Version checking has nothing specific to compression/decompression tools
so let's move it to the Bintool class.
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The binary is looked on the system by the suffix of the packer class.
This means binman was looking for btool_gzip on the system and not gzip.
Therefore, let's pass "gzip" as the name so that it can be found and
used.
Fixes: 0f369d7992 ("binman: Add gzip bintool")
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
LibreSSL 3.5.0 and later (also shipped as part of OpenBSD 7.1 and
and later) have an opaque RSA object and do provide the
RSA_get0_* functions that OpenSSL provides.
Fixes: 2ecc354b8e ("tools: mkimage: fix build with LibreSSL")
Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: Jonathan Gray <jsg@jsg.id.au>
Tests should be in order of the test-file numbers. Sort the tests
according to the test-file numbers and rework the test-file numbers to
eliminate duplicate numbers.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
binman clean-up of compression and addition of utilities
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmMBd6MRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreau9wf/YQD9GsZh1HrgG5EGfaMN+NV4rGkSywZX
8AxKCscTiLVtCzUlYOEZ3mFRpli9RJ5H9eWvwcOx8GyyHkvsIdGlzdvG4PZSLd/T
bOqqtkAZxEDi0ZzQAd0bqKQ9D2ujPbatmElhBNMxyMap+Jkww7LDJvIpCKXSsGEN
881a+CafAQfYICw9TtlVLzn+WirLiIXtWMxmCuZH3hrxFVjU6T1vxoyMPIBIEzkt
SMAxRRvzjLwmYEajlDlAFwykcHJCdGbCyyoBQg1OYEIl/XZYyEN2IzdiiJFzAxn+
QA4ctAQk4gASnZfoSzTWgbeyLZqqYy8j0+z+wZaF/+dp/veZWQBLlg==
=Kn1x
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-20aug22' of https://source.denx.de/u-boot/custodians/u-boot-dm
binman fixes for various things
binman clean-up of compression and addition of utilities
- We now have a new enough sbsigntools in the distro, stop building.
- Use the 20220801 tag for Jammy.
- Move to pygit2 1.9.2 (current version) as the old one doesn't build on
"Jammy".
- Add the working directory to the list of safe directories for git.
- Move to pytest 6.2.5 to address other issues.
- This move exposed a number of minor issues in the existing scripts we
used within CI to perform the jobs themselves. The most notable changes
here involve using 'set +e / set -e' to enforce when we should or should
not make non-zero buildman status be a fatal error.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add zstd bintool to binman to support on-the-fly compression.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add xz bintool to binman to support on-the-fly compression.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add lzop bintool to binman to support on-the-fly compression.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add gzip bintool to binman to support on-the-fly compression of Linux
kernel images and FPGA bitstreams. The SPL basic fitImage implementation
supports only gzip decompression.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Rename the module and support this, since gzip.py is a system module:
Signed-off-by: Simon Glass <sjg@chromium.org>
Add bzip2 bintool to binman to support on-the-fly compression.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a bintools base class for packers which compression / decompression
entry contents.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Dropped dead/untested code in version():
Signed-off-by: Simon Glass <sjg@chromium.org>
Add common test functions to test all supported compressions.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Handle missing compression tools by returning empty data and record
missing bintool.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move management of the bintool to compress and decompress data into the
entry class and add the bintool to the list of required bintools.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Select the lz4 and lzma_alone bintools in cbfs_util class to centralize
the supported compression algorithm evaluation inside the class and over
multiple classes.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Move compression bintools (packer) creation into test setup to reuse
bintool objects between tests.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Put comp_util import back in, since it is still needed here:
Signed-off-by: Simon Glass <sjg@chromium.org>
Remove the obsolete compressed data header handling from the utilities
to compress and decompress data. The header is uncommon, not supported
by U-Boot and incompatible with external compressed artifacts.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Disable the compressed data header of the utilities to compress and
decompress data. The header is uncommon, not supported by U-Boot and
incompatible with external compressed artifacts.
The header was introduced as part of commit eb0f4a4cb4 ("binman:
Support replacing data in a cbfs") to allow device tree entries to be
larger than the compressed contents.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add an optional length header attribute to the device tree blob entry
class based on the compressed data header from the utilities to compress
and decompress data.
If needed the header could be enabled with the following
attribute beside the compress attribute:
prepend = "length";
The header was introduced as part of commit eb0f4a4cb4 ("binman:
Support replacing data in a cbfs") to allow device tree entries to be
larger than the compressed contents. Regarding the commit "this is
necessary to cope with a compressed device tree being updated in such a
way that it shrinks after the entry size is already set (an obscure
case)". This case need to be fixed without influence any compressed data
by itself.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a DecompressData function to entry class to allow override in child
classes and to centralize the compress and decompress in a single class.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Check only section data instead of the rest of the image in multi
section test.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Collect and thereby initialize bintools before any usage but after
generation of entries. This is needed to handle bintools for compress
and decompress like other bintools.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Forward AddBintools calls to base class to collect bintools of base
class.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Forward AddBintools calls to sub entries in cbfs_util to collect
bintools of sub entries.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Avoid duplicate entries in the list of bintools used by the image and
the list of missing bintools.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Skip tests which requires python elftools if the tool is not available.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present the collections etype only works with entries in the same
section. This can be limiting, since in some cases the data may be inside
a subsection, e.g. if there are alignment constraints.
Add a function to find the entries in an etype and have it search
recursively. Make use of this for mkimage also.
Signed-off-by: Simon Glass <sjg@chromium.org>
Also control over what goes in the file passed with -n using a separate
imagename subnode. This can include a section or any other entry type.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some image types use the -n parameter to pass in the data file. Add
support for this, with a new property.
Signed-off-by: Simon Glass <sjg@chromium.org>
Expand this a little to make things clearer. Also drop the invalid
entry arg.
Series-changes 2
- Make it clear that -d data is concatenated/collected by binman
- Fix mulitple typoe
- Reword a sentence for grammar
Signed-off-by: Simon Glass <sjg@chromium.org>
The testReplaceSectionSimple() test is the only one which expects failure.
It looks odd in the output and takes time to glance at it to see that all
is in fact well. Also it does not check that the right exception is
generated.
Use the more common (in binman) approach of checking for an exception.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since this is implemented as a section, it should really be split into
several functions, one to read the node and one to read the entries. Do
this so that it matches how Entry_section works.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some new entries are likely to have required properties. Support this in a
standard way, with a list of required properties which can be set up by
base classes. Check for missing properties when the entry is read.
Signed-off-by: Simon Glass <sjg@chromium.org>
When a single test is run we don't need to buffer the test output. This
has the unfortunate side effect of suppressing test output, in particular
the binman output directory normally printed with the -X option. This is
a huge problem since it blocks debugging of tests.
We don't actually know how many tests will be run when we set up the
suite, so as a work-around, assume that test_name being specified
indicates that there is likely only one.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present fake files from a previous build appear to be real files for
a subsequent build, since they sit in the output directory.
This can cause problems, since binman may need to parse the file, e.g.
with the Intel description.bin files.
Fix this by putting them in a 'binman-fake' subdirectory. Keep a track
of the fake filename so we only create it once. Subsequent builds will
still see that the file is missing and mark it as fake.
Update a few tests to check the behaviour.
Signed-off-by: Simon Glass <sjg@chromium.org>
The k3_gen_x509_cert.sh script produced this warning on gitlab and also
on my machine, e.g. with j7200_evm_r5:
awk: cmd. line:1: warning: regexp escape sequence `\ ' is not a known
regexp operator
There is no need to escape spaces, so drop the backslashes. Also split
the line so it is a more reasonable length.
This script should really be deleted and binman used instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Call pkg-config for each library individually.
This improves fallback handling.
Suggested-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: 31a7688cbe ("tools: mkeficapsule: use pkg-config to get -luuid and -lgnutls")
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This is an attempt to answer the comments provided by Xavier [1].
[1] https://lore.kernel.org/all/Yulcol7HpTHtjXTX@begut/
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add references in the documentation for each entry type, so we can refer
to them from other documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Link to patman's documentation from the doc/ directory so that it appears
in the 'make htmldocs' output.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Fix a bug that the --processes option was ignored, thus resulting in no
test coverage information being generated.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fixes: 42ae363ddd ("dtoc: Update fdt tests to use test_util")
Pass the options args in rather than using the global variables. Use snake
case, fix up comments and use a ternary operator to make pylint happy.
Signed-off-by: Simon Glass <sjg@chromium.org>
Pass the options args in rather than using the global various. Use snake
case and fix up comments to make pylint happy.
Signed-off-by: Simon Glass <sjg@chromium.org>
Buildman now uses worktrees when available, instead of doing a full clone.
This was done in this commit:
76de29fc4f buildman: Use git worktrees instead of git clones when possible
Drop the TODO.
Signed-off-by: Simon Glass <sjg@chromium.org>
The 'nm' tool can produce lines without a symbol, for example:
00000004 t
Silently skip these and anything else without three fields. Drop the
warning since there is nothing the user can do about it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
Now that buildman can generate this with the -R option, drop the script.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
This is not needed now that CONFIG_SYS_TARGET_NAME is correctly determined
when scanning Kconfig.
This reverts commit 25b8acee2e.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This appears in boards.cfg but we want to remove it. Drop support for
generating it and reading it. Detect an old boards.cfg file that has
this field and regenerate it, to avoid problems.
Instead, add the config name in that place. This fixes a subtle bug in
the generation code, since it uses 'target' for the config name and then
overwrites the value in scan() by setting params['target'] to the name
of the defconfig. The defconfig name is not the same as the
SYS_CONFIG_NAME variable.
With this change, we still have the config name and it can be searched
by buildman, e.g. with:
buildman -nv sun5i
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
Bring this tool into buildman, so we don't have to run it separately. The
board.cfg file is still produced as part of the build, to save time when
doing another build in the same working directory. If it is out of date
with respect to the Kconfig, it is updated.
Time to regenerate on a recent single-thread machine is 4.6s (1.3s on a
32-thread machine), so we do need some sort of cache if we want buildman
to be useful on incremental builds. We could use Python's pickle format
but:
- it seems useful to allow boards.cfg to be regenerated, at least for a
while, in case other tools use it
- it is possible to grep the file easily, e.g. to find boards which use
a particular SoC (similar to 'buildman -nv <soc>'
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Use a separate file for the Boards class so that its name matches the
module name.
Fix up the function names to match the pylint style and fix some other
warnings.
Signed-off-by: Simon Glass <sjg@chromium.org>
We want to create a module called 'boards' so avoid use of this variable
name in this module. Change the global to be capitalised, as required by
Python style.
Signed-off-by: Simon Glass <sjg@chromium.org>
We want to create a module called 'boards' so avoid use of this variable
name in this module. Change the global to be capitalised, as required by
Python style.
Signed-off-by: Simon Glass <sjg@chromium.org>
We have a module called 'board'. Sometimes buildman uses 'brd' as an
instance variable but sometimes it uses 'board', which is confusing and
can mess with the module handling. Update the code to use 'brd'
consistently, making it easier for tools to determine when the module
is being referenced.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a flag to allow buildman to behave properly for use from an IDE. This
shows error/warning output on stderr and drops all summary and progress
information.
This should normally only be used when building a single board.
Fix up a confusing comment for GetResultSummary() while we are here, since
we want to use the Outcome object to access the unprocessed error lines
from the build.
Signed-off-by: Simon Glass <sjg@chromium.org>
Instead of hardcoding -ltinfo as the flags needed to build
kwboot, use pkg-config when available.
We gracefully fallback on the previous behavior of hardcoding -ltinfo
if pkg-config is not available or fails with an error.
Reviewed-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Instead of hardcoding -luuid -lgnutls as the flags needed to build
mkeficapsule, use pkg-config when available.
We gracefully fallback on the previous behavior of hardcoding -luuid
-lgnutls if pkg-config is not available or fails with an error.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
start of test for fdt command
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmLgRtERHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYXFwgAlALOMj3bwwsIAXNa5j/hPb3j/ecIqXgn
ocyxN+U5eSb2Ju5Jc9QmSeUMnGrii9+PW9j0JApdHrbUgBI2Sx+zwqMTIfA+BS05
4xXZgk5jOT+we2489FjgFcplv+dIuVlsB/Zo6zTbZyjkobfilYsZEGYHJ/CYNaIH
n7EmZeby1cXL7DMCxT39d3hD43XSX8cqQ1IIiF9DgtHQYs2Ff8dFcbWArSdgLX3o
Eob2Qj/GjScg87zjZcsgZajWJMHUfMeD5ZiKN2fR0T/wOdO1WtzFoF2Mt8KZcW1j
BD1shgBCMSSl5EgRG1BQZw4Sa92W2IBlbJ9tfIh8qnWOzEBzOs/M6w==
=lsO4
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-26jul22' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm.git
minor dm- and fdt-related fixes
start of test for fdt command
When you pass "--no-tree" to checkpatch it disables some extra checks
that are important for Linux. Specifically I want checks like:
warning: DT compatible string "boogie,woogie" appears un-documented
check ./Documentation/devicetree/bindings/
Let's make the default for Linux to _not_ pass --no-tree. We'll have a
config option and command line flag to override.
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Currently the fitImage data area is resized in 1 kiB steps. This works
when bundling smaller images below some 1 MiB, but when bundling large
images into the fitImage, this make binman spend extreme amount of time
and CPU just spinning in pylibfdt FdtSw.check_space() until the size
grows enough for the large image to fit into the data area. Increase
the default step to 64 kiB, which is a reasonable compromise -- the
U-Boot blobs are somewhere in the 64kiB...1MiB range, DT blob are just
short of 64 kiB, and so are the other blobs. This reduces binman runtime
with 32 MiB blob from 2.3 minutes to 5 seconds.
The following can be used to trigger the problem if rand.bin is some 32 MiB.
"
/ {
itb {
fit {
images {
test {
compression = "none";
description = "none";
type = "flat_dt";
blob {
filename = "rand.bin";
type = "blob-ext";
};
};
};
};
};
configurations {
binman_configuration: config {
loadables = "test";
};
};
};
"
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The new ELF decoding logic assumed that the target binary has the same
endianness as the host, which broke building ARM64 firmware binaries on
big-endian machines.
This commit fixes the ELF64 decoding to be host-endianness-neutral, and
applies the same changes to the ELF32 decoding. It does not fix the
microblaze-specific dynamic symbol decoding.
It also corrects the functions used for byte swapping in rela_elf64()
and rela_elf32(). The result is the same, but semantically the code is
converting bytes read from a foreign-endianness file to host byte order.
Fixes: 4c9e2d6434 ("tools: relocate-rela: Read rela start/end directly from ELF")
Fixes: a1405d9cfe ("tools: relocate-rela: Check that relocation works only for EM_AARCH64")
Signed-off-by: Samuel Holland <samuel@sholland.org>
Link: https://lore.kernel.org/r/20220715064026.54551-1-samuel@sholland.org
Signed-off-by: Michal Simek <michal.simek@amd.com>
The x509 certificate SWRV is currently hard-coded to 0. This need to be
updated to 1 for j721e 1.1, j7200 and am64x. It is don't care for other
k3 devices.
Added new config K3_X509_SWRV to k3. Default is set to 1.
Signed-off-by: Yogesh Siraswar <yogeshs@ti.com>
Reviewed-by: Dave Gerlach <d-gerlach@ti.com>
Add struct with Flex SPI Configuration Block and enable generating
fspi header using mkimage.
Refer i.MX 8M Mini Application Processor Reference Manual for
detailed information about parameters for FlexSPI Configuration block.
Signed-off-by: Mamta Shukla <mamta.shukla@leica-geosystems.com>
Signed-off-by: Thomas Haemmerle <thomas.haemmerle@leica-geosystems.com>
Tested-by: Adam Ford <aford173@gmail.com>
Reviewed-by: Fabio Estevam <festevam@denx.de>
Reviewed-by: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com>
Since fe8acf556c ("imx: HAB: Validate IVT before authenticating image")
the U-Boot HAB implementation is checking whether reserved1 field in IVT
is zero or not. In case the field is not zero, IVT validation fails. Stop
setting IVT reserved1 field to non-zero in mkimage imx8m plugin, otherwise
the validation cannot ever work.
Note that this only affects legacy boards which do not use binman.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Fabio Estevam <festevam@denx.de>
Cc: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Fix diacritics in some instances of my name and change my e-mail address
to kabel@kernel.org.
Add corresponding .mailmap entries.
Signed-off-by: Marek Behún <kabel@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
The BootROM of MT7621 requires a image header for SPL to record its size
and load address when booting from NAND.
To create such an image, one can use the following command line:
mkimage -T mtk_image -a 0x80200000 -e 0x80200000 -n "mt7621=1"
-d u-boot-spl-ddr.bin u-boot-spl-ddr.img
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
The mkimage command has had many options added over the years.
Unfortunately, we are starting to run out of short options. Recent options
don't have any obvious relation to their meaning (e.g. -o/-g). Fortunately,
long options exist. Add long options for each current short option.
For the curious, the remaining short options are HIkLmMPQSuUwWXyYzZ.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
A new DT binding for describing environment data block has been added in
Linux's commit 5db1c2dbc04c ("dt-bindings: nvmem: add U-Boot environment
variables binding"). Once we get a proper Linux NVMEM driver it'll be
possible to use Linux's binary interface for user-space as documented
in the:
https://www.kernel.org/doc/html/latest/driver-api/nvmem.html
This commits makes fw_env fallback to looking for a compatible NVMEM
device in case config file isn't present. In a long term this may make
config files redundant and avoid code (info) duplication.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The documentation above the DEFINE_ALIGN_BUFFER says it's for use
outside functions, but we're inside one.
Instead use ALLOC_CACHE_ALIGN_BUFFER, the stack based macro, which also
includes the cache alignment.
Fixes: b583348ca8 ("image: fit: Align hash output buffers")
Signed-off-by: Joel Stanley <joel@jms.id.au>
Tested-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
Binman lets us declare symbols in SPL/TPL that refer to other entries in
the same binman image as them. These symbols are filled in with the
correct values while binman assembles the images, but this is done
in-memory only. Symbols marked as optional can be filled with
BINMAN_SYM_MISSING as an error value if their referred entry is missing.
However, the unmodified SPL/TPL binaries are still available on disk,
and can be used by people. For these files, nothing ensures that the
symbols are set to this error value, and they will be considered valid
when they are not.
Empirically, all symbols show up as zero in a sandbox_vpl build when we
run e.g. tpl/u-boot-tpl directly. On the other hand, zero is a perfectly
fine value for a binman-written symbol, so we cannot say the symbols
have wrong values based on that.
Declare a magic symbol that binman always fills in with a fixed value.
Check this value as an indicator that symbols were filled in correctly.
Return the error value for all symbols when this magic symbol has the
wrong value.
For binman tests, we need to make room for the new symbol in the mocked
SPL/TPL data by extending them by four bytes. This messes up some test
image layouts. Fix the affected values, and check the magic symbol
wherever it makes sense.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Enabling CONFIG_BINMAN makes binman run after a build to package any
images specified in the device-tree. It also enables a mechanism for
SPL/TPL to declare and use special linker symbols that refer to other
entries in the same binman image. A similar feature that gets this info
from the device-tree exists for U-Boot proper, but it is gated behind a
CONFIG_BINMAN_FDT unlike the symbols.
Confusingly, CONFIG_SPL/TPL_BINMAN_SYMBOLS also exist. These configs
don't actually enable/disable the symbols mechanism as one would expect,
but declare some symbols for U-Boot using this mechanism.
Reuse the BINMAN_SYMBOLS configs to make them toggle the symbols
mechanism, and declare symbols for the U-Boot phases in a dependent
BINMAN_UBOOT_SYMBOLS config. Extend it to cover symbols of all phases.
Update the config prompt and help message to make it clearer about this.
Fix binman test binaries to work with CONFIG_IS_ENABLED(BINMAN_SYMBOLS).
Co-developed-by: Peng Fan <peng.fan@nxp.com>
[Alper: New config for phase symbols, update Kconfigs, commit message]
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
At present tag numbers are only allocated for non-core data, meaning that
the 'core' data, like priv and plat, are accessed through dedicated
functions.
For debugging and consistency it is convenient to use tags for this 'core'
data too. Add support for this, with new tag numbers and functions to
access the pointer and size for each.
Update one of the test drivers so that the uclass-private data can be
tested here.
There is some code duplication with functions like device_alloc_priv() but
this is not addressed for now. At some point, some rationalisation may
help to reduce code size, but more thought it needed on that.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this driver uses 'priv' struct to hold 'plat' data, which is
confusing. The contents of the strct don't matter, since only dtoc is
using it. Create a new struct with the correct name.
Signed-off-by: Simon Glass <sjg@chromium.org>
On python 3.8.10 (and 3.10), subparsers are not updated with defaults. I
suspect this is related to [1]. Fix this by explicitly updating
subparsers with settings.
[1] https://github.com/python/cpython/issues/89398
Fixes: 3145b63513 ("patman: Update defaults in subparsers")
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Tested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
While running tests for a python tool, the tests' outputs get printed in
whatever order they happen to run, without any indication as to which
output belongs to which test. Unittest supports capturing these outputs
and printing them as part of the test summaries, but when a failure or
error occurs it switches back to printing as the tests run. Testtools
and subunit tests can do the same as their parts inherit from unittest,
but they don't outright expose this functionality.
On the unittest side, enable output buffering for the custom test result
class. Try to avoid ugly outputs by not printing stdout/stderr before
the test summary for low verbosity levels and for successful tests.
On the subunit side, implement a custom TestProtocolClient that enables
the same underlying functionality and injects the captured streams as
additional test details. This causes them to be merged into their test's
error traceback message, which is later rebuilt into an exception and
passed to our unittest report class.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
By default, unittest test summaries only print extended info about tests
that failed or couldn't run due to an error. Use a custom text result
class to print info about more cases: skipped tests, expected failures
and unexpected successes.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The python tools' test utilities handle printing test results, but the
output is quite bare compared to an ordinary unittest run. Delegate
printing the results to a unittest text runner, which gives us niceties
like clear separation between each test's result and how long it took to
run the test suite.
Unfortunately it does not print info for skipped tests by default, but
this can be handled later by a custom test result subclass. It also does
not print the tool name; manually print a heading that includes the
toolname so that the outputs of each tool's tests are distinguishable in
the CI output.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
It's possible to request a specific test to run when trying to run a
python tool's tests. If we request a nonexistent test, the unittest
loaders generate a fake test that reports this as an error. However, we
get these fake tests even when the test exists, because test_util can
load tests from multiple places one by one and the test we want only
exists in one.
The test_util helpers currently remove these fake tests when printing
test results, but that's more of a workaround than a proper solution.
Instead, don't even try to load the missing tests.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When printing a python tool's test results, the entire list of failed
tests and their tracebacks are reprinted for every failed test. This
makes the test output quite unreadable. Fix the loop to print failures
and tracebacks one at a time.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Use the common functions to run tests and report results. Ensure that the
result code indicates success or failure.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
cpu:
- Add driver for microblaze cpu
net:
- Add support for DM_ETH_PHY to AXI emac and emaclite
xilinx:
- Switch platforms to DM_ETH_PHY
- DT chagnes in ZynqMP and Zynq
- Enable support for SquashFS
zynqmp:
- Add support for KR260 boards
- Move BSS from address 0
- Move platform identification from board code to soc driver
- Improve zynqmp_psu_init_minimize
versal:
- Enable loading app at EL1
serial:
- Setup default address and clock rates for DEBUG uarts
pinctrl:
- Add support for tri state and output enable properties
relocate-rela:
- Clean relocate-rela implementation for ARM64
- Add support for Microblaze
microblaze:
- Add support for runtime relocation
- Rework cache handling (wiring, Kconfig) based on cpuinfo
- Remove interrupt support
timer:
- Extract axi timer driver from Microblaze to generic location
-----BEGIN PGP SIGNATURE-----
iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCYrlYngAKCRDKSWXLKUoM
ITgbAJ9S9xO2QqxtuodWAYMtJfvZ14c7mgCeKnyFTrrBnJkC0wPsGqE71oNJ49o=
=3gGm
-----END PGP SIGNATURE-----
Merge tag 'xilinx-for-v2022.10' of https://source.denx.de/u-boot/custodians/u-boot-microblaze into next
Xilinx changes for v2022.10
cpu:
- Add driver for microblaze cpu
net:
- Add support for DM_ETH_PHY to AXI emac and emaclite
xilinx:
- Switch platforms to DM_ETH_PHY
- DT chagnes in ZynqMP and Zynq
- Enable support for SquashFS
zynqmp:
- Add support for KR260 boards
- Move BSS from address 0
- Move platform identification from board code to soc driver
- Improve zynqmp_psu_init_minimize
versal:
- Enable loading app at EL1
serial:
- Setup default address and clock rates for DEBUG uarts
pinctrl:
- Add support for tri state and output enable properties
relocate-rela:
- Clean relocate-rela implementation for ARM64
- Add support for Microblaze
microblaze:
- Add support for runtime relocation
- Rework cache handling (wiring, Kconfig) based on cpuinfo
- Remove interrupt support
timer:
- Extract axi timer driver from Microblaze to generic location
There is no reason to do serial initialization. Uart driver does it
already based on DT. Good effect is that it is clear which interface is
console.
The resulting change was done in past by commit 84d2bbf082 ("arm64:
zynqmp: Remove low level UART setting").
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Link: https://lore.kernel.org/r/20220620163650.18756-12-stefan.herbrechtsmeier-oss@weidmueller.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
Microblaze is 32bit that's why it is using elf32 format. Relocation code
requires to get information about rela and dynsym senctions and also text
base which was used for compilation.
Code build with -fPIC and linked with -pic generates 4 relocation types.
R_MICROBLAZE_NONE is the easiest one which doesn't require any action.
R_MICROBLAZE_REL only requires write addend to r_offset address.
R_MICROBLAZE_32/R_MICROBLAZE_GLOB_DAT are the most complicated. There is a
need to find out symbol value with adding symbol value and write it to
address pointed by r_offset. Calculation with addend is also added but
only 0 addend values are generated now.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/9912c3d76933bdf75e1ebb6aab43726cd32cafb5.1655299267.git.michal.simek@amd.com
Adding support for new type requires to change code layout that's why move
elf64 code to own function for easier maintenance.
It also solves the problem with not calling fclose in case of error.
Return value from rela_elf64 is saved to variable that's why fclose() is
called all the time.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/21763b80527521c85ca7d4ac64ad6ff4885409c8.1655299267.git.michal.simek@amd.com
There is no need to pass section information via parameters.
Let's read text base and rela start/end directly from elf.
It will help with reading other information from ELF for others
architecture. Input to relocate-rela is u-boot binary and u-boot ELF.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/ab7ae14a6e058722e8c608089729e98edf20a08d.1655299267.git.michal.simek@amd.com
Rename the sections used to implement linker lists so they begin with
'__u_boot_list' rather than '.u_boot_list'. The double underscore at the
start is still distinct from the single underscore used by the symbol
names.
Having a '.' in the section names conflicts with clang's ASAN
instrumentation which tries to add redzones between the linker list
elements, causing expected accesses to fail. However, clang doesn't try
to add redzones to user sections, which are names with all alphanumeric
and underscore characters.
Signed-off-by: Andrew Scull <ascull@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This test was written to match up with the list of compatibles in
drivers/i2c/tegra_i2c.c so adding another one requires the test to be
updated to match.
Fixes: 0d2105ae5e ("arm: tegra: Update some DT compatibles")
Signed-off-by: Tom Rini <trini@konsulko.com>
This adds support for signing images in auto-generated FITs. To do this,
we need to add a signature node. The algorithm name property already has
its own option, but we need one for the key name hint. We could have
gone the -G route and added an explicit name for the public key (like
what is done for the private key). However, many places assume the
public key can be constructed from the key dir and hint, and I don't
want to do the refactoring necessary.
As a consequence of this, it is now easier to add public keys to an
existing image without signing something. This could be done all along,
but now you don't have to create an its just to do it. Ideally, we
wouldn't create a FIT at the end. This could be done by calling
fit_image_setup_sig/info.crypto->add_verify_data directly.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Building with OpenSSL 3.0 produces warnings like:
../tools/sunxi_toc0.c:846:17: warning: ‘RSA_get0_d’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]
846 | if (root_key && RSA_get0_d(root_key)) {
| ^~
As OpenSSL 3.0 is not available in elder Linux distributions
just silence the warning.
Add missing #include <openssl/bn.h>.
Fixes: e9e87ec47c ("tools: mkimage: Add Allwinner TOC0 support")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Andre Przywara <andre.przywara@arm.com>
Over the years, several options have not made it into the help message.
Document them. Do the same for the man page.
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
On some image types like i.MX8 and i.MX8M, the verify_header function
is not implemented.
Before this commit, no check on tparams->verify_header was done causing
a segfault if NULL. Now, a proper error message is printed.
Signed-off-by: Nicolas Heemeryck <nicolas.heemeryck@gmail.com>
As removal of nds32 has been ack'd for the Linux kernel, remove support
here as well.
Cc: Rick Chen <rick@andestech.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Rick Chen <rick@andestech.com>
'make tests' fails on Ubuntu 22.04 with:
binman: ./tools/binman/binman:12: DeprecationWarning:
The distutils package is deprecated and slated for removal in Python 3.12.
Use setuptools or check PEP 632 for potential alternatives
from distutils.sysconfig import get_python_lib
./tools/binman/binman:12: DeprecationWarning:
The distutils.sysconfig module is deprecated, use sysconfig instead
from distutils.sysconfig import get_python_lib
<unittest.result.TestResult run=428 errors=0 failures=4>
AssertionError: 0 != 468
As we don't use Ubuntu 16.04 for our CI anymore drop the import.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Binman interfaces allow attempts to replace any entry in the image with
arbitrary data. When trying to replace sections, the changes in the
section entry's data are not propagated to its child entries. This,
combined with how sections rebuild their contents from its children,
eventually causes the replaced contents to be silently overwritten by
rebuilt contents equivalent to the original data.
Add a simple test for replacing a section that is currently failing due
to this behaviour, and mark it as an expected failure. Also, raise an
error when replacing a section instead of silently pretending it was
replaced.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
A previous patch fixes binman to correctly extract FIT subentries. This
makes it easier to test replacing these entries as we can write tests
using an existing helper function that relies on extracting the replaced
entry.
Add tests that replace leaf entries in FIT subsections with data of
various sizes. Replacing the subsections or the whole FIT section does
not work yet due to the section contents being re-built from unreplaced
subentries' data.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When reading images from a file, each entry's data is read from its
parent section as specified in the Entry.Create() call that created it.
The FIT entry type has been creating its subentries under its parent
(their grandparent), as creating them under the FIT entry resulted in an
error until FIT was converted into a proper section.
FIT subentries have their offsets relative to the FIT section, and
reading those offsets in the parent section results in wrong data. The
subentries rightfully belong under the FIT entries, so create them
there. Add tests checking that we can extract the correct data for a FIT
entry and its subentries.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman FIT entry nodes describe their subentries in an 'images' subnode,
same as how they would be written for the mkimage executable. The entry
type initially manually managed its subentries keyed by their node paths
relative to its base node. It was later converted to a proper section
while still keeping the same keys for subentries.
These subentry keys of sections are used as path fragments, so they must
not contain the path separator character '/'. Otherwise, they won't be
addressable by binman extract/replace commands. Change these keys from
the '/images/foo' forms to the subentry node names. Extend the simple
FIT tests to check for this.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
When an image has the 'allow-repack' property, binman includes the
original offset and size properties from the image description in the
fdtmap. These are later used as the packing constraints when replacing
entries in an image, so other unconstrained entries can be freely
positioned.
Replacing an entry in an image without 'allow-repack' (and therefore the
original offsets) follows the same logic and results in entries being
merely concatenated. Instead, skip resetting the calculated offsets and
sizes to the missing originals for these images so that every entry is
constrained to its existing offset/size.
Add tests that replace an entry with smaller or equal-sized data, in an
image that doesn't allow repacking. Attempting to do so with bigger-size
data is already an error that is already being tested.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman entries can use other executables to compute their data, usually
in their ObtainContents() methods. Subclasses of Entry_section would use
bintools in their BuildSectionData() method instead, which is called
from several places including their Pack().
These binary tools are resolved correctly while building an image from a
device-tree description so that they can be used from these methods.
However, this is not being done when replacing entries in an image,
which can result in an error as the Pack() methods attempt to use them.
Collect and resolve entries' bintools also when replacing entries to fix
Pack() errors. Add a way to mock bintool usage in the testing entry type
and tests that check bintools are being resolved for such an entry.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman can embed a copy of the image description into the images it
builds as a fdtmap entry, but it omits the /binman/<image-name> prefix
from the node paths while doing so. When reading an already-built image
file, entries are reconstructed using this fdtmap and their associated
nodes still lack that prefix.
Some entries like fit and vblock create intermediate files whose names
are based on an entry unique name. This name is constructed from their
node's path by concatenating the parents with dots up to the binman
node, e.g. /binman/image/foo/bar becomes 'image.foo.bar'.
However, we don't have this /binman/image prefix when replacing entries
in such an image. The /foo/bar entry we read when doing so erroneously
has the unique name of '/.foo.bar', causing permission errors when the
entry attempts to create files based on that.
Fix the unique-name generation by stopping at the '/' node like how it
stops at the binman node. As the unique names are used as filenames, add
tests that check if they're safe to use as filenames.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
U-Boot CRC-16 implementation uses polynomial x^16 + x^12 + x^5 + 1 which is
not standard CRC-16 algorithm, but it is known as CRC-16-CCITT. Rename file
crc16.c to crc16-ccitt.c to reduce confusion.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
fstat()'s st_size works only for regular files. lseek() with SEEK_END works
also for block or MTD devices. This replacement allows kwboot to load
kwbimage from /dev/mtd0 for booting another device over /dev/ttyS0.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
There are two tools for sending images over UART to Marvell SoCs: kwboot
and mrvl_uart.sh. kwboot received lot of new features and improvements in
last few months. There is no need to maintain two tools in U-Boot, so
remove old mrvl_uart.sh tool.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Marcel Ziswiler <marcel@ziswiler.com>
Tested-by: Marcel Ziswiler <marcel@ziswiler.com>
Reviewed-by: Tony Dinh <mibodhi@gmail.com>
While building a capsule, the GUID value of that specific image is to
be passed through the --guid command option to the mkeficapsule
tool instead of using one of --raw or --fit options, where the GUID
value passed through the command line option is the image GUID.
This renders the EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID and
EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID values superfluous. Remove the
--raw and --fit command line options as well. Also modify the
mkeficapsule man page to reflect this change.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Hardware-accelerated hash functions require that the input and output
buffers be aligned to the minimum DMA alignment. memalign.h helpfully
provides a macro just for this purpose. It doesn't exist on the host,
but we don't need to be aligned there either.
Fixes: 5dfb521386 ("[new uImage] New uImage low-level API")
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The conversion to bintools broke the invocation of the utility, since
the arguments are not correct. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
If image backend provides verify_header callback then call it after writing
image to disk. This ensures that written image is correct.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
rockchip header_v2 do not have a spl_hdr, so remove the verify.
Signed-off-by: Yi Liu <liuyi@rock-chips.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
A big part is the DM pinctrl driver, which allows us to get rid of quite
some custom pinmux code and make the whole port much more robust. Many
thanks to Samuel for that nice contribution! There are some more or less
cosmetic warnings about missing clocks right now, I will send the trivial
fixes for that later.
Another big chunk is the mkimage upgrade, which adds RISC-V and TOC0
(secure images) support. Both features are unused at the moment, but I
have an always-secure board that will use that once the DT lands in the
kernel.
On top of those big things we have some smaller fixes, improving the
I2C DM support, fixing some H6/H616 early clock setup and improving the
eMMC boot partition support.
The gitlab CI completed successfully, including the build test for all
161 sunxi boards. I also boot tested on a A64, A20, H3, H6, and F1C100
board. USB, SD card, eMMC, and Ethernet all work there (where applicable).
Most Allwinner sunxi SoCs have separate boot ROMs in non-secure and
secure mode. The "non-secure" or "normal" boot ROM (NBROM) uses the
existing sunxi_egon image type. The secure boot ROM (SBROM) uses a
completely different image type, known as TOC0.
A TOC0 image is composed of a header and two or more items. One item
is the firmware binary. The others form a chain linking the firmware
signature to the root-of-trust public key (ROTPK), which has its hash
burned in the SoC's eFuses. Signatures are made using RSA-2048 + SHA256.
The pseudo-ASN.1 structure is manually assembled; this is done to work
around bugs/quirks in the boot ROM, which vary between SoCs. This TOC0
implementation has been verified to work with the A50, A64, H5, H6,
and H616 SBROMs, and it may work with other SoCs.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Acked-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
There's now a sun20i family in sunxi, which uses RISC-V CPU.
Add support for making eGON.BT0 image for RISC-V.
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Refactor some functions in mkimage sunxi_egon type, in order to prepare
for adding support for more CPU architectures (e.g. RISC-V). In
addition, compatibility for operation w/o specified architecture is
kept, in this case the architecture is assumed as ARM.
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The sunxi_egon type used to take no -A argument (because we assume sunxi
targets are all ARM). However, as Allwinner D1 appears as the first
RISC-V sunxi target, we need to support -A; in addition, as external
projects rely on U-Boot mkimage to generate sunxi eGON.BT0 header, we
need to keep compatibility with command line without -A.
As the default value of arch in mkimage is not proper (IH_ARCH_PPC
instead of IH_ARCH_INVALID), to keep more compatibility, add an Aflag
field to image parameters to describe whether an architecture is
explicitly specified.
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Unfortunately, we require additional logic to buildman to support this
removal and still use SYS_SOC, etc, for build targets.
This reverts commit eeec00072d.
Signed-off-by: Tom Rini <trini@konsulko.com>
Adds the support of the pre-load header with the image signature
to binman.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit enhances mkimage to update the node
/image/pre-load/sig with the public key.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Fix documentation path in deprecated warning message about device
driver.
Signed-off-by: Johannes Krottmayer <krjdev@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Some boards need to load an ELF file using the 'loadables' property, but
the file has segments at different memory addresses. This means that it
cannot be supplied as a flat binary.
Allow generating a separate node in the FIT for each segment in the ELF,
with a different load address for each.
Also add checks that the fit,xxx directives are valid.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The current implementation sets up the FIT entries but then deletes the
'generator' ones so they don't appear in the final image.
This is a bit clumsy. We cannot build the image more than once, since the
generator entries are lost during the first build. Binman requires that
calling BuildSectionData() multiple times returns a valid result each
time.
Keep a separate, private list which includes the generator nodes and use
that where needed, to correct this problem. Ensure that the missing list
includes removed generator entries too.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
It doesn't make sense to use 'subnode' as a function parameter since it
is just a 'node' so far as the function is concerned. Update two functions
to use 'node' instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Add a new function to handling reporting errors within a particular
subnode of the FIT description. This can be used to make the format of
these errors consistent.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Some warnings have crept in, so fix those that are easy to fix.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
This should not be done in the constructor. Move it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
At present the entries are read twice, once by the entry_Section class
and once by the FIT implementation. This is harmless but can be confusing
when debugging. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Unfortunately mkimage gets upset with zero-sized files. Update the
ObtainContents() method to support specifying the size, if a fake blob is
created.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
On x86 devices having even a small amount of data can cause an overlap
between regions. For example, bayleybay complains when the intel-vga
region overlaps with u-boot-ucode:
ImagePos Offset Size Name
<none> 00000000 00800000 main-section
<none> ff800000 00000080 intel-descriptor
<none> ff800400 00000080 intel-me
<none> fff00000 00098f24 u-boot-with-ucode-ptr
<none> fff98f24 00001aa0 u-boot-dtb-with-ucode
<none> fff9a9d0 0002a000 u-boot-ucode
<none> fffb0000 00000080 intel-vga
...
It is safer to use an empty file in most cases. Add an option to set the
size for those uses that need it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
At present fake blobs are created but internally an empty blob is used.
Change it to use the contents of the faked file. Also return whether the
blob was faked, in case the caller needs to know that.
Add a TODO to put fake blobs in their own directory.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
This shadows the patman.tools library so rename it to avoid a pylint
warning.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
At present the fit implementation creates the output tree while
scanning the FIT description. Then it updates the tree later when the
data is known.
This works, but is a bit confusing, since it requires mixing the scanning
code with the generation code, with a fix-up step at the end.
It is actually possible to do this in two phases, one to scan everything
and the other to generate the FIT. Thus the FIT is generated in one pass,
when everything is known.
Update the code accordingly. The only functional change is that the 'data'
property for each node are now last instead of first, which is really a
more natural position. Update the affected test to deal with this.
One wrinkle is that the calculated properties (image-pos, size and offset)
are now added before the FIT is generated. so we must filter these out
when copying properties from the binman description to the FIT.
Most of the change here is splitting out some of the code from the
ReadEntries() implementation into _BuildInput(). So despite the large
diff, most of the code is the same. It is not feasible to split this patch
up, so far as I can tell.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Leave the 'expand' term for use by entry types which have an expanded
version of themselves. Rename this method to indicate that it generates
subentries.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
The word 'expand' is used for entries which generate subentries. It is
also used for entries that can have an '_expanded' version which is used
to break out its contents.
Rather than talking about expanding an entry's size, use the term
'extending'. It is slightly more precise and avoids the above conflicts.
This change renders the old 'expand-size' property invalid, so add an
error check for that.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Update the return value of this function, fix the 'create' typo and
update the documentation for clarity.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Rename this function to make it clear that it only reads loadable
segments. Also update the error for missing module to better match the
message emitted by Python.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Refactor this to avoid a loop. Also add a test for an empty string.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Simplify the code by using the available function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
This is not necessary if simpler code is used. Use the split function and
drop the unnecessary []
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
At present it is not possible to have arguments which include spaces.
Update the function to only split the args if the property is a single
string. This is a bit inconsistent, but might still be useful.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Suggested-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
It is good practice to init all variables in the constructor and pylint
sometimes checks this. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
This allows to prefill fdt and config nodes with hash and signature
subnodes. It's just important to place the child nodes last so that
hashes do not come before the data - would be disliked by mkimage.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Adds build-sandbox in sys.path to look for libfdt,
otherwise py_test can't use binman.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit 9e6d71d2b5 ("tools: kwboot: Allow to use -b without image path as
the last getopt() option") broke usage of kwboot with following arguments:
kwboot -t -B 115200 /dev/ttyUSB0 -b u-boot-spl.kwb
Fix parsing of option -b with optional argument again.
Fixes: 9e6d71d2b5 ("tools: kwboot: Allow to use -b without image path as the last getopt() option")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reported-by: Tony Dinh <mibodhi@gmail.com>
Tested-by: Tony Dinh <mibodhi at gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Call kwboot_open_tty() which baudrate value which was specified at the
command line by option -B. This function returns error if baudrate is not
supported by selected tty device.
Initial baudrate for image transfer is always 115200, so call
kwboot_tty_change_baudrate() with value 115200 immediately after
kwboot_open_tty() if baudrate specified by option -B is different than
115200.
This makes kwboot fail immediately, informing that baudrate is unsupported,
instead of failing only after the first part of image is already sent.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Custom baudrate different than 115200 may be specified only when kwboot is
not going to send boot/debug message pattern or when it is going to send
boot message pattern with image file (in which case baudrate change happens
after sending kwbimage header). BootROM detects boot/debug message pattern
only at baudrate 115200.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Allow finding a symbol by its address. Also export the function to get
the file offset of a particular address, so it can be used by a script to
be added.
Signed-off-by: Simon Glass <sjg@chromium.org>
If parameter -F is given but FIT support is missing, a NULL pointer might
dereferenced (Coverity CID 350249).
If incorrect parameters are given, provide a message and show usage.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Public documents about BootROM of some Marvell SoCs are available in the
public Web Archive. Put this information into source code.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Testes proved that current kwboot version supports also Avanta SoCs.
It looks like that Avanta SoCs are using same kwbimage format as Armada.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Add all supported Armada SoCs and document -b and -d options in usage.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Marvell BootROM recognize only '\b' byte as backspace. Use terminfo
for retrieving current backspace sequence and replace any occurrence of
backspace sequence by the '\b' byte.
Reading terminfo database is possible via tigetstr() function from system
library libtinfo.so.*. So link kwboot with -ltinfo.
Normally terminfo functions are in <term.h> system header file. But this
header file conflicts with U-Boot "termios_linux.h" header file. So declare
terminfo functions manually.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
-d option is currently broken. In most cases BootROM does not detect this
message pattern. For sending debug message pattern it is needed to do same
steps as for boot message pattern.
Implement sending debug message pattern via same separate thread like it is
for boot message pattern.
Checking if BootROM entered into UART debug mode is different than
detecting UART boot mode. When in boot mode, BootROM sends xmodem NAK
bytes. When in debug mode, BootROM activates console echo and reply back
every written byte (extept \r\n which is interpreted as executing command
and \b which is interpreting as removing the last sent byte).
So in kwboot, check that BootROM send back at least 4 debug message
patterns as a echo reply for debug message patterns which kwboot is sending
in the loop.
Then there is another observation, if host writes too many bytes (as
command) then BootROM command line buffer may overflow after trying to
execute such long command. To workaround this overflow, it is enough to
remove bytes from the input line buffer by sending 3 \b bytes for every
sent character. So do it.
With this change, it is possbile to enter into the UART debug mode with
kwboot -d option.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
After BootROM successfully detects boot message pattern on UART it waits
until host stop sending data on UART. For example Armada 385 BootROM
requires that host does not send anything on UART at least 24 ms. If host
is still sending something then BootROM waits (possibly infinitely).
BootROM successfully detects boot message pattern if it receives it in
small period of time after power on.
So to ensure that host put BootROM into UART boot mode, host must send
continuous stream of boot message pattern with a small gap (for A385 at
least 24 ms) after series of pattern. But this gap cannot be too often or
too long to ensure that it does not cover whole BootROM time window when it
is detecting for boot message pattern.
Therefore it is needed to do following steps in cycle without any delay:
1. send series of boot message pattern over UART
2. wait until kernel transmit all data
3. sleep small period of time
At the same time, host needs to monitor input queue, data received on the
UART and checking if it contains NAK byte by which BootROM informs that
xmodem transfer is ready.
But it is not possible to wait until kernel transmit all data on UART and
at the same time in the one process to also wait for input data. This is
limitation of POSIX tty API and also by linux kernel that it does not
provide asynchronous function for waiting until all data are transmitted.
There is only synchronous variant tcdrain().
So to correctly implement this handshake on systems with linux kernel, it
is needed to use tcdrain() in separate thread.
Implement sending of boot message pattern in one thread and reading of
reply in the main thread. Use pthread library for threads.
This change makes UART booting on Armada 385 more reliable. It is possible
to start kwboot and power on board after minute and kwboot correctly put
board into UART boot mode.
Old implementation without separate thread has an issue that it read just
one byte from UART input queue and then it send 128 message pattern to the
output queue. If some noise was on UART then kwboot was not able to read
BootROM response as its input queue was just overflowed and kwboot was
sending more data than receiving.
This change basically fixed above issue too.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Function kwboot_debugmsg() is always called with kwboot_msg_debug as msg
and function kwboot_bootmsg() with kwboot_msg_debug as msg. Function
kwboot_bootmsg() is never called with NULL msg.
Simplify, cleanup and remove dead code.
No functional change.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Variable msg_req_delay is set but never used. So completely remove it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Failure of kwboot_tty_send() and tcflush() functions is fatal, it does not
make sense to continue. So return error back to the caller like in other
places where are called these functions.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
Sometimes kwboot after quitting terminal prints error message:
terminal: Bad address
This is caused by trying to call write() syscall with count of (size_t)-1
bytes.
When quit sequence is split into more read() calls then number of input
bytes (nin) at the end of cycle can underflow and be negative. Fix it.
Fixes: de7514046e ("tools: kwboot: Fix detection of quit esc sequence")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
At present the default .buildman file written by buildman does not specify
a default toolchain. Add an 'other' line so this works correctly and
sandbox builds run as expected.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fix two pylint errors in this file.
Note ACTION_SPL_NOT_EXIST is not defined so the dead code can be removed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Fix pylint errors that can be fixed and mask those that seem to be
incorrect.
A complication with binman is that it tries to avoid importing libfdt
(or anything that imports it) unless needed, so that things like help
still work if it is missing.
Note that two tests are duplicated in binman and two others have
duplicate names, so both of these issues are fixed also.
Signed-off-by: Simon Glass <sjg@chromium.org>
Currently -l option for mkimage and dumpimage ignores option -T and always
tries to autodetect image type.
With this change it is possible to tell mkimage and dumpimage to parse
image file as specific type (and not random autodetected type). This allows
to use mkimage -l or dumpimage -l as tool for validating image.
params.type for -l option is now by default initialized to zero
(IH_TYPE_INVALID) instead of IH_TYPE_KERNEL. imagetool_get_type() for
IH_TYPE_INVALID returns NULL, which is assigned to tparams. mkimage and
dumpimage code is extended to handle tparams with NULL for -l option. And
imagetool_verify_print_header() is extended to do validation via tparams if
is not NULL.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The Layerscape platforms have different RCW header value from FSL
PowerPC platforms, the current image header verification callback
is only working on PowerPC, it will fail on Layerscape, this patch
is to fix this issue.
This is a historical problem and exposed by the following patch:
http://patchwork.ozlabs.org/project/uboot/patch/20220114173443.9877-1-pali@kernel.org
Signed-off-by: Hou Zhiqiang <Zhiqiang.Hou@nxp.com>
Reviewed-by: Priyanka Jain <priyanka.jain@nxp.com>
That code is mistakenly duplicated due to copy-and-paste error.
Just remove it.
Fixes: CID 348360
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
At present we only support expanding out FDT nodes. Make the operation
into an @operation property, so that others can be supported.
Re-arrange and tidy up the documentation so that it has separate
headings for each topic.
Signed-off-by: Simon Glass <sjg@chromium.org>
Split subnode and property processing into separate functions to make
the _AddNode() function a little smaller. Tweak a few comments.
This does not change any functionality.
Signed-off-by: Simon Glass <sjg@chromium.org>
Collecting the data from a list of entries and putting it in a file is
a useful operation that will be needed by other entry types. Put this into
a method in the Entry class.
Add some documentation about how to collect data for an entry type.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a file that has two text sections at different addresses, so we can
test this behaviour in binman, once added.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the 'args' property of the mkimage entry type is a string. This
makes it difficult to include CONFIG options in that property. In
particular, this does not work:
args = "-n CONFIG_SYS_SOC -E"
since the preprocessor does not operate within strings, nor does this:
args = "-n" CONFIG_SYS_SOC" "-E"
since the device tree compiler does not understand string concatenation.
With this new feature, we can do:
args = "-n", CONFIG_SYS_SOC, "-E";
Signed-off-by: Simon Glass <sjg@chromium.org>
Add an entry for OP-TEE Trusted OS 'BL32' payload.
This is required by platforms using Cortex-A cores with TrustZone
technology.
Signed-off-by: Roger Quadros <rogerq@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add missing-blob-help, renumber the test file, update entry-docs:
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a function which reads the segments and the entry address.
Also fix a comment nit in the tests while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is helpful to support a string or stringlist containing a list of
space-separated arguments, for example:
args = "-n fred", "-a", "123";
This resolves to the list:
-n fred -a 123
which can be passed to a program as arguments.
Add a helper to do the required processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
This does not work at present, since the current algorithm assumes that
either there are no nodes or all nodes have an offset. If a node is new,
but an old node is still in the tree, then syncing fails due to this
assumption.
Fix it and add a test.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is useful to be able to search for CONFIG options that match a regex,
such as this, which lists boards which define SPL_FIT_GENERATOR and
anything not starting with ROCKCHIP:
./tools/moveconfig.py -f SPL_FIT_GENERATOR ~ROCKCHIP.*
Add support for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
This shows an internal type at present, rather than the algorithm name.
Fix it and update the test to catch this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Binman keeps track of positions of each entry in the final image, but
currently this data is wrong for things included in FIT entries,
especially since a previous patch makes FIT a subclass of Section and
inherit its implementation.
There are three ways to put data into a FIT image. It can be directly
included as a "data" property, or it can be external to the FIT image
represented by an offset-size pair of properties. This external offset
is either "data-position" from the start of the FIT or "data-offset"
from the end of the FIT, and the size is "data-size" for both. However,
binman doesn't use the "data-offset" method while building FIT entries.
According to the Section docstring, its subclasses should calculate and
set the correct offsets and sizes in SetImagePos() method. Do this for
FIT subentries for the three ways mentioned above, and add tests for the
two ways binman can pack them in.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman's FIT entry type can have image subentries with "hash" subnodes
intended to be processed by mkimage, but not binman. However, the Entry
class and any subclass that reuses its implementation tries to process
these unconditionally. This can lead to an error when boards specify
hash algorithms that binman doesn't support, but mkimage supports.
Let entries skip processing these "hash" subnodes based on an instance
variable, and set this instance variable for FIT subsections. Also
re-enable processing of calculated and missing properties of FIT entries
which was disabled to mitigate this issue.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
First binary executable header is extracted by '-p 1' argument.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
These two commands are currently not processed when generating v0 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
When pflag is set then kwbimage was invoked by dumpimage and not mkimage.
So do not show mkimage error message in this case.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
dumpimage is now able to successfully parse and dump content of the Dove
bootloader image.
Note that support for generating these extended parts of v0 images is not
included yet.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Extended and binary headers are optional and are part of the image header.
Fixes kwboot to determinate correct length of Dove images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
They are used by Marvell Dove 88AP510 BootROM.
After the main header is a list of optional extended headers and after that
is a list of optional binary executable headers. Between each two extended
headers is additional 0x20 byte long padding.
Original Kirkwood SoCs support only one extended header and no binary
executable header.
Extension of struct ext_hdr_v0 is backward compatible with the old
definition. Only reserved[] fields are changed.
Signed-off-by: Pali Rohár <pali@kernel.org>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
End of DATA register section is indicated by zero value in both raddr and
rdata.
So do not stop dumping registers with non-zero address and zero value.
And also print end of DATA registers section.
Fixes: 1a8e6b63e2 ("tools: kwbimage: Dump kwbimage config file on '-p -1' option")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reported-by: Tony Dinh <mibodhi@gmail.com>
Tested-by: Tony Dinh <mibodhi@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Documentation:
* mkeficapsule man-page
UEFI changes:
* add support for signing images to mkeficapsule
* add support for user define capsule GUID
* adjust unit tests for capsules
* fix UEFI image signature validation in case of multiple signatures
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmIGtKEACgkQxIHbvCwF
GsSWlg//Vr61dpbpPVuczl18OtojpUzMg8bwqc4tJQRQrOGMGjmPqrGZJCm1pmMH
Q5ZD4QCAdycbRqAqcpdX9FXHmD5R0HvGmhlC9TnXxo4nKaOcphMMC3PFjBQZlhPJ
KPc7jjoIcycz+fRqbd4CGRFXNGJAecK++4uM6v6WCNF3Dq16r0ws1aUTG7YPlaJF
JNo3/4eEQpRsplNXpJsqVPQhbfLuaiCOJc8VUWYNylRdhBC7Dx8yI7m1FHOSBbKb
Pk4tbysEhowcSc2Duc9muxkaVAkSy/mIHj1I8Z2VzpzH8zXcaiHMjROqMGOE+vwx
raDzJI0ZcEV/MEbm/QLCALlCKqN3d1NRmZLAvXPYN4+ioA8lzPAEnqEywXRPY/Yk
KnkDWaF1KEKzDaY52oqkh2LkasY9wzluvb1sm+oW9bh/kn4wKLr0Z1oSl92/vvci
S/ztLqxhqlXpWx0NzOFnNvUUkEl0VN6IM/+Bsg5AoO7mdWe7MC3iSPOU1Ge5wRU9
R9BLaTrr61/+soc2jrJL5PQr3Rqtyo1qLpIusMFT88jeFp0b8AIUL2AUlJsAUXYg
a2NV7qGUsZN/Ur488N1t7DixTkjGdStHKRk06bSTPrOpfA2oembdA2/H/HECoJMP
JzdwMeZM0qcxFGTbC7c3yO3cTVVYPyIDGh1YEBYjCzfL6AuR2uU=
=AAdJ
-----END PGP SIGNATURE-----
Merge tag 'efi-2022-04-rc2-4' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-04-rc2-4
Documentation:
* mkeficapsule man-page
UEFI changes:
* add support for signing images to mkeficapsule
* add support for user define capsule GUID
* adjust unit tests for capsules
* fix UEFI image signature validation in case of multiple signatures
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.
To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
[--fit <image> | --raw <image>] <capsule file>
NEW:
[--fit | --raw | --guid <guid-string>] <image> <capsule file>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
With this enhancement, mkeficapsule will be able to sign a capsule
file when it is created. A signature added will be used later
in the verification at FMP's SetImage() call.
To do that, we need specify additional command parameters:
-monotonic-cout <count> : monotonic count
-private-key <private key file> : private key file
-certificate <certificate file> : certificate file
Only when all of those parameters are given, a signature will be added
to a capsule file.
Users are expected to maintain and increment the monotonic count at
every time of the update for each firmware image.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add CONFIG_TOOLS_MKEFICAPSULE. Then we want to always build mkeficapsule
if tools-only_defconfig is used.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Environment variables can be stored in two formats:
1. Single entry with header containing CRC32
2. Two entries with extra flags field in each entry header
For that reason fw_env_open() has two main code paths and there are
pointers for CRC32/flags/data.
Previous implementation was a bit hard to follow:
1. It was checking for used format twice (in reversed order each time)
2. It was setting "environment" global struct fields to some temporary
values that required extra comments explaining it
This change simplifies that code:
1. It introduces two clear code paths
2. It sets "environment" global struct fields values only once it really
knows them
To be fair there are *two* crc32() calls now and an extra pointer
variable but that should be cheap enough and worth it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It's usually easier to understand code & follow it if all arguments are
passed explicitly. Many coding styles also discourage using global
variables.
Behaviour of flash_io() was a bit unintuitive as it was writing to a
buffer referenced in a global struct. That required developers to
remember how it works and sometimes required hacking "environment"
global struct variable to read data into a proper buffer.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Addresses the feedback provided on 5902a397d0 ("mkimage: Allow to
specify the signature algorithm on the command line") which raced with
the merge.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
binman fit improvements
ACPI fixes and making MCFG available to ARM
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmIEGscRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZVkwf/RO9qLM/qtpcvtzFTciVFa/GQwd922abw
Anc4DYDBFTWfVymBTZT4Te0luTkZpqBV9cLEGw4XGYKGt+daVYB4cNKknKDOWqLI
adF7xHK2utT3OBlR7pL4d0Rvq0DAAFmyizkbi/CKHhrrpPkW8rPEiZlMwi+WQlTb
9Qv3deoVnRn3ivgw3AnTny+S52IFuI9pH4a34ASWfpOi3gGzICtIAnhVpRXdD+3A
TIhgK6XaGxBc0lVThsqc20FWfZ6rb4WyBRTRgbYivHn/fQxkynxBdSD6WU1ZdGH8
UZGjk5wBIkf+OyHjNQo/VEwoRHXR1k435+gsehUV8LvzytUykzP/FA==
=7Gel
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-8feb22-take3' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
patman snake-case conversion
binman fit improvements
ACPI fixes and making MCFG available to ARM
[trini: Update scripts/pylint.base]
Signed-off-by: Tom Rini <trini@konsulko.com>
Currently it is possible to call "kwboot -b -t /dev/ttyUSB0" but not to
call "kwboot -b /dev/ttyUSB0".
Fix it by not trying to process the last argv[], which is non-getopt()
option (tty path) as the image path for -b.
Fixes: c513fe47dc ("tools: kwboot: Allow to use option -b without image path")
Reported-by: Marcel Ziswiler <marcel@ziswiler.com>
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marcel Ziswiler <marcel@ziswiler.com>
Tested-by: Marcel Ziswiler <marcel@ziswiler.com>
Quit esc sequence may be also in the middle of the read buffer.
Fix the detection for that case.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
The binman FIT entry type shares some code with the Section entry type.
This shared code is bound to grow, since FIT entries are conceptually a
variation of Section entries.
Make FIT entry type a subclass of Section entry type, simplifying it a
bit and providing us the features that Section implements. Also fix the
subentry alignment test which now attempts to write symbols to a
nonexistent SPL ELF test file by creating it first.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Avoid AddMissingProperties() and SetCalculatedProperties() with FIT:
Signed-off-by: Simon Glass <sjg@chromium.org>
Binman can check for missing binary tools and prints warnings if
anything required for an image is missing. The implementation of this
for the Section entry only checks the subentries, presumably because
Section does not use any binary tools itself. However, this means the
check is also skipped for subclasses of Section which might need binary
tools.
Make sure missing binary tools are checked for subclasses of the Section
entry type as well, by calling the parent class' implementation in
the relevant Section method.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman keeps track of binary tools each entry wants to use. The
implementation of this for the FIT entry only adds "mkimage", but not
the tools that would be used by its subentries.
Register the binary tools that FIT subentries will use in addition to
the one FIT itself uses, and check their existence by copying the
appropriate method from Section entry type. Also add tests that check if
these subentries can use and warn about binary tools.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Binman tries to expand some entries into parts that make it up, e.g.
'u-boot' into a 'u-boot-expanded' section that contains 'u-boot-nodtb'
and 'u-boot-dtb'. Entries with child entries must call ExpandEntries()
on them to build a correct image, as it's possible that unexpanded child
entries have no data of their own. The FIT entry type doesn't currently
do this, which means putting a "u-boot" entry inside it doesn't work as
expected.
Implement ExpandEntries() for FIT and add a copy of a simple FIT image
test that checks subentry expansion in FIT entries.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This method has the same name as its class which is confusing. It is also
annoying when searching the code.
It builds a string with a colour, so rename it to build().
Signed-off-by: Simon Glass <sjg@chromium.org>
Rename this function so that when we convert it to snake case it will not
conflict with the built-in print() function.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a -a option to specify changes to the config before the build
commences. For example
buildman -a ~CONFIG_CMDLINE
disables CONFIG_CMDLINE before doing the build.
This makes it easier to try things out as well as to write tests without
creating a new board or manually manging the .config file.
Signed-off-by: Simon Glass <sjg@chromium.org>
If a thread crashes it is helpful to try the operation again with
threading disabled. Add a hint about that.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the only straightforward way to write tests that need a
slightly different configuration is to create a new board with its own
configuration. This is cumbersome.
It would be useful if buildman could adjust the configuration of a build
on the fly. In preparation for this, add a utility library which can
modify a .config file according to various parameters passed to it.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the full horror of the Python traceback is shown by default. It
is normally only useful for debugging. Turn it off by default and add a
--debug flag to enable it.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this function does not run the doctests. Allow the caller to
pass these modules in as strings.
Update patman to use this.
Signed-off-by: Simon Glass <sjg@chromium.org>
malloc() functions are declared via stdlib.h. Including malloc.h can lead
to build errors e.g. on OS-X.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
If `sb_load_cmdfile()` fails to open the configuration file it will jump
to error handling where the code will try to `fclose()` the FILE pointer
which is NULL causing `mkimage` to segfault.
This patch removes the label for error handling and instead returns
immediately which skips the `fclose()` and prevents the segfault. The
errno is also described in the error message to guide users.
Signed-off-by: Mattias Hansson <hansson.mattias@gmail.com>
Reviewed-by: Wolfgang Denk <wd@denx.de>
For adding signing feature for capsule authentication to the host tool,
mkeficapsule, we will link gnutls library for crypto operation.
Since we need this command to complete the capsule authentication test
on sandbox in CI loop, necessary packages must be installed on the host.
See my patch, "tools: mkeficapsule: add firmware image signing."
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
mkimage segfaults due to the ASLR mechanism on MacOS arm64
It is required to use _dyld_get_image_vmaddr_slide()
to prevent segfault on MacOS arm64
This patch is based on the discussion
3b142045e8
Thanks to Jessica Clarke, Ronny Kotzschmar and ptpt52 github user
Reviewed-by: Jessica Clarke <jrtc27@jrtc27.com>
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
binman support for listing files with generated entries
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmH3WqwRHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYzPAf/bRBppRDMhjGP5DCCLmF3WwqeLPVBVI42
O5vjC1fNChpEADiV6HFt6Ply+lpWe/BL5/BxHJ8NE9yDUeJOQlBO3wjbNHWKmEW7
h54HXEGK+zfZD/Bourxn45BVOdGt8PV21ABZcQ9lQsbt20z0sZ7iDNTQjjbHO9Iq
oDo69C06UynWweCG6ZfJky3Hnn07t2PtbyINlVCiKPc01/KFFMfJteQfR2onUgwj
9ZzEG9PUCmAvwuDLYqVhNehv1C08rZ9qV4SxXW3xJpEEsqaAgATm/L/jTOIu3PqR
jm6PKVU14SD+qe9mp9gHM4n8VRTS2Brb4dlBxbYyUaCXoeOrhqxJMg==
=zbnI
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-30jan22' of https://source.denx.de/u-boot/custodians/u-boot-dm
moveconfig fix
binman support for listing files with generated entries
This should enable BootROM output on UART.
(At least on A385 BootROM this is broken, BootROM ignores this debug
flag and does not enable its output on UART if some valid image is
available in SPI-NOR.)
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When -D is specified then both bootmsg and debugmsg are not set, but
imgpath is set. Fix this check for valid and required parameters.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The select() and read() syscalls may be interrupted. Handle EINTR and
retry them.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The write() syscall may be interrupted. Handle EINTR and retry it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
This delay is not needed anymore since kwboot already handles retrying
logic for incomplete xmodem packets and also forces BootROM to flush its
input queue. Removing it decreases total transfer time.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Force the BootROM to flush its input queue after sending boot pattern.
This ensures that after function kwboot_bootmsg() finishes, BootROM is
able to start receiving xmodem packets without any specific delay or
setup.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Allow option -b without image path parameter, to send boot pattern and
wait for response but not send any image. This allows to use kwboot just
for processing boot pattern and user can use any other xmodem tool for
transferring the image itself (e.g. sx). Useful for debugging purposes.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When kwboot is unable to resend current xmodem packet, show an 'E' in the
progress output instead of a '+'. This allows to distinguish between the
state when kwboot is retrying sending the packet and when retry is not
possible.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Unfortunately during some stages of xmodem transfer, A385 BootROM is not
able to handle repeated xmodem packets. So if an error occurs during that
stage, stop the transfer and return failure.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Marvell BootROM expects retransmission of previous xmodem packet only in
the case when it sends NAK response to the host.
Do not change non-xmodem response (possibly UART transfer error) to NAK
in kwboot_xm_recv_reply() function. Allow caller to receive original
response from device.
Change argument 'nak_on_non_xm' to 'stop_on_non_xm'. Instead of changing
non-xmodem character to NAK, stop processing on invalid character and
return it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
It is unknown why handling of CAN byte was added into kwboot tool as
Marvell BootROM does not support CAN byte. It never sends CAN byte to host
and if host sends CAN byte BootROM handles it as an unknown byte.
Remove code for handling and sending CAN bytes from the kwboot tool.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Sometimes if the first byte of xmodem packet (SOH) is incorrectly
transmitted, BootROM sends NAK for every non-SOH received byte, which
makes BootROM and the host kwboot tool out of sync. BootROM automatically
re-synchronizes after 2s pause by dropping its input queue. So when
attempting retransmit for 9th time or later, ignore NAK reply from BootROM
and either wait for valid ACK or let kwboot timeout, which implies
re-synchronization.
This fixes retransmission of xmodem packets and allows kwboot to work also
without "Waiting ... and flushing tty" code which is at the beginning of
kwboot xmodem transfer.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Use the blk_rsp_timeo variable when sleeping before flushing tty.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Fix xmodem retry mechanism if some bytes from xmodem packet were lost and
BootROM is still waiting for completing previous xmodem packet.
It is required to wait at least 1.312s on A385, otherwise BootROM does not
accept next xmodem packet if previous one was not completely transferred.
2s should be enough timeout cause that BootROM will drop incomplete xmodem
packet and expects new packet.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
We can and should run the node generator only when creating a new image.
When we read it back, there is no need to generate nodes - they already
exits, and binman does not dive that deep into the image - and there is
no way to provide the required fdt-list. So store the mode in the image
object so that Entry_fit can simply skip generator nodes when reading
them from an fdtmap.
This unbreaks all read-backs of images that contain generator nodes in
their fdtmap. To confirm this, add a corresponding test case.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Add SPDX to dts file:
Signed-off-by: Simon Glass <sjg@chromium.org>
Commit 37f815cad0 ("moveconfig: Use a function to read files") adds a
helper function that can read a file as lines, but strips the newline
characters. This change broke parts of moveconfig code that relied on
their existence, resulting in a few issues:
Configs that are defined as empty aren't removed from header files (e.g.
"#define CONFIG_REMAKE_ELF"). Make regex patterns use '\b' to match word
boundaries instead of '\W' (which matched the newlines) so these lines
still match and get removed.
All changes in defconfig are considered removed by savedefconfig even
if they weren't, and line continuations in the headers aren't recognized
and removed properly, because their checks explicitly look for a newline
character. Remove the character from both comparisons.
The printed diff of header files is wrongly formatted and raises an
IndexError if a blank line was removed. Let print() print the new lines,
and use size-independent ways to check strings to fix the diff output.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
a bit delayed, the first batch of the sunxi pull request for this cycle.
This is mostly collecting some patches that were lying around for a
while, plus some recent fixes. Nothing too exciting at this point, but
of course they should be merged nevertheless.
There is the much bigger F1C100s SoC support coming up, which I hope to
be able to send in the next few days, along with the removal of sunxi's
lowlevel_init usage.
Compile tested for all 159 sunxi boards, plus briefly tested on BananaPi
M1, OrangePi Zero, Pine64 and Pine-H64.
Due to a bug in the H3 SoC, where the CPU 0 hotplug flag cannot be
written, resuming CPU 0 requires using the "Super Standby" code path in
the BROM instead of the hotplug path. This path requires jumping to an
eGON image in SRAM.
This resume image, whose single purpose is to jump back to the secure
monitor, only needs to contain a single instruction. Padding the image
to 8 KiB would be wasteful of SRAM. Hook up the -B (block size) option
so users can set the block/padding size.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Documentation:
* update Nokia RX-51 documentation and move it to rst
* describe boot switch settings for HiFive Unmatched board
UEFI:
* fix the checking of images hashes and signatures
* provide the RISCV_EFI_BOOT_PROTOCOL
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmH1CY8ACgkQxIHbvCwF
GsTTXA/+L53FjKHiOQLf9+FrNO7AZ7OcL51brl97eRuQ/jVaF4ClPnDrwPv+uj8m
rXJHZr6WLRc7A1bIwTYhoetrir07A4pZSHAiKTQuJS2uVFgX25Lp4y5vPt1jgIwF
BsRyVxF50crNQjDuSDUQF6RHCa5QhvgZ9mZ/WQQ0MjRRysnw6sISvNc9HbZLdbau
FheOHERJknE1HELeAg/5KKRn1lt3ew6/QdEqPCvKuhsNW4y31zYyHXt1bvpK8cq0
6m2fRX87nnaIExAb3WLiID91jyPMmrg3ZUndFJfjcAwjelYa50xxHr/vEgw9S1Pb
xMMZSKTmEFoVdX7umW9uw/p0tWygGOUw8/d9bsZPv7qh1akwoKog2BVl/zRbW+5n
x4zCNXOllh0p2u8rRQRu8BqVNXZpw+Intk5frVPeazwbnvBrZFd7jN3JyHMtbUkv
xXJBgHQgbn3z3+zQf9XEa7VjQ+l92x5n0IRWlRxYYEUkMW6o8XZyhzY5Xn1Q7K2z
kLBx/U7o633D2BPtlt66HmIJa/fH02nD7TmmQy3j0ICQdB2GbHOs2uRF5rATV7v0
LukLrTr7kSebOhyINvabsLl126URsx2YjUs7lhPy6ILWm+QGUs8tqyKdTe0gQ7AZ
vneyV2v3CDmMBF3MhE178/kdoJnwk8q7c7JiCQpLNXA33CJCnxw=
=+edp
-----END PGP SIGNATURE-----
Merge tag 'efi-2022-04-rc1-3' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-04-rc1-3
Documentation:
* update Nokia RX-51 documentation and move it to rst
* describe boot switch settings for HiFive Unmatched board
UEFI:
* fix the checking of images hashes and signatures
* provide the RISCV_EFI_BOOT_PROTOCOL
Abstract common routines to make the code easily understandable.
No functional change.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
All the error messages should be printed out to stderr.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add to support rsa 3072 bits algorithm in tools
for image sign at host side and adds rsa 3072 bits
verification in the image binary.
Add test case in vboot for sha384 with rsa3072 algorithm testing.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present mkimage displays the node information but it is not clear what
signing action was taken. Add a message that shows it. For now it only
supports showing a single signing action, since that is the common case.
Sample:
Signature written to 'sha1-basic/test.fit',
node '/configurations/conf-1/signature'
Public key written to 'sha1-basic/sandbox-u-boot.dtb',
node '/signature/key-dev'
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the two functions that call add_verify_data() so that the caller
can see the node that was written to.
Signed-off-by: Simon Glass <sjg@chromium.org>
The copyfile() implementation has strange behaviour if the destination
file already exists. Update it to ensure that any existing data in the
destination file is dropped.
Signed-off-by: Simon Glass <sjg@chromium.org>
Each bintool has some documentation which can be useful for the user.
Add a new command that collects this and writes it into a .rst file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Drop the unused gzip code, update comments and add a test for an
invalid algorithm. The temporary file is not needed now, so drop that
also.
Signed-off-by: Simon Glass <sjg@chromium.org>
Bintools can be missing, in which case binman continues operation but
reports an invalid image. Plumb in support for this and add tests for
entry types which use bintools.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the code to use this bintool, instead of running lzma_alone
directly. This simplifies the code and provides more consistency.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to compress and decompress data.
It supports the features needed by binman as well as installing via the
lzma-alone package.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the code to use this bintool, instead of running lz4 directly. This
simplifies the code and provides more consistency.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to compress and decompress data.
It supports the features needed by binman as well as installing via the
lz4 package.
Signed-off-by: Simon Glass <sjg@chromium.org>
The compression functions are not actually used by patman, so we don't
need then in the tools module. Also we want to change them to use
bintools, which patman will not support.
Move these into a new comp_util module, within binman.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the fit and mkimage entry types to use this bintool, instead of
running mkimage directly. This simplifies the code and provides more
consistency as well as supporting missing bintools.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the ifwi entry type to use this bintool, instead of running
ifwitool directly. This simplifies the code and provides more
consistency as well as supporting missing bintools.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the GBB and vblock entry types to use this bintool, instead of
running futility directly. This simplifies the code and provides more
consistency as well as supporting missing bintools.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the FIP tests to use this bintool, instead of running fiptool
directly. This simplifies the code and provides more consistency as well
as supporting missing bintools.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the CBFS tests to use this bintool, instead of running cbfstool
directly. This simplifies the overall code and provides more consistency,
as well as supporting missing bintools.
Signed-off-by: Simon Glass <sjg@chromium.org>
The tests rely on having at least 5 bintool implementions. Now that we
have this, enable them. Add tests for the binman 'tool' subcommand.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to build images for use by U-Boot.
It supports the features needed by binman as well as installing via the
u-boot-tools packages. Although this is built in the U-Boot tree, it is
still useful to install a binary on the system.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to build Intel IFWI images. It
supports the features needed by the tests as well as downloading a binary
from Google Drive. Although this is built in the U-Boot tree, it is not
currently included with u-boot-tools, so it may be useful to install a
binary on the system.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to sign Chrome OS images and
build the Google Binary Block (GBB). It supports the features needed by
binman as well as fetching a binary from Google Drive. Building it from
source is possible but is left for another time, as it requires at least
one other library.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to run FIP tests. It supports
the features needed by the tests as well as building a binary from
the git tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a Bintool for this, which is used to run CBFS tests. It supports
the features needed by the tests as well as fetching a binary from
Google Drive. Building it from source is very slow since it is not
separately supported by the coreboot build system and it builds an
entire gcc toolchain before starting.
Signed-off-by: Simon Glass <sjg@chromium.org>
Support collecting the available bintools needed by an image, by
scanning the entries in the image.
Also add a command-line interface to access the basic bintool features,
such as listing the bintools and fetching them if needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Binman requires various tools to actually work, such as 'lz4' to compress
data and 'futility' to sign Chrome OS firmware. At present these are
handled in an ad-hoc manner and there is no easy way to find out what
tools are needd to build an image, nor where to obtain them.
Add an implementation of 'bintool', a base class which implements this
functionality. When a bintool is required, it can be requested from this
module, then executed. When the tool is missing, it can provide a way to
obtain it.
Note that this uses Command directly, not the tools.Run() function. This
allows proper handling of missing tools and avoids needing to catch and
re-raise exceptions.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since this is a list of blobs, each blob should have the ability to be
faked, as with blob-ext. Update the Entry base class to set allow_fake
and use the base class in the section code also, so that this propagagtes
to blob-ext-list, which is not a section.
Signed-off-by: Simon Glass <sjg@chromium.org>
The Run() function automatically uses the PATH variable to locate a tool
when running it. Add a function that does this manually, so we don't have
to run a tool to find out if it is present.
This is needed by the new Bintool class, which wants to check which tools
are present.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reverse the order of the return tuple, so that the filename is first.
This seems more obvious than putting the temporary directory first.
Correct a bug that leaves a space on the final line.
Allow the caller to control the name of the temporary directory.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a new function which returns the entire result from running a tool,
not just stdout. Update Run() to use this and to return stdout on error,
if stderr is empty, since some unfortunate tools write their error
output to stdout rather than stderr.
Move building of the PATH to a separate function.
Make the exception catching more specific, to catch just ValueError, since
broad exceptions are a pain to debug.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this does not check that the external data is in the expected
place. Use a non-zero offset for the external data and check it.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is a debug message at present, which is not very helpful. Print out
the error so that action can be taken.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some newer toolchains do not create a symbol for the .ucode section that
this test relies on. Update the test to use the symbol that is explicitly
created, instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
There are over 200 errors in this file. Fix some of them, starting at the
beginning of the file. Future work can continue this effort.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present there is quite a bit of ad-hoc code reading from files. The
most common case is to read the file as lines. Put it in a function and
set the unicode encoding correctly.
Avoid writing back to a file when there are obviously no changes as this
speeds things up slightly.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present there is quite a bit of ad-hoc code writing to files. The
treatment of newlines is different in some of them. Put it in a function
and set the unicode encoding correctly.
Signed-off-by: Simon Glass <sjg@chromium.org>
Python 2 is not supported anymore and Python 3 has had subprocess.DEVNULL
since version 3.3 which was released in 2012. Drop the unnecessary check.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This is a newer library and is now preferred for Python scripts. Update
the code to use it instead of optparse
Use 'args' instead of 'options' throughout, since this is the term used
in that module. Also it helps to avoid confusion with CONFIG options, a
term that is used in this file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Quite a few places use double quotes. Fix this to be consistent with
other Python code in U-Boot.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>