Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Imported from linux kernel v5.3:
asn1.h without changes
asn1_ber_bytecode.h without changes
asn1_decoder.h without changes
asn1_compiler.c without changes
This host command will be used to create a ASN1 parser, for example,
for pkcs7 messages or x509 certificates. More specifically, it will
generate *byte code* which will be interpreted by asn1 decoder library.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
include/video_logo.h once was created via the tool easylogo and than used
in cpu/mpc8xx/video.c to display Tux. video_logo.h has been replaced by
include/linux_logo.h and is not needed anymore.
Delete the include and the tool,
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
in case of bmp_logo, the video_bmp driver is used for
drawing a bmp logo. This driver supports only "full"
bmp data. Adding a logo with the bmp_logo tool to
u-boot binary adds currently only real data and drops
the bmp header.
This patch adds now the full bmp data to the u-boot
binary, so video_bmp driver works with the logo embedded
into u-boot.
Fixed also some checkpatch error poping up with this
patch.
Signed-off-by: Heiko Schocher <hs@denx.de>
Some Intel SoCs from about 2016 boot using an internal microcontroller via
an 'IFWI' image. This is a special format which can hold firmware images.
In U-Boot's case it holds u-boot-tpl.bin.
Add this tool, taken from coreboot, so that we can build bootable images
on apollolake SoCs.
This tool itself has no tests. Some amount of coverage will be provided by
the binman tests that use it, so enable building the tool on sandbox.
Signed-off-by: Simon Glass <sjg@chromium.org>
This adds a size check for SPL that can dynamically check generated
SPL binaries (including devicetree) for a size limit that ensures
this image plus global data, heap and stack fit in initial SRAM.
Since some of these sizes are not available to make, a new host tool
'spl_size_limit' is added that dumps the resulting maximum size for
an SPL binary to stdout. This tool is used in toplevel Makefile to
implement the size check on SPL binaries.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Due to some mistakes in the source code, it was not possible to really
turn FIT support off. This commit fixes the problem by means of the
following changes:
- Enclose "bootm_host_load_image" and "bootm_host_load_images" between
checks for CONFIG_FIT_SIGNATURE, in common/bootm.c.
- Enclose the declaration of "bootm_host_load_images" between checks for
CONFIG_FIT_SIGNATURE, in common/bootm.h.
- Condition the compilation and linking of fit_common.o fit_image.o
image-host.o common/image-fit.o to CONFIG_FIT=y, in tools/Makefile.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
[fabio: adapt for 2016.07]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Ricardo: fix conditional compilation and linking of the files mentioned above
for 2016.07]
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Jörg: adapt for 2019.01]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/uboot-tools/0003-Make-FIT-support-really-optional.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
When CROSS_BUILD_TOOLS is set, set HOSTCFLAGS to CFLAGS otherwise CC
will be used with HOSTCFLAGS which seems wrong
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fixes building mkimage on systems where OpenSSL header files do not
live in the standard include path.
Signed-off-by: Pierre Bourdon <delroth@gmail.com>
Parts of the code are using C99 constructs (such as variables declared
inside loops), but also GNU extensions (such as typeof), so using
-std=gnu99 is necessary to build with older versions of gcc that don't
default to building with gnu99.
It fixes the following build failure:
./tools/../lib/crc16.c: In function "crc16_ccitt":
./tools/../lib/crc16.c:70:2: error: "for" loop initial declarations are only allowed in C99 mode
for (int i = 0; i < len; i++)
^
./tools/../lib/crc16.c:70:2: note: use option -std=c99 or -std=gnu99 to compile your code
when building the host tools with gcc 4.7.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
i.MX8M bootable image type is like i.MX6/7, but there is signed HDMI
firmware image in front of A53 bootable image, which is also has an IVT
header.
Here we also include fit image to generate a bootable image.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Stefano Babic <sbabic@denx.de>
The motivation for this is to allow distributions to distribute all
possible tools in a generic way, avoiding the need of specific tools
building for each machine.
Especially on OpenEmbedded / Yocto Project ecosystem, it is very
common each BSP to end providing their specific tools when they need
to generate images for some SoC (e.g MX23 / MX28 in meta-freescale
case).
Using this, we can package the tools doing:
$: make tools-only_defconfig
$: make tools-only
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
[trini: Add MAINTAINERS entry for myself, add to .travis.yml, make
U-Boot itself buildable to not trip up other frameworks]
Signed-off-by: Tom Rini <trini@konsulko.com>
The CRC16-CCITT checksum function is useful for space-constrained
applications (such as obtaining a checksum across a 2KBit or 4KBit
EEPROM) in boot applications. It has not been accessible from boot
scripts until now (due to not having a dedicated command and not being
supported by the hash infrstructure) limiting its applicability
outside of custom commands.
This adds the CRC16-CCITT (poly 0x1021, init 0x0) algorithm to the
list of available hashes and adds a new crc16_ccitt_wd_buf() to make
this possible.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[trini: Fix building crc16.o for SPL/TPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
This patch adds support for MTK boot image generation.
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
i.MX8/8X bootable image type is container type.
The bootable image, containers a container set which supports two
container. The 1st container is for SECO firmware, the 2nd container
needs to include scfw, m4_0/1 image, ACore images per your requirement.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
This adds a new config value FIT_SIGNATURE_MAX_SIZE, which controls the
max size of a FIT header's totalsize field. The field is checked before
signature checks are applied to protect from reading past the intended
FIT regions.
This field is not part of the vboot signature so it should be sanity
checked. If the field is corrupted then the structure or string region
reads may have unintended behavior, such as reading from device memory.
A default value of 256MB is set and intended to support most max storage
sizes.
Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The officially described way to generate boot.bin files for ZynqMP is to
describe the contents of the target binary using a file of the "bif"
format. This file then links to other files that all get packed into a
bootable image.
This patch adds support to read such a .bif file and generate a respective
ZynqMP boot.bin file that can include the normal image and pmu files, but
also supports image partitions now. This makes it a handy replacement for
the proprietary "bootgen" utility that is currently used to generate
boot.bin files with FSBL.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
The kwboot tool for Marvell devices isn't currently being built even if
HOST_TOOLS_ALL is set. It doesn't appear to depend on any CONFIG_
options, so it seems appropriate to enable building it here.
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
STM32MP157 bootrom needs a specific header for first boot stage.
This patch adds support of this header in mkimage.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
There are no headers for libfdt in lib/libfdt, as they are instead
located in scripts/dtc/libfdt. Specifying lib/libfdt for headers
inclusion in host tools results in using the system libfdt headers,
which is not what we want. Change this to the proper path.
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
libfdt_env.h is supposed to provide system-dependent defines.
scripts/dtc/libfdt/libfdt_env.h from upstream DTC is suitable
for user-space, so we should use this for USE_HOSTCC case.
For compiling U-Boot, we need to override such system-dependent
defines, so use <linux/libfdt_env.h> imported from Linux.
<libfdt.h> selects a proper one. Maybe, we should split header
inclusion completely, but I do not want too many patches at one.
I can rip off the include/libfdt_env.h from HOST_EXTRACFLAGS.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The only difference between scripts/dtc/libfdt/fdt_rw.c and
lib/libfdt/fdt_rw.c is fdt_remove_unused_strings().
It is only used by fdtgrep, so we do not need to compile it for U-Boot
image. Move it to tools/libfdt/fdw_rw.c so that lib/libfdt/fdt_rw.c
can be a wrapper of scripts/dtc/libfdt/fdt_rw.c.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
For testing EFI disk management we need an in-memory image of
a disk.
The tool file2include converts a file to a C include. The file
is separated into strings of 8 bytes. Only the non-zero strings
are written to the include. The output format has been designed
to maintain readability.
#define EFI_ST_DISK_IMG { 0x00010000, { \
{0x000001b8, "\x94\x37\x69\xfc\x00\x00\x00\x00"}, /* .7i..... */ \
{0x000001c0, "\x02\x00\x83\x02\x02\x00\x01\x00"}, /* ........ */ \
{0x000001c8, "\x00\x00\x7f\x00\x00\x00\x00\x00"}, /* ........ */ \
{0x000001f8, "\x00\x00\x00\x00\x00\x00\x55\xaa"}, /* ......U. */ \
...
{0x00006000, "\x48\x65\x6c\x6c\x6f\x20\x77\x6f"}, /* Hello wo */ \
{0x00006008, "\x72\x6c\x64\x21\x0a\x00\x00\x00"}, /* rld!.... */ \
{0, NULL} } }
As the disk image needed for testing contains mostly zeroes a high
compression ratio can be attained.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Add prelink-riscv to arrange .rela.dyn and .rela.got
in compile time. So that u-boot can be directly
executed without fixup.
Signed-off-by: Chih-Mao Chen <cmchen@andestech.com>
Signed-off-by: Rick Chen <rick@andestech.com>
Signed-off-by: Rick Chen <rickchen36@gmail.com>
Signed-off-by: Greentime Hu <green.hu@gmail.com>
Now, lib/libfdt/fdt_wip.c is the same as scripts/dtc/libfdt/fdt_wip.c
Change the former to a wrapper of the latter.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Prior to this commit, tools/Makefile pulls all libfdt files from
lib/libfdt.
lib/libfdt/ and scripts/dtc/libfdt have the same copies for the
followings 6 files:
fdt.c fdt_addresses.c fdt_empty_tree.c fdt_overlay.c fdt_strerr.c
fdt_sw.c
This commit changes them to #include ones from scripts/dtc/libfdt.
Unfortunately, U-Boot locally modified the following 3 files:
fdt_ro.c fdt_wip.c fdt_rw.c
I did not touch them in order to avoid unpredictable impact.
The fdt_region.c is U-Boot own file. This is also borrowed from
lib/libfdt/.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The pylibfdt is used by dtoc (and, indirectly by binman), but there
is no reason why it must be generated in the tools/ directory.
Recently, U-Boot switched over to the bundled DTC, and the directory
structure under scripts/dtc/ now mirrors the upstream DTC project.
So, scripts/dtc/pylibfdt is the best location.
I also rewrote the Makefile in a cleaner Kbuild style.
The scripts from the upstream have been moved as follows:
lib/libfdt/pylibfdt/setup.py -> scripts/dtc/pylibfdt/setup.py
lib/libfdt/pylibfdt/libfdt.i -> scripts/dtc/pylibfdt/libfdt.i_shipped
The .i_shipped is coped to .i during building because the .i must be
located in the objtree when we build it out of tree.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Last user of this option went away in commit:
fdc7718999 ("board: usb_a9263: Update to support DT and DM")
Signed-off-by: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
In some cases, such as FreeBSD, the path to an alternative dtc needs to
be used. Rather than override the one given in the Makefile on the
command line, make this part of the build configuration.
Signed-off-by: Tom Rini <trini@konsulko.com>
This should not be printed by default. Prefix it with $(Q).
Fixes ee95d10b: ("fdt: Build the new python libfdt module")
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Since commit 3809e302 "Makefile: honor PYTHON configuration properly",
the build commands of libfdt are printed while previously were not.
This adds the missing '--quiet' back.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
On some systems `python` is `python3` (for instance, Archlinux). The
`PYTHON` variable can be used to point to `python2` to have a successful
build.
The use of `PYTHON` is currently limited in the Makefile and needs to be
extended in other places:
First, pylibfdt is required to be a Python 2 binding (binman imports
pylibfdt and is only compatible Python 2), so its setup.py needs to be
called accordingly. An alternative would be to change the libfdt
setup.py shebang to python2, but the binding is actually portable. Also,
it would break on system where there is no such thing as `python2`.
Secondly, the libfdt import checks need to be done against Python 2 as
well since the Python 2 compiled modules (in this case _libdft.so) can
not be imported from Python 3.
Note on the libfdt imports: "@if ! PYTHONPATH=tools $(PYTHON) -c 'import
libfdt'; then..." is probably simpler than the currently sub-optimal
pipe.
Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
About a quarter of the files in common/ relate to the environment. It
seems better to put these into their own subdirectory and remove the
prefix.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
U-Boot has up until now built with -fpic for the MIPS architecture,
producing position independent code which uses indirection through a
global offset table, making relocation fairly straightforward as it
simply involves patching up GOT entries.
Using -fpic does however have some downsides. The biggest of these is
that generated code is bloated in various ways. For example, function
calls are indirected through the GOT & the t9 register:
8f998064 lw t9,-32668(gp)
0320f809 jalr t9
Without -fpic the call is simply:
0f803f01 jal be00fc04 <puts>
This is more compact & faster (due to the lack of the load & the
dependency the jump has on its result). It is also easier to read &
debug because the disassembly shows what function is being called,
rather than just an offset from gp which would then have to be looked up
in the ELF to discover the target function.
Another disadvantage of -fpic is that each function begins with a
sequence to calculate the value of the gp register, for example:
3c1c0004 lui gp,0x4
279c3384 addiu gp,gp,13188
0399e021 addu gp,gp,t9
Without using -fpic this sequence no longer appears at the start of each
function, reducing code size considerably.
This patch switches U-Boot from building with -fpic to building with
-fno-pic, in order to gain the benefits described above. The cost of
this is an extra step during the build process to extract relocation
data from the ELF & write it into a new .rel section in a compact
format, plus the added complexity of dealing with multiple types of
relocation rather than the single type that applied to the GOT. The
benefit is smaller, cleaner, more debuggable code. The relocate_code()
function is reimplemented in C to handle the new relocation scheme,
which also makes it easier to read & debug.
Taking maltael_defconfig as an example the size of u-boot.bin built
using the Codescape MIPS 2016.05-06 toolchain (gcc 4.9.2, binutils
2.24.90) shrinks from 254KiB to 224KiB.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Cc: u-boot@lists.denx.de
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Tested-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
FreeBSD recently switch to it's BSDL dtc. While it support most of the
features of the GPL one it still lacks the incbin directive.
Add the possibility to specify which dtc we want to use for compiling dts
and generating fit image.
Signed-off-by: Emmanuel Vadot <manu@bidouilliste.com>
Acked-by: Simon Glass <sjg@chromium.org>
Build the upstream python libfdt module. At present the legacy module is
still built and is the one that it used. Future work will switch this
over.
Signed-off-by: Simon Glass <sjg@chromium.org>
Now that this module has been accepted upstream we should stop using the
local U-Boot one. In preparation for this, rename it to indicate it is for
legacy use.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present only a subset of source files are build. Add the rest and
refactor this so that a source file list is available also. This will be
used in later commit.
Signed-off-by: Simon Glass <sjg@chromium.org>
Not force to use python from PATH. Issue was noted when building with
Yocto, because python from the distro is always taken instead of
python-native built during Yocto process.
Signed-off-by: Stefano Babic <sbabic@denx.de>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This program generates raw SPL images that can be flashed on the NAND with
the ECC and randomizer properly set up.
This has been copied (and tweaked to find the right headers) from the
sunxi-tools (https://github.com/linux-sunxi/sunxi-tools) upstream
repository, commit 1c3a6ca5.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
When building u-boot tools in cross-build environment CFLAGS environment
variable set up for target is taken into an account when building code
for host. Make it empty on invocation of python.
This fixes the following build errors when cross-compiling for xtensa:
cc1: error: unrecognized command line option "-mlongcalls"
cc1: error: unrecognized command line option "-mauto-litpools"
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Richard reported U-Boot tools issues in OpenEmbedded/Yocto project.
OE needs to be able to change the default compiler. If we pass in
HOSTCC through the make command, it overwrites all HOSTCC instances,
including ones in tools/Makefile and tools/env/Makefile, which breaks
"make cross_tools" and "make env", respectively.
Add "override" directives to avoid overriding HOSTCC instances that
really need to point to the cross-compiler.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This define is not used in tools sources and can be removed
to avoid unnecessary link between tools and defconfig
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The previous commit ("add a new command to show .config contents")
improves the basic infrastructure of "embed a compressed file into
the U-Boot image, and print it by a command". The same pattern for
the "license" command.
This commit reworks the command to improve the following:
[1] Improve log style
Kbuild style log
GZIP cmd/license_data.gz
CHK cmd/license_data_gz.h
UPD cmd/license_data_gz.h
CHK cmd/license_data_size.h
UPD cmd/license_data_size.h
instead of the bare Make log:
cat ./Licenses/gpl-2.0.txt | gzip -9 -c | \
tools/bin2header license_gzip > ./include/license.h
[2] Collect related code into the "cmd" directory
Prior to this commit, the license.h was created by tools/Makefile,
placed under the "include" directory, included from cmd/license.c,
and deleted by the top-level Makefile. It is not a good idea to
scatter related code.
[3] Drop the fixed-malloc size LICENSE_MAX
Just allocate the minimum required size of buffer because we know
the size of the original gpl-2.0.txt.
[4] Fix more issues
Terminate the buffer with zero to prevent puts() from over-running.
Add "static" to do_license.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>