From: Stephen Carlson
Rollback devices currently implement operations to store an OS
anti-rollback monotonic counter. Existing devices such as the Trusted
Platform Module (TPM) already support this operation, but this uclass
provides abstraction for current and future devices that may support
From: Stephen Carlson
New config CONFIG_FIT_ROLLBACK_CHECK_GRACE to add a one unit grace version
to OS anti-rollback protection, allowing images with anti-rollback
counters exactly one less than the platform value to still be loaded. No
update to the platform anti-rollback counter will be
From: Sean Edmond
The TPM 2.0 command reference states that "auth" (type TPM2B_AUTH)
should come before "publicInfo" (type TPM2B_NV_PUBLIC) in the
"TPM2_NV_DefineSpace" command. Let's add an empty "auth" (size 0), so
that this can work with compliant TPMs.
Make sure that NV index used in
From: Sean Edmond
Adds Add anti-rollback version protection. Images with an anti-rollback counter
value "rollback" declared in the kernel FDT will be compared against the
current device
anti-rollback counter value, and older images will not pass signature
validation. If the image is newer,
From: Stephen Carlson
New config CONFIG_ROLLBACK_CHECK to enable enforcement of OS anti-rollback
counter during image loading.
Images with an anti-rollback counter value "rollback" declared in the FDT
will be compared against the current device anti-rollback counter value,
and older images will
From: Stephen Carlson
This implementation of the rollback uclass driver allows existing TPM2
devices declared in the device tree to be referenced for storing the OS
anti-rollback counter, using the TPM2 non-volatile storage API. The
rollback device must be a child of the TPM device. For
From: Sean Edmond
Add documentation for anti-rollback verification, optional properties in
FIT image, and UCLASS_ROLLBACK device.
Signed-off-by: Sean Edmond
---
doc/develop/driver-model/index.rst | 1 +
doc/develop/driver-model/rollback-info.rst | 42 +
From: Sean Edmond
The TPM 2.0 command reference shows "auth" (type TPM2B_AUTH) before
"publicInfo" (type TPM2B_NV_PUBLIC).
The TPM v2 driver was updated to add this field. The sandbox driver
needs to be updated to match the driver implementation.
Signed-off-by: Sean Edmond
---
From: Sean Edmond
Adds a test for a sandbox and TPM backed rollback driver.
Allows for testing of anti-rollback version number get/set API using the
rollback driver.
Signed-off-by: Sean Edmond
---
arch/sandbox/dts/test.dts | 9 +
configs/sandbox_defconfig | 3 ++
test/dm/Makefile
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given ofnode with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
Signed-off-by: Sean Edmond
---
arch/arm/cpu/armv8/sec_firmware.c | 39
From: Sean Edmond
Required to fix the following compile error when building sandbox:
/tmp/cci9ibby.ltrans21.ltrans.o: In function `do_cedit_load':
:(.text+0x601d): undefined reference to `oftree_dispose'
Signed-off-by: Sean Edmond
---
drivers/core/ofnode.c | 12 ++--
1 file changed, 6
From: Dhananjay Phadke
Add support for KASLR seed from the RNG device. Invokes dm_rng_read()
API to read 8-bytes of random bytes. Performs the FDT fixup using event
spy. To enable use CONFIG_KASLR_RNG_SEED
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean
From: Sean Edmond
This patch series creates a common API (fdt_fixup_kaslr_seed()) for
populating the kaslr seed in the DTB. Existing users (kaslrseed,
and ARMv8 sec firmware) have been updated to use this common API.
New functionality has been introduced to populate the kaslr using
the RNG.
From: Sean Edmond
There is a preference to use the "ofnode" API for FDT fixups
moving forward. The FDT fixup will usually be for the kernel FDT. To
fixup the kernel FDT with the ofnode API, it's required to set the
OFNODE_MULTI_TREE option.
To ensure existing users of kaslr fdt fixup are not
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given FDT with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
Signed-off-by: Sean Edmond
---
arch/arm/cpu/armv8/sec_firmware.c | 39
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Dhananjay Phadke
Add support for KASLR seed from TPM device. Invokes tpm_get_random()
API to read 8-bytes of random bytes for KASLR.
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean Edmond
---
boot/image-fdt.c | 15 +++
From: Sean Edmond
This patch series creates a common API (fdt_fixup_kaslr_seed()) for
populating the kaslr seed in the DTB. Existing users (kaslrseed,
and ARMv8 sec firmware) have been updated to use this common API.
New functionality has been introduced to populate the kaslr using
the TPM
From: Dhananjay Phadke
Add support for KASLR seed from TPM device. Invokes tpm_get_random()
API to read 8-bytes of random bytes for KASLR.
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean Edmond
---
boot/image-fdt.c | 15 +++
From: Sean Edmond
There is a preference to use the "ofnode" API for FDT fixups
moving forward. The FDT fixup will usually be for the kernel FDT. To
fixup the kernel FDT with the ofnode API, it's required to set the
OFNODE_MULTI_TREE option.
To ensure exisiting users on kasls fixup are not
From: Sean Edmond
There is a preference to use the "ofnode" API for FDT fixups
moving forward. The FDT fixup will usually be for the kernel FDT. To
fixup the kernel FDT with the ofnode API, it's required to set the
OFNODE_MULTI_TREE option.
To ensure existing users of kaslr fdt fixup are not
From: Sean Edmond
This patch series creates a common API (fdt_fixup_kaslr_seed()) for
populating the kaslr seed in the DTB. Existing users (kaslrseed,
and ARMv8 sec firmware) have been updated to use this common API.
New functionality has been introduced to populate the kaslr using
the TPM
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given ofnode with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
Signed-off-by: Sean Edmond
---
arch/arm/cpu/armv8/sec_firmware.c | 39
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given ofnode with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
Signed-off-by: Sean Edmond
---
arch/arm/cpu/armv8/sec_firmware.c | 39
From: Sean Edmond
There is a preference to use the "ofnode" API for FDT fixups
moving forward. The FDT fixup will usually be for the kernel FDT. To
fixup the kernel FDT with the ofnode API, it's required to set the
OFNODE_MULTI_TREE option.
To ensure existing users of kaslr fdt fixup are not
From: Dhananjay Phadke
Add support for KASLR seed from TPM device. Invokes tpm_get_random()
API to read 8-bytes of random bytes for KASLR.
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean Edmond
---
boot/image-fdt.c | 15 +++
From: Sean Edmond
This patch introduces 3 improvements to align with RFC 951:
- retransmission backoff interval maximum is configurable
- initial retranmission backoff interval is configurable
- transaction ID is kept the same for each BOOTP/DHCPv4 request
In applications where thousands of
From: Sean Edmond
Allow dhcp server pass pxe config file full path by using option 209
as specified in RFC5071.
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 4
cmd/pxe.c | 10 ++
net/bootp.c | 21 +
net/bootp.h | 2 ++
4 files changed, 37 insertions(+)
From: Sean Edmond
The new config option BOOTP_RANDOM_XID will randomize the transaction ID
for each new BOOT/DHCPv4 exchange.
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 7 +++
net/bootp.c | 31 +--
2 files changed, 24 insertions(+), 14 deletions(-)
diff
From: Sean Edmond
In our datacenter application, a single DHCP server is servicing 36000+ clients.
Improvements are required to the DHCPv4 retransmission behavior to align with
RFC and ensure less pressure is exerted on the server:
- retransmission backoff interval maximum is configurable
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given ofnode with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
Signed-off-by: Sean Edmond
---
arch/arm/cpu/armv8/sec_firmware.c | 39
From: Sean Edmond
Required to fix the following compile error when building sandbox:
/tmp/cci9ibby.ltrans21.ltrans.o: In function `do_cedit_load':
:(.text+0x601d): undefined reference to `oftree_dispose'
Signed-off-by: Sean Edmond
---
drivers/core/ofnode.c | 12 ++--
1 file changed, 6
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Sean Edmond
This patch series creates a common API (fdt_fixup_kaslr_seed()) for
populating the kaslr seed in the DTB. Existing users (kaslrseed,
and ARMv8 sec firmware) have been updated to use this common API.
New functionality has been introduced to populate the kaslr using
the RNG.
From: Dhananjay Phadke
Add support for KASLR seed from the RNG device. Invokes dm_rng_read()
API to read 8-bytes of random bytes. Performs the FDT fixup using event
spy. To enable use CONFIG_KASLR_RNG_SEED
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean
From: Sean Edmond
There is a preference to use the "ofnode" API for FDT fixups
moving forward. The FDT fixup will usually be for the kernel FDT. To
fixup the kernel FDT with the ofnode API, it's required to set the
OFNODE_MULTI_TREE option.
To ensure existing users of kaslr fdt fixup are not
From: Sean Edmond
Allow dhcp server pass pxe config file full path by using option 209
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 4
cmd/pxe.c | 10 ++
net/bootp.c | 21 +
3 files changed, 35 insertions(+)
diff --git a/cmd/Kconfig b/cmd/Kconfig
index
From: Sean Edmond
The new config option BOOTP_RANDOM_XID will randomize the transaction ID
for each new BOOT/DHCPv4 exchange.
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 7 +++
net/bootp.c | 31 +--
2 files changed, 24 insertions(+), 14 deletions(-)
diff
From: Sean Edmond
This patch introduces 3 improvements to align with RFC 951:
- retransmission backoff interval maximum is configurable
- initial retranmission backoff interval is configurable
- transaction ID is kept the same for each BOOTP/DHCPv4 request
In applications where thousands of
From: Sean Edmond
In our datacenter application, a single DHCP server is servicing 36000+ clients.
Improvements are required to the DHCPv4 retransmission behavior to align with
RFC and ensure less pressure is exerted on the server:
- retransmission backoff interval maximum is configurable
From: Sean Edmond
Allow dhcp server pass pxe config file full path by using option 209
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 4
cmd/pxe.c | 10 ++
net/bootp.c | 21 +
3 files changed, 35 insertions(+)
diff --git a/cmd/Kconfig b/cmd/Kconfig
index
From: Sean Edmond
This patch introduces 3 improvements to align with RFC 951:
- retransmission backoff interval maximum is configurable
- initial retranmission backoff interval is configurable
- transaction ID is kept the same for each BOOTP/DHCPv4 request
In applications where thousands of
From: Sean Edmond
In our datacenter application, a single DHCP server is servicing 36000+ clients.
Improvements are required to the DHCPv4 retransmission behavior to align with
RFC and ensure less pressure is exerted on the server:
- retransmission backoff interval maximum is configurable
From: Sean Edmond
The new config option BOOTP_RANDOM_XID will randomize the transaction ID
for each new BOOT/DHCPv4 exchange.
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 7 +++
net/bootp.c | 31 +--
2 files changed, 24 insertions(+), 14 deletions(-)
diff
From: Sean Edmond
In rfc7440, if an ACK is not received by the server or if the
last data block in a window is dropped, the server will timeout and
retransmit the window. In this case, the block count received will be
less than the internal block count. In this case, the client
should not ACK.
From: Sean Edmond
In rfc7440, if an ACK is not received by the server or if the
last data block in a window is dropped, the server will timeout and
retransmit the window. In this case, the block count received will be
less than the internal block count. In this case, the client
should not ACK.
From: Sean Edmond
It should be possible to specify a netmask when
setting a static IPv6 address. For example:
setenv ip6addr 2001:cafe:cafe:cafe::100/64
The net_prefix_length and net_ip6 should be updated
properly.
Signed-off-by: Sean Edmond
---
net/net6.c | 9 ++---
1 file changed, 6
From: Sean Edmond
Adds DHCPv6 protocol to u-boot.
Allows for address assignement with DHCPv6 4-message exchange
(SOLICIT->ADVERTISE->REQUEST->REPLY). Includes DHCPv6 options
required by RFC 8415. Also adds DHCPv6 options required
for PXE boot.
New configs added:
- CMD_DHCP6
-
From: Sean Edmond
Adds commands to support DHCP and PXE with IPv6.
New commands added (when IPv6 is enabled):
- dhcp6
- pxe get -ipv6
- pxe boot -ipv6
Signed-off-by: Sean Edmond
---
boot/bootmeth_distro.c | 2 +-
boot/bootmeth_pxe.c| 4 +-
boot/pxe_utils.c | 3 +-
cmd/net.c
From: Sean Edmond
The recently integrated IPv6 patch series relies on the link-local address,
or a statically assigned IPv6 address for network operations. This patch
series adds IPv6 address assignment through DHCPv6.
The implementation meets the requirements in RFC 8415 for "Client/Server
From: Sean Edmond
Fix "setenv gatewayip6".
Synchronize IPv6 local variables with environment variables
in netboot_update_env()
Signed-off-by: Sean Edmond
---
cmd/net.c | 23 ++-
include/env_flags.h | 2 +-
2 files changed, 23 insertions(+), 2 deletions(-)
diff
From: Sean Edmond
Adds commands to support DHCP and PXE with IPv6.
New configs added:
- CMD_DHCP6
- DHCP6_PXE_CLIENTARCH
- DHCP6_PXE_DHCP_OPTION
- DHCP6_ENTERPRISE_ID
New commands added (when IPv6 is enabled):
- dhcp6
- pxe get -ipv6
- pxe boot -ipv6
Signed-off-by: Sean Edmond
---
From: Sean Edmond
Adds DHCPv6 protocol to u-boot.
Allows for address assignement with DHCPv6 4-message exchange
(SOLICIT->ADVERTISE->REQUEST->REPLY). Includes DHCPv6 options
required by RFC 8415. Also adds DHCPv6 options required
for PXE boot.
Possible enhancements:
- Duplicate address
From: Sean Edmond
The recently integrated IPv6 patch series relies on the link-local address,
or a statically assigned IPv6 address for network operations. This patch
series adds IPv6 address assignment through DHCPv6.
The implementation meets the requirements in RFC 8415 for "Client/Server
From: Sean Edmond
Requires proper environment with DHCP6 server provisioned.
Signed-off-by: Sean Edmond
---
configs/sandbox_defconfig | 1 +
test/py/tests/test_net.py | 25 +
2 files changed, 26 insertions(+)
diff --git a/configs/sandbox_defconfig
From: Sean Edmond
Adds DHCPv6 protocol to u-boot.
Allows for address assignement with DHCPv6 4-message exchange
(SOLICIT->ADVERTISE->REQUEST->REPLY). Includes DHCPv6 options
required by RFC 8415. Also adds DHCPv6 options required
for PXE boot.
Possible enhancements:
- Duplicate address
From: Sean Edmond
Adds commands to support DHCP and PXE with IPv6.
New configs added:
- CMD_DHCP6
- DHCP6_PXE_CLIENTARCH
- DHCP6_PXE_DHCP_OPTION
- DHCP6_ENTERPRISE_ID
New commands added (when IPv6 is enabled):
- dhcp6
- pxe get -ipv6
- pxe boot -ipv6
Signed-off-by: Sean Edmond
---
From: Sean Edmond
Requires proper environment with DHCP6 server provisioned.
Signed-off-by: Sean Edmond
---
configs/sandbox_defconfig | 1 +
test/py/tests/test_net.py | 25 +
2 files changed, 26 insertions(+)
diff --git a/configs/sandbox_defconfig
From: Sean Edmond
The recently integrated IPv6 patch series relies on the link-local address,
or a statically assigned IPv6 address for network operations. This patch
series adds IPv6 address assignment through DHCPv6.
The implementation meets the requirements in RFC 8415 for "Client/Server
From: Sean Edmond
RFC 5970 states that OPT_BOOTFILE_PARAM (option 60) can be
multiple parameters that start with a 16-bit length field followed
by the parameter. For example:
[ param-len 1 (16-bits) ] [ parameter 1 (variable length) ]
This fix ensure we're considering "param-len 1" in the
From: Sean Edmond
Allow dhcp server pass pxe config file full path by using option 209
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 4
cmd/pxe.c | 8
net/bootp.c | 21 +
3 files changed, 33 insertions(+)
diff --git a/cmd/Kconfig b/cmd/Kconfig
index
From: Stephen Carlson
Security devices currently implement operations to store an OS
anti-rollback monotonic counter. Existing devices such as the Trusted
Platform Module (TPM) already support this operation, but this uclass
provides abstraction for current and future devices that may support
From: Sean Edmond
Adds a test for a sandbox and TPM backed security driver.
Allows for testing of anti-rollback version number get/set API using the
security driver.
Signed-off-by: Sean Edmond
---
arch/sandbox/dts/test.dts | 8
configs/sandbox_defconfig | 3 ++
test/dm/Makefile
From: Stephen Carlson
New config CONFIG_ARBP to enable enforcement of OS anti-rollback counter
during image loading.
Images with an anti-rollback counter value "arbvn" declared in the FDT will
be compared against the current device anti-rollback counter value, and
older images will not pass
From: Stephen Carlson
This implementation of the security uclass driver allows existing TPM2
devices declared in the device tree to be referenced for storing the OS
anti-rollback counter, using the TPM2 non-volatile storage API.
Signed-off-by: Stephen Carlson
---
MAINTAINERS
From: Stephen Carlson
New config CONFIG_FIT_ARBVP_GRACE to add a one unit grace period to OS
anti-rollback protection, allowing images with anti-rollback counters
exactly one less than the platform value to still be loaded. No update to
the platform anti-rollback counter will be performed in
From: Sean Edmond
Adds Add anti-rollback version protection. Images with an anti-rollback counter
value "arbvn" declared in the FDT will be compared against the current device
anti-rollback counter value, and older images will not pass signature
validation. If the image is newer, the device
From: Godfrey Mwangi
Add Micron MT25QU128AB flash.
Signed-off-by: Godfrey Mwangi
---
drivers/mtd/spi/spi-nor-ids.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/mtd/spi/spi-nor-ids.c b/drivers/mtd/spi/spi-nor-ids.c
index 4587215984..a99bb6125b 100644
---
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given FDT with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
---
arch/arm/cpu/armv8/sec_firmware.c | 32 +++
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 18 +++---
1 file changed, 3 insertions(+), 15 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Sean Edmond
This patch series creates a common API (fdt_fixup_kaslr_seed()) for
populating the kaslr seed in the DTB. Existing users (kaslrseed,
and ARMv8 sec firmware) have been updated to use this common API.
New functionality has been introduced to populate the kaslr using
the TPM
From: Dhananjay Phadke
Add support for KASLR seed from TPM device. Invokes tpm_get_random()
API to read 8-bytes of random bytes for KASLR.
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean Edmond
---
boot/image-fdt.c | 3 +++
common/fdt_support.c | 39
From: Godfrey Mwangi
On some platforms with low USB throughput, tranfers
of huge files take a long time and watchdog timer can
expire resulting in hardware reset. Avoid this by
petting the watchdog as long as we have pending transfers.
Signed-off-by: Godfrey Mwangi
---
From: Sean Edmond
Resolves 2 issues:
- coverity CID 453851 and 436278
- Change DHCP6 VCI string from "U-boot" to "U-Boot" (this was found
by more detailed testing on our end)
Sean Edmond (2):
net: ipv6: Fix CID 453851 and CID 436278
net: dhcp6: Fix VCI string
cmd/net.c| 12
From: Sean Edmond
CID 453851 : sprintf() shouldn't copy from/to tmp
CID 436278 : DHCP6 option_len should be checked before use
Signed-off-by: Sean Edmond
---
cmd/net.c| 12 ++--
net/dhcpv6.c | 5 +
2 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/cmd/net.c
From: Sean Edmond
Change VCI string from "U-boot" to "U-Boot".
Signed-off-by: Sean Edmond
---
net/dhcpv6.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/dhcpv6.h b/net/dhcpv6.h
index 80ca520432..65c8e4c71d 100644
--- a/net/dhcpv6.h
+++ b/net/dhcpv6.h
@@ -38,7 +38,7
From: Dhananjay Phadke
Add support for KASLR seed from the RNG device. Invokes dm_rng_read()
API to read 8-bytes of random bytes. Performs the FDT fixup using event
spy. To enable use CONFIG_KASLR_RNG_SEED
Signed-off-by: Dhananjay Phadke
Signed-off-by: Drew Kluemke
Signed-off-by: Sean
From: Dhananjay Phadke
fdt_fixup_kaslr_seed() will update given ofnode with random seed value.
Source for random seed can be TPM or RNG driver in u-boot or sec
firmware (ARM).
Signed-off-by: Dhananjay Phadke
Signed-off-by: Sean Edmond
---
arch/arm/cpu/armv8/sec_firmware.c | 39
From: Sean Edmond
This patch series creates a common API (fdt_fixup_kaslr_seed()) for
populating the kaslr seed in the DTB. Existing users (kaslrseed,
and ARMv8 sec firmware) have been updated to use this common API.
New functionality has been introduced to populate the kaslr using
the RNG.
From: Sean Edmond
Use the newly introduced common API fdt_fixup_kaslr_seed() in the
kaslrseed command.
Signed-off-by: Sean Edmond
---
cmd/kaslrseed.c | 22 --
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
index
From: Sean Edmond
There is a preference to use the "ofnode" API for FDT fixups
moving forward. The FDT fixup will usually be for the kernel FDT. To
fixup the kernel FDT with the ofnode API, it's required to set the
OFNODE_MULTI_TREE option.
To ensure existing users of kaslr fdt fixup are not
From: Sean Edmond
Required to fix the following compile error when building sandbox:
/tmp/cci9ibby.ltrans21.ltrans.o: In function `do_cedit_load':
:(.text+0x601d): undefined reference to `oftree_dispose'
Signed-off-by: Sean Edmond
---
drivers/core/ofnode.c | 12 ++--
1 file changed, 6
From: Sean Edmond
This patch introduces 3 improvements to align with RFC 951:
- retransmission backoff interval maximum is configurable
- initial retranmission backoff interval is configurable
- transaction ID is kept the same for each BOOTP/DHCPv4 request
In applications where thousands of
From: Sean Edmond
Addresses feedback from latest review:
- Enable option 209 by default
- Set pxelinux_configfile to NULL to avoid potential double free
- change hardcoced 209 to a define
Signed-off-by: Sean Edmond
---
changes in v4:
- rebase master and resolve conflicts
- change commit
From: Sean Edmond
In our datacenter application, a single DHCP server is servicing 36000+ clients.
Improvements are required to the DHCPv4 retransmission behavior to align with
RFC and ensure less pressure is exerted on the server:
- retransmission backoff interval maximum is configurable
From: Sean Edmond
The new config option BOOTP_RANDOM_XID will randomize the transaction ID
for each new BOOT/DHCPv4 exchange.
Signed-off-by: Sean Edmond
---
changes in v5:
- fix depends for BOOTP_RANDOM_XID:
"depends on CMD_BOOTP && (LIB_RAND || LIB_HW_RAND)"
changes in v3:
- Add depends
From: Sean Edmond
This patch introduces 3 improvements to align with RFC 951:
- retransmission backoff interval maximum is configurable
- initial retranmission backoff interval is configurable
- transaction ID is kept the same for each BOOTP/DHCPv4 request
In applications where thousands of
From: Sean Edmond
Addresses feedback from latest review:
- Enable option 209 by default
- Set pxelinux_configfile to NULL to avoid potential double free
- change hardcoced 209 to a define
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 1 +
cmd/pxe.c | 2 ++
net/bootp.c | 4 ++--
net/bootp.h |
From: Sean Edmond
The new config option BOOTP_RANDOM_XID will randomize the transaction ID
for each new BOOT/DHCPv4 exchange.
Signed-off-by: Sean Edmond
---
cmd/Kconfig | 7 +++
net/bootp.c | 31 +--
2 files changed, 24 insertions(+), 14 deletions(-)
diff
From: Sean Edmond
In our datacenter application, a single DHCP server is servicing 36000+ clients.
Improvements are required to the DHCPv4 retransmission behavior to align with
RFC and ensure less pressure is exerted on the server:
- retransmission backoff interval maximum is configurable
From: Sean Edmond
When a successful neighbor advertisement is received, the ethernet
address should be saved for later use to avoid having to redo the
neighbor discovery process.
For example, with TFTP the address should get saved into
"net_server_ethaddr". This is being done correctly with
94 matches
Mail list logo
