Add support for uploading the boot image (the data part only) at higher
baudrate than the standard one.
The kwboot utility already has -B option, but choosing other baudrate
than the standard one (115200 Bd) can only work for debug mode, not for
booting the device. The BootROM for kwboot supported platforms (Orion,
Kirkwood, Dove, Discovery, AXP, A37x, A38x, A39x) cannot change the
baudrate when uploading boot image via the Xmodem protocol, nor can it
be configured via strapping pins.
So instead we add this support by injecting baudrate changing code into
the kwbimage v1 header as a new optional binary extension. This code is
executed by BootROM after it receives the whole header. The code sends
the magic string "$baudratechange\0" just before changing the baudrate
to let kwboot know that it should also change it. This is because the
injected code is run as the last binary extension, and we do not want
to loose possible output from other possible binary extensions that
came before it (in most cases this is U-Boot SPL).
We also inject the code before the payload (the data part of the image),
to change the baudrate back to the standard value, in case the payload
does not reset UART.
This change improves boot time via UART significantly (depending on the
chosen baudrate), which is very useful when debugging.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ major refactor ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Explicitly check the image size against size of struct main_hdr_v1.
This way the check is more readable, since the `hdrsz` variable
may semantically contain another value.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The beginning of image data must be sent in a separate xmodem block;
the block must not contain end of header with the beginning of data.
Therefore we need to ensure that the image header size is a multiple of
xmodem block size (which is 128 B).
Read the file into a malloc()ed buffer of enough size instead of
mmap()ing it. (If we are going to move the data, most of the pages will
be dirty anyway.) Then move the payload if header size needs to be
increased.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
These structures are relevant for several other platforms, mention them
all.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Add functions kwbheader_size() and kwbheader_size_for_csum().
Refactor code determining header size to use these functions.
Refactor header checksum determining function.
Remove stuff that is not needed anymore.
This simplifies the code a little and fixes one instance of validating
header size meant for checksum instead of whole header size.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Rename this function to kwbimage_version() and don't cast argument if
not needed.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
SPI/NOR kwbimage may have destination address set to 0xFFFFFFFF, which
means that the image is not downloaded to DDR but rather it is executed
directly from SPI/NOR. In this case execution address is set to SPI/NOR
area.
When patching image to UART type, change destination and execution
addresses from SPI/NOR XIP area to DDR area 0x00800000 (which is default
for A38x).
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Some image types have source address in non-bytes unit; for example for
SATA images, it is in 512 B units.
We need to multiply by unit size when patching image type to UART.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
It is not possible to modify image with secure header due to
cryptographic signature.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Create macro
for_each_opt_hdr_v1
and functions
opt_hdr_v1_size(),
opt_hdr_v1_valid_size(),
opt_hdr_v1_ext(),
opt_hdr_v1_first() and
opt_hdr_v1_next()
to simplify iteration over version 1 optional headers.
This prevents ugly code repetition and makes it nicer to read.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
The kwboot_img_patch_hdr() function already decides if header patching
is needed. Always call this function and deprecate the unneeded command
line option `-p`.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
After kwboot sends EOT, BootROM sends back ACK. Add code for handling
this and retry sending EOT on error.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Currently if BootROM fails to respond with ACK/NAK to a xmodem block, we
will be waiting indefinitely for such response.
Make sure that we only wait at most 1 second (blk_rsp_timeo) for ACK/NAK
for each block in case non-xmodem text output is not being expected.
Interpret this timeout expiration as NAK, to try to send the block
again.
On the other hand, if timeout expires without ACK while some non-xmodem
output was already received (DDR training output, for example), we know
that the block was received, since the code is being executed, so in
this case exit with ETIMEDOUT.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When executing header code (which contains U-Boot SPL in most cases),
wait 10s after every non-xmodem character received (i.e. printed by
U-Boot SPL) before timing out.
Sometimes DDR training, which runs in SPL, may be slow.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
There is no separation between output from the code from binary header
(U-Boot SPL in most cases) and subsequent kwboot output.
Print '\n' to make distinguishing these two easier.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When sending image header / image data, BootROM does not send any
non-xmodem text output. We should therefore interpret unknown bytes in
the xmodem protocol as errors and resend current packet. This should
improve the transfer in case there are errors on the UART line.
Text output from BootROM may only happen after whole image header is
sent and before ACK for the last packet of image header is received.
In this case BootROM may execute code from the image, which may interact
with UART (U-Boot SPL, for example, prints stuff on UART).
Print received non-xmodem output from BootROM only in this case.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored & simplified ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
This is a non-functional change that should make the code more readable.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
This change is required to implement other features in kwboot.
Split sending header and data parts of the image into two stages.
Signed-off-by: Pali Rohár <pali@kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When progress was not completed, current terminal position is in progress
bar. So print newline before printing error message to make error message
more readable.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Ensure that `pos` is still in range up to the `width` so printing 100%
works also for bigger images. After printing 100% progress reset it to
zero, so that next progressbar can be started.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The compiler complains that we are comparing int with size_t when
compiled with -W.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Function kwboot_xm_makeblock() always returns length of xmodem block. It
is always non-negative and calculated from variable with size_t type. Set
return type of this function to size_t and remove dead code which checks
for negative value.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When kwboot_tty_recv() fails or times out, it does not set the `c`
variable to NAK. The variable is then compared, while it holds either
an undefined value or a value from previous iteration. Set `c` to NAK so
that the other side will try to resend current block, and remove the
now unnecessary break.
In other failure cases return immediately.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Print kwboot's (U-Boot's) version when printing usage.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
There are 3 instances in kwboot.c where we need to write() a given
buffer whole (iteratively writing until all data are written), and 2 of
those instances are wrong, for they do not increment the buffer pointer.
Refactor the code into a new function kwboot_write() where it is fixed.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The `in` variable is set to -1 in kwboot_terminal() if stdin is not a
tty. In this case we should not look whether -1 is set in fd_set, for it
can lead to a buffer overflow, which can be reproduced with
echo "xyz" | ./tools/kwboot -t /dev/ttyUSB0
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
On 32-bit ARM the compiler complains:
tools/kwbimage.c:547: warning: format ‘%lu’ expects argument of type
‘long unsigned int’, but argument 4 has
type ‘unsigned int’
Fix this by using %zu instead of %lu format specifier.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmFR2fMRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreaAnAf/ZKPy3CRphbgAmbLhNQhQGpLosLcFp343
cv53gfsv1DakLRrhqMSnOQSVoTg9P22uHbooDDR9WHfZyEL6tvGZ+dgN2/wlDhDj
wbvvsM7FB+uvLVfMF3MURQBvy4dPO+FyCm/uHmry2V2uqWPw4ss+aVhxeQ5s4/oI
LpS6yaiM8UAj2GTUZSqJ1+/W7YG9N6tL73n0PDyCvSrdCkyPWqpww1rtST88SfFI
bBEWc6ksna/29haOwHQ2xopEbVxtHv2byULfqUtnsbtE4Ozw8o0fx66tdwPHTQlM
7eSuRiEbqjlJuUZFIbMat7nb7inZkaWupZ/Sr1HUUiDdKMygrRsQhg==
=x8Uf
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-next-27sep21' of https://source.denx.de/u-boot/custodians/u-boot-dm into next
Various of-platdata improvements, including CONFIG_OF_REAL
This function is available but not exported. More generally it does not
really work as intended.
Reimplement it and add a sandbox test too.
Signed-off-by: Simon Glass <sjg@chromium.org>
When printing full help output from a tool, we should be able to handle
a PAGER variable which includes arguments, e.g. PAGER='less -F'.
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
Collect the code for printing the full help message of patman, buildman
and binman into a single function in patman.tools.
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
genimage [1] is a tool to create flash/disk images. This is required
by some targets, e.g.: sifive_unleashed, to generate sdcard or spi-nor
images for real hardware, as well as U-Boot CI testing.
[1] https://github.com/pengutronix/genimage
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
At present U-Boot CI testing is still using QEMU 4.2.0 which is
pretty old. Let's bump up to QEMU 6.1.0.
ninja-build is added as the prerequisite required by QEMU 6.1.0.
Note there is a bug in QEMU 6.1.0 Xilinx Zynq UART emulation codes.
A quick fix [1] was posted on QEMU mailing list but it it too late
for 6.1.0 release. Let's manually apply the bug fix on top of the
v6.1.0 release tag at the time being.
[1] http://patchwork.ozlabs.org/project/qemu-devel/patch/20210823020813.25192-2-bmeng.cn@gmail.com/
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The DM binary runs on the MCU R5F Core0 after R5 SPL on J721E and J7200
SoCs. The binary is built alongside the TFA, OPTEE and A72 SPL binaries
and included in the tispl.bin FIT image. The R5 SPL loads the DM binary
at 0xA0000000 address, based on the value used in the FIT image build
script. The DM binary though is an ELF image and not a regular binary
file, and so is processed further to load the actual program segments
using the U-Boot's standard ELF loader library.
The DM binary does leverage a certain portion of DDR for its program
segments, and typically reserves 16 MB of DDR at 0xA0000000 with the
1st MB used for IPC between Linux and the remote processor, and
remaining memory for firmware segments. This can cause an incomplete
loading of the program segments if the DM binary is larger than 1 MB,
due to overlap of the initial loaded binary and the actual program
segments.
Fix this by using the address 0x89000000, which matches the current
"addr_mcur5f0_0load" env variable used by R5 SPL before the DM firmware
inclusion into the tispl.bin.
Fixes: df5363a67f ("tools: k3_fit_atf: add DM binary to the FIT image")
Signed-off-by: Suman Anna <s-anna@ti.com>
Rename these options so that CONFIG_IS_ENABLED can be used with them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jaehoon Chung <jh80.chung@samsung.com>
[trini: Fixup some incorrect renames]
Signed-off-by: Tom Rini <trini@konsulko.com>
On some cases, the actual number of bytes read can be shorter
than what was requested. This can be handled gracefully by
taking this difference into account instead of exiting.
Signed-off-by: Thibault Ferrante <thibault.ferrante@gmail.com>
Currently, an empty imput file causes `mmap()` to fail, and you get an
error like "mkimage: Can't read file.img: Invalid argument", which is
extremely unintuitive and hard to diagnose if you don't know what to
look for. Add an explicit check for an empty file and provide a clear
error message instead.
We already bounds check the image size when listing and re-signing
existing images, so we only need this check here, when opening data
files going into a image.
Signed-off-by: Thomas Hebb <tommyhebb@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Support for register headers in v1 images was implemented in commit
02ba70ad68 ("tools: kwbimage: Add support for DATA command also for v1
images"). So remove old comment.
Signed-off-by: Pali Rohár <pali@kernel.org>
Fixes: 02ba70ad68 ("tools: kwbimage: Add support for DATA command also for v1 images")
Reviewed-by: Stefan Roese <sr@denx.de>
image_get_csk_index() may return -1 in case of an error. Don't use this
value as index.
This resolves Coverity CID 338488
Memory - illegal accesses (NEGATIVE_RETURNS)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Pali Rohár <pali@kernel.org>
Always check the return value of fopen().
This resolves Coverity CID 338491:
Null pointer dereferences (NULL_RETURNS)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Pali Rohár <pali@kernel.org>
There are already IBR_HDR_* constants for these numbers, so use them.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Part of image data is 4 byte checksum, so every image must contain at least
4 bytes. Verify it to prevent memory corruptions.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Only image versions 0 and 1 are supported. Verify it in
kwbimage_verify_header() function.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This case was intended to check that widening an int array with an int
does nothing. Fix it.
Reported-by: Walter Lozano <walter.lozano@collabora.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
In some cases 'patman status' leaves a blank line between the sign-off
and the tags it collects from patchwork. Fix this and add a test.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current stable release of LLVM is 12, update to that. While at it,
fix that we had not correctly upgraded to LLVM 11 previously.
Signed-off-by: Tom Rini <trini@konsulko.com>
At present if we see 'ranges' property (with no value) we assume it is a
boolean, as per the devicetree spec.
But another node may define 'ranges' with a value, forcing us to widen it
to an int array. At present this is not supported and causes an error.
Fix this and add some test cases.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
An int array can hold a single int so we should not need to do anything
in the widening operation. However due to a quirk in the code, an int[3]
widened with an int produced an int[4]. Fix this and add a test.
Fix a comment typo while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
The current name is confusing because the logic is actually backwards from
what you might expect. Rename it to needs_widening() and update the
comments.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some of the more advanced features of this tool don't work anymore since
kconfiglib was update. Update the code accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a error in patman tool when the commit message contents an invalid
tag "Serie-.*" instead of "Series-.*".
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Extracting is now supported by dumpimage, so mention it in help instead
of `kwbimage -x`.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The kwbimage library does not support extracting subimages. Implement it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
This padding depends on board config file and therefore it makes the
mkimage binary tool board specific, which is not correct. One cannot use
mkimage tool built as a result for board A to generate images for board
B, even if both A and B are on the same platform.
This CONFIG_SYS_U_BOOT_OFFS padding was needed when kwbimage v1 contained
SPL code which loaded U-Boot proper based on CONFIG_SYS_U_BOOT_OFFS,
instead of reading correct offset from kwbimage header.
Now that SPL code parses kwbimage header and deterinate correct offset,
there is no need for this CONFIG_SYS_U_BOOT_OFFS padding anymore.
By removing it we also reduce the size of SPL code and therefore also
decrease the final size of v1 kwbimage. This means there is more space
for U-Boot proper binary.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Function image_version() returns unsigned value, so it can never be
negative. Explicitly check for two supported image versions: v0 and v1.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Too small invalid headers may cause kwboot to crash.
Check for header size of v1 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Add missing curly brackets for this else statement.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Print trailing newline as the last printed byte can be something
different.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Call tcsetattr() only if the file descriptor is valid. It may be
invalidated by previous lines (if it is not a tty descriptor).
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The 'buf' variable is a pointer and '_buf' is the array itself.
Therefore we should pass sizeof(_buf) instead of sizeof(buf) to read().
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
There is no code for extracting data from kwbimage, so show an error
message when user tries this via e.g. dumpimage call:
./tools/dumpimage -T kwbimage -o /tmp/out u-boot-spl.kwb
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Trying to call the following command causes NULL pointer dereference in
strlen():
./tools/dumpimage -T kwbimage -o /tmp/out u-boot-spl.kwb
Fix it by checking whether params->imagename is non-NULL before calling
strlen().
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
These structures must have specific size without padding, so mark them as
packed via the de-facto standard macro __packed. Also replace PACKED
macro.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The mkimage host tool can be used to generate kwbimage v1 image with
secure header on host system for A38x plaform also when U-Boot is being
compiled for different platform. So there is no reason to not allow
compiling of mkimage/kwbimage with secure header support for e.g. x86-64
host.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
This command is supported only by v1 images and specifies a milliseconds
delay after executing some set of DATA commands. The special string value
SDRAM_SETUP instructs BootROM to setup SDRAM controller instead of
executing delay. SDRAM_SETUP may be specified only once and after the
last DATA command.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
The DATA command is already supported by mkimage for v0 images, but not
for v1 images.
BootROM code which executes v1 images also supports DATA command via an
optional extended v1 header OPT_HDR_V1_REGISTER_TYPE.
Implement support for DATA command for v1 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
The PAYLOAD keyword does nothing. No code is using it and both mkimage
and kwbimage completely ignore it. It looks like a relict from the past.
The payload image itself can be specified only via -d parameter to
mkimage.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
The kwbimage v1 format supports multiple BINARY executable headers.
Add support for it into mkimage/kwbimage tool.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
Binary header consist of:
* 1 byte for header type
* 3 bytes for header size
* 1 byte for number of arguments
* 3 reserved bytes
* N*4 bytes for arguments
* M bytes (aligned to 4 bytes) for executable data
* 1 byte for information about next header
* 3 reserved bytes
The first four bytes are specified as
sizeof(struct opt_hdr_v1)
and the remaining bytes as
ALIGN(s.st_size, 4) + (binarye->binary.nargs + 2) * sizeof(uint32_t)
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The number is stored in one byte, so the maximum should be 255.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The data part of v1 kwbimage currently contains U-Boot binary prepended
by 64 bytes long Legacy U-Boot image header. This means that the load
address is currently substracted by 64 bytes to ensure that U-Boot's
entry point is at specified execution address.
As mkimage has already separate arguments for load (-a) and execution
(-e) address, there is no need to derive fixed load address from
execution address.
Therefore remove this load address hack from the kwbimage tool and
support generating v1 kwbimage with arbitrary addresses for load and
execution.
Finally, calculate correct load address by caller for mkimage tool in
Makefile. File u-boot-spl.kwb is always a v1 kwbimage and it is the only
v1 kwbimage which U-Boot's build system generates.
Remove also useless overwriting of destaddr for /binary.0 to the value
which is already set on previous lines.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Remove this space, since the constants are indented by tabs.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The binary header in kwbimage contains executable SPL code.
Print information about this binary header and not only information
about it's data part.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The data part of v1 images contains 32-bit checksum after the data.
Validate whether this checksum is correct.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Add basic checks for extended headers of v1 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Extended header checksum for v0 image is present only in the case when
extended header is present. Skip checksum validation if extended header
is not present.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
In the case when the file name is specified relative to the current
working directory, it does not contain '/' character and strrchr()
returns NULL.
The following strcmp() function then crashes on NULL pointer
dereference.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
SATA and SDIO images must be aligned to sector size (which in most cases
is 512 bytes) and Source Address in main header is stored in number of
sectors from the beginning of the drive. SATA image must be stored at
sector 1 and SDIO image at sector 0. Source Address for PCIe image is
not used and must be set to 0xFFFFFFFF.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Add constant for SDIO value of the bootfrom header field.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Writing into SPI NOR and NAND memory can be done only in 256 bytes long
blocks. Align final image size so that when it is burned into SPI NOR or
NAND memory via U-Boot's commands (sf or mtd), we can use the $filesize
variable directly as the length argument.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The return value of kwbimage_generate() is used for aligning the data
part of kwbimage. Use it for calculating proper 4 byte alignment as is
required by BootROM and also use it for allocating additional 4 bytes
for the 32-bit data checksum.
This simplifies the alignment code to be only at one place (in function
kwbimage_generate) and also simplifies setting checksum as it can be
directly updated in memory.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The CONFIG_SYS_U_BOOT_OFFS option may be defined as empty string.
In this case it causes compilation error:
tools/kwbimage.c: In function ‘image_headersz_v1’:
tools/kwbimage.c:1002:39: error: expected expression before ‘)’ token
if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
^
tools/kwbimage.c:1006:41: error: expected expression before ‘)’ token
(int)headersz, CONFIG_SYS_U_BOOT_OFFS);
^
tools/kwbimage.c:1011:35: error: expected expression before ‘;’ token
headersz = CONFIG_SYS_U_BOOT_OFFS;
^
make[1]: *** [scripts/Makefile.host:112: tools/kwbimage.o] Error 1
make: *** [Makefile:1822: tools] Error 2
Check whether the value of CONFIG_SYS_U_BOOT_OFFS is really set.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
One of binman's attributes is that it is extremely fast, at least for a
Python program. Add some simple timing around operations that might take
a while, such as reading an image and compressing it. This should help
to maintain the performance as new features are added.
This is for debugging purposes only.
Signed-off-by: Simon Glass <sjg@chromium.org>
If the process outputs a lot of data on stdout this can be quite slow,
since the bytestring is regenerated each time. Use a bytearray instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
The constructor should not read the node information. Move it to the
ReadNode() method instead. This allows this etype to be subclassed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some images may take a while to build, e.g. if they are large and use slow
compression. Support compiling sections in parallel to speed things up.
Signed-off-by: Simon Glass <sjg@chromium.org>
(fixed to use a separate test file to fix flakiness)
At present compression uses the same temporary file for all invocations.
With multithreading this causes the data to become corrupted. Use a
different filename each time.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present if a driver is missing a uclass or compatible stirng, this
is silently ignored. This makes sense in most cases, particularly for
the compatible string, since it is not required except when the driver
is used with of-platdata.
But it is also not very helpful. When there is some sort of problem
with a driver, the missing compatible string (for example) may be the
cause.
Add a warning in this case, showing it only for drivers which are used
by the build.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
Some rockchip drivers use a suffix on the of_match line which is not
strictly valid. At present this causes the parsing to fail. Fix this
and offer a warning.
Signed-off-by: Simon Glass <sjg@chromium.org>
This expects a . before the field name (.e.g '.compatible = ...) but
presently accepts anything at all. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
At present we show when a driver is missing but this is not always that
useful. There are various reasons why a driver may appear to be missing,
such as a parse error in the source code or a missing field in the driver
declaration.
Update the implementation to record all warnings for each driver, showing
only those which relate to drivers that are actually used. This avoids
spamming the user with warnings related to a driver for a different board.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
Use this parser instead of OptionParser, which is deprecated.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
These are not supported before Python 3.6 so avoid them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
commit 322c813f4b ("mkeficapsule: Add support for embedding public key in a dtb")
added a bunch of options enabling the addition of the capsule public key
in a dtb. Since now we embedded the key in U-Boot's .rodata we don't this
this functionality anymore
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Host tool features, such as mkimage's ability to sign FIT images were
enabled or disabled based on the target configuration. However, this
misses the point of a target-agnostic host tool.
A target's ability to verify FIT signatures is independent of
mkimage's ability to create those signatures. In fact, u-boot's build
system doesn't sign images. The target code can be successfully built
without relying on any ability to sign such code.
Conversely, mkimage's ability to sign images does not require that
those images will only work on targets which support FIT verification.
Linking mkimage cryptographic features to target support for FIT
verification is misguided.
Without loss of generality, we can say that host features are and
should be independent of target features.
While we prefer that a host tool always supports the same feature set,
we recognize the following
- some users prefer to build u-boot without a dependency on OpenSSL.
- some distros prefer to ship mkimage without linking to OpenSSL
To allow these use cases, introduce a host-only Kconfig which is used
to select or deselect libcrypto support. Some mkimage features or some
host tools might not be available, but this shouldn't affect the
u-boot build.
I also considered setting the default of this config based on
FIT_SIGNATURE. While it would preserve the old behaviour it's also
contrary to the goals of this change. I decided to enable it by
default, so that the default build yields the most feature-complete
mkimage.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
image-sig.c is used to map a hash or crypto algorithm name to a
handler of that algorithm. There is some similarity between the host
and target variants, with the differences worked out by #ifdefs. The
purpose of this change is to remove those ifdefs.
First, copy the file to a host-only version, and remove target
specific code. Although it looks like we are duplicating code,
subsequent patches will change the way target algorithms are searched.
Besides we are only duplicating three string to struct mapping
functions. This isn't something to fuss about.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This value is either 0 for success or -1 for error. Coverity reports that
"ret" is passed to a parameter that cannot be negative, pointing to the
condition 'if (ret < 0)'.
Adjust it to just check for non-zero and avoid showing -1 in the error
message, which is pointless. Perhaps these changes will molify Coverity.
Reported-by: Coverity (CID: 312956)
Signed-off-by: Simon Glass <sjg@chromium.org>
With of-platdata-inst we want to set up a reference to each devices'
parent device, if there is one. If we find that the device has a parent
(i.e. is not a root node) but it is not in the list of devices being
written, then we cannot create the reference.
Report an error in this case, since it indicates that the parent node
is either missing a compatible string, is disabled, or perhaps does not
have any properties because it was not tagged for SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
The return value '-ENOSPC' of fit_set_timestamp function does not match
the caller fit_image_write_sig's expection which is '-FDT_ERR_NOSPACE'.
Fix it by not calling fit_set_timestamp, but call fdt_setprop instead.
This fixes a following mkimage error:
| Can't write signature for 'signature@1' signature node in
| 'conf@imx6ull-colibri-wifi-eval-v3.dtb' conf node: <unknown error>
| mkimage Can't add hashes to FIT blob: -1
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Tested-by: Igor Opaniuk <igor.opaniuk@foundries.io>
When "mkimage -l" was run on a block device it would fail with
erroneous message, because fstat reports a size of zero for those:
mkimage: Bad size: "/dev/sdb4" is not valid image
This patch identifies the "is a block device" case and reports it as
such, and if it knows how to determine the size of a block device on
the current OS, proceeds.
As shown in
http://www.mit.edu/afs.new/sipb/user/tytso/e2fsprogs/lib/blkid/getsize.c
this is no portable task, and I only handled the case of a modern
Linux kernel, which is what I can test.
Signed-off-by: Yann Dirson <yann@blade-group.com>
- Move to gcc-11.1.0 builds from kernel.org for supported platforms and
LLVM-11 for those tests.
- As Heinrich has noted, the RISC-V platform specification has a profile
OS-A for running rich operating systems like Linux and BSD. This profile
requires 64bit and UEFI conforming to the EBBR. Only the 'embedded'
profile may use 32bit. Given this, drop grub for 32bit RISC-V as it no
longer compiles with gcc-11.1 and upstream is unlikely to fix it:
https://www.mail-archive.com/grub-devel@gnu.org/msg30736.html
- Update to grub-2.06 release to address other issues of building with
gcc-11.1.
- Update to newer Xtensa (gcc-9.2.0) and ARC (gcc-10.2) toolchains
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Rick Chen <rick@andestech.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
In commit 1e4687aa47 ("binman: Use target-specific tools when
cross-compiling"), a utility function was implemented to get preferred
compilation tools using environment variables like CC and CROSS_COMPILE.
Although it intended to provide custom default tools (same as those in
the global Makefile) when no relevant variables were set (for example
using "gcc" for "cc"), it is only doing so when CROSS_COMPILE is set and
returning the literal name of the tool otherwise.
Remove the check for an empty CROSS_COMPILE, which makes the function
use it as an empty prefix to the custom defaults and return the intended
executables.
Fixes: 1e4687aa47 ("binman: Use target-specific tools when cross-compiling")
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Move us up to being based on Ubuntu 20.04 "focal" and the latest tag
from Ubuntu for this release. For this, we make sure that "python" is
now python3 but still include python2.7 for the rx51 qemu build as that
is very old and does not support python3.
Signed-off-by: Tom Rini <trini@konsulko.com>
The filesystem and EFI (capsule and secure boot) test setups try to use
guestmount and virt-make-fs respectively to prepare disk images to run
tests on. However, these libguestfs tools need a kernel image and fail
with the following message (revealed in debug/trace mode) if it can't
find one:
supermin: failed to find a suitable kernel (host_cpu=x86_64).
I looked for kernels in /boot and modules in /lib/modules.
If this is a Xen guest, and you only have Xen domU kernels
installed, try installing a fullvirt kernel (only for
supermin use, you shouldn't boot the Xen guest with it).
This failure then causes these tests to be skipped in CIs. Install a
kernel package in the Docker containers so the CIs can run these
tests with libguestfs tools again (assuming the container is run with
necessary host devices and privileges). As this kernel would be only
used for virtualization, we can use the kernel package specialized for
that. On Ubuntu systems kernel images are not readable by non-root
users, so explicitly add read permissions with chmod as well.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add DM (device manager) firmware image to the fit image that is loaded by
R5 SPL. This is needed with the HSM rearch where the firmware allocation
has been changed slightly.
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Tero Kristo <kristo@kernel.org>
Add support for providing ATF load address with a Kconfig symbol.
Signed-off-by: Aswath Govindraju <a-govindraju@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: Suman Anna <s-anna@ti.com>
Link: https://lore.kernel.org/r/20210604163043.12811-2-a-govindraju@ti.com
For scenarios like OF_BOARD or OF_PRIOR_STAGE, no device tree blob is
provided in the U-Boot build phase hence the binman node information
is not available. In order to support such use case, a new Kconfig
option BINMAN_STANDALONE_FDT is introduced, to tell the build system
that a device tree blob containing binman node is explicitly required
when using binman to package U-Boot.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add an entry for RISC-V OpenSBI's 'fw_dynamic' firmware payload.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Rick Chen <rick@andestech.com>
Reviewed-by: Rick Chen <rick@andestech.com>
Currently there are 2 binman test cases using the same 172 number.
It seems that 172_fit_fdt.dts was originally named as 170_, but
commit c0f1ebe9c1 ("binman: Allow selecting default FIT configuration")
changed its name to 172_ for no reason. Let's change it back.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
It needs a space around '-a'.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Rick Chen <rick@andestech.com>
At present we sometimes see problems in gitlab where the environment has
0x80 characters or sequences which are not valid UTF-8.
Avoid this by using bytes for the environment, both internal to buildman
and when writing out the 'env' file. Add a test to make sure this works
as expected.
Reported-by: Marek Vasut <marex@denx.de>
Fixes: e5fc79ea71 ("buildman: Write the environment out to an 'env' file")
Signed-off-by: Simon Glass <sjg@chromium.org>
There have been at least a few cases where an exception has occurred in a
thread and resulted in buildman hanging: running out of disk space and
getting a unicode error.
Handle these by collecting a list of exceptions, printing them out and
reporting failure if any are found. Add a test for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
When used with hierarchical images, use the Chromium OS convention of
adding a section before all the subentries it contains.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use an interator in two of the fmap tests so it is easier to add new
items. Also check the name first since that is the first indication
that something is wrong. Use a variable for the expected size of the
fmap to avoid repeating the code.
Signed-off-by: Simon Glass <sjg@chromium.org>
Parse each empty-line-delimited message separately. This saves having to
deal with all the different line content styles, we only care about the
header ERROR | WARNING | NOTE...
Also make checkpatch print line information for a uboot specific
warning.
Signed-off-by: Evan Benn <evanbenn@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Given that we have tests that require pygit2 and it can be installed
like any other python module, fail much more loudly if it is missing.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
At present each invocation of run_steps() updates OUTPUT_FILES_COMMON,
since it does not make a copy of the dict. This is fine for a single
invocation, but for tests, run_steps() is invoked many times.
As a result it may include unwanted items from the previous run, if it
happens that a test runs twice on the same CPU. The problem has not been
noticied previously, as there are few enough tests and enough CPUs that
is is rare for the 'wrong' combination of tests to run together.
Fix this by making a copy of the dict, before updating it. Update the
tests to suit, taking account of the files that are no-longer generated.
With this fix, we no-longer generate files which are not needed for a
particular state of OF_PLATDATA_INST, so the check_instantiate() function
is not needed anymore. It has become dead code and so fails the
code-coverage test (dtoc -T). Remove it.
Signed-off-by: Simon Glass <sjg@chromium.org>
These two tests require an ELF image so that symbol information can be
written into the SPL/TPL binary. At present they rely on other tests
having set it up first, but every test must run independently. This can
cause occasional errors in CI.
Fix this by setting up the required files, as other tests do.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
It's not always desirable to use 'keydir' and some ad-hoc heuristics
to get the filename of the signing key. More often, just passing the
filename is the simpler, easier, and logical thing to do.
Since mkimage doesn't use long options, we're slowly running out of
letters. I've chosen '-G' because it was available.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
mkimage supports rsa2048, and rsa4096 signatures. With newer silicon
now supporting hardware-accelerated ECDSA, it makes sense to expand
signing support to elliptic curves.
Implement host-side ECDSA signing and verification with libcrypto.
Device-side implementation of signature verification is beyond the
scope of this patch.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
fdt_add_bignum() is useful for algorithms other than just RSA. To
allow its use for ECDSA, move it to a common file under lib/.
The new file is suffixed with '-libcrypto' because it has a direct
dependency on openssl. This is due to the use of the "BIGNUM *" type.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
rsa-checksum.c sontains the hash_calculate() implementations. Despite
the "rsa-" file prefix, this function is useful for other algorithms.
To prevent confusion, move this file to lib/, and rename it to
hash-checksum.c, to give it a more "generic" feel.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Skip the processing of *.aml and *.dat files while iterating through the
source in order to process header files.
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
strn(cat|cpy) has a bad habit of not nul-terminating the destination,
resulting in constructions like
strncpy(foo, bar, sizeof(foo) - 1);
foo[sizeof(foo) - 1] = '\0';
However, it is very easy to forget about this behavior and accidentally
leave a string unterminated. This has shown up in some recent coverity
scans [1, 2] (including code recently touched by yours truly).
Fortunately, the guys at OpenBSD came up with strl(cat|cpy), which always
nul-terminate strings. These functions are already in U-Boot, so we should
encourage new code to use them instead of strn(cat|cpy).
[1] https://lists.denx.de/pipermail/u-boot/2021-March/442888.html
[2] https://lists.denx.de/pipermail/u-boot/2021-January/438073.html
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Show short arguments along with long arguments in online help:
$ tools/mkeficapsule -h
Usage: mkeficapsule [options] <output file>
Options:
-f, --fit <fit image> new FIT image file
-r, --raw <raw image> new raw image file
-i, --index <index> update image index
-I, --instance <instance> update hardware instance
-K, --public-key <key file> public key esl file
-D, --dtb <dtb file> dtb file
-O, --overlay the dtb file is an overlay
-h, --help print a help message
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Bitmap files should not be executable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Michael Trimarchi <michael@amarulasolutions.com>
Fix the warning by set the variable zero to uint64_t
"warning: ‘write’ reading 5 bytes from a region of size 4"
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Integrate the Dockerfile from
https://source.denx.de/u-boot/gitlab-ci-runner.git as of
commit bc6130d572f1 ("Dockerfile: Remove high UID/GID") and introduce a
short rST on how to build the container.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
This existing code assumes that a reg property is larger than one cell,
but this is not always the case. Fix this assumption.
Also if a node's parent is missing the #address-cells and #size-cells
properties we use 2 as a default for each. But this should not happen in
practice. More likely the properties were removed for SPL due to there
being no 'u-boot,dm-pre-reloc' property, or similar. Add a warning for
this as the failure can be very confusing.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present an empty size is considered to be a 64-bit value. This does not
seem useful and wastes space. Limit the 64-bit detection to where one or
both of the addr/size is two cells or more.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present warnings are shown as soon as they are discovered in the
source scannner. But the function that detects them may be called multiple
times.
Collect all the warnings and show them at the end.
Signed-off-by: Simon Glass <sjg@chromium.org>
The environment may contain some unicode characters. At least that is what
seemed to happen on one commit:
Building current source for 1 boards (0 threads, 64 jobs per thread)
0 0 0 /1 -1 (starting)
Traceback (most recent call last):
File ".../tools/buildman/buildman", line 64, in <module>
ret_code = control.DoBuildman(options, args)
File "tools/buildman/control.py", line 372, in DoBuildman
options.keep_outputs, options.verbose)
File ".../tools/buildman/builder.py", line 1704, in BuildBoards
results = self._single_builder.RunJob(job)
File ".../tools/buildman/builderthread.py", line 526, in RunJob
self._WriteResult(result, job.keep_outputs, job.work_in_output)
File ".../tools//buildman/builderthread.py", line 349, in _WriteResult
print('%s="%s"' % (var, env[var]), file=fd)
UnicodeEncodeError: 'ascii' codec can't encode characters in position
311-312: ordinal not in range(128)
The problem defies repetition with any change at all to buildman. But
let's set an encoding in any case.
Signed-off-by: Simon Glass <sjg@chromium.org>
While we cannot know which commit the warning relates to, this should not
be fatal. Print the warning and carry on.
Signed-off-by: Simon Glass <sjg@chromium.org>
On Arm-based Macs, -no_pie is ignored and gives a linker warning.
Moreover, the build falls over with:
ld: Absolute addressing not allowed in arm64 code but used in '_image_type_ptr_aisimage' referencing '_image_type_aisimage'
for dumpimage and mkimage, since we put data structs in text sections
not data sections and so cannot have dynamic relocations. Instead, move
the sections to __DATA and drop disabling PIE.
Signed-off-by: Jessica Clarke <jrtc27@jrtc27.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a few more internal checks to make sure offsets are correct, before
updating the dtb.
To make this easier, update the functions which add a property to return
that property,.
Signed-off-by: Simon Glass <sjg@chromium.org>
So far we have only needed to add subnodes to empty notds, so have not
had to deal with ordering. However this feature is needed for binman's
expanded nodes, since there may be another node in the same section.
While libfdt adds new properties after existing properties, it adds new
subnodes before existing subnodes. This means that we must reorder the
nodes in the cached version, so that the ordering remains consistent.
Update the sync implementation to sync existing subnodes first, then
add new ones, then tidy up the ordering in the cached version. Update the
test to cover this behaviour.
Also improve the comment about property syncing while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new test that adds a subnode alongside an existing one, as well as
adding properties to a subnode. This will expand to adding multiple
subnodes in future patches. Put a node after the one we are adding to so
we can check that things sync correctly.
The testAddNode() test should be in the TestNode class since it is a node
test, so move it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Once the tree has been synced, thus potentially moving things around in the
fdt, we set _cached_offsets to False so that a refresh will happen next
time a property is accessed.
This 'lazy' refresh doesn't really save much time, since refresh is a very
fast operation, just a single walk of the tree. Also, having the refresh
happen in the bowels of property access it makes it harder to figure out
what is going on.
Simplify the code by always doing a refresh before and after a sync. Set
_cached_offsets to True immediately after this, in the Refresh() function,
since this makes more sense than doing it in the caller.
Signed-off-by: Simon Glass <sjg@chromium.org>
If a property does not yet have an offset, then that means it exists in
the cache'd fdt but has not yet been synced back to the flat tree. Use
the dirty flag for this so we don't need to check the offset too. Improve
the comments for Prop and Node to make it clear what an offset of None
means.
Also clear the dirty flag after the property is synced.
Signed-off-by: Simon Glass <sjg@chromium.org>
Sometimes it is useful to specify the default alignment for all entries
in a section, such as when word-alignment is necessary, for example. It
is tedious and error-prone to specify this individually for each section.
Add a property to control this for a section.
Signed-off-by: Simon Glass <sjg@chromium.org>
Generally the content of sections is not built until the final assembly
of the image. This is partly to avoid wasting time, since the entries
within sections may change multiple times as binman works through its
various stages. This works quite well since sections exist in a strict
hierarchy, so they can be processed in a depth-first manner.
However the 'collection' entry type does not have this luxury. If it
contains a section within its 'content' list, then it must produce the
section contents, if available. That section is typically a sibling
node, i.e. not part oc the collection's hierarchy.
Add a new 'required' argument to section.GetData() to support this. When
required is True, any referenced sections are immediately built. If this
is not possible (because one of the subentries does not have its data yet)
then an error is produced.
The test for this uses a 'collection' entry type, referencing a section as
its first member. This forces a call to _BuildSectionData() with required
set to False, at first, then True later, when the image is assembled.
Signed-off-by: Simon Glass <sjg@chromium.org>
The vblock entry type includes code to collect the data from a number of
other entries (not necessarily subentries) and concatenating it. This is
a useful feature for other entry types.
Make it a base class, so that vblock can use it, along with other entry
types.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present there is a command-line flag to disable substitution of expanded
entries. Add an option to the entry node as well, so it can be controlled
at the node level.
Add a test to cover this. Fix up the comment to the checkSymbols() function
it uses, while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Many entries start 'Entry containing a'. This looks fine in the source
code but is annoying when viewed in the htmldocs table of contents. Drop
these unnecessary words.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a link to binman's documentation and adjust the files so that it is
accessible. Use the name README.rst so it is easy to discover when binman
is installed without U-Boot.
Signed-off-by: Simon Glass <sjg@chromium.org>
When creating an entry, check for an expanded version of that entry, then
use it instead. This allows, for example use of:
u-boot {
};
instead of having to write out in full:
u-boot {
type = "section";
u-boot-nodtb {
};
u-boot-dtb {
};
};
Add an implementaion of this and associated documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for this feature in the control, image and section modules, so
that expanded entries will be selected by default. So far there are no
expanded entry types, so this is a nop.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new command-line option to disable expanded entries. This is needed
for most tests, since it is much easier to 'factor out' this function into
a separate test and keep the existing packing tests simple.
Add the option and select it by default from tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
As the first step in supporting expanded entries, add a way for binman to
automatically select an 'expanded' version of an entry type, if requested.
This is controlled by a class method.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present, before any entry expansion is done (such as a 'files' entry
expanding out to individual entries for each file it contains), we check
the binman definition (i.e. '/binman' node) to find out what devicetree
files are used in the images.
This is a pain, since the definition may change during expansion. For
example if there is no u-boot-spl-dtb entry in the definition at the start,
we assume that the SPL devicetree is not used. But if an entry later
expands to include this, then we don't notice.
In fact the flexibility provided by the current approach of checking the
definition is not really useful. We know that we can have SPL and TPL
devicetrees. We know the pathname to each, so we can simply check if the
files are present. If they are present, we can prepare them and update
them regardless of whether they are actually used. If they are not present,
we cannot prepare/update them anyway, i.e. an error will be generated.
Simplify state.Prepare() so it uses a hard-coded list of devicetree files.
Note that state.PrepareFromLoadedData() is left untouched, since in that
case we have a complete definition from the loaded file, but cannot of
course rely on the devicetree files that created it still being present.
So in that case we still check the image defitions.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we store an entry as the third field in output_fdt_info[].
This is only used to get the type of the entry. Of course multiple entries
may have this same type. Also the entry type is the key to this dict, so
we can use that instead.
Drop the field and update GetUpdateNodes() to suit. Improve the comment for
output_fdt_info a little while here.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we always use the main devicetree for SPL/TPL as well when
setting up the state. But this it not needed if there is a real devicetree
for SPL or TPL. In fact it confuses things since we cannot distinguish
between one being provided and using the fake one.
Update the code to create the fakes only when requested. Put the mapping
in a constant so we can use it elsewhere.
Rename 'other_fname' to 'fname' while we are here since there is nothing
'other' about it.
Signed-off-by: Simon Glass <sjg@chromium.org>
A few tests declare a type when this can be inferred from the node name.
Drop these lines, since it might cause confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
This entry holds the padding between the end of of TPL binary and the
end of BSS. This region must be left empty so that the devicetree can be
appended correctly and remain accessible without interfering with BSS.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since this is an execuable we should be able insert symbol values into it.
Add support for this.
Use common code for this test and the original testSymbols. Use hex
consistently for the values and add some more comments.
Signed-off-by: Simon Glass <sjg@chromium.org>
The documentation for this entry indicates that the SPL binary is included
along with the padding. It is not, so update it to correct the error.
Signed-off-by: Simon Glass <sjg@chromium.org>
Several entries currently use an underscore in the entry-type name, but in
fact a hyphen is used. Update the docs to fix this as it might be
confusing.
Also simplify the 'filename' comment and fix the 'operation' typo.
Signed-off-by: Simon Glass <sjg@chromium.org>
Regenerate the entry documentation, which step was missed when the
files-align feature was added.
Fixes: 6eb9932668 ("binman: Support alignment of files")
Signed-off-by: Simon Glass <sjg@chromium.org>
Move the documentation to the base method as it is with other methods.
Also update it a little while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Extracting files to the current directory is not normally a very friendly
thing to do, but it can be warranted, e.g. in a new temporary dir. At
present binman reports an error when such an attempt is made. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present all possible files are generated, even if some of them just
have a header and an empty body. It is better to generate only the files
that are needed, so that the two types of build (based on the setting of
OF_PLATDATA_INST) can be mutually exclusive.
This is intended to fix a strange problem sometimes found with CI:
Building current source for 1 boards (1 thread, 40 jobs per thread)
sandbox: + sandbox_spl
+drivers/built-in.o: In function `dm_setup_inst':
+drivers/core/root.c:135: undefined reference to
`_u_boot_list_2_udevice_2_root'
+dts/dt-uclass.o:(.u_boot_list_2_uclass_2_serial+0x10): undefined
reference to `_u_boot_list_2_udevice_2_serial'
...
This likely happens when switching from !OF_PLATDATA_INST to
OF_PLATDATA_INST since running 'make xxx_defconfig" does not currently
cause any change in which files are generated. With !OF_PLATDATA_INST
the dt-device.c file has no declarations and this is assumed to be the
starting state. The error above seems to indicate that, after changing
to OF_PLATDATA_INST, the dt-uclass.c file is regenerated but the
dt-device.c files is not. This does not seem possible from the relevant
Makefile.spl rule:
u-boot-spl-platdata := $(obj)/dts/dt-plat.o $(obj)/dts/dt-uclass.o
$(obj)/dts/dt-device.o
cmd_dtoc = $(DTOC_ARGS) -c $(obj)/dts -C include/generated all
include/generated/dt-structs-gen.h $(u-boot-spl-platdata_c) &: \
$(obj)/$(SPL_BIN).dtb
@[ -d $(obj)/dts ] || mkdir -p $(obj)/dts
$(call if_changed,dtoc)
It seems that this cannot regenerate dt-uclass.c without dt-device.c since
'dtoc all' is used. So here the trail ends for now.
In any case it seems better to generate files that are uses and not bother
with those that serve no purpose. So update dtoc to do this automatically.
Signed-off-by: Simon Glass <sjg@chromium.org>
We can use extern instead, so let's drop these macros. It adds one more
thing to learn about and doesn't make the code any clearer.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for generating a file containing udevice instances. This
avoids the need to create these at run time.
Update a test uclass to include a 'per_device_plat_auto' member, to
increase test coverage.
Add another tab to the driver_info output so it lines up nicely like the
device-instance output.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for generating a file containing uclass instances. This avoids
the need to create these at run time.
Update a test uclass to include a 'priv_auto' member, to increase test
coverage.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a summary to the top of the generated code, to make it easier to see
what the file contains.
Also add a tab to .plat so that its value lines up with the others.
Signed-off-by: Simon Glass <sjg@chromium.org>
For now dtoc only supports a hard-coded list of phandle properties, to
avoid any situation where it makes a mistake in its determination.
Make this into a constant dict, recording both the phandle property name
and the associated #cells property in the target node. This makes it
easier to find and modify.
Signed-off-by: Simon Glass <sjg@chromium.org>
This file is not used when instantiating devices. Update dtoc to skip
generating its contents and just add a comment instead.
Also it is useful to see the driver name and parent for each device.
Update the file to show that information, to avoid updating the same
tests twice.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add an option to generate the declaration file, which declares all
drivers and uclasses, so references can be used in the code.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add an option to instantiate devices at build time. For now this just
parses the option and sets up a few parameters.
Signed-off-by: Simon Glass <sjg@chromium.org>
The device for the root node is normally bound by driver model on init.
With devices being instantiated at build time, we must handle the root
device also.
Add support for processing the root node, which may not have a compatible
string.
Signed-off-by: Simon Glass <sjg@chromium.org>
We only care about uclasses that are actually used. This is determined by
the drivers that use them. Check all the used drivers and build a list of
'valid' uclasses.
Also add references to the uclasses so we can generate C code that uses
them. Attach a uclass to each valid driver.
For the tests, now that we have uclasses we must create an explicit test
for the case where a node does not have one. This should only happen if
the source code does not build, or the source-code scanning fails to find
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Now that we have the alias information we can assign a sequence number
to each device in the uclass. Store this in the node associated with each
device.
This requires renaming the sandbox test drivers to have the right name.
Note that test coverage is broken with this patch, but fixed in the next
one.
Signed-off-by: Simon Glass <sjg@chromium.org>
If a driver declaration is included in a comment, dtoc currently gets
confused. Update the parser to only consider declarations that begin at
the start of a line. Since multi-line comments begin with an asterisk,
this avoids the problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
