Commit graph

3494 commits

Author SHA1 Message Date
Ralph Siemsen
afdfcb11f9 tools: spkgimage: add Renesas SPKG format
Renesas RZ/N1 devices contain BootROM code that loads a custom SPKG
image from QSPI, NAND or USB DFU. Support this format in mkimage tool.

SPKGs can optionally be signed, however creation of signed SPKG is not
currently supported.

Example of how to use it:

tools/mkimage -n board/schneider/rzn1-snarc/spkgimage.cfg \
	-T spkgimage -a 0x20040000 -e 0x20040000 \
	-d u-boot.bin u-boot.bin.spkg

The config file (spkgimage.cfg in this example) contains additional
parameters such as NAND ECC settings.

Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
2023-05-13 04:01:30 +02:00
Simon Glass
f2fac8b557 binman: Support writing symbols for ucode etypes
Allow symbol writing in these cases so that U-Boot can find the position
and size of U-Boot at runtime.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2023-05-11 10:25:29 +08:00
Simon Glass
43bdb3b39a buildman: Pass -Werror to the host compiler too
The host compiler is not failing on warnings at present, when the
-E flag is used in buildman. Add the required flag to fix this.

Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Tom Rini <trini@konsulko.com>
2023-05-03 18:30:46 -04:00
Heinrich Schuchardt
5fd1084657 tools: fix TestFdtUtil()
Variable old_outdir cannot be used before assignment.
The assignment must occur before the try block.

tools/dtoc/test_fdt.py:796:26:
E0601: Using variable 'old_outdir' before assignment
(used-before-assignment)

Add missing space in assignment.

Fixes: a004f29464 ("binman: Tidy up _SetupDtb() to use its own temporary file")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-05-03 18:30:46 -04:00
Jan Kiszka
de65b122a2 tools: Fall back to importlib_resources on Python 3.6
importlib.resources became part of 3.7 only. Allow using distros with
3.6 and the importlib_resources backport.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-28 11:49:00 -06:00
Heinrich Schuchardt
c25be4f3ac patman: fix class TestFunctional
Variable orig_dir cannot be used in the finally block if it has not be
assigned outside of the try block.

tools/patman/func_test.py:523:21:
E0601: Using variable 'orig_dir' before assignment
(used-before-assignment)

tools/patman/func_test.py:691:21:
E0601: Using variable 'orig_dir' before assignment
(used-before-assignment)

Fixes: fd70986a62 ("patman: Add a test that uses gitpython")
Fixes: be051c0c77 ("patman: Detect missing upstream in CountCommitsToBranch")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-28 11:49:00 -06:00
Simon Glass
ad827e15b2 binman: Use expanduser instead of HOME
There may not be a HOME environment variable, so use the os.expanduser()
function instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-04-28 11:49:00 -06:00
Andrew Davis
c71ee7e163 binman: Use unsigned long over typedef ulong
The header binman_sym.h depends on ulong typedef but does not include
types.h. This means the header must be included after including types.h
or a header that includes it.

We could include types.h but instead let's just switch from ulong
to directly using unsigned long. This removes the need for typedef'ing
it in some of the tests, so also remove those.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-28 11:30:17 -06:00
John Keeping
51e0cacca7 tools: env: update lock path in README
Commit aeb40f1166 ("tools: env: use /run to store lockfile") updated the
path to the lockfile but did not update the documentation to match.

Use the new path in the documentation.

Fixes: aeb40f1166 ("tools: env: use /run to store lockfile")
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-25 15:31:28 -04:00
Simon Glass
b646e1f69f patman: Declare the future Series memory
This member is used in series.MakeCcFile() so should be declared in the
Series class.

Add a declaration to silence the warning.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-04-23 14:24:41 -04:00
Bin Meng
781a0308f4 tools: prelink-riscv: Unmap the ELF image when done
The codes forget to call munmap() to unmap the ELF image that was
mapped by previous mmap().

Signed-off-by: Bin Meng <bmeng@tinylab.org>
Reviewed-by: Rick Chen <rick@andestech.com>
2023-04-20 20:45:08 +08:00
Bin Meng
fb3cc482da tools: prelink-riscv: Cosmetic style fixes
Some coding convention fixes.

Signed-off-by: Bin Meng <bmeng@tinylab.org>
Reviewed-by: Rick Chen <rick@andestech.com>
2023-04-20 20:45:08 +08:00
Pali Rohár
5d8178563b tools: kwboot: Add support for parsing SATA images with non-512 block size
Currently kwboot expected that sector size for SATA image is always 512
bytes. If SATA image cannot be parsed with sector size of 512 bytes, try
larger sector sizes which are power of two and up to the 32 kB. Maximal
theoretical value is 32 kB because ATA IDENTIFY command returns sector size
as 16-bit number.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-04-13 11:34:47 +02:00
Pali Rohár
11af96d7e6 tools: kwbimage: Add support for SATA images with non-512 byte block size
SATA kwbimage contains offsets in block size unit, not in bytes.

Until now kwbimage expected that SATA disk always have block size of 512
bytes. But there are 4K Native SATA disks with block size of 4096 bytes.

New SATA_BLKSZ command allows to specify different block size than 512
bytes and therefore allows to generate kwbimage for disks with different
block sizes.

This change add support for generating SATA images with different block
size. Also it add support for verifying and dumping such images.

Because block size itself is not stored in SATA kwbimage, image
verification is done by checking every possible block size (it is any
power of two value between 512 and 32 kB).

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-04-13 11:34:47 +02:00
Pali Rohár
62d81d68d2 tools: kwbimage: Simplify align code
Replace repeated code patterns by generic code.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-04-13 11:34:47 +02:00
Pali Rohár
2972d7d62f tools: imagetool: Extend print_header() by params argument
This allows image type print_header() callback to access struct
image_tool_params *params.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-13 11:34:47 +02:00
Heinrich Schuchardt
686e9ef605 tools: avoid implicit fallthrough in fdt_add_pubkey
When building with -Wimplicit-fallthrough we get a warning

    tools/fdt_add_pubkey.c:52:25: warning:
    this statement may fall through [-Wimplicit-fallthrough=]
       52 |                         print_help();
          |

Explicitly declare which functions don't return.

Fixes: 30238e9961 ("tools: add fdt_add_pubkey")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-06 19:10:08 -04:00
Tim Lee
aeb40f1166 tools: env: use /run to store lockfile
According this issue https://github.com/ppp-project/ppp/issues/339.
Eventually, the dt-utils changed lock directory to fix missing /var/lock
directory error then make dt-utils can run normally.

We also have a similar issue with these two utilities fw_printenv and
fw_setenv will failed when the directory /var/lock is non-existent.

We have a custom linux distribution built with yocto (OpenBMC) that
use systemd and it deprecated the /var/lock directory.
More discussion in systemd/systemd#15668.

Thus, we sync with community's solution for uboot/tools/env utilities:
The current location /var/lock is considered legacy (at least by systemd).
Just use /run to store the lockfile and append the usual .lock suffix.

Tested:
Verified /run/lock is now present and fw_printenv can work in OpenBMC.

Signed-off-by: Tim Lee <timlee660101@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2023-04-06 19:10:05 -04:00
Safae Ouajih
f444939755 Dockerfile: add mkbootimg tool
mkbootimg tool is part of the Android project and it is
used to pack Android boot images such as boot image
and vendor_boot image.

Use the following command to run mkbootimg:
$ python3 -m mkbootimg

Add mkbootimg to the docker file

Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Tested-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
2023-04-04 14:50:47 -04:00
Tom Rini
d7e0678c76 CI: Move to clang-16
As this is now the stable release, move to using that now for our tests.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-04 12:26:31 -04:00
Tom Rini
866f30205b Dockerfile: Populate a pip cache
Given the number of jobs in CI we have which use python and pip install
packages, we should do this once in the Dockerfile, in order to populate
the cache. We let each job continue to create and use the virtual
environments they need to facilitate making updates to these
environments easier.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-04-04 12:24:29 -04:00
Tom Rini
288fe30a23 Merge branch 'next'
Signed-off-by: Tom Rini <trini@konsulko.com>
2023-04-03 16:45:41 -04:00
Simon Glass
49d8cc4cbe buildman: Correct overwriting of settings file
The toolchain test causes the settings file to be overwritten, which is
annoying for local development. Fix it by passing None as the filename.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-31 08:32:52 +13:00
Jan Kiszka
367b1bf2ce arm: dts: iot2050: Optionally embed OTP programming data into image
Use external blob otpcmd.bin to replace the 0xff filled OTP programming
command block to create a firmware image that provisions the OTP on
first boot. This otpcmd.bin is generated from the customer keys using
steps described in the meta-iot2050 integration layer for the device.

Based on original patch by Baocheng Su.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2023-03-29 11:58:26 -04:00
Jan Kiszka
033ab460d0 iot2050: Add script for signing artifacts
There are many ways to get a signed firmware for the IOT2050 devices,
namely for the parts under user-control. This script documents one way
of doing it, given a signing key. Augment the board documentation with
the required procedure around it.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2023-03-29 11:58:26 -04:00
Jan Kiszka
75c89069f0 tools: Add script for converting public key into device tree include
Allows to create a public key device tree dtsi for inclusion into U-Boot
SPL and proper during first build already. This can be achieved via
CONFIG_DEVICE_TREE_INCLUDES.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2023-03-29 11:58:26 -04:00
Jan Kiszka
6ac9131702 iot2050: Update firmware layout
The latest version of the binary-only firmware parts come in a combined
form of FSBL and sysfw containers. This implies some layout changes to
the generated firmware image but also makes handling of artifacts much
simpler (4 files less). The env locations will not change, just the
space reserved for U-Boot will shrink from 4 to 3 MB - still plenty of
space left in practice.

Adjust configuration and documentation accordingly.

Along this change, add a new reservation for update commands of the
user-controlled OTP part. A specific userspace tool will fill it, and
the FSBL will evaluate it during boot. This reservation will use 64K of
the former sysfw section.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2023-03-29 11:58:26 -04:00
Pali Rohár
66cf977716 tools: kwboot: Document information about NOR XIP
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2023-03-24 13:13:57 +01:00
Pali Rohár
c2b9edacb8 tools: kwboot: Workaround A38x BootROM bug for images with a gap
A38x BootROM has a bug which cause that BootROM loads data part of UART
image into RAM target address increased by one byte when source address
and header size stored in the image header are not same.

Workaround this bug by completely removing a gap between header and data
part of the UART image. Without gap, this BootROM bug is not triggered.

This gap can be present in SDIO or SATA image types which have aligned
start of the data part to the media sector size. With this workaround
kwboot should be able to convert and send SDIO or SATA images for UART
booting.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2023-03-24 13:13:52 +01:00
Pali Rohár
bb949e1da0 tools: kwboot: Fix sending very small images
Sending of very small images (smaller than 128 bytes = xmodem block size)
cause out-of-bound memory read access. Fix this issue by ensuring that
hdrsz when sending image is not larger than total size of the image.
Issue was introduced in commit f8017c3779 ("tools: kwboot: Fix sending
Kirkwood v0 images"). Special case when total image is smaller than header
size aligned to multiply of xmodem size is already handled since that
commit.

Fixes: f8017c3779 ("tools: kwboot: Fix sending Kirkwood v0 images")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2023-03-24 13:13:47 +01:00
Pali Rohár
2b7852c2aa tools: kwboot: Fix inserting UART data checksum without -B option
Commit 7665ed2fa0 ("tools: kwboot: Fix parsing UART image without data
checksum") added fixup code to insert place for data checksum if UART image
does not have it. Together with option -B (change baudrate), kwboot
calculates this checksum. Without option -B, it inserts only place for
checksum but does not calculate it.

This commit fix above logic and calculate data checksum also when kwboot is
used without -B option.

Fixes: 7665ed2fa0 ("tools: kwboot: Fix parsing UART image without data checksum")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2023-03-24 13:13:41 +01:00
Pali Rohár
848d9a5eaa tools: kwboot: Fix invalid UART kwbimage v1 headersz
Ensure that UART aligned header size is always stored into kwbimage v1
header. It is needed for proper UART booting. Calculation of headersz field
was broken in commit d656f5a0ee ("tools: kwboot: Calculate real used
space in kwbimage header when calling kwboot_img_grow_hdr()") which
introduced optimization of kwboot_img_grow_hdr() function.

Fixes: d656f5a0ee ("tools: kwboot: Calculate real used space in kwbimage header when calling kwboot_img_grow_hdr()")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2023-03-24 13:13:35 +01:00
Pali Rohár
12e79fbfff tools: kwbimage: Fix invalid UART kwbimage v1 headersz
Armada 385 BootROM ignores low 7 bits of headersz when parsing kwbimage
header of UART type, which effectively means that headersz is rounded down
to multiply of 128 bytes. For all other image types BootROM reads and use
all bits of headersz. Therefore fill into UART type of kwbimage v1 headersz
aligned to 128 bytes.

Fixes: 2b0980c240 ("tools: kwbimage: Fill the real header size into the main header")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
2023-03-24 13:13:14 +01:00
Tom Rini
d9ab69d736 proftool: Remove unused variables in make_flame_tree
With clang-15 we now get reported that in the make_flame_tree function,
neither the missing_count nor depth variables are used, only
incremenete/decremented. Remove these.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-03-22 15:22:48 -04:00
Tom Rini
a6b8dd8a12 imx8image: Remove unused cont_img_count variable
With clang-15, it is now reported that cont_img_count is unused. This is
true as the code will increment / reset this counter, but never
functionally use it. Remove it.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Fabio Estevam <festevam@denx.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
2023-03-22 15:22:48 -04:00
Tom Rini
e3059db90b Dockerfile: Update to latest "Jammy" tag
Update to using the latest "Jammy" tag as our base.

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-03-21 21:04:09 -04:00
Tom Rini
3854706f0f Dockerfile: Add m68k-softmmu to qemu
Given efforts to add an m68k target to CI, build qemu for it.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
2023-03-21 21:04:05 -04:00
Tom Rini
cefd0449d6 Xilinx changes for v2023.07-rc1
cmd:
 - Print results in hex instead of dec in smc command
 
 firmware:
 - Cover missing ZYNQMP_FIRMWARE dependencies
 
 fpga:
 - fix loads for unencrypted use case
 
 relocation
 - Add support for BE systems
 
 spi:
 - Fix xilinx_spi init reset sequence
 
 arasan nand:
 - Remove hardcoded bbt option
 - Set ofnode value
 
 xilinx:
 - Enable SMC command
 - Fix some sparse issues
 
 zynqmp:
 - Remove cdns,zynq-gem compatible string
 - Add optee node
 - Some DT cleanups
 
 zynq:
 - Some DT cleanups
 
 microblaze
 - Remove MANUAL_RELOC option
 -----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCZBHCfAAKCRDKSWXLKUoM
 ITcJAKCF8qmG8QPZptsoMj4dcceoaSJnyACfSGgH4ytUY8QkP8Yp0Z5U8HoY6a8=
 =eAAF
 -----END PGP SIGNATURE-----

Merge tag 'xilinx-for-v2023.07-rc1' of https://source.denx.de/u-boot/custodians/u-boot-microblaze into next

Xilinx changes for v2023.07-rc1

cmd:
- Print results in hex instead of dec in smc command

firmware:
- Cover missing ZYNQMP_FIRMWARE dependencies

fpga:
- fix loads for unencrypted use case

relocation
- Add support for BE systems

spi:
- Fix xilinx_spi init reset sequence

arasan nand:
- Remove hardcoded bbt option
- Set ofnode value

xilinx:
- Enable SMC command
- Fix some sparse issues

zynqmp:
- Remove cdns,zynq-gem compatible string
- Add optee node
- Some DT cleanups

zynq:
- Some DT cleanups

microblaze
- Remove MANUAL_RELOC option
2023-03-16 12:18:30 -04:00
Tom Rini
cb90ddb2a6 More tests and fixes for fdt command
binman signing feature
 fix buildman -A bug introduced recently
 -----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmQQ8KIRHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreYRmwgA1XAHafEOfhaya54nalUgW9qYZe5Ntfqd
 4Tg7zj3gadZuv82LuyskEyBKptwRCzgX0Tyx62V3Oop9vJ/cCwjIB4AGhCsMKERf
 NqcMd8fbGbJ9jJzOp7gNTHzV4vSmwKM0lRkxbClMFcvMsfVdKcBRPswLLghk5/xL
 Uu4Ww4yfe7UCqgBm9uouVaIbcNNcl8p0QnSJT9HvwjGKawPT6uSHOHK9Wpkud0q1
 ZyrPpCMA29mifhIU8aH5CJH5G61UbGcVSDhm9lIKwqZg+KJGuYf64JbZoY9JI2/z
 pOUHLZx7fVHoFyWKWfVkA9l6HRjZTRc0nJhYFx5HyNUOU50hMENeTQ==
 =ko2P
 -----END PGP SIGNATURE-----

Merge tag 'dm-next-12mar23a' of git://git.denx.de/u-boot-dm into next

More tests and fixes for fdt command
binman signing feature
fix buildman -A bug introduced recently

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-03-16 12:16:14 -04:00
Simon Glass
c3cea95fd2 buildman: Fix CROSS_COMPILE output for sandbox
The previous attempt at fixing this broke the normal usage of the -A
flag.

At present, 'buildman -A sandbox' adds the path containing the
toolchain. We can assume that this is in the path and we don't want to
set CROSS_COMPILE=/bin/

Change this to align with what MakeEnvironment() does, but only for
sandbox boards.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:52 -06:00
Simon Glass
2dbfcf439a Revert "buildman: Correct CROSS_COMPILE output for sandbox"
This reverts commit bd0a548ad4.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:52 -06:00
Roman Kopytin
30238e9961 tools: add fdt_add_pubkey
Having to use the -K option to mkimage to populate U-Boot's .dtb with the
public key while signing the kernel FIT image is often a little
awkward. In particular, when using a meta-build system such as
bitbake/Yocto, having the tasks of the kernel and U-Boot recipes
intertwined, modifying deployed artifacts and rebuilding U-Boot with
an updated .dtb is quite cumbersome. Also, in some scenarios one may
wish to build U-Boot complete with the public key(s) embedded in the
.dtb without the corresponding private keys being present on the same
build host.

So this adds a simple tool that allows one to disentangle the kernel
and U-Boot builds, by simply copy-pasting just enough of the mkimage
code to allow one to add a public key to a .dtb. When using mkimage,
some of the information is taken from the .its used to build the
kernel (algorithm and key name), so that of course needs to be
supplied on the command line.

Signed-off-by: Roman Kopytin <Roman.Kopytin@kaspersky.com>
Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
2023-03-14 16:08:52 -06:00
Ivan Mikhaylov
5b34efe865 binman: add tests for sign option
Add the test which provides sequence of actions:
  1. create the image from binman dts
  2. create public and private keys
  3. add public key into dtb with fdt_add_pubkey
  4. 1. sign FIT container with new sign option with extracting from
        image
     2. sign exact FIT container with replacing of it in image
  5. check with fit_check_sign

Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Renumber test file from 277 to 280;
   Move UpdateSignatures() to Entry base class;
   Don't allow missing mkimage as it doesn't make sense;
   Propagate --toolpath for CI;
   Call mark_build_done() to avoid regenerating FIT:
Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:52 -06:00
Ivan Mikhaylov
4023dc9c95 binman: add sign option for binman
Introduce proof of concept for binman's new option which provides sign
and replace FIT containers in binary images.

Usage as example:

from:
mkimage -G privateky -r -o sha256,rsa4096 -F fit
binman replace -i flash.bin -f fit.fit fit

to:
binman sign -i flash.bin -k privatekey -a sha256,rsa4096 -f fit.fit fit

and to this one if it's need to be extracted, signed with key and put it
back in image:
binman sign -i flash.bin -k privatekey -a sha256,rsa4096 fit

Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
2023-03-14 16:08:51 -06:00
Ivan Mikhaylov
0f40e23fd2 binman: add documentation for binman sign option
Add the documentation about binman sign option and providing an
example.

Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Add a section about 'binman sign' at the bottom:
Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:51 -06:00
Tom Rini
a5faa4a9eb Prepare v2023.04-rc4
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmQPxXsACgkQFHw5/5Y0
 tyzRWgwAlpwF0u0Xtfs+isnwy/2wb1uMKSeZTiMWkP8he48DX/+db1LHyxnb5apX
 5ULLLKnxZGDviFNw6F/Vuq/BlL8aK+K6wJm+HxdN4Df+sQZgP0kZVnZH1DcDGyJ7
 2I5mYxXCQiRfl3lG8uHdfQyGT5BOm1ZYTIBgXPzpdp/PS6Es74aIHfHS4UdsnpZ2
 dw5APUHnXsSeycbvgiZZEAQphRGplTgSmEDLZTCHD6+oIFoyJVMRr4QWc+KjYPR8
 MgfykqaITO7xKg1V2GwEWJA7LpU4L3HrK+8upSjdx0kfKw4jZoBTU5LE3dnk+6fz
 rgisMfyDGZ+w467uk9BSAO9smRRRI7GFMSkvi+kMQtVCFWCSaddkfYPlpFu1PND7
 nHfxkzoIjxeEOG8yIFF8P199w2lEorKTxlXuNBStfozvAz1wfhgq3o3WQGpvDmqF
 E+FoC7t73qVu6DVMiCXCOyUYNyI7d1tFlUhlbZPVCelVL8RX3JjMF/0uhLsOSDMc
 s4z/6fVq
 =xK+J
 -----END PGP SIGNATURE-----

Merge tag 'v2023.04-rc4' into next

Prepare v2023.04-rc4

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-03-14 12:06:35 -04:00
Ovidiu Panait
02d30e5f92 tools: relocate-rela: add support for handling 32-bit big endian files
Currently, a microblaze build with CONFIG_SYS_BIG_ENDIAN=y and
CONFIG_STATIC_RELA=y fails with:
tools/relocate-rela: Not supported machine type
ELF decoding failed
make[2]: *** [u-boot/Makefile:1306: u-boot-nodtb.bin] Error 1

To fix this, convert the 32-bit codepath to use the previously added
elf{16,32}_to_cpu() functions. The aarch64 codepath is left untouched.

This commit ensures that CI doesn't fail for the next patches which enable
runtime relocation by default for microblaze.

Reviewed-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Link: https://lore.kernel.org/r/20230311173838.521804-3-ovpanait@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2023-03-13 11:46:17 +01:00
Ovidiu Panait
424f04fcd9 tools: relocate-rela: introduce elf16_to_cpu() and elf32_to_cpu()
Add elf16_to_cpu() and elf32_to_cpu() functions that allow to read data in
both big-endian and little-endian formats.

Reviewed-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Link: https://lore.kernel.org/r/20230311173838.521804-2-ovpanait@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2023-03-13 11:46:17 +01:00
Ovidiu Panait
26c8c1bd12 tools: relocate-rela: adjust le64_to_cpu -> le32_to_cpu in decode_elf32()
The sh_addr/sh_offset/sh_size fields in Elf32_Shdr are 32-bits wide, so
use le32_to_cpu() instead of the 64-bit variant.

Fixes: 5e0e1a86d3 ("tools: relocate-rela: Fix ELF decoding on big-endian hosts")
Reviewed-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Link: https://lore.kernel.org/r/20230311173838.521804-1-ovpanait@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2023-03-13 11:46:17 +01:00
Simon Glass
953d4177af binman: Support generation of x509 certificates
And a new entry type which supports generation of x509 certificates.
This uses a new 'openssl' btool with just one operation so far.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 13:15:15 -08:00