Add support for setting OEM flags in the capsule header. As per the
UEFI specification, bits 0-15 of the flags member of the capsule
header can be defined per capsule GUID.
The oemflags will be used for the FWU Multi Bank update feature, as
specified by the Dependable Boot specification[1]. Bit
15 of the flags member will be used to determine if the
acceptance/rejection of the updated images is to be done by the
firmware or an external component like the OS.
[1] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
The Dependable Boot specification[1] describes the structure of the
firmware accept and revert capsules. These are empty capsules which
are used for signalling the acceptance or rejection of the updated
firmware by the OS. Add support for generating these empty capsules.
[1] - https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Add test cases for accessing the FWU Metadata on the sandbox
platform. The sandbox platform also uses the metadata access driver
for GPT partitioned block devices.
The FWU feature will be tested on the sandbox64 variant with a raw
capsule. Remove the FIT capsule testing from sandbox64 defconfig --
the FIT capsule test will be run on the sandbox_flattree variant.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
In some cases the ELF version of SPL builds may be packaged, rather
than a binary .bin file. Add support for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
This feature is used by several etypes and we plan to add more that use
it. Make symbol writing a feature of the base class to reduce the code
duplication.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current name is inconsistent with SPL which uses CONFIG_SPL_TEXT_BASE
and this makes it imposible to use CONFIG_VAL().
Rename it to resolve this problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is needed for some soon-to-be-applied patches. Scan the configs/
directory to see if any of the files match.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com>
Suggested-by: Tom Rini <trini@konsulko.com>
- simplefb rotation support
- support splash as raw image from MMC
- enhancements to Truetype console (multiple fonts and sizes)
- drop old LCD support
-----BEGIN PGP SIGNATURE-----
iGwEABECACwWIQSC4hxrSoIUVfFO0kRM6ATMmsalXAUCY17nfA4cYWd1c3RAZGVu
eC5kZQAKCRBM6ATMmsalXPPoAJ0UYyt3kwslUlAJhOC+KU9UlYnVuwCbBXIQyBua
K5clq+GyxXfaDl2Hnvc=
=XXVp
-----END PGP SIGNATURE-----
Merge tag 'video-20221030' of https://source.denx.de/u-boot/custodians/u-boot-video
- fix [hv]sync active vs back porch in dw_mipi_dsi
- simplefb rotation support
- support splash as raw image from MMC
- enhancements to Truetype console (multiple fonts and sizes)
- drop old LCD support
Adding support to symlink an image packaged using binman.
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Just like we exclude data-size, data-position, and data-offset from
fit_config_check_sig, we must exclude them while signing as well.
While we're at it, use the FIT_DATA_* defines for fit_config_check_sig
as welll.
Fixes: 8edecd3110 ("fit: Fix verification of images with external data")
Fixes: c522949a29 ("rsa: sig: fix config signature check for fit with padding")
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman needs this module to build sandbox_vpl and it is needed elsewhere
in CI.
Add it to the docker file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xpyron.glpk@gmx.de>
Putting these definitions in a header will allow signatures to be
validated independently of bootm.
Signed-off-by: Steven Lawrance <steven.lawrance@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
riscv32 needs a different toolchain than riscv64
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Rick Chen <rick@andestech.com>
For building riscv32 targets we should use the riscv32 toolchain.
Add it to the Docker image.
Drop the riscv toolchain-alias as we do not need it in future.
While in here, update to the latest "jammy" tag.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Rick Chen <rick@andestech.com>
[trini: Update to latest jammy tag]
Signed-off-by: Tom Rini <trini@konsulko.com>
BootROM loads kwbimage header to L2-SRAM and BootROM reserve only 192 kB for it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
This is not needed and we should avoid typedefs. Use the struct instead
and rename it to indicate that it really is a legacy struct.
Signed-off-by: Simon Glass <sjg@chromium.org>
The function calls opendir() but missing the corresponding
closedir() before exit the function.
Add missing closedir() to fix it.
Signed-off-by: Miaoqian Lin <linmq006@gmail.com>
This patch adds more nand headers in two new types:
1. HSM header, used for spi-nand thru SNFI interface
2. SPIM header, used for spi-nand thru spi-mem interface
The original nand header is renamed to AP header.
Tested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
The predefined NAND headers take too much spaces in the mtk_image.c.
Moving them into a new file can significantly improve the readability of
both mtk_image.c and the new mtk_nand_headers.c.
This is a preparation for adding more NAND headers.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
The verification code of gfh header for NAND and non-NAND are identical.
It's better to define a individual function to reduce redundancy.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
A binary download is not great, since it depends on libraries being
present in the system. Build futility from source instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
TCGETS2 is defined in header file asm/ioctls.h provided by linux kernel.
On glib systems it is automatically included by some other glibc include
header file and therefore TCGETS2 is present in termios_linux.h when
linux kernel provides it.
On non-glibc systems (e.g. musl) asm/ioctls.h is not automatically included
which results in the strange error that BOTHER is supported, TCGETS2 not
defined and struct termios does not provide c_ispeed member.
tools/kwboot.c: In function 'kwboot_tty_change_baudrate':
tools/kwboot.c:662:6: error: 'struct termios' has no member named 'c_ospeed'
662 | tio.c_ospeed = tio.c_ispeed = baudrate;
| ^
Fix this issue by explicitly including asm/ioctls.h file which provides
TCGETS2 macro (if supported on selected architecture) to not depending on
glibc auto-include behavior and because termios_linux.h requires it.
With this change it is possible compile kwboot with musl libc.
Reported-by: Michal Vasilek <michal.vasilek@nic.cz>
Signed-off-by: Pali Rohár <pali@kernel.org>
Testing on the theadorable Armada XP platform has shown, thaz using the
current value of 1000ms as response timeout does not result in reliable
booting via kwboot. Using 10ms seems to be much better. So let's change
this value to this 10ms instead.
Signed-off-by: Stefan Roese <sr@denx.de>
Acked-by: Pali Rohár <pali@kernel.org>
mkimage entry currently creates a file whose name is derived from the
section name containing said entry.
Let's allow the user to define a filename for the mkimage-generated
binary by using the 'filename' DT property.
Cc: Quentin Schulz <foss+uboot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Some image types handled by mkimage require the datafiles to be passed
independently (-d data1:data2) for specific handling of each. A
concatenation of datafiles prior to passing them to mkimage wouldn't
work.
That is the case for rkspi for example which requires page alignment
and only writing 2KB every 4KB.
This adds the ability to tell binman to pass the datafiles without
prior concatenation to mkimage, by adding the multiple-data-files
boolean property to the mkimage node.
Cc: Quentin Schulz <foss+uboot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Upstream bzip2 1.0.x actually is stuck when running bzip2 -V and
redirecting the output. This is fixed in Debian for about a decade
already in
https://git.launchpad.net/ubuntu/+source/bzip2/tree/debian/patches/20-legacy.patch?h=ubuntu/jammy
and in bzip2 1.1.x (no release yet, see
65179284ce
).
Fedora notably does not have such a patch.
Since bzip2 --help actually prints the version number too, let's use it
instead so that binman works fine on (hopefully) all distributions.
Fixes: 45aa279800 ("binman: Add bzip2 bintool")
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Bintool.version can now be passed the binary argument to return the
version text, so there's no need to override it in futility anymore.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Bintool.version can now be passed the binary argument to return the
version text, so there's no need to override it in fiptool anymore.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The code to check the version is very similar between binaries, the most
likely only needed variables are the regex to find the version (already
supported) and the args to pass to the binary so that it prints this
version (e.g. --version, -V or similar).
Let's make it a parameter of Bintool so that code duplication can be
avoided for simple changes.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Bintool.version already contains everything required to get the version
out of mkimage binary so let's not override it with its own
implementation.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Bintool.version already contains everything required to get the version
out of lz4 binary so let's not override it with its own implementation.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Version checking has nothing specific to compression/decompression tools
so let's move it to the Bintool class.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The binary is looked on the system by the suffix of the packer class.
This means binman was looking for btool_gzip on the system and not gzip.
Therefore, let's pass "gzip" as the name so that it can be found and
used.
Fixes: 0f369d7992 ("binman: Add gzip bintool")
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
LibreSSL 3.5.0 and later (also shipped as part of OpenBSD 7.1 and
and later) have an opaque RSA object and do provide the
RSA_get0_* functions that OpenSSL provides.
Fixes: 2ecc354b8e ("tools: mkimage: fix build with LibreSSL")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
Tests should be in order of the test-file numbers. Sort the tests
according to the test-file numbers and rework the test-file numbers to
eliminate duplicate numbers.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
