As per the centithread on ksummit-discuss [1], there are folks who
feel that if a Change-Id is present in a developer's local commit that
said Change-Id could be interesting to include in upstream posts.
Specifically if two commits are posted with the same Change-Id there's
a reasonable chance that they are either the same commit or a newer
version of the same commit. Specifically this is because that's how
gerrit has trained people to work.
There is much angst about Change-Id in upstream Linux, but one thing
that seems safe and non-controversial is to include the Change-Id as
part of the string of crud that makes up a Message-Id.
Let's give that a try.
In theory (if there is enough adoption) this could help a tool more
reliably find various versions of a commit. This actually might work
pretty well for U-Boot where (I believe) quite a number of developers
use patman, so there could be critical mass (assuming that enough of
these people also use a git hook that adds Change-Id to their
commits). I was able to find this git hook by searching for "gerrit
change id git hook" in my favorite search engine.
In theory one could imagine something like this could be integrated
into other tools, possibly even git-send-email. Getting it into
patman seems like a sane first step, though.
NOTE: this patch is being posted using a patman containing this patch,
so you should be able to see the Message-Id of this patch and see that
it contains my local Change-Id, which ends in 2b9 if you want to
check.
[1] https://lists.linuxfoundation.org/pipermail/ksummit-discuss/2019-August/006739.html
Signed-off-by: Douglas Anderson <dianders@chromium.org>
At present the symbol information is written to binaries just before
binman exits. This is fine for entries within sections since the section
contents is calculated when it is needed, so the updated symbol values are
included in the image that is written.
However some binaries are inside entries which have already generated
their contents and do not notice that the entries have changed (e.g. Intel
IFWI).
Move the symbol writing earlier to cope with this.
Signed-off-by: Simon Glass <sjg@chromium.org>
The Intel IFWI (Integrated Firmware Image) is effectively a section with
other entries inside it. Support writing symbol information into entries
within it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for the ProcessContents() method in this entry so that it is
possible to support entries which change after initial creation.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this class reads its entries in the constructor. This is not
how things should be done now. Update it.
Signed-off-by: Simon Glass <sjg@chromium.org>
The Intel FSP supports initialising memory early during boot using a binary
blob called 'fspm'. Add support for this.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is useful to be able to access the size of an image in SPL, with
something like:
binman_sym_declare(unsigned long, u_boot_any, size);
...
ulong u_boot_size = binman_sym(ulong, u_boot_any, size);
Add support for this and update the tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present these are large enough to hold 20 bytes of symbol data. Add
four more bytes so we can add another test.
Unfortunately at present this involves changing a few test files to make
room. We could adjust the test files to not specify sizes for entries.
Then we could make the tests check the actual sizes. But for now, leave it
as it is, since the effort is minor.
Signed-off-by: Simon Glass <sjg@chromium.org>
Entries which include a section and need to obtain its contents call
GetData(), as with any other entry. But the current implementation of this
method in entry_Section requires the size of the section to be known. If
it is unknown, an error is produced, since size is None:
TypeError: can't multiply sequence by non-int of type 'NoneType'
There is no need to know the size in advance since the code can be
adjusted to build up the section piece by piece, instead of patching each
entry into an existing bytearray.
Update the code to handle this and add a test.
Signed-off-by: Simon Glass <sjg@chromium.org>
Two of the test files somehow were not converted to three digits. Fix
them, using the next available numbers.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present we only support symbols inside binaries which are at the top
level of an image. This restrictions seems unreasonable since more complex
images may want to group binaries within different sections.
Relax the restriction, adding a new _SetupTplElf() helper function.
Also fix a typo in the comment for testTpl().
Signed-off-by: Simon Glass <sjg@chromium.org>
We use the Makefile for all ELF test files now, so drop all the code that
checks whether to get the test file from the Makefile or from the git
repo.
Also add a comment to the Makefile indicating that it is run from binman.
Signed-off-by: Simon Glass <sjg@chromium.org>
Remove this file from git and instead build it using the Makefile.
With this change a few things need to be adjusted:
1. The 'notes' section no-longer appears at the start of the ELF file
(before the code), so update testSymbols to adjust the offsets.
2. The dynamic linker is disabled to avoid errors like:
"Not enough room for program headers, try linking with -N"
3. The interpreter note is moved to the end of the image, so that the
binman symbols appear first.
Signed-off-by: Simon Glass <sjg@chromium.org>
Remove this file from git and instead build it using the Makefile.
Update tools.GetInputFilename() to support reading files from an absolute
path, so that we can read the Elf test files easily. Also make sure that
the temp directory is report in ELF tests as this was commented out.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the ELF test files are checked into the U-Boot tree. This is
covenient since the files never change and can be used on non-x86
platforms. However it is not good practice to check in binaries and in
this case it does not seem essential.
Update the binman test-file Makefile to support having source in a
different directory. Adjust binman to run it to build bss_data, as a
start. We can add other files as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this command silently fails if something goes wrong. Use the
tools.Run() function instead, since it reports errors.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present this entry does not work correctly when a FIT image is used as
the input. It updates the FIT instead of the output image. The test passed
because the FIT image happened to have the right data already.
Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
A Firmware Image Table (FIT) is a data structure defined by Intel which
contains information about various things needed by the SoC, such as
microcode.
Add support for this entry as well as the pointer to it. The contents of
FIT are fixed at present. Future work is needed to support adding
microcode, etc.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present these two sections of code are linked together into a single
2KB chunk in a single file. Some Intel SoCs like to have a FIT (Firmware
Interface Table) in the ROM and the pointer for this needs to go at
0xffffffc0 which is in the middle of these two sections.
Make use of the new 'reset' entry and change the existing 16-bit entry to
include just the 16-bit data.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present binman has a single entry type for the 16-bit code code needed
to start up an x86 processor. This entry is intended to include both the
reset vector itself as well as the code to move to 32-bit mode.
However this is not very flexible since in some cases other data needs to
be included at the top of the SPI flash, in between these two pieces. For
example Intel requires that a FIT (Firmware Image Table) pointer be placed
0x40 bytes before the end of the ROM.
To deal with this, add a new reset entry for just the reset vector. A
subsequent change will adjust the existing 'start16' entry.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the Intel IFWI entry uses 'replace' without the 'ifwi-' prefix.
This is a fairly generic name which might conflict with the main Entry
base class at some point, if more features are added. Add a prefix.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some versions of binutils generate hidden symbols which are currently not
parsed by binman. Correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Recent versions of binutils add a '.note.gnu.property' into the ELF file.
This is not required and interferes with the expected output. Drop it.
Also fix testMakeElf() to use a different file for input and output.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present if libfdt is not available binman can't do anything much.
Improve the situation a little.
Ideally there should be a test to cover this, but I'm not quite sure how
to fake this.
Signed-off-by: Simon Glass <sjg@chromium.org>
(fixed up missing ReadChildData() enty test)
It is more common to use the name 'cls' for the class object of a class
method, to distinguish it from normal methods, which use 'self' Update the
binman tests accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present tools are not expected to fail. If they do an exception is
raised but there is no detail about what went wrong. This makes it hard
to debug if something does actually go wrong.
Fix this by outputting both stderr and stdout on failure.
Signed-off-by: Simon Glass <sjg@chromium.org>
The doc currently uses sandbox_defconfig as examples of enabling
debug/verbose output of binman. However during a sandbox build it
does not call binman at all. Change it to qemu-x86_defconfig.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
- Rename existing FSP code to fsp1
- Add fsp2 directory in preparation to support FSP 2.0
- Various x86 platform codes update
- Various bug fixes and updates in dm core, sandbox and spl
We may not always be able to write to the default output directory so
have a temporary directory for our output be created.
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Stephen Warren <swarren@wwwdotorg.org>
Suggested-by: Stephen Warren <swarren@wwwdotorg.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
CONFIG_SECURE_BOOT is too generic and forbids to use it for cross
architecture purposes. If Secure Boot is required for imx, this means to
enable and use the HAB processor in the soc.
Signed-off-by: Stefano Babic <sbabic@denx.de>
The loader for the DDR firmware in drivers/ddr/imx/imx8m/helper.c uses a
4-byte-aligned address to load the firmware. In cases where OF is
enabled in SPL the dtb will be appended to the SPL binary and can result
in a binary that is not aligned correctly. If OF is not enabled in SPL,
`_end` is already aligned correctly, but this patch does not hurt.
To ensure the correct alignment we use dd to create a temporary file
u-boot-spl-pad.bin with the correct padding.
Reviewed-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Tested-by: Frieder Schrempf <frieder.schrempf@kontron.de>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The default CSF_SIZE defined in Kconfig is too high and SPL cannot
fit into the OCRAM in certain cases.
The CSF cannot achieve 0x2000 length when using RSA 4K key which is
the largest key size supported by HABv4.
According to AN12056 "Encrypted Boot on HABv4 and CAAM Enabled Devices"
it's recommended to pad CSF binary to 0x2000 and append DEK blob to
deploy encrypted boot images.
As the maximum DEK blob size is 0x58 we can reduce CSF_SIZE to 0x2060
which should cover both CSF and DEK blob length.
Update default_image.c and image.c to align with this change and avoid
a U-Boot proper authentication failure in HAB closed devices:
Authenticate image from DDR location 0x877fffc0...
bad magic magic=0x32 length=0x6131 version=0x38
bad length magic=0x32 length=0x6131 version=0x38
bad version magic=0x32 length=0x6131 version=0x38
spl: ERROR: image authentication fail
Fixes: 96d27fb218 (Revert "habv4: tools: Avoid hardcoded CSF size for SPL targets")
Reported-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Add the TechNexion's logo from their internal U-Boot tree.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Currently it's not possible to authenticate the U-Boot proper of
mx6ul_14x14_evk_defconfig target:
Authenticate image from DDR location 0x877fffc0...
bad magic magic=0x0 length=0x00 version=0x3
bad length magic=0x0 length=0x00 version=0x3
bad version magic=0x0 length=0x00 version=0x3
spl: ERROR: image authentication fail
Commit 0633e13478 ("imx: hab: Increase CSF_SIZE for i.MX6 and
i.MX7 devices") has increased CSF_SIZE to avoid a possible issue
when booting encrypted boot images.
Commit d21bd69b6e ("tools: mkimage: add firmware-ivt image type
for HAB verification") is hardcoding the CSF and IVT sizes, the
new CSF size is not being considered and u-boot-ivt.img fails to
boot.
Avoid hardcoded CSF and IVT size to fix this issue.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
In case CONFIG_SECURE_BOOT is enabled we need to limit the SPL size to
avoid a possible HAB failure event:
--------- HAB Event 1 -----------------
event data:
0xdb 0x00 0x14 0x42 0x33 0x22 0x33 0x00
0x00 0x00 0x00 0x0f 0x00 0x90 0x70 0x00
0x00 0x01 0x10 0x00
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ADDRESS (0x22)
CTX = HAB_CTX_TARGET (0x33)
ENG = HAB_ENG_ANY (0x00)
As explained in Commit 23612534fe ("spl: imx6: Provide a SPL_SIZE_LIMIT
default") the i.MX6 SPL size limit is 68KB.
The ROM code is copying the image size defined in boot data to its
respective load address, in case we exceed the OCRAM free region a
HAB invalid address failure event is generated.
The maximum CSF size is defined in CONFIG_CSF_SIZE, reduce SPL size
limit based on this configuration.
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Add missed break for HDMI entry.
And moving FIT parsing earlier, because it does not have parameter,
it will not runs into CFG_REG_SIZE.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
A large number of changes have happened upstream since our last sync
which was to 375506d. The reason to do the upgrade at this point is for
improved Python 3 support.
As part of this upgrade we need to update moveconfig.py and
genboardscfg.py the current API. This is:
- Change "kconfiglib.Config" calls to "kconfiglib.Kconfig"
- Change get_symbol() calls to syms.get().
- Change get_value() to str_value.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
We tell kconfiglib to not print any warnings to us so drop this code as
it will be unused.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Convert this tool to requiring Python 3. The bulk of this is done with
the 2to3 tool In addition, we need to use the '//' operator to have our
division result return an int rather than a float and ensure that we use
UTF-8 when reading/writing files.
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
The image-header currently sets it offset assuming that skip-at-start is
zero. This does not work on x86 where offsets end at 4GB. Add in this
value so that the offset is correct.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Bin Meng <bmeng.cn@gmail.com>