Move BinmanLogging reference tag after section "Signing FIT container
with private key in an image" and just before section "Logging".
Fixes: 0f40e23fd2 ("binman: add documentation for binman sign option")
Signed-off-by: Massimo Pegorer <massimo.pegorer+oss@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This platform is behind on migrations (it is the sole user of the oldest
legacy version of the USB gadget stack and is long overdue for
migration) and with Pali no longer being a maintainer, we remove this
platform.
Signed-off-by: Tom Rini <trini@konsulko.com>
The affected boards have been fixed, so drop this hack.
This reverts commit 288ae53cb7.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Tim Harvey <tharvey@gateworks.com>
Display the STMicroelectronics logo with features VIDEO_LOGO and
SPLASH_SCREEN on STMicroelectronics boards.
With CONFIG_SYS_VENDOR = "st", the logo st.bmp is selected, loaded at the
address indicated by splashimage and centered with "splashpos=m,m".
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Some boards use a MAINTAINERS entry to specify common files without
referencing any defconfigs. This is allowed and should not result in a
warning.
Drop the warning in this case.
Signed-off-by: Simon Glass <sjg@chromium.org>
Recent refactoring changed buildman to continue operation after fetching
a toolchain. Fix this.
Fixes: b868064652 ("bulidman: Move toolchain handling to a function")
Signed-off-by: Simon Glass <sjg@chromium.org>
Add test for the 'xilinx-bootgen' etype
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Allow missing bootgen tool; comment testXilinxBootgenMissing() comment:
Signed-off-by: Simon Glass <sjg@chromium.org>
This adds a new etype 'xilinx-bootgen'. By using this etype it is
possible to created an signed SPL (FSBL in Xilinx terms) for
ZynqMP boards.
The etype uses Xilinx Bootgen tools in order to transform the SPL into
a bootable image and sign the image with a given primary and secondary
public key. For more information to signing the FSBL please refer to the
Xilinx Bootgen documentation.
Here is an example of the etype in use:
spl {
filename = "boot.signed.bin";
xilinx-bootgen {
pmufw-filename = "pmu-firmware.elf";
psk-key-name-hint = "psk0";
ssk-key-name-hint = "ssk0";
auth-params = "ppk_select=0", "spk_id=0x00000000";
u-boot-spl-nodtb {
};
u-boot-spl-dtb {
};
};
};
For this to work the hash of the primary public key has to be fused
into the ZynqMP device and authentication (RSA_EN) has to be set.
For testing purposes: if ppk hash check should be skipped one can add
the property 'fsbl_config = "bh_auth_enable";' to the etype. However,
this should only be used for testing(!).
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add the Xilinx Bootgen as bintool. Xilinx Bootgen is used to create
bootable SPL (FSBL in Xilinx terms) images for Zynq/ZynqMP devices. The
btool creates a signed version of the SPL. Additionally to signing the
key source for the decryption engine can be passend to the boot image.
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>
This patch converts magic and version fields of ghf common header
to one field with the type of uint32_t to make this header flexible
for futher updates.
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Three boards use a phandle in a FIT generator and the maintainer is
away. For now, add a hack to allow this.
Signed-off-by: Simon Glass <sjg@chromium.org>
This provides support for phandles to be copied over from templates. This
is not quite safe, since if the template is instantiated twice (i.e. in
two different nodes), then duplicate phandles will be found. This will
result in an error.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is not necessary to keep templates around after they have been
processed. They can cause confusion and potentially duplicate phandles.
Remove them.
Use the same means of detecting a template node in _ReadImageDesc so that
the two places are consistent.
Signed-off-by: Simon Glass <sjg@chromium.org>
Allow phandles to be copied over from a template. This can potentially
cause duplicate phandles, so detect this and report an error.
Signed-off-by: Simon Glass <sjg@chromium.org>
Show the operations being performed, when debugging is enabled.
Convert a mistaken 'print' in test_copy_subnodes_from_phandles() while we
are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Without the 'dirty' flag properties are not written back to the
devicetree when synced. This means that new properties copied over to a
node are not always written out.
Fix this and add a test.
Signed-off-by: Simon Glass <sjg@chromium.org>
This file aids debugging when binman fails to get far enough to write out
the final devicetree file. Write it immediate after template processing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Show the filename next to the node path in missing blob help messages,
also show a generic missing blob message when there was no help message
for the help tag.
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
There is no blank line between last missing blob help message and the
header line for optional blob help messages.
Image 'simple-bin' is missing external blobs and is non-functional: atf-bl31
/binman/simple-bin/fit/images/@atf-SEQ/atf-bl31:
See the documentation for your board. You may need to build ARM Trusted
Firmware and build with BL31=/path/to/bl31.bin
Image 'simple-bin' is missing external blobs but is still functional: tee-os
/binman/simple-bin/fit/images/@tee-SEQ/tee-os:
See the documentation for your board. You may need to build Open Portable
Trusted Execution Environment (OP-TEE) and build with TEE=/path/to/tee.bin
Some images are invalid
With this a blank line is inserted to make the text more readable.
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Missing optional blobs was not reported for generated entries, e.g.
tee-os on rockchip targets. Implement a CheckOptional to fix this.
After this the following can be shown:
Image 'simple-bin' is missing optional external blobs but is still functional: tee-os
/binman/simple-bin/fit/images/@tee-SEQ/tee-os (tee-os):
See the documentation for your board. You may need to build Open Portable
Trusted Execution Environment (OP-TEE) and build with TEE=/path/to/tee.bin
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Print missing external blobs using error level and missing optional
external blobs using warning level. Also change to only print the header
line in color, red for missing and yellow for optional.
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Make it more clear that the missing external blob is optional in the
printed warning message.
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Make it a little bit more clear that it is U-Boot that should be built
with TEE=/path/to/tee.bin and not OP-TEE itself.
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Simon Glass <sjg@chromium.org>
Check if elf tools are available when running DecodeElf(). Also
remove superfuous semicolon at line ending.
Signed-off-by: Lukas Funke <lukas.funke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Revert part of patch to make binman test pass
Signed-off-by: Simon Glass <sjg@chromium.org>
This avoids having to maintain to defconfigs that are 99% equivalent.
The approach is to use binman to generate two flash images,
flash-pg1.bin and flash-pg2.bin. With the help of a template dtsi, we
can avoid duplicating the common binman image definitions.
Suggested-by: Andrew Davis <afd@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The underlying issue was fixed in the meantime. Also signing the U-Boot
proper fit image now works. Just supporting custom cert templates
remains a todo.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The default output directory is generally '../' in tests so we end up
trying to create '../.bm-work'. This does not work with azure, so update
these tests to use the temporary directory instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
In poking around it seems that many boards don't define a CONFIG_TARGET
Kconfig variable. This is not strictly necessary, but add an option to
buildman so these can be viewed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Change -D to mean --debug for consistency with other tools. This is not a
commonly used option, so the impact should be minimal.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is probably a little more efficient and it allows passing the object
to another function to write data. Convert config_out to use a string I/O
device.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move more of the argument-building code into this function. Fix a missing
assignment for out_rel_dir too.
Rename the function since it now builds all the arguments.
Signed-off-by: Simon Glass <sjg@chromium.org>
This variable has a different meaning in the outer scope. Use a different
name to avoid confusion, or bugs.
Signed-off-by: Simon Glass <sjg@chromium.org>