Test failed" > -fi > -- > 2.8.0.rc3.226.g39d4020 > > ___ > U-Boot mailing list > U-Boot@lists.denx.de > http://lists.denx.de/mailman/listinfo/u-boot Thanks for this refactor! If the comments related to the sh to Python are too nit-picky we can certainly change and expand the test harness within additional patches later. -- Teddy Reed V ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot

Re: [U-Boot] [PATCH 12/14] tools: Correct error handling in fit_image_process_hash()

org> > Reported-by: Tom Van Deun <tom.vand...@wapice.com> Reviewed-by: Teddy Reed <teddy.r...@gmail.com> > --- > > tools/image-host.c | 14 -- > 1 file changed, 8 insertions(+), 6 deletions(-) > > diff --git a/tools/image-host.c b/tools/image-host.c > in

Re: [U-Boot] [PATCH 13/14] test/py: Fix up after the rename of CONFIG_SYS_HUSH_PARSER

_xxx name in tests with > @pytest.mark.buildconfigspec(), since at present it is not really clear that > the options are related. > > Fixes: f1f9d4fa (hush: complete renaming CONFIG_SYS_HUSH_PARSER to > CONFIG_HUSH_PARSER) > > Signed-off-by: Simon Glass <s...@chromium.org>

Re: [U-Boot] [PATCH 10/14] test/py: Add a helper to run a list of U-Boot commands

Hi Simon, On Sun, Jul 3, 2016 at 8:40 AM, Simon Glass <s...@chromium.org> wrote: > Some tests want to execute a sequence of commands. Add a helper for this. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gmail.

Re: [U-Boot] [PATCH 07/14] test/py: Return output from run_and_log()

Hi Simon, On Sun, Jul 3, 2016 at 8:40 AM, Simon Glass <s...@chromium.org> wrote: > It is useful to be able to obtain the output from a command. Return it from > this function. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gma

Re: [U-Boot] [PATCH 09/14] test/py: Provide a way to check that a command fails

ot;""Find the running U-Boot's RAM location. > -- > 2.8.0.rc3.226.g39d4020 > > ___ > U-Boot mailing list > U-Boot@lists.denx.de > http://lists.denx.de/mailman/listinfo/u-boot Let me know if my comments about output matching are too

Re: [U-Boot] [PATCH 06/14] test/py: Provide output from exceptions with RunAndLog()

EXCEPT(output = doAction()) EXPECT_EQUAL(2, output) The test harness can provide much more succinct errors when these cases fail. :) > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gmail.com> > --- > > test/py/multiplexed

Re: [U-Boot] [PATCH 05/14] test/py: Allow RunAndLog() to return the output

Hi Simon, On Sun, Jul 3, 2016 at 8:40 AM, Simon Glass <s...@chromium.org> wrote: > Tests may want to look at the output from running a command. Return it so > that this is possible. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@

Re: [U-Boot] [PATCH 02/14] test: Add a simple script to run tests on sandbox

t; Add a shell script to help. To run the tests, type: > >test/run > > in the U-Boot directory, which should be easy to remember. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gmail.com> > --- > > test/README | 11

Re: [U-Boot] [PATCH 03/14] sandbox: Don't exit when bootm completes

-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gmail.com> > --- > > arch/sandbox/lib/bootm.c | 2 +- > common/bootm_os.c| 1 + > 2 files changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/sandbox/lib/bootm.c b/arch/sand

Re: [U-Boot] [PATCH 08/14] test/py: Add an option to execute a string containing a command

Hi Simon, On Sun, Jul 3, 2016 at 8:40 AM, Simon Glass <s...@chromium.org> wrote: > It is sometimes inconvenient to convert a string into a list for execution > with run_and_log(). Provide a helper function to do this. > > Signed-off-by: Simon Glass <s...@chromium.org>

Re: [U-Boot] [PATCH 04/14] test/py: Allow tests to control the sandbox device-tree file

the device-tree file a config option so that it can be adjusted by > tests. The default is to keep the current behaviour. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gmail.com> > --- > > test/py/conftest.py | 1

Re: [U-Boot] [PATCH 01/14] test: Add a README

Hi Simon, On Sun, Jul 3, 2016 at 8:40 AM, Simon Glass <s...@chromium.org> wrote: > Add a few notes about how testing works in U-Boot. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@gmail.com>

Re: [U-Boot] [PATCH 11/14] tools: Add an error code when fit_handle_file() fails

Hi Simon, On Sun, Jul 3, 2016 at 8:40 AM, Simon Glass <s...@chromium.org> wrote: > The error code may provide useful information for debugging. Add it to the > error string. > > Signed-off-by: Simon Glass <s...@chromium.org> Reviewed-by: Teddy Reed <teddy.r...@g

[U-Boot] [PATCH v3] mkimage: fit: spl: Add an optional static offset for external data

. It is considered an error if the requested absolute position overlaps with the initial data required for the compact FIT. Signed-off-by: Teddy Reed <teddy.r...@gmail.com> --- Changes in v3: - Improved documentation Changes in v2: - Add -p argument to mkimage.1 - Add -E, -p arguments to mkimage usage text

[U-Boot] [PATCH v2] verified-boot: Minimal support for booting U-Boot proper from SPL

CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <tedd

Re: [U-Boot] [PATCH v2] mkimage: fit: spl: Add an optional static offset for external data

Thanks for the review Simon! On Thu, Jun 9, 2016 at 6:03 PM, Simon Glass <s...@chromium.org> wrote: > Hi Teddy, > > On 5 June 2016 at 15:18, Teddy Reed <teddy.r...@gmail.com> wrote: >> >> When building a FIT with external data (-E), an SPL may require abso

Re: [U-Boot] [PATCH] verified-boot: Minimal support for booting U-Boot proper from SPL

https://patchwork.ozlabs.org/patch/628987/ > [2] https://patchwork.ozlabs.org/patch/628971/ > > Thanks and regards, > Sumit > >> -Original Message- >> From: Teddy Reed [mailto:teddy.r...@gmail.com] >> Sent: Monday, June 06, 2016 2:58 AM >> To: Sumit Garg

[U-Boot] [PATCH v2] mkimage: fit: spl: Add an optional static offset for external data

When building a FIT with external data (-E), an SPL may require absolute positioning for executing the external firmware. To acheive this use the (-p) switch, which will replace the amended 'data-offset' with 'data-position' indicating the absolute position of external data. It is considered an

Re: [U-Boot] [PATCH] verified-boot: Minimal support for booting U-Boot proper from SPL

On Wed, Jun 1, 2016 at 9:40 PM, Sumit Garg <sumit.g...@nxp.com> wrote: >> -Original Message----- >> From: Teddy Reed [mailto:teddy.r...@gmail.com] >> Sent: Tuesday, May 31, 2016 2:23 AM >> To: Sumit Garg <sumit.g...@nxp.com> >> Cc: s...@chromium.or

[U-Boot] arm: General questions for new board support: Aspeed AST2400

in mainline too. And, in the near future a newer AST2500 will come on online-- and would benefit from having the AST2400 code to iterate upon. The AST2400 boards will remain in a production capacity for next 3/4 years so we need both. Thanks so much in advance! -Teddy -- Teddy Reed V

Re: [U-Boot] [PATCH] verified-boot: Minimal support for booting U-Boot proper from SPL

ation may be needed. [1] http://lists.denx.de/pipermail/u-boot/2016-May/256133.html >> -Original Message- >> From: Teddy Reed [mailto:teddy.r...@gmail.com] >> Sent: Sunday, May 29, 2016 7:28 AM >> To: u-boot@lists.denx.de >> Cc: s...@chromium.org; dannenb...

Re: [U-Boot] [verified-boot] Multiple levels of signing keys

On Mon, 2 May 2016 16:29:12 -0600 Simon Glass <s...@chromium.org> wrote: Hey Simon, sorry for the delayed response! > Hi Teddy, > > On 2 May 2016 at 02:57, Teddy Reed <teddy.r...@gmail.com> wrote: > > On Sun, May 1, 2016 at 11:56 AM, Simon Glass <s...@chro

[U-Boot] [PATCH] verified-boot: Minimal support for booting U-Boot proper from SPL

CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <tedd

Re: [U-Boot] [PATCH v2 1/2] powerpc/mpc85xx: SECURE BOOT- Enable chain of trust in SPL

/ > +#endif > + > uboot = (void *)CONFIG_SYS_NAND_U_BOOT_START; > uboot(); > } > diff --git a/include/fsl_validate.h b/include/fsl_validate.h > index a71e1ce..7695b30 100644 > --- a/include/fsl_validate.h > +++ b/include/fsl_validate.h > @@ -254,4 +254

Re: [U-Boot] [PATCH] RFC: Secure boot to U-Boot proper from SPL

> On May 23, 2016, at 1:15 PM, Andreas Dannenberg <dannenb...@ti.com> wrote: > >> On Sun, May 08, 2016 at 06:13:50PM -0700, Teddy Reed wrote: >>> On Sun, May 1, 2016 at 11:12 AM, Teddy Reed <teddy.r...@gmail.com> wrote: >>> I've been using the following

Re: [U-Boot] [PATCH] RFC: Secure boot to U-Boot proper from SPL

On Sun, May 1, 2016 at 11:12 AM, Teddy Reed <teddy.r...@gmail.com> wrote: > I've been using the following patch for my configurations, please excuse the > top-posting. I think the only difference is enabling the uclass mod_exp > driver to initialize without needing relocation. &

Re: [U-Boot] [verified-boot] Compile 'key store' DTB without mkimage and private key

On Mon, May 2, 2016 at 7:06 AM, Simon Glass <s...@chromium.org> wrote: > Hi Teddy, > > On 29 April 2016 at 18:44, Teddy Reed <teddy.r...@gmail.com> wrote: >> On Fri, Apr 29, 2016 at 4:09 PM, Simon Glass <s...@chromium.org> wrote: >>> Hi Teddy, >>>

Re: [U-Boot] [verified-boot] Multiple levels of signing keys

On Sun, May 1, 2016 at 11:56 AM, Simon Glass <s...@chromium.org> wrote: > Hi Teddy, > > On 27 April 2016 at 11:32, Teddy Reed <teddy.r...@gmail.com> wrote: >> Hello all, >> >> I'm looking to support "multiple levels" of keys within u-boot's >>

Re: [U-Boot] [PATCH] mkimage: fit: spl: Add an optional static offset for external data

Hey Simon! On Sun, May 1, 2016 at 12:32 PM, Simon Glass <s...@chromium.org> wrote: > Hi Teddy, > > On 1 May 2016 at 11:10, Teddy Reed <teddy.r...@gmail.com> wrote: >> When building a FIT with external data (-E), an SPL may require absolute >> positioning fo

Re: [U-Boot] [PATCH] RFC: Secure boot to U-Boot proper from SPL

. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.r...@gmail.com> --- Kconfig | 11 +++ common/Ma

[U-Boot] [PATCH] mkimage: fit: spl: Add an optional static offset for external data

a. It is considered an error if the requested absolute position overlaps with the initial data required for the compact FIT. Signed-off-by: Teddy Reed <teddy.r...@gmail.com> Cc: Simon Glass <s...@chromium.org> --- tools/fit_image.c | 19 ++- tools/imagetool.h | 1 + too

Re: [U-Boot] [verified-boot] Compile 'key store' DTB without mkimage and private key

On Fri, Apr 29, 2016 at 4:09 PM, Simon Glass <s...@chromium.org> wrote: > Hi Teddy, > > On 25 April 2016 at 10:25, Teddy Reed <teddy.r...@gmail.com> wrote: >> Hi all, >> >> I'm curious if anyone has a script (or if I've missed something within >> the

[U-Boot] [verified-boot] Multiple levels of signing keys

s + hashes and the on-line key-signed kernels/rootfs/configurations. P.S. This may be strongly linked to the need for a TPM to prevent rollbacks. But as far as I can tell, the two features are distinct and a TPM is not completely required for a multi-level key approach to signing FITs. Thanks! -- Te

[U-Boot] [verified-boot] Compile 'key store' DTB without mkimage and private key

the actual signing. I'm happy to write something, just want to ask first! Thanks! -- Teddy Reed V ___ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot