Age | Commit message (Collapse) | Author | Files | Lines |
|
Address errata 80 from E2600-11.pdf in a ROM patch for integration into
the OTP image. A otptool configuration file is provided as an example
Signed-off-by: Neal Liu <neal_liu@aspeedtech.com>
[AJ: Take 098e7ba124184 from https://github.com/AspeedTech-BMC/openbmc]
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
Change-Id: I936c60f9db8e36f3213f426aebeb62b72015303c
|
|
Enable generating multiple OTP binaries by specifying multiple OTP
configuration files.
Change-Id: I1ce81cd2c1d0f501578b927eb31cce5a37cdcf1f
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
|
|
We're moving towards support for generating multiple OTP binaries per
platform configuration, so allow for differentiation in the file paths.
Change-Id: Iff01e524013fbf8cfdec0f8d7e7a599ee457514d
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
|
|
It mistakenly refers to SDRAM, which doesn't make sense in context.
Change-Id: I1890b4b87ddc7592f28cdcd1957952dd8bdfaba7
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
|
|
1. Add otptool.bbclass to create otp image.
2. Update u-boot recipe to "inherit otptool.bbclass" for
otp image creation in the u-boot tasks.
3. Update socsec tool for SPL and OTP image verification if
verify failed u-boot should be built failed.
4. Use OE logging utilities.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Change-Id: I0ba5da4d112b49d182bdf2751614afe62850eac3
|
|
OE convention (see OE-Core rev: f44bb4588) is for bitbake variables to
use braces and ordinary shell variables to not use braces.
Change-Id: I640076712f58d971b173849844215a64565a1d51
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
OE provides utilities for both warning and error messages, so use them.
Change-Id: I7548e09e69015dda4043d5aaa00a0c869393c595
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
|
|
In general, software such as openssl calculates digest(big endian) of input data and uses big-endian digest to sign for RSA signature creation.
However, AST2600 A1 only supports little endian. In other words, AST2600 A1 crypto hardware engine digest output is “little endian”.
That is why our SOCSEC tool reverse signature and digest to match the AST2600 A1 crypto engine design(little endian).
AST2600 A3 changed the design to support big endian. ASPEED recommends using big endian to remain compatible with general software tool design
and therefore SOCSEC tool does not need to reverse digest and signature.
Default to big endian for OpenBMC platforms as A3 is production silicon, and earlier revisions are not well supported.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Change-Id: Iba46f704b86990d53937f104c3c601da5a3c111f
|
|
Building the SPL and "silently" leaving it unsigned gives us a build
that cannot be booted on systems that have secure-boot enabled.
Change-Id: Ie788a04ef35c7031897a2bfa7d348caa4292305d
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
|
|
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I8135871ae0e3b360aff7d878f7cf04a2504f2dd0
|
|
Add the necessary build infrastructure to allow ASPEED AST2600 devices
to use socsec to sign the U-boot SPL, allowing Aspeed's Verified Boot to
validate it.
Signed-off-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Change-Id: I7b38a59596819982f0a222812fcc64dfb91e104f
|