Commit graph

3505 commits

Author SHA1 Message Date
Simon Glass
c3cea95fd2 buildman: Fix CROSS_COMPILE output for sandbox
The previous attempt at fixing this broke the normal usage of the -A
flag.

At present, 'buildman -A sandbox' adds the path containing the
toolchain. We can assume that this is in the path and we don't want to
set CROSS_COMPILE=/bin/

Change this to align with what MakeEnvironment() does, but only for
sandbox boards.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:52 -06:00
Simon Glass
2dbfcf439a Revert "buildman: Correct CROSS_COMPILE output for sandbox"
This reverts commit bd0a548ad4.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:52 -06:00
Roman Kopytin
30238e9961 tools: add fdt_add_pubkey
Having to use the -K option to mkimage to populate U-Boot's .dtb with the
public key while signing the kernel FIT image is often a little
awkward. In particular, when using a meta-build system such as
bitbake/Yocto, having the tasks of the kernel and U-Boot recipes
intertwined, modifying deployed artifacts and rebuilding U-Boot with
an updated .dtb is quite cumbersome. Also, in some scenarios one may
wish to build U-Boot complete with the public key(s) embedded in the
.dtb without the corresponding private keys being present on the same
build host.

So this adds a simple tool that allows one to disentangle the kernel
and U-Boot builds, by simply copy-pasting just enough of the mkimage
code to allow one to add a public key to a .dtb. When using mkimage,
some of the information is taken from the .its used to build the
kernel (algorithm and key name), so that of course needs to be
supplied on the command line.

Signed-off-by: Roman Kopytin <Roman.Kopytin@kaspersky.com>
Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
2023-03-14 16:08:52 -06:00
Ivan Mikhaylov
5b34efe865 binman: add tests for sign option
Add the test which provides sequence of actions:
  1. create the image from binman dts
  2. create public and private keys
  3. add public key into dtb with fdt_add_pubkey
  4. 1. sign FIT container with new sign option with extracting from
        image
     2. sign exact FIT container with replacing of it in image
  5. check with fit_check_sign

Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Renumber test file from 277 to 280;
   Move UpdateSignatures() to Entry base class;
   Don't allow missing mkimage as it doesn't make sense;
   Propagate --toolpath for CI;
   Call mark_build_done() to avoid regenerating FIT:
Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:52 -06:00
Ivan Mikhaylov
4023dc9c95 binman: add sign option for binman
Introduce proof of concept for binman's new option which provides sign
and replace FIT containers in binary images.

Usage as example:

from:
mkimage -G privateky -r -o sha256,rsa4096 -F fit
binman replace -i flash.bin -f fit.fit fit

to:
binman sign -i flash.bin -k privatekey -a sha256,rsa4096 -f fit.fit fit

and to this one if it's need to be extracted, signed with key and put it
back in image:
binman sign -i flash.bin -k privatekey -a sha256,rsa4096 fit

Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
2023-03-14 16:08:51 -06:00
Ivan Mikhaylov
0f40e23fd2 binman: add documentation for binman sign option
Add the documentation about binman sign option and providing an
example.

Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Add a section about 'binman sign' at the bottom:
Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-14 16:08:51 -06:00
Tom Rini
a5faa4a9eb Prepare v2023.04-rc4
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmQPxXsACgkQFHw5/5Y0
 tyzRWgwAlpwF0u0Xtfs+isnwy/2wb1uMKSeZTiMWkP8he48DX/+db1LHyxnb5apX
 5ULLLKnxZGDviFNw6F/Vuq/BlL8aK+K6wJm+HxdN4Df+sQZgP0kZVnZH1DcDGyJ7
 2I5mYxXCQiRfl3lG8uHdfQyGT5BOm1ZYTIBgXPzpdp/PS6Es74aIHfHS4UdsnpZ2
 dw5APUHnXsSeycbvgiZZEAQphRGplTgSmEDLZTCHD6+oIFoyJVMRr4QWc+KjYPR8
 MgfykqaITO7xKg1V2GwEWJA7LpU4L3HrK+8upSjdx0kfKw4jZoBTU5LE3dnk+6fz
 rgisMfyDGZ+w467uk9BSAO9smRRRI7GFMSkvi+kMQtVCFWCSaddkfYPlpFu1PND7
 nHfxkzoIjxeEOG8yIFF8P199w2lEorKTxlXuNBStfozvAz1wfhgq3o3WQGpvDmqF
 E+FoC7t73qVu6DVMiCXCOyUYNyI7d1tFlUhlbZPVCelVL8RX3JjMF/0uhLsOSDMc
 s4z/6fVq
 =xK+J
 -----END PGP SIGNATURE-----

Merge tag 'v2023.04-rc4' into next

Prepare v2023.04-rc4

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-03-14 12:06:35 -04:00
Ovidiu Panait
02d30e5f92 tools: relocate-rela: add support for handling 32-bit big endian files
Currently, a microblaze build with CONFIG_SYS_BIG_ENDIAN=y and
CONFIG_STATIC_RELA=y fails with:
tools/relocate-rela: Not supported machine type
ELF decoding failed
make[2]: *** [u-boot/Makefile:1306: u-boot-nodtb.bin] Error 1

To fix this, convert the 32-bit codepath to use the previously added
elf{16,32}_to_cpu() functions. The aarch64 codepath is left untouched.

This commit ensures that CI doesn't fail for the next patches which enable
runtime relocation by default for microblaze.

Reviewed-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Link: https://lore.kernel.org/r/20230311173838.521804-3-ovpanait@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2023-03-13 11:46:17 +01:00
Ovidiu Panait
424f04fcd9 tools: relocate-rela: introduce elf16_to_cpu() and elf32_to_cpu()
Add elf16_to_cpu() and elf32_to_cpu() functions that allow to read data in
both big-endian and little-endian formats.

Reviewed-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Link: https://lore.kernel.org/r/20230311173838.521804-2-ovpanait@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2023-03-13 11:46:17 +01:00
Ovidiu Panait
26c8c1bd12 tools: relocate-rela: adjust le64_to_cpu -> le32_to_cpu in decode_elf32()
The sh_addr/sh_offset/sh_size fields in Elf32_Shdr are 32-bits wide, so
use le32_to_cpu() instead of the 64-bit variant.

Fixes: 5e0e1a86d3 ("tools: relocate-rela: Fix ELF decoding on big-endian hosts")
Reviewed-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Ovidiu Panait <ovpanait@gmail.com>
Link: https://lore.kernel.org/r/20230311173838.521804-1-ovpanait@gmail.com
Signed-off-by: Michal Simek <michal.simek@amd.com>
2023-03-13 11:46:17 +01:00
Simon Glass
953d4177af binman: Support generation of x509 certificates
And a new entry type which supports generation of x509 certificates.
This uses a new 'openssl' btool with just one operation so far.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 13:15:15 -08:00
Simon Glass
7caa372a5e binman: Support updating section contents
Implement this feature since it is useful for updating FITs within an
image.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
033828cf34 binman: Handle missing bintools correctly in fit
At present these are handled as if they are allowed to be missing, but
this is only true if the -M flag is provided. Fix this and add a test.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
e00197f92d binman: Allow preserving the output dir when replacing
Add these flags for the 'replace' subcommand too, to aid debugging.

Signed-off-by: Simon Glass <sjg@chromium.org>

44 2023 -0700
2023-03-08 13:15:14 -08:00
Simon Glass
bd0a548ad4 buildman: Correct CROSS_COMPILE output for sandbox
At present, 'buildman -A sandbox' adds the path containing the
toolchain at present. We can assume that this is in the path and
we don't want to set CROSS_COMPILE=/bin/ so change this to align
with what MakeEnvironment() does.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
00d54ae8f4 patman: Check patches in parallel
For large series this can take a while. Run checkpatch in parallel to
try to reduce the time. The checkpatch information is still reported in
sequential order, so a very slow patch at the start can still slow
things down. But overall this gives good results.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
27409e35d5 patman: Run get_maintainer.pl in parallel
This script can take ages on some series. Try to limit the time by
using threads. If a few stubborn patches remain, show progress so the
user has some idea what is going on.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
c524cd6139 patman: Refactor MakeCcFile() into two functions
This function is quite long. Moving the handling of a commit into a
separate function. This will make it easier to do the work in parallel.

Update function comments while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
98bc0b48bd patman: Drop an incorrect comment about git am
Patman does not do this anymore, as of this commit:

   7428dc14b0 ("patman: Remove the -a option")

Drop the comment.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
2023-03-08 13:15:14 -08:00
Simon Glass
6608acb29d doc: Add notes on how to install patman and binman
These can be installed with 'pip' now. Add the details for those who are
interested.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:56 -08:00
Simon Glass
ada5e2f978 binman: Add support for building a binmanu PyPi package
Create the necessary files to build this new package.

It is not actually clear whether this is useful, since buildman has no
purpose outside U-Boot.

Move the main program into a function so that it can easily be called by
the PyPi-created script.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:56 -08:00
Simon Glass
8de6adbf4a binman: Use importlib to find the help
Use this function so that the help can be found even when binman is
running from a package.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:56 -08:00
Simon Glass
94bb5cd2f9 binman: Hide the 'test' command unless test code is available
It doesn't make much sense to expose tests when dtoc is running
outside of the U-Boot git checkout. Hide the option in this case.

Fix a long line while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:56 -08:00
Simon Glass
952a61adb4 binman: Move the main code into a function
Put this code into a function so it is easy for it be run when packaged.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
77b3ccb89a dtoc: Add support for building a dtoc PyPi package
Create the necessary files to build this new package.

This is needed for binman.

Move the main program into a function so that it can easily be called by
the PyPi-created script.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
1688d6ca0e dtoc: Use pathlib to find the test directory
Update this so that the directory being used is declared at the top of
the file. Use pathlib as it seems to be more modern.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
b3f5474077 dtoc: Move the main code into a function
Put this code into a function so it is easy for it be run when packaged.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
ab9272b804 dtoc: Hide the test options unless test code is available
It doesn't make much sense to expose tests when dtoc is running
outside of the U-Boot git checkout. Hide the option in this case.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
0de2ffe717 buildman: Add support for building a buildman PyPi package
Create the necessary files to build this new package.

It is not actually clear whether this is useful, since buildman has no
purpose outside U-Boot. It is included for completeness, since adding
this later would be more trouble.

Move the main program into a function so that it can easily be called by
the PyPi-created script.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
d85f7909f8 buildman: Use importlib to find the help
Use this function so that the help can be found even when buildman is
running from a package.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
8dd7be7e28 buildman: Fix use of a type as a variable
Using 'str' as a variable makes it impossible to use it as a type in the
same function. Fix this by using a different name.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
5cfb73b590 buildman: Hide the test options unless test code is available
It doesn't make much sense to expose tests when buildman is running
outside of the U-Boot git checkout. Hide the option in this case

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
793aa17619 buildman: Move the main code into a function
Put this code into a function so it is easy for it be run when packaged.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
30eb11ae04 patman: Add support for building a patman PyPi package
Create the necessary files to build this new package.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
a545dc1db9 patman: Avoid importing test_checkpatch before it is needed
Tests are not packaged with patman so this file will not be accessible
when installing with pip. Move the import later in the file, when we
know the file is present.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
75554dfac2 patman: Add support for building a u_boot_tools PyPi package
Create the necessary files to build this new package.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
4583c00236 patman: Move library functions into a library directory
The patman directory has a number of modules which are used by other tools
in U-Boot. This makes it hard to package the tools using pypi since the
common files must be copied along with the tool that uses them.

To address this, move these files into a new u_boot_pylib library. This
can be packaged separately and listed as a dependency of each tool.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
00290d6a5b Remove concurrencytest
While our version is better, it is tricky to use it when we are trying
to package things with pip. Drop it.

Somewhat reduced functionality is provided by the upstream version[1],
along with a rather annoying message each time it is used[2] [3].

[1] pip install concurrencytest
[2] https://github.com/cgoldberg/concurrencytest/issues/12
[3] https://github.com/cgoldberg/concurrencytest/pull/14

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
6811fea705 Revert "patman: test_util: Print test stdout/stderr within test summaries"
Unfortunately this adds a new feature to concurrencytest and it has not
made it upstream to the project[1].

Drop it for now so we can use the upstream module. Once it is applied we
can bring this functionality back.

[1] https://github.com/cgoldberg/concurrencytest

This reverts commit ebcaafcded.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
7c4027af48 binman: Avoid unwanted output in testFitFirmwareLoadables()
This prints a message about the missing tee-os generated by the test. This
is confusing, so suppress it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
fe7e9245c5 binman: Make the tooldir configurable
Add a command-line argument for setting the tooldir, so that the default
can be overridden. Add this directory to the toolpath automatically.
Create the directory if it does not already exist.

Put the default in the argument parser instead of the class, so that it
is more obvious.

Update a few tests that expect the utility name to be provided without
any path (e.g. 'futility'), so they can accept a path, e.g.
/path/to/futility

Update the documentation and add a few tests.

Improve the help for --toolpath while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
932e40d0b5 binman: Use a private directory for bintools
At present binman writes tools into the ~/bin directory. This is
convenient but some may be concerned about downloading unverified
binaries and running them. Place then in a special ~/.binman-tools
directory instead.

Mention this in the documentation.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2023-03-08 11:40:49 -08:00
Simon Glass
00f674db2d binman: Move the tools directory into the Bintool class
We want to be able to change this directory. Use a class member to hold
the value, since changing a constant is not good.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:40:49 -08:00
Simon Glass
fbb0e48032 binman: Update bintools documentation
This was not regenerated with recent changes. Update it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
6569cb8e1f binman: Correct an 'aot' typo
Fix this typo.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
bfb708ad99 buildman: Add a flag for reproducible builds
This is quite a useful thing to use when building since it avoids small
size changes between commits. Add a -r flag for it.

Also undefine CONFIG_LOCALVERSION_AUTO since this appends the git hash
to the version string, causing every build to be slightly different.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
93202d72d7 buildman: Support disabling LTO
This cuts down build performance considerably and is not always needed,
when checking for build errors, etc.

Add a flag to disable it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
cd37d5bccf buildman: Write out the build command used
It is sometimes useful to see the exact 'make' command used by buildman
for a commit. Add an output file for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
5a93c15743 buildman: Add a note about the out-env file
This file holds the environment used when doing a build. Add a note
about it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Jonas Karlman
e389d445c7 binman: Use correct argument name in docstrings
Use correct argument name in docstrings.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Jonas Karlman
dd4bdad4c1 binman: Fix spelling of nodes in code comments
Replace notes with nodes in code comments and docstrings.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Jonas Karlman
cbe429bc97 binman: Remove redundant SetAllowFakeBlob from blob-ext entry
Entry_blob_ext contains an implementation of SetAllowFakeBlob that is
identical to the one in the base Entry class, remove it.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
9dbb02b9d1 binman: Support marking FMAP areas as preserved
Add an entry flag called 'preserve' to indicate that an entry should be
preserved by firmware updates. Propagate this to FMAP too.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Simon Glass
139c464c2a binman: Avoid requiring a home directory on startup
This is needed to download tools, but we may not need to do this. At
present binman fails to start if HOME is not set.

Use the current directory as a default to avoid this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-03-08 11:38:48 -08:00
Ralph Siemsen
abe2a16aa5 tools: binman: minor formatting fix in docs
This should fix a rendering oddity when viewing the docs online at
https://u-boot.readthedocs.io/en/latest/develop/package/binman.html

Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-03-01 11:22:40 -07:00
Pali Rohár
3a521f0867 tools: kwbimage: Add support for creating an image with no data
This change add support for mkimage's -s option to kwbimage format. It will
create an kwbimage with empty data part of image (data part would contain
only required 32-bit checksum). mkimage's -s option is indicated by skipcpy
flag and it is basically in conflict with mkimage's -d (datafile) option.

"Empty" kwbimage with no data can still contain headers. For example it can
contain binary executable header which is copied by BootROM into L2SRAM.
This is useful for example for small images which can do not require DDR
RAM and can be run in L2SRAM (which do not require any initialization).

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
b07965b8a9 tools: mkimage: Do not try to open datafile when it is skipped
When mkimage was instructed to skip datafile via option -s then do not try
to validate or open datafile as it does not have to exist or to be
specified via -d option.

This change allows to use -s option for skipping datafile when -d option
for datafile was not specified.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
2f6855a6aa tools: mkimage: Print human readable error when -d is not specified
When asking mkimage to create a new image file and option -d is not
specified then mkimage show human unfriendly error message:

  mkimage: Can't open (null): Bad address

Without debugger it is hard to debug what is the issue. Function open() is
being called with file name set to NULL. So add a check for this and if it
happens then show human readable message that option -d was not specified.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
cccc5b4f3d tools: kwbimage: Add support for XIP SPI/NOR images
Marvell BootROM can execute SPI images directly from NOR (either SPI/serial
or parallel) without copying them to DDR RAM. This is know at XIP - execute
in place. To achieve that, destination address in kwbimage must be set to
0xFFFFFFFF and execute address to the offset in bytes from the beginning of
NOR memory.

Kirkwood and Dove which use kwbimage v0 format and have SPI address space
mapped to physical memory at 0xE8000000-0xEFFFFFFF by BootROM.

Armada SoCs use kwbimage v1 format and have SPI address space mapped to
physical memory at 0xD4000000-0xD7FFFFFF and Device bus address space (used
for parallel NOR) at 0xD8000000-0xDFFFFFFF.

Add support for generating XIP kwbimages by mkimage -x flag and mark xflag
as valid option in kwbimage.c.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
27670acaac tools: mkimage: Do not fill legacy_img_hdr for non-legacy XIP images
Skip filling legacy_img_hdr structure for XIP images which do not use
legacy_img_hdr structure header. Adding unwanted header to other image
formats, like kwbimage cause generation of broken image.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
9b4531f685 tools: kwbimage: Fix invalid secure boot header signature
Secure boot header signature is calculated from the image header with
zeroed header checksum. Calculation is done in add_secure_header_v1()
function. So after calling this function no header member except
main_hdr->checksum can be modified. Commit 2b0980c240 ("tools: kwbimage:
Fill the real header size into the main header") broke this requirement as
final header size started to be filled into main_hdr->headersz_* members
after the add_secure_header_v1() call.

Fix this issue by following steps:
- Split header size and image data offset into two variables (headersz and
  *dataoff).
- Change image_headersz_v0() and add_binary_header_v1() functions to return
  real (unaligned) header size instead of image data offset.
- On every place use correct variable (headersz or *dataoff)

After these steps variable headersz is correctly filled into the
main_hdr->headersz_* members and so overwriting them in the end of the
image_create_v1() function is not needed anymore. Remove those overwriting
which effectively reverts changes in problematic commit without affecting
value in main_hdr->headersz_* members and makes secure boot header
signature valid again.

Fixes: 2b0980c240 ("tools: kwbimage: Fill the real header size into the main header")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
bf78a57e9a tools: kwbimage: Fix generating secure boot data image signature
Secure boot data image signature is calculated from the data image without
trailing 4-bit checksum. Commit 37cb9c15d7 ("tools: kwbimage: Simplify
aligning and calculating checksum") unintentionally broke this calculation
when it increased payloadsz variable by 4 bytes which was propagated also
into the add_secure_header_v1() function. Fix this issue by decreasing size
of buffer by 4 bytes from which is calculated secure boot data image
signature.

Fixes: 37cb9c15d7 ("tools: kwbimage: Simplify aligning and calculating checksum")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
39c78724f4 tools: kwbimage: Rename imagesz to dataoff
Variable imagesz in functions image_create_v0(), image_create_v1() and
kwbimage_set_header() stores offset to data from the beginning of the main
header. So it is not image size.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
dd13ac5495 tools: kwbimage: Simplify add_secure_header_v1()
To make add_secure_header_v1() function more readable, call it directly
with arguments: header pointer with header size and data image pointer with
data image size. No functional change.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
443894a821 tools: kwbimage: Print image data offset when printing kwbimage header
For all images except SATA is data offset in bytes. For SATA it is in LBA
format (number of sectors). This is how Marvell BootROM interprets it.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
63cf0d7267 tools: kwbimage: Print binary image offset as size
Use for it pretty print function: genimg_print_size(). This makes it more
human readable, like other offset and sizes printed by this tool.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
0a3a392c71 tools: kwbimage: Add support for dumping NAND_BLKSZ for v0 images
In Dove functional specification, which use kwbimage v0, is also defined
nand block size field. So dump NAND_BLKSZ also for v0 images.

In Kirkwood functional specification, which also use kwbimage v0, this
field is not defined. So when it is zero and Kirkwood is detected, do not
dump it.

Fixes: f76ae2571f ("tools: kwbimage: Add support for dumping extended and binary v0 headers")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
0201244c3c tools: kwbimage: Reject mkimage -F option
mkimage -F option (re-sign existing FIT image) signaled by fflag is not
supported by kwbimage. So mark its usage as invalid parameter.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
9f39f19926 tools: kwbimage: Fix endianity when printing kwbimage header
All fields in kwbimage header are in little endian format.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
ee3da92d85 tools: kwbimage: Fix generating of kwbimage v0 header checksum
Checksum for v0 image must be generated after filling all fields in the
main header. Otherwise it would be invalid.

Exactly same problem for v1 images was already fixed in the past in commit
9203c73895 ("tools: kwbimage: Fix checksum calculation for v1 images").

Fixes: 5c61710c98 ("tools: kwbimage: Properly set srcaddr in kwbimage v0")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
226abde867 tools: kwbimage: Fix dumping NAND_BLKSZ
kwbimage nandblocksize field is in 64 kB unit, but NAND_BLKSZ command
expects it in bytes. So do required unit conversion.

Also zero value in nandblocksize field has special meaning. When this field
is set to zero, the default block size is used. This default size is
defined by the NAND flash page size (16 KB for a 512B page or small page
NAND and 64 KB for a large page NAND flash).

Fixes: 1a8e6b63e2 ("tools: kwbimage: Dump kwbimage config file on '-p -1' option")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
e060779e59 tools: kwbimage: Fix dumping NAND_BADBLK_LOCATION
Value 0x0 for NAND_BADBLK_LOCATION/nandbadblklocation means that BBI is on
the first or second page and value 0x1 means that BBI is on the last page.
This indicates also NAND Flash Technology, value 0x0 is SLC NAND and value
0x1 is MLC NAND.

Therefore we need to dump NAND_BADBLK_LOCATION also when it is zero.

Note that in v0 images, nandbadblklocation field overlaps with ddrinitdelay
field in one union. ddrinitdelay is used in Kirkwood and nandbadblklocation
is used in Dove. For Dove images is_v0_ext should be set, so use it to
distinguish if nandbadblklocation is available or not. In v1 images there
is always nandbadblklocation field.

Fixes: 1a8e6b63e2 ("tools: kwbimage: Dump kwbimage config file on '-p -1' option")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
aab9b063b5 tools: kwbimage: Fix endianity when dumping NAND_PAGE_SIZE
Fixes: 1a8e6b63e2 ("tools: kwbimage: Dump kwbimage config file on '-p -1' option")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
908801dcfe tools: kwbimage: Fix dumping register set / DATA commands
Upper-bound for iterating for-loop over register set entries is incorrect.
Fix it byt calculating correct number of entries.

And fix also dumping the last entry DATA_DELAY, which is the last and not
first (zero).

Fixes: 1a8e6b63e2 ("tools: kwbimage: Dump kwbimage config file on '-p -1' option")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
5b039dced3 tools: kwboot: Show image type and error parsing reasons
Show image type and version during parsing of kwbimage.
And show reasons in error messages when parsing failed.
This can help to debug issues with invalid images.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
7bfc15efa7 tools: kwboot: Fix patching of SPI/NOR XIP images
Marvell BootROM interprets execaddr of SPI/NOR XIP images as relative byte
offset from the from the beginning of the flash device. So if data image
offset and execute offset are not same then it is needed to adjust them
also in DDR RAM.

Fixes: f2c644e0b8 ("tools: kwboot: Patch destination address to DDR area for SPI image")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
a190667b11 tools: kwboot: Add check that kwbimage contains DDR init code
Some NOR images may be execute-in-place and do not contain DDR init code in
its kwbimage header. Such images cannot be booted over UART as BootROM
loads them to RAM. Add check that kwbimage contains DDR init code in its
header (either as binary code header or as the simple register-value set).

In some cases it is possible to load very small image into L2SRAM and when
DDR init code is not required. So check for L2SRAM load address and skip
DDR init code check in this case.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
53ee6ec827 tools: kwboot: Validate optional kwbimage v1 headers
Before starting parsing of kwbimage, first validate that all optional v1
headers and correct. This prevents kwboot crashes on invalid input.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
7665ed2fa0 tools: kwboot: Fix parsing UART image without data checksum
The 32-bit data checksum in UART image is not checked by the BootROM and
also Marvell tools do not generate it.

So if data checksum stored in UART image does not match calculated checksum
from the image then treat those checksum bytes as part of the executable
image code (and not as the checksum) and for compatibility with the rest of
the code manually insert data checksum into the in-memory image after the
executable code, without overwriting it.

This should allow to boot UART images generated by Marvell tools.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
fa03279e19 tools: kwboot: Add image type documentation
Add information of all available image types and where they should be
stored. Storage location offsets where documented from the disassembly of
the A385 BootROM image dump.

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
29b92bb790 tools: kwboot: Add more documentation references
Add reference to Avanta Boot Flow documentation, BobCat2, AlleyCat3 and
PONCat3 BootROM Firmware documentation and links to public Marvell tools:
hdrparser.c and doimage.c

Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
e1c4ed57d5 tools: kwboot: Fix parsing SATA kwbimage
Despite the official specification, Marvell BootROM does not interpret
srcaddr from SATA image as number of sectors the beginning of the hard
drive, but as number of sectors relative to the main header.

To parse SATA kwbimage in the same way as Marvell BootROM, it is needed to
interpret srcaddr as relative offset to the main header. This change fixes
loading of SATA images via kwboot over UART.

Fixes: 792e423550 ("tools: kwboot: Patch source address in image header")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
954c94aacc tools: kwbimage: Fix generating, verifying and extracting SATA kwbimage
Despite the official specification, Marvell BootROM does not interpret
srcaddr from SATA image as number of sectors the beginning of the hard
drive, but as number of sectors relative to the main header.

The main header is stored at absolute sector number 1. So do not add or
subtract it when calculating with relative offsets to the main header.

Fixes: 501a54a29c ("tools: kwbimage: Fix generation of SATA, SDIO and PCIe images")
Fixes: 5c61710c98 ("tools: kwbimage: Properly set srcaddr in kwbimage v0")
Fixes: e0c243c398 ("tools: kwbimage: Validate data checksum of v1 images")
Fixes: aa6943ca31 ("kwbimage: Add support for extracting images via dumpimage tool")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
8562a1c6a4 tools: kwboot: Fix parsing SDIO kwbimage
Despite the official specification, Marvell BootROM does not interpret
srcaddr from SDIO image as offset in number of sectors (like for SATA
image), but as offset in bytes (like for all other images except SATA).

To parse SDIO kwbimage in the same way as Marvell BootROM, it is needed to
interpret srcaddr in bytes. This change fixes loading of SDIO images via
kwboot over UART.

Fixes: 792e423550 ("tools: kwboot: Patch source address in image header")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Pali Rohár
14b866e6d6 tools: kwbimage: Fix generating, verifying and extracting SDIO kwbimage
Despite the official specification, Marvell BootROM does not interpret
srcaddr from SDIO image as offset in number of sectors (like for SATA
image), but as offset in bytes (like for all other images except SATA).

To generate SDIO kwbimage compatible with Marvell BootROM, it is needed to
have srcaddr in bytes. This change fixes SDIO images for Armada 38x SoCs.

Fixes: 501a54a29c ("tools: kwbimage: Fix generation of SATA, SDIO and PCIe images")
Fixes: 5c61710c98 ("tools: kwbimage: Properly set srcaddr in kwbimage v0")
Fixes: e0c243c398 ("tools: kwbimage: Validate data checksum of v1 images")
Fixes: aa6943ca31 ("kwbimage: Add support for extracting images via dumpimage tool")
Signed-off-by: Pali Rohár <pali@kernel.org>
2023-03-01 06:39:17 +01:00
Jagan Teki
826d0484f0 rockchip: mkimage: Add rk3588 support
Add support for rk3588 package header in mkimage tool.

Signed-off-by: Jagan Teki <jagan@edgeble.ai>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
2023-02-28 18:07:27 +08:00
Jonas Karlman
40389c2a46 binman: Mark mkimage entry missing when its subnodes is missing
Using the mkimage entry with the multiple-data-files prop and having a
missing external blob result in an unexpected ValueError exception using
the --allow-missing flag.

  ValueError: Filename 'missing.bin' not found in input path (...)

Fix this by using _pathname that is resolved by ObtainContents for blob
entries, ObtainContents also handles allow missing for external blobs.

Mark mkimage entry as missing and return without running mkimage when
missing entries is reported by CheckMissing.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
2023-02-28 18:07:26 +08:00
Jonas Karlman
5fc5a840d4 rockchip: mkimage: Update init size limit for RK3568
The current init size limit of 76KiB is too big to fit in the 64KiB SRAM
on RK3568, sync init size limit from vendor u-boot to fix this.

Set init size limit to 60KiB (-16KiB) for RK3568.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
2023-02-28 18:07:26 +08:00
Jonas Karlman
ed8d098300 rockchip: mkimage: Update init size limit for RK3328
Latest vendor TPL for RK3328 has grown past the current init size limit
of 28KiB, sync the init size limit from vendor u-boot to fix this.

Set init size limit to 30KiB (+2KiB) for RK3328.

This makes it possible to use latest vendor TPL on RK3328 without
getting a size limit error running the mkimage command.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
2023-02-28 18:07:26 +08:00
Jonas Karlman
05b978be5f binman: Add support for a rockchip-tpl entry
The rockchip-tpl entry can be used when an external TPL binary should be
used instead of the normal U-Boot TPL.

Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Tested-by: Eugen Hristev <eugen.hristev@collabora.com>
2023-02-28 18:07:26 +08:00
Tom Rini
5b197eee33 Prepare v2023.04-rc3
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmP9LHYACgkQFHw5/5Y0
 tyw3Ogv+IhcqqlK1MpF6me6j0nyZpl5Vc29J+ghO8xPr/nzEhlcq8HUcBdM8QaEd
 3oMkD6m6HsZMWjrz/eWM5Oa742j/yqfbr+6H7NwFutyNOQ/aIrCoD9fbAzszd2ii
 fANFn0vftOApnqn0dHXqodam31+MrOWnffcz2jyJXvhwcFxYDcv5yboFsFA5GVtA
 5l3ko8PGaRp/RwNAqMlEWX3DgXWKjglIo+yiyntJqh3HJ+t3BMlwIrhq1NdWQxPk
 M3K5znl836bb10ULXeItGMtdlPviqRKzqqgy6HgVU/66qaoJUFzdL0kyydWqR/Zv
 5XrFvvyYT9go3IA6mnZmNsO4/L/lEUEOXRsQWoPxW/QROuNtltuEpxwjmg+pDLlr
 9uV/ZdEGtHj/fEPEs6BdslnrQmGGA0akzBh85jcofE8Lm7+7RB1uIj9hUrOub4Qr
 DKQHUORVmu3qVOQgK03VIHBg43figMCEU4voZbuFeVUdXC6FQHpQrxSxL7uemrvW
 Cg8/Hyrc
 =PwNP
 -----END PGP SIGNATURE-----

Merge tag 'v2023.04-rc3' into next

Prepare v2023.04-rc3
2023-02-27 17:28:21 -05:00
Tom Rini
7a826ded4a Dockerfile: Add missing "chmod" of u-boot-gen-combined
I had added this line locally, rebuild the image, but didn't ensure that
I had committed the correct version of the patch as well.

Fixes: 75b031ee4a ("Dockerfile: download binaries for Nokia RX-51")
Signed-off-by: Tom Rini <trini@konsulko.com>
2023-02-27 17:18:51 -05:00
Heinrich Schuchardt
ed319bad22 Dockerfile: build qemu for Nokia n900
Using a pre-built QEMU saves a lot of time when testing.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2023-02-24 11:54:44 -05:00
Heinrich Schuchardt
75b031ee4a Dockerfile: download binaries for Nokia RX-51
Downloading files for a test may fail if the server is offline.
It is preferable to provide the files in our Docker image.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2023-02-24 11:54:44 -05:00
Rick Chen
7574b6476a riscv: binman: Add help message for missing blobs
Add the 'missing-msg' for more detailed output
on missing system firmware.

Signed-off-by: Rick Chen <rick@andestech.com>
Reviewed-by: Leo Yu-Chi Liang <ycliang@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>
2023-02-17 19:07:48 +08:00
Simon Glass
48be546b70 checkpatch: Add a warning for pre-schema driver model tags
Help ensure that these don't creep into development by adding a check in
checkpatch for them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-02-14 09:43:27 -07:00
Simon Glass
0a06d71061 dm: doc: Move to new driver model schema
Now that Linux has accepted these tags, update the dtoc tool to use them.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-02-14 09:43:27 -07:00
Simon Glass
e316fbabbf dm: treewide: Complete migration to new driver model schema
Update various build and test components to use the new schema.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-02-14 09:43:27 -07:00
Simon Glass
193d3dbd45 binman: Show the image name for the top-level section
At present we show 'main section' as the top-level section name. It may
be more helpful to show the actual image name. This is tricky because
Image is a parent class of Entry_section, so there is no distinction
between an image and a section.

Update it to show the image name.

Signed-off-by: Simon Glass <sjg@chromium.org>
2023-02-12 17:33:51 -07:00
Tom Rini
16bf3b6f8f CI, Docker: Update to Jammy 2023016 tag
Move to the latest tag for "Jammy" and rebuild the containers.

Signed-off-by: Tom Rini <trini@konsulko.com>
2023-02-11 12:22:35 -05:00