2023-06-23 12:22:04 +00:00
|
|
|
|
.. SPDX-License-Identifier: GPL-2.0+
|
|
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
Flattened Image Tree (FIT) Format
|
|
|
|
|
|
=================================
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Introduction
|
|
|
|
|
|
------------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
The number of elements playing a role in the kernel booting process has
|
|
|
|
|
|
increased over time and now typically includes the devicetree, kernel image and
|
|
|
|
|
|
possibly a ramdisk image. Generally, all must be placed in the system memory and
|
|
|
|
|
|
booted together.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
For firmware images a similar process has taken place, with various binaries
|
|
|
|
|
|
loaded at different addresses, such as ARM's ATF, OpenSBI, FPGA and U-Boot
|
|
|
|
|
|
itself.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
FIT provides a flexible and extensible format to deal with this complexity. It
|
|
|
|
|
|
provides support for multiple components. It also supports multiple
|
|
|
|
|
|
configurations, so that the same FIT can be used to boot multiple boards, with
|
|
|
|
|
|
some components in common (e.g. kernel) and some specific to that board (e.g.
|
|
|
|
|
|
devicetree).
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Terminology
|
|
|
|
|
|
~~~~~~~~~~~
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
This document defines FIT by providing FDT (Flat Device Tree) bindings. These
|
|
|
|
|
|
describe the final form of the FIT at the moment when it is used. The user
|
2008-03-12 11:13:13 +00:00
|
|
|
|
perspective may be simpler, as some of the properties (like timestamps and
|
2023-06-23 12:22:09 +00:00
|
|
|
|
hashes) are filled in automatically by the U-Boot mkimage tool.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
To avoid confusion with the kernel FDT the following naming convention is used:
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
FIT
|
2023-06-23 12:22:09 +00:00
|
|
|
|
Flattened Image Tree
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
FIT is formally a flattened devicetree (in the libfdt meaning), which conforms
|
|
|
|
|
|
to bindings defined in this document.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
.its
|
|
|
|
|
|
image tree source
|
|
|
|
|
|
|
|
|
|
|
|
.itb
|
|
|
|
|
|
flattened image tree blob
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
Image-building procedure
|
2023-06-23 12:22:03 +00:00
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
The following picture shows how the FIT is prepared. Input consists of
|
2008-03-12 11:13:13 +00:00
|
|
|
|
image source file (.its) and a set of data files. Image is created with the
|
2016-02-06 03:30:11 +00:00
|
|
|
|
help of standard U-Boot mkimage tool which in turn uses dtc (device tree
|
2023-06-23 12:22:09 +00:00
|
|
|
|
compiler) to produce image tree blob (.itb). The resulting .itb file is the
|
|
|
|
|
|
actual binary of a new FIT::
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:02 +00:00
|
|
|
|
tqm5200.its
|
|
|
|
|
|
+
|
|
|
|
|
|
vmlinux.bin.gz mkimage + dtc xfer to target
|
2023-06-23 12:22:09 +00:00
|
|
|
|
eldk-4.2-ramdisk --------------> tqm5200.itb --------------> boot
|
2023-06-23 12:22:02 +00:00
|
|
|
|
tqm5200.dtb /|\
|
|
|
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
'new FIT'
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Steps:
|
|
|
|
|
|
|
|
|
|
|
|
#. Create .its file, automatically filled-in properties are omitted
|
|
|
|
|
|
|
|
|
|
|
|
#. Call mkimage tool on a .its file
|
|
|
|
|
|
|
|
|
|
|
|
#. mkimage calls dtc to create .itb image and assures that
|
|
|
|
|
|
missing properties are added
|
|
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
#. .itb (new FIT) is uploaded onto the target and used therein
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Unique identifiers
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
|
|
|
|
|
To identify FIT sub-nodes representing images, hashes, configurations (which
|
|
|
|
|
|
are defined in the following sections), the "unit name" of the given sub-node
|
|
|
|
|
|
is used as it's identifier as it assures uniqueness without additional
|
|
|
|
|
|
checking required.
|
|
|
|
|
|
|
|
|
|
|
|
|
2023-06-23 12:22:11 +00:00
|
|
|
|
External data
|
|
|
|
|
|
~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
FIT is normally built initially with image data in the 'data' property of each
|
|
|
|
|
|
image node. It is also possible for this data to reside outside the FIT itself.
|
|
|
|
|
|
This allows the 'FDT' part of the FIT to be quite small, so that it can be
|
|
|
|
|
|
loaded and scanned without loading a large amount of data. Then when an image is
|
|
|
|
|
|
needed it can be loaded from an external source.
|
|
|
|
|
|
|
|
|
|
|
|
External FITs use 'data-offset' or 'data-position' instead of 'data'.
|
|
|
|
|
|
|
|
|
|
|
|
The mkimage tool can convert a FIT to use external data using the `-E` argument,
|
|
|
|
|
|
optionally using `-p` to specific a fixed position.
|
|
|
|
|
|
|
|
|
|
|
|
It is often desirable to align each image to a block size or cache-line size
|
|
|
|
|
|
(e.g. 512 bytes), so that there is no need to copy it to an aligned address when
|
|
|
|
|
|
reading the image data. The mkimage tool provides a `-B` argument to support
|
|
|
|
|
|
this.
|
|
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
Root-node properties
|
2023-06-23 12:22:03 +00:00
|
|
|
|
--------------------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:09 +00:00
|
|
|
|
The root node of the FIT should have the following layout::
|
2023-06-23 12:22:02 +00:00
|
|
|
|
|
|
|
|
|
|
/ o image-tree
|
|
|
|
|
|
|- description = "image description"
|
|
|
|
|
|
|- timestamp = <12399321>
|
|
|
|
|
|
|- #address-cells = <1>
|
|
|
|
|
|
|
|
|
|
|
|
|
o images
|
|
|
|
|
|
| |
|
|
|
|
|
|
| o image-1 {...}
|
|
|
|
|
|
| o image-2 {...}
|
|
|
|
|
|
| ...
|
|
|
|
|
|
|
|
|
|
|
|
|
o configurations
|
|
|
|
|
|
|- default = "conf-1"
|
|
|
|
|
|
|
|
|
|
|
|
|
o conf-1 {...}
|
|
|
|
|
|
o conf-2 {...}
|
|
|
|
|
|
...
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Optional property
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
description
|
2023-06-23 12:22:09 +00:00
|
|
|
|
Textual description of the FIT
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
Mandatory property
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
timestamp
|
|
|
|
|
|
Last image modification time being counted in seconds since
|
2008-03-12 11:13:13 +00:00
|
|
|
|
1970-01-01 00:00:00 - to be automatically calculated by mkimage tool.
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Conditionally mandatory property
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
#address-cells
|
|
|
|
|
|
Number of 32bit cells required to represent entry and
|
2008-03-12 11:13:13 +00:00
|
|
|
|
load addresses supplied within sub-image nodes. May be omitted when no
|
|
|
|
|
|
entry or load addresses are used.
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Mandatory nodes
|
|
|
|
|
|
~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
images
|
|
|
|
|
|
This node contains a set of sub-nodes, each of them representing
|
2008-03-12 11:13:13 +00:00
|
|
|
|
single component sub-image (like kernel, ramdisk, etc.). At least one
|
|
|
|
|
|
sub-image is required.
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
configurations
|
|
|
|
|
|
Contains a set of available configuration nodes and
|
2008-03-12 11:13:13 +00:00
|
|
|
|
defines a default configuration.
|
|
|
|
|
|
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
'/images' node
|
|
|
|
|
|
--------------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
|
|
|
|
|
This node is a container node for component sub-image nodes. Each sub-node of
|
2023-06-23 12:22:02 +00:00
|
|
|
|
the '/images' node should have the following layout::
|
|
|
|
|
|
|
|
|
|
|
|
o image-1
|
|
|
|
|
|
|- description = "component sub-image description"
|
|
|
|
|
|
|- data = /incbin/("path/to/data/file.bin")
|
|
|
|
|
|
|- type = "sub-image type name"
|
|
|
|
|
|
|- arch = "ARCH name"
|
|
|
|
|
|
|- os = "OS name"
|
|
|
|
|
|
|- compression = "compression name"
|
|
|
|
|
|
|- load = <00000000>
|
|
|
|
|
|
|- entry = <00000000>
|
|
|
|
|
|
|
|
|
|
|
|
|
o hash-1 {...}
|
|
|
|
|
|
o hash-2 {...}
|
|
|
|
|
|
...
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Mandatory properties
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
description
|
|
|
|
|
|
Textual description of the component sub-image
|
|
|
|
|
|
|
|
|
|
|
|
type
|
2023-06-23 12:22:10 +00:00
|
|
|
|
Name of component sub-image type. Supported types are:
|
|
|
|
|
|
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
Sub-image type Meaning
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
invalid Invalid Image
|
|
|
|
|
|
aisimage Davinci AIS image
|
|
|
|
|
|
atmelimage ATMEL ROM-Boot Image
|
|
|
|
|
|
copro Coprocessor Image}
|
|
|
|
|
|
fdt_legacy legacy Image with Flat Device Tree
|
|
|
|
|
|
filesystem Filesystem Image
|
|
|
|
|
|
firmware Firmware
|
|
|
|
|
|
firmware_ivt Firmware with HABv4 IVT }
|
|
|
|
|
|
flat_dt Flat Device Tree
|
|
|
|
|
|
fpga FPGA Image }
|
|
|
|
|
|
gpimage TI Keystone SPL Image
|
|
|
|
|
|
imx8image NXP i.MX8 Boot Image
|
|
|
|
|
|
imx8mimage NXP i.MX8M Boot Image
|
|
|
|
|
|
imximage Freescale i.MX Boot Image
|
|
|
|
|
|
kernel Kernel Image
|
|
|
|
|
|
kernel_noload Kernel Image (no loading done)
|
|
|
|
|
|
kwbimage Kirkwood Boot Image
|
|
|
|
|
|
lpc32xximage LPC32XX Boot Image
|
|
|
|
|
|
mtk_image MediaTek BootROM loadable Image }
|
|
|
|
|
|
multi Multi-File Image
|
|
|
|
|
|
mxsimage Freescale MXS Boot Image
|
|
|
|
|
|
omapimage TI OMAP SPL With GP CH
|
|
|
|
|
|
pblimage Freescale PBL Boot Image
|
|
|
|
|
|
pmmc TI Power Management Micro-Controller Firmware
|
|
|
|
|
|
ramdisk RAMDisk Image
|
|
|
|
|
|
rkimage Rockchip Boot Image }
|
|
|
|
|
|
rksd Rockchip SD Boot Image }
|
|
|
|
|
|
rkspi Rockchip SPI Boot Image }
|
|
|
|
|
|
script Script
|
|
|
|
|
|
socfpgaimage Altera SoCFPGA CV/AV preloader
|
|
|
|
|
|
socfpgaimage_v1 Altera SoCFPGA A10 preloader
|
|
|
|
|
|
spkgimage Renesas SPKG Image }
|
|
|
|
|
|
standalone Standalone Program
|
|
|
|
|
|
stm32image STMicroelectronics STM32 Image }
|
|
|
|
|
|
sunxi_egon Allwinner eGON Boot Image }
|
|
|
|
|
|
sunxi_toc0 Allwinner TOC0 Boot Image }
|
|
|
|
|
|
tee Trusted Execution Environment Image
|
|
|
|
|
|
ublimage Davinci UBL image
|
|
|
|
|
|
vybridimage Vybrid Boot Image
|
|
|
|
|
|
x86_setup x86 setup.bin
|
|
|
|
|
|
zynqimage Xilinx Zynq Boot Image }
|
|
|
|
|
|
zynqmpbif Xilinx ZynqMP Boot Image (bif) }
|
|
|
|
|
|
zynqmpimage Xilinx ZynqMP Boot Image }
|
|
|
|
|
|
==================== ==================
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
compression
|
2023-06-23 12:22:10 +00:00
|
|
|
|
Compression used by included data. If no compression is used, the
|
|
|
|
|
|
compression property should be set to "none". If the data is compressed but
|
|
|
|
|
|
it should not be uncompressed by the loader (e.g. compressed ramdisk), this
|
|
|
|
|
|
should also be set to "none".
|
|
|
|
|
|
|
|
|
|
|
|
Supported compression types are:
|
|
|
|
|
|
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
Compression type Meaning
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
none uncompressed
|
|
|
|
|
|
bzip2 bzip2 compressed
|
|
|
|
|
|
gzip gzip compressed
|
|
|
|
|
|
lz4 lz4 compressed
|
|
|
|
|
|
lzma lzma compressed
|
|
|
|
|
|
lzo lzo compressed
|
|
|
|
|
|
zstd zstd compressed
|
|
|
|
|
|
==================== ==================
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:11 +00:00
|
|
|
|
data-size
|
|
|
|
|
|
size of the data in bytes
|
|
|
|
|
|
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Conditionally mandatory property
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
2023-06-23 12:22:11 +00:00
|
|
|
|
data
|
|
|
|
|
|
Path to the external file which contains this node's binary data. Within
|
|
|
|
|
|
the FIT this is the contents of the file. This is mandatory unless
|
|
|
|
|
|
external data is used.
|
|
|
|
|
|
|
|
|
|
|
|
data-offset
|
|
|
|
|
|
Offset of the data in a separate image store. The image store is placed
|
|
|
|
|
|
immediately after the last byte of the device tree binary, aligned to a
|
|
|
|
|
|
4-byte boundary. This is mandatory if external data is used, with an offset.
|
|
|
|
|
|
|
|
|
|
|
|
data-position
|
|
|
|
|
|
Machine address at which the data is to be found. This is a fixed address
|
|
|
|
|
|
not relative to the loading of the FIT. This is mandatory if external data
|
|
|
|
|
|
used with a fixed address.
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
os
|
|
|
|
|
|
OS name, mandatory for types "kernel". Valid OS names are:
|
2023-06-23 12:22:10 +00:00
|
|
|
|
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
OS name Meaning
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
invalid Invalid OS
|
|
|
|
|
|
4_4bsd 4_4BSD
|
|
|
|
|
|
arm-trusted-firmware ARM Trusted Firmware
|
|
|
|
|
|
dell Dell
|
|
|
|
|
|
efi EFI Firmware
|
|
|
|
|
|
esix Esix
|
|
|
|
|
|
freebsd FreeBSD
|
|
|
|
|
|
integrity INTEGRITY
|
|
|
|
|
|
irix Irix
|
|
|
|
|
|
linux Linux
|
|
|
|
|
|
ncr NCR
|
|
|
|
|
|
netbsd NetBSD
|
|
|
|
|
|
openbsd OpenBSD
|
|
|
|
|
|
openrtos OpenRTOS
|
|
|
|
|
|
opensbi RISC-V OpenSBI
|
|
|
|
|
|
ose Enea OSE
|
|
|
|
|
|
plan9 Plan 9
|
|
|
|
|
|
psos pSOS
|
|
|
|
|
|
qnx QNX
|
|
|
|
|
|
rtems RTEMS
|
|
|
|
|
|
sco SCO
|
|
|
|
|
|
solaris Solaris
|
|
|
|
|
|
svr4 SVR4
|
|
|
|
|
|
tee Trusted Execution Environment
|
|
|
|
|
|
u-boot U-Boot
|
|
|
|
|
|
vxworks VxWorks
|
|
|
|
|
|
==================== ==================
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
arch
|
|
|
|
|
|
Architecture name, mandatory for types: "standalone", "kernel",
|
2023-06-23 12:22:10 +00:00
|
|
|
|
"firmware", "ramdisk" and "fdt". Valid architecture names are:
|
|
|
|
|
|
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
Architecture type Meaning
|
|
|
|
|
|
==================== ==================
|
|
|
|
|
|
invalid Invalid ARCH
|
|
|
|
|
|
alpha Alpha
|
|
|
|
|
|
arc ARC
|
|
|
|
|
|
arm64 AArch64
|
|
|
|
|
|
arm ARM
|
|
|
|
|
|
avr32 AVR32
|
|
|
|
|
|
blackfin Blackfin
|
|
|
|
|
|
ia64 IA64
|
|
|
|
|
|
m68k M68K
|
|
|
|
|
|
microblaze MicroBlaze
|
|
|
|
|
|
mips64 MIPS 64 Bit
|
|
|
|
|
|
mips MIPS
|
|
|
|
|
|
nds32 NDS32
|
|
|
|
|
|
nios2 NIOS II
|
|
|
|
|
|
or1k OpenRISC 1000
|
|
|
|
|
|
powerpc PowerPC
|
|
|
|
|
|
ppc PowerPC
|
|
|
|
|
|
riscv RISC-V
|
|
|
|
|
|
s390 IBM S390
|
|
|
|
|
|
sandbox Sandbox
|
|
|
|
|
|
sh SuperH
|
|
|
|
|
|
sparc64 SPARC 64 Bit
|
|
|
|
|
|
sparc SPARC
|
|
|
|
|
|
x86_64 AMD x86_64
|
|
|
|
|
|
x86 Intel x86
|
|
|
|
|
|
xtensa Xtensa
|
|
|
|
|
|
==================== ==================
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
entry
|
|
|
|
|
|
entry point address, address size is determined by
|
doc: FIT image: Clarify format and simplify syntax
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2020-12-15 19:15:43 +00:00
|
|
|
|
'#address-cells' property of the root node.
|
|
|
|
|
|
Mandatory for types: "firmware", and "kernel".
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
load
|
|
|
|
|
|
load address, address size is determined by '#address-cells'
|
doc: FIT image: Clarify format and simplify syntax
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2020-12-15 19:15:43 +00:00
|
|
|
|
property of the root node.
|
|
|
|
|
|
Mandatory for types: "firmware", and "kernel".
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
compatible
|
|
|
|
|
|
compatible method for loading image.
|
doc: FIT image: Clarify format and simplify syntax
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2020-12-15 19:15:43 +00:00
|
|
|
|
Mandatory for types: "fpga", and images that do not specify a load address.
|
2022-07-22 14:16:13 +00:00
|
|
|
|
Supported compatible methods:
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
2023-06-23 12:22:10 +00:00
|
|
|
|
========================== =========================================
|
|
|
|
|
|
Compatible string Meaning
|
|
|
|
|
|
========================== =========================================
|
|
|
|
|
|
u-boot,fpga-legacy Generic fpga loading routine.
|
|
|
|
|
|
u-boot,zynqmp-fpga-ddrauth Signed non-encrypted FPGA bitstream for
|
|
|
|
|
|
Xilinx Zynq UltraScale+ (ZymqMP) device.
|
|
|
|
|
|
u-boot,zynqmp-fpga-enc Encrypted FPGA bitstream for Xilinx Zynq
|
|
|
|
|
|
UltraScale+ (ZynqMP) device.
|
|
|
|
|
|
========================== =========================================
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
phase
|
|
|
|
|
|
U-Boot phase for which the image is intended.
|
|
|
|
|
|
|
|
|
|
|
|
"spl"
|
|
|
|
|
|
image is an SPL image
|
|
|
|
|
|
|
|
|
|
|
|
"u-boot"
|
|
|
|
|
|
image is a U-Boot image
|
|
|
|
|
|
|
|
|
|
|
|
Optional nodes:
|
|
|
|
|
|
|
|
|
|
|
|
hash-1
|
|
|
|
|
|
Each hash sub-node represents separate hash or checksum
|
2008-03-12 11:13:13 +00:00
|
|
|
|
calculated for node's data according to specified algorithm.
|
|
|
|
|
|
|
2023-06-23 12:22:12 +00:00
|
|
|
|
signature-1
|
|
|
|
|
|
Each signature sub-node represents separate signature
|
|
|
|
|
|
calculated for node's data according to specified algorithm.
|
|
|
|
|
|
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Hash nodes
|
|
|
|
|
|
----------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:02 +00:00
|
|
|
|
::
|
|
|
|
|
|
|
|
|
|
|
|
o hash-1
|
|
|
|
|
|
|- algo = "hash or checksum algorithm name"
|
|
|
|
|
|
|- value = [hash or checksum value]
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Mandatory properties
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
algo
|
2023-06-23 12:22:10 +00:00
|
|
|
|
Algorithm name. Supported algoriths and their value sizes are:
|
|
|
|
|
|
|
|
|
|
|
|
==================== ============ =========================================
|
|
|
|
|
|
Sub-image type Size (bytes) Meaning
|
|
|
|
|
|
==================== ============ =========================================
|
|
|
|
|
|
crc16-ccitt 2 Cyclic Redundancy Check 16-bit
|
|
|
|
|
|
(Consultative Committee for International
|
|
|
|
|
|
Telegraphy and Telephony)
|
|
|
|
|
|
crc32 4 Cyclic Redundancy Check 32-bit
|
|
|
|
|
|
md5 16 Message Digest 5 (MD5)
|
|
|
|
|
|
sha1 20 Secure Hash Algorithm 1 (SHA1)
|
|
|
|
|
|
sha256 32 Secure Hash Algorithm 2 (SHA256)
|
|
|
|
|
|
sha384 48 Secure Hash Algorithm 2 (SHA384)
|
|
|
|
|
|
sha512 64 Secure Hash Algorithm 2 (SHA512)
|
|
|
|
|
|
==================== ============ =========================================
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
value
|
2023-06-23 12:22:10 +00:00
|
|
|
|
Actual checksum or hash value.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:12 +00:00
|
|
|
|
Image-signature nodes
|
|
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
|
|
|
|
o signature-1
|
|
|
|
|
|
|- algo = "algorithm name"
|
|
|
|
|
|
|- key-name-hint = "key name"
|
|
|
|
|
|
|- value = [hash or checksum value]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Mandatory properties
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
_`FIT Algorithm`:
|
|
|
|
|
|
|
|
|
|
|
|
algo
|
|
|
|
|
|
Algorithm name. Supported algoriths and their value sizes are shown below.
|
|
|
|
|
|
Note that the hash is specified separately from the signing algorithm, so
|
|
|
|
|
|
it is possible to mix and match any SHA algorithm with any signing
|
|
|
|
|
|
algorithm. The size of the signature relates to the signing algorithm, not
|
|
|
|
|
|
the hash, since it is the hash that is signed.
|
|
|
|
|
|
|
|
|
|
|
|
==================== ============ =========================================
|
|
|
|
|
|
Sub-image type Size (bytes) Meaning
|
|
|
|
|
|
==================== ============ =========================================
|
|
|
|
|
|
sha1,rsa2048 256 SHA1 hash signed with 2048-bit
|
|
|
|
|
|
Rivest–Shamir–Adleman algorithm
|
|
|
|
|
|
sha1,rsa3072 384 SHA1 hash signed with 2048-bit RSA
|
|
|
|
|
|
sha1,rsa4096 512 SHA1 hash signed with 2048-bit RSA
|
|
|
|
|
|
sha1,ecdsa256 32 SHA1 hash signed with 256-bit Elliptic
|
|
|
|
|
|
Curve Digital Signature Algorithm
|
|
|
|
|
|
sha256,...
|
|
|
|
|
|
sha384,...
|
|
|
|
|
|
sha512,...
|
|
|
|
|
|
==================== ============ =========================================
|
|
|
|
|
|
|
|
|
|
|
|
key-name-hint
|
|
|
|
|
|
Name of key to use for signing. The keys will normally be in
|
|
|
|
|
|
a single directory (parameter -k to mkimage). For a given key <name>, its
|
|
|
|
|
|
private key is stored in <name>.key and the certificate is stored in
|
|
|
|
|
|
<name>.crt.
|
|
|
|
|
|
|
|
|
|
|
|
sign-images
|
|
|
|
|
|
A list of images to sign, each being a property of the conf
|
|
|
|
|
|
node that contains then. The default is "kernel,fdt" which means that these
|
|
|
|
|
|
two images will be looked up in the config and signed if present. This is
|
|
|
|
|
|
used by mkimage to determine which images to sign.
|
|
|
|
|
|
|
|
|
|
|
|
The following properies are added as part of signing, and are mandatory:
|
|
|
|
|
|
|
|
|
|
|
|
value
|
|
|
|
|
|
Actual signature value. This is added by mkimage.
|
|
|
|
|
|
|
|
|
|
|
|
hashed-nodes
|
|
|
|
|
|
A list of nodes which were hashed by the signer. Each is
|
|
|
|
|
|
a string - the full path to node. A typical value might be::
|
|
|
|
|
|
|
|
|
|
|
|
hashed-nodes = "/", "/configurations/conf-1", "/images/kernel",
|
|
|
|
|
|
"/images/kernel/hash-1", "/images/fdt-1",
|
|
|
|
|
|
"/images/fdt-1/hash-1";
|
|
|
|
|
|
|
|
|
|
|
|
hashed-strings
|
|
|
|
|
|
The start and size of the string region of the FIT that was hashed. The
|
|
|
|
|
|
start is normally 0, indicating the first byte of the string table. The size
|
|
|
|
|
|
indicates the number of bytes hashed as part of signing.
|
|
|
|
|
|
|
|
|
|
|
|
The following properies are added as part of signing, and are optional:
|
|
|
|
|
|
|
|
|
|
|
|
timestamp
|
|
|
|
|
|
Time when image was signed (standard Unix time_t format)
|
|
|
|
|
|
|
|
|
|
|
|
signer-name
|
|
|
|
|
|
Name of the signer (e.g. "mkimage")
|
|
|
|
|
|
|
|
|
|
|
|
signer-version
|
|
|
|
|
|
Version string of the signer (e.g. "2013.01")
|
|
|
|
|
|
|
|
|
|
|
|
comment
|
|
|
|
|
|
Additional information about the signer or image
|
|
|
|
|
|
|
|
|
|
|
|
padding
|
|
|
|
|
|
The padding algorithm, it may be pkcs-1.5 or pss,
|
|
|
|
|
|
if no value is provided we assume pkcs-1.5
|
|
|
|
|
|
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
'/configurations' node
|
|
|
|
|
|
----------------------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
doc: FIT image: Clarify format and simplify syntax
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2020-12-15 19:15:43 +00:00
|
|
|
|
The 'configurations' node creates convenient, labeled boot configurations,
|
|
|
|
|
|
which combine together kernel images with their ramdisks and fdt blobs.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:02 +00:00
|
|
|
|
The 'configurations' node has the following structure::
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:02 +00:00
|
|
|
|
o configurations
|
|
|
|
|
|
|- default = "default configuration sub-node unit name"
|
|
|
|
|
|
|
|
|
|
|
|
|
o config-1 {...}
|
|
|
|
|
|
o config-2 {...}
|
|
|
|
|
|
...
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Optional property
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
default
|
|
|
|
|
|
Selects one of the configuration sub-nodes as a default configuration.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Mandatory nodes
|
|
|
|
|
|
~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
configuration-sub-node-unit-name
|
|
|
|
|
|
At least one of the configuration sub-nodes is required.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:12 +00:00
|
|
|
|
Optional nodes
|
|
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
signature-1
|
|
|
|
|
|
Each signature sub-node represents separate signature
|
|
|
|
|
|
calculated for the configuration according to specified algorithm.
|
|
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
Configuration nodes
|
|
|
|
|
|
-------------------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:02 +00:00
|
|
|
|
Each configuration has the following structure::
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:02 +00:00
|
|
|
|
o config-1
|
|
|
|
|
|
|- description = "configuration description"
|
|
|
|
|
|
|- kernel = "kernel sub-node unit name"
|
|
|
|
|
|
|- fdt = "fdt sub-node unit-name" [, "fdt overlay sub-node unit-name", ...]
|
|
|
|
|
|
|- loadables = "loadables sub-node unit-name"
|
|
|
|
|
|
|- script = "
|
|
|
|
|
|
|- compatible = "vendor,board-style device tree compatible string"
|
2023-06-23 12:22:12 +00:00
|
|
|
|
o signature-1 {...}
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Mandatory properties
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
description
|
|
|
|
|
|
Textual configuration description.
|
|
|
|
|
|
|
|
|
|
|
|
kernel or firmware
|
|
|
|
|
|
Unit name of the corresponding kernel or firmware
|
doc: FIT image: Clarify format and simplify syntax
** Introduction
There are currently four ways to load an OS image with u-boot
1. SPL -> u-boot -> bootm
2. SPL blue falcon mode
3. "Basic" FIT image (CONFIG_LOAD_FIT)
4. "Full-featured" FIT image (CONFIG_LOAD_FIT_FULL)
These four code paths were developed independently, and share very
little code. (3) and (4), behave very differently, are littered with
special cases. They even have different DTS syntax and properties.
The cause of this divergence is that the FIT format specification
leaves a number of things open to interpretation. The purpose of this
change is to enable the reduction of code size, duplication, and
complexity by updating and streamlining the FIT format.
We are only marginally concerned with backwards compatibility, because
we don't have inter-compatibility. For example, CONFIG_LOAD_FIT is
able to load images that CONFIG_LOAD_FIT_FULL won't. This is a direct
result of the incompatible syntax between the two implementations.
Ideally, these changes would enable "simple" FIT to be a subset of the
"full" fit implementation, and share most code. These changes should
also eliminate the need for falcon mode (although we are not
advocating for the removal of falcon mode at this time).
** Description of changes
* The "configurations" node is now mandatory
Guessing how to load components based on their "os" and "type" invites
confusion and superfluous heuristics. Instead, require each FIT image
to be explicit on how components should be loaded.
* Eliminate "ramdisk", "setup", "standalone", and "fpga" properties
Having too many special purpose properties requires special-casing
FIT loading code. When a special property can be handled by another
property, it is redundant.
- A "ramdisk" is identical to a loadable. Thus ramdisk images should
be placed under "loadables".
- A "setup" node can be achieved by using a "kernel" or "firmware"
property instead.
- "standalone" is used for u-boot nodes. The correct property to use
in this case is "firmware".
- "fpga" is a loadable
* Prioritize control between "firmware" and "kernel"
"firmware" and "kernel" are special nodes in that control is passed
to the "entry-point" of the image. Both can be present, for example,
an OP-TEE firmware with a linux kernel. When both are present,
control is passed to the "firmware" image.
** Further generalizations (not included herein)
The "firmware" and "kernel" properties could be generalized as a
"next-boot-stage", or similar name. This "next" stage would be special
in that it is both executable, and is the stage that is passed
control. For example, "next-stage" could be an op-tee image, with
linux as a loadable, or a u-boot image.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2020-12-15 19:15:43 +00:00
|
|
|
|
(u-boot, op-tee, etc) image. If both "kernel" and "firmware" are specified,
|
|
|
|
|
|
control is passed to the firmware image.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Optional properties
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
fdt
|
|
|
|
|
|
Unit name of the corresponding fdt blob (component image node of a
|
2017-09-04 20:12:17 +00:00
|
|
|
|
"fdt type"). Additional fdt overlay nodes can be supplied which signify
|
|
|
|
|
|
that the resulting device tree blob is generated by the first base fdt
|
|
|
|
|
|
blob with all subsequent overlays applied.
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
fpga
|
|
|
|
|
|
Unit name of the corresponding fpga bitstream blob
|
2016-05-17 11:58:44 +00:00
|
|
|
|
(component image node of a "fpga type").
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
loadables
|
|
|
|
|
|
Unit name containing a list of additional binaries to be
|
2015-05-21 13:52:47 +00:00
|
|
|
|
loaded at their given locations. "loadables" is a comma-separated list
|
2016-11-29 22:33:20 +00:00
|
|
|
|
of strings. U-Boot will load each binary at its given start-address and
|
2019-11-14 02:18:03 +00:00
|
|
|
|
may optionally invoke additional post-processing steps on this binary based
|
2016-11-29 22:33:20 +00:00
|
|
|
|
on its component image node type.
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
script
|
|
|
|
|
|
The image to use when loading a U-Boot script (for use with the
|
2022-12-12 19:12:11 +00:00
|
|
|
|
source command).
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
compatible
|
|
|
|
|
|
The root compatible string of the U-Boot device tree that
|
2019-07-25 02:37:56 +00:00
|
|
|
|
this configuration shall automatically match when CONFIG_FIT_BEST_MATCH is
|
|
|
|
|
|
enabled. If this property is not provided, the compatible string will be
|
|
|
|
|
|
extracted from the fdt blob instead. This is only possible if the fdt is
|
|
|
|
|
|
not compressed, so images with compressed fdts that want to use compatible
|
|
|
|
|
|
string matching must always provide this property.
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
|
|
|
|
|
The FDT blob is required to properly boot FDT based kernel, so the minimal
|
|
|
|
|
|
configuration for 2.6 FDT kernel is (kernel, fdt) pair.
|
|
|
|
|
|
|
|
|
|
|
|
Older, 2.4 kernel and 2.6 non-FDT kernel do not use FDT blob, in such cases
|
|
|
|
|
|
'struct bd_info' must be passed instead of FDT blob, thus fdt property *must
|
|
|
|
|
|
not* be specified in a configuration node.
|
|
|
|
|
|
|
2023-06-23 12:22:12 +00:00
|
|
|
|
Configuration-signature nodes
|
|
|
|
|
|
-----------------------------
|
|
|
|
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
|
|
|
|
o signature-1
|
|
|
|
|
|
|- algo = "algorithm name"
|
|
|
|
|
|
|- key-name-hint = "key name"
|
|
|
|
|
|
|- sign-images = "path1", "path2";
|
|
|
|
|
|
|- value = [hash or checksum value]
|
|
|
|
|
|
|- hashed-strings = <0 len>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Mandatory properties
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
algo
|
|
|
|
|
|
See `FIT Algorithm`_.
|
|
|
|
|
|
|
|
|
|
|
|
key-name-hint
|
|
|
|
|
|
Name of key to use for signing. The keys will normally be in
|
|
|
|
|
|
a single directory (parameter -k to mkimage). For a given key <name>, its
|
|
|
|
|
|
private key is stored in <name>.key and the certificate is stored in
|
|
|
|
|
|
<name>.crt.
|
|
|
|
|
|
|
|
|
|
|
|
The following properies are added as part of signing, and are mandatory:
|
|
|
|
|
|
|
|
|
|
|
|
value
|
|
|
|
|
|
Actual signature value. This is added by mkimage.
|
|
|
|
|
|
|
|
|
|
|
|
The following properies are added as part of signing, and are optional:
|
|
|
|
|
|
|
|
|
|
|
|
timestamp
|
|
|
|
|
|
Time when image was signed (standard Unix time_t format)
|
|
|
|
|
|
|
|
|
|
|
|
signer-name
|
|
|
|
|
|
Name of the signer (e.g. "mkimage")
|
|
|
|
|
|
|
|
|
|
|
|
signer-version
|
|
|
|
|
|
Version string of the signer (e.g. "2013.01")
|
|
|
|
|
|
|
|
|
|
|
|
comment
|
|
|
|
|
|
Additional information about the signer or image
|
|
|
|
|
|
|
|
|
|
|
|
padding
|
|
|
|
|
|
The padding algorithm, it may be pkcs-1.5 or pss,
|
|
|
|
|
|
if no value is provided we assume pkcs-1.5
|
|
|
|
|
|
|
|
|
|
|
|
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:03 +00:00
|
|
|
|
Examples
|
|
|
|
|
|
--------
|
2008-03-12 11:13:13 +00:00
|
|
|
|
|
2023-06-23 12:22:04 +00:00
|
|
|
|
Some example files are available here, showing various scenarios
|
|
|
|
|
|
|
|
|
|
|
|
.. toctree::
|
|
|
|
|
|
:maxdepth: 1
|
|
|
|
|
|
|
|
|
|
|
|
kernel
|
|
|
|
|
|
kernel_fdt
|
|
|
|
|
|
kernel_fdts_compressed
|
|
|
|
|
|
multi
|
|
|
|
|
|
multi_spl
|
|
|
|
|
|
multi-with-fpga
|
|
|
|
|
|
multi-with-loadables
|
|
|
|
|
|
sec_firmware_ppa
|
|
|
|
|
|
sign-configs
|
|
|
|
|
|
sign-images
|
|
|
|
|
|
uefi
|
|
|
|
|
|
update3
|
|
|
|
|
|
update_uboot
|
2023-06-23 12:22:03 +00:00
|
|
|
|
|
|
|
|
|
|
.. sectionauthor:: Marian Balakowicz <m8@semihalf.com>
|
|
|
|
|
|
.. sectionauthor:: External data additions, 25/1/16 Simon Glass <sjg@chromium.org>
|
