Age | Commit message (Collapse) | Author |
|
When running 'make distclean' on coreboot, the build cleans the tools
as well. Since secimage didn't have a distclean target, it gave an error
that the distclean target didn't exist. This didn't actually affect
anything more than the secimage clean, but it was impossible to tell
that from the warning:
% make distclean
make[1]: *** No rule to make target 'distclean'. Stop.
Change-Id: I4b4bcc1ab48e767218d31e455d23527acedf4953
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/23666
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
One of responsibilities of the `secimage` tool is signing the image
using the HMAC-SHA256 algorithm. The test being added verifies that
secimage's internal call yields same result as the according openssl
tool does.
Change-Id: I8de4328f435af56901a861e3d5e733657c3c7f78
Signed-off-by: Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
Reviewed-on: https://review.coreboot.org/23474
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
|
|
The `secimage` utility uses OpenSSL to calculate HMAC, which it does in
a rather unorthodox way, using deprecated `HMAC_CTX_init` API and
repeated calling of `HMAC_Init_ex` without a clear reason. The former
causes build errors with OpenSSL 1.1 while the rest of the
`HmacSha256Hash` function is confusing and overly complex.
Make `HmacSha256Hash` use a single OpenSSL API call. Test passed:
resulting signed binary remains identical.
Change-Id: Ib23c0ad96f9d8cc30ad357de8c0b0ba967c7d724
Signed-off-by: Alex Thiessen <alex.thiessen.de+coreboot@gmail.com>
Reviewed-on: https://review.coreboot.org/23069
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
Change-Id: I5c77b3c5ea3fbc249a8c564a521c2c3c45e1c560
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323510
Reviewed-on: https://review.coreboot.org/17877
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: I088730fd87dd39fa2c36a06c5770fad05a5808b0
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323511, #1323512
Reviewed-on: https://review.coreboot.org/17882
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: Ib53408e8b186c07aa8e42c67131d39c4add05983
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323515
Reviewed-on: https://review.coreboot.org/17881
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
It's later tested for NULL, but never initialized to make that test work
reliably.
Change-Id: Iadee1af224507a6dd39956306f3eafa687895176
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323515
Reviewed-on: https://review.coreboot.org/17880
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: Ieea7ac7fbc618cd12f843f1606f9ebab37cae67e
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323508
Reviewed-on: https://review.coreboot.org/17879
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
filebuffer is treated like a string, so it should be zero-terminated
like a string.
Change-Id: I078aa39906394be64023424731fe0c7ae2019899
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323473
Reviewed-on: https://review.coreboot.org/17878
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
Change-Id: I5193c6a9f08398b881c971c7175654ba5775b34a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Found-by: Coverity Scan #1323509
Reviewed-on: https://review.coreboot.org/17876
Tested-by: build bot (Jenkins)
Reviewed-by: Martin Roth <martinroth@google.com>
|
|
This is to trick libreboot into not deleting misc.c when checking
out coreboot.
Change-Id: I8f0bb5cb3eb5681f99c616ae03de126efab852a9
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11134
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
Change-Id: Ibfa8b6b60b2b39212cef27bb2a5f8849218164bb
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11133
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
secimage does not use libgmp, so don't link it in.
(Otherwise linking fails if the library is not installed)
Change-Id: I24af21c7754ecd0109f3e86669fa34fa6991d7fe
Signed-off-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
Reviewed-on: http://review.coreboot.org/11079
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
|
|
Some compilers and linkers require a strict order or fail to find
all symbols.
Change-Id: I3f44bec1f0e21e7313a751fbc99c61c1aa9b7cf1
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Reviewed-on: http://review.coreboot.org/9962
Tested-by: build bot (Jenkins)
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|
|
secimage is a tool which adds a header and signature to the binary
first loaded by the soc. ARM core frequency is set to 1 Ghz.
BUG=chrome-os-partner:36421
BRANCH=broadcom-firmware
TEST=booted b0 board
Change-Id: Ia08600d45c47ee4f08d253980036916e44b0044a
Signed-off-by: Patrick Georgi <pgeorgi@chromium.org>
Original-Commit-Id: 36284d1b242c26b0b5aac2894f7ed1790da1ef15
Original-Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Original-Reviewed-on: https://chrome-internal-review.googlesource.com/197155
Original-Reviewed-by: Scott Branden <sbranden@broadcom.com>
Original-Reviewed-by: Julius Werner <jwerner@chromium.org>
Original-Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Original-Tested-by: Daisuke Nojiri <dnojiri@google.com>
Original-Change-Id: Iaddd24006b368c8f37e075cb51e151e985029f3b
Original-Reviewed-on: https://chromium-review.googlesource.com/264417
Reviewed-on: http://review.coreboot.org/9914
Tested-by: build bot (Jenkins)
Reviewed-by: Stefan Reinauer <stefan.reinauer@coreboot.org>
|