Commit graph

1154 commits

Author SHA1 Message Date
Michal Simek
ebe0f53f48 tools: mkimage: Use fstat instead of stat to avoid malicious hacks
The patch is fixing:
"tools: mkimage: Check if file is regular file"
(sha1: 56c7e80155)
which contains two issues reported by Coverity
Unchecked return value from stat and incorrect calling sequence where
attack can happen between calling stat and fopen.
Using pair in opposite order (fopen and fstat) is fixing this issue
because fstat is using the same file descriptor (FILE *).

Also fixing issue with:
"tools: mkimage: Add support for initialization table for Zynq and
ZynqMP" (sha1: 3b6460809c)
where file wasn't checked that it is regular file.

Reported-by: Coverity (CID: 154711, 154712)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2016-12-09 08:40:23 -05:00
Tom Rini
361a879902 Revert "Merge branch 'master' of git://www.denx.de/git/u-boot-microblaze"
This reverts commit 3edc0c2522, reversing
changes made to bb135a0180.
2016-12-09 07:56:54 -05:00
Michal Simek
37a2cf6f1a tools: mkimage: Use fstat instead of stat to avoid malicious hacks
The patch is fixing:
"tools: mkimage: Check if file is regular file"
(sha1: 56c7e80155)
which contains two issues reported by Coverity
Unchecked return value from stat and incorrect calling sequence where
attack can happen between calling stat and fopen.
Using pair in opposite order (fopen and fstat) is fixing this issue
because fstat is using the same file descriptor (FILE *).

Also fixing issue with:
"tools: mkimage: Add support for initialization table for Zynq and
ZynqMP" (sha1: 3b6460809c)
where file wasn't checked that it is regular file.

Reported-by: Coverity (CID: 154711, 154712)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Series-to: trini
Series-cc: u-boot
2016-12-08 09:23:48 +01:00
Simon Glass
a9401b2bc9 buildman: Rename do_build to config_only
This variable name is needlessly confusion. Adjust it to use a 'positive'
name instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-12-02 20:53:18 -07:00
Simon Glass
960421ecb3 buildman: Clean up odd characters on the terminal
At present buildman leaves behind a few characters during its progress
updates, which looks odd. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-12-02 10:37:47 -07:00
Simon Glass
b464f8e7de buildman: Squash useless output from -K
When using #define CONFIG_SOME_OPTION, the value it set to '1'. When using
defconfig (i.e. CONFIG_SOME_OPTION=y) the value is set to 'y'. This results
in differences showing up with -K. These differences are seldom useful.

Adjust buildman to suppress these differences by default.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-12-02 10:37:47 -07:00
Simon Glass
94d2ebe5bc buildman: Add documentation for CONFIG checking
The -K option is not mentioned in the README at present. Add some notes
to describe how this is used.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-12-02 10:37:47 -07:00
Simon Glass
b50113f373 buildman: Add an option to just create the config
Normally buildman does a full build of a board. This includes creating the
u-boot.cfg file which contains all the configuration options. Buildman uses
this file with the -K option, to show differences in effective configuration
for each commit.

Doing a full build of U-Boot just to create the u-boot.cfg file is wasteful.
Add a -D option which causes buildman to only create the configuration. This
is enough to support use of -K and can be done much more quickly (typically
5-10 times faster).

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-12-02 10:37:47 -07:00
Chris Packham
2611c05e84 tools/kwbimage: add DEBUG option
Offset 0x1 in the generated kwb image file is a set of flags, bit 0
enables debug output from the BootROM firmware.  Allow a DEBUG option in
the kwb configuration to request debug output from the BootROM firmware.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
2016-12-01 09:10:49 +01:00
Chris Packham
4bdb547978 tools/kwbimage: add BAUDRATE option
Offset 0x18 in some Marvell datasheets this field is redacted as
"reserved". This offset is actually a set of options and bits 2:0 allow
the selection of the UART baudrate.

Allow a BAUDRATE option to set the UART baudrate for any messages coming
from the BootROM firmware.

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
2016-12-01 09:10:43 +01:00
Tom Rini
4d6647ab17 Merge branch 'master' of git://www.denx.de/git/u-boot-imx 2016-11-30 09:57:52 -05:00
Tom Rini
6b29a395b6 Merge git://git.denx.de/u-boot-mpc85xx 2016-11-29 19:42:48 -05:00
Eric Nelson
e5491f3ef5 tools: imximage: display DCD block offset, length
These values can be used to sign a U-Boot image for use when
loading an image through the Serial Download Protocol (SDP).

Note that the address of 0x910000 is usable with the stock
configuration of imx_usb_loader on i.MX6 and i.MX7 SOCs:

https://github.com/boundarydevices/imx_usb_loader/blob/master/mx6_usb_work.conf#L3

Refer to the section on imx_usb_loader in this post for more
details:

https://boundarydevices.com/high-assurance-boot-hab-dummies/

Signed-off-by: Eric Nelson <eric@nelint.com>
2016-11-29 16:37:37 +01:00
Max Krummenacher
333ee16d04 tools/env: fix environment alignment tests for block devices
commit 183923d3e4 enforces that the
environment must start at an erase block boundary.

For block devices the sample fw_env.config does not mandate a erase block size
for block devices. A missing setting defaults to the full env size.

Depending on the environment location the alignment check now errors out for
perfectly legal settings.

Fix this by defaulting to the standard blocksize of 0x200 for environments
stored in a block device.
That keeps the fw_env.config files for block devices working even with that
new check.

Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
2016-11-28 15:10:36 -05:00
Andre Przywara
d0fc6dc5e9 tools/Makefile: suppress "which swig" error output
The Makefile in tools/ tries to find the "swig" utility by calling "which".
If nothing is found in the path, some versions of which will print an error
message:
$ make clean
which: no swig in (/usr/local/bin:/usr/bin:/bin)

This does not apply to all version of "which", though:
$ echo $0
bash
$ type which
which is aliased to `type -path'
$ which foo				<== this version is OK
$ /usr/bin/which foo			<== this one is chatty
/usr/bin/which: no foo in (/usr/local/bin:/usr/bin:/bin)
$ sh					<== make uses /bin/sh
sh-4.3$ which foo			<== no alias here
which: no foo in (/usr/local/bin:/usr/bin:/bin)

This error message is rather pointless in our case, since we just have
this very check to care for this. So add stderr redirection to suppress
the message.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-28 15:10:35 -05:00
York Sun
f33f3e07f3 tools/env: Correct include kconfig
While we move some config macros to Kconfig, kconfig header is needed
to avoid compiling error if not already included.

Signed-off-by: York Sun <york.sun@nxp.com>
2016-11-23 23:41:23 -08:00
Andrew Duda
83dd98e012 image: Combine image_sig_algo with image_sign_info
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA
pairings will still fail on verify operations when the hash length is
longer than the key length.

Follow the same naming scheme "checksum,crytpo" without explicitly
defining the string.

Indirectly adds support for "sha1,rsa4096" signing/verification.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:31 -05:00
Andrew Duda
0c1d74fda7 image: Add crypto_algo struct for RSA info
Cut down on the repetition of algorithm information by defining separate
checksum and crypto structs. image_sig_algos are now simply pairs of
unique checksum and crypto algos.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-21 14:07:31 -05:00
Michal Simek
56c7e80155 tools: mkimage: Check if file is regular file
Current Makefile.spl passes -R parameter which is not empty
and pointing to ./ folder.
"./tools/mkimage -T zynqmpimage -R ./"" -d spl/u-boot-spl.bin
spl/boot.bin"
That's why mkimage is trying to parse ./ file and generate
register init which is wrong.
Check that passed filename is regular file. If not do not work with it.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2016-11-15 15:27:45 +01:00
Mike Looijmans
3b6460809c tools: mkimage: Add support for initialization table for Zynq and ZynqMP
The Zynq/ZynqMP boot.bin file contains a region for register initialization
data. Filling in proper values in this table can reduce boot time
(e.g. about 50ms faster on QSPI boot) and also reduce the size of
the SPL binary.

The table is a simple text file with register+data on each line. Other
lines are simply skipped. The file can be passed to mkimage using the
"-R" parameter.

It is recommended to add reg init file to board folder.
For example:
CONFIG_BOOT_INIT_FILE="board/xilinx/zynqmp/xilinx_zynqmp_zcu102/reg.int

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2016-11-15 15:27:37 +01:00
Andre Przywara
d8c0d99e66 tools: fix mksunxiboot build for tools-all target
Commit fed329aebe ("tools: add mksunxiboot to tools-all target") added
mksunxiboot to the tools-all target, but used the CONFIG_SUNXI symbol
to enable its build. Now commit aec9a0f19f ("sunxi: Rename CONFIG_SUNXI
to CONFIG_ARCH_SUNXI"), merged before that, renamed that symbol, so that
the first patch basically gets ineffective.
Adjust the symbol name in tools/Makefile to make it build again.

Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2016-11-13 15:54:15 -05:00
Tomeu Vizoso
0f7c6cdc81 mkimage: Allow including a ramdisk in FIT auto mode
Adds -i option that allows specifying a ramdisk file to be added to the
FIT image when we are using the automatic FIT mode (no ITS file).

This makes adding Depthcharge support to LAVA much more convenient, as
no additional configuration files need to be kept around in the machine
that dispatches jobs to the boards.

Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Matt Hart <matthew.hart@linaro.org>
Cc: Neil Williams <codehelp@debian.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-11-06 07:33:42 -05:00
Tom Rini
e0f2406e73 buildman: Fix building based on 'options' field
The README for buildman says that we can use any field in boards.cfg to
decide what to build.  However, we were not saving the options field
correctly.

Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-11-06 07:33:41 -05:00
Peng Fan
2a380cccc2 tools: imximage: check return value when open the plugin file
Check return value when open the plugin file.

Coverity report:
** CID 153926:  Error handling issues  (NEGATIVE_RETURNS)
/tools/imximage.c: 542 in copy_plugin_code()

   ifd = open(plugin_file, O_RDONLY|O_BINARY);
>>>  CID 153926:  Error handling issues  (NEGATIVE_RETURNS)
>>> "ifd" is passed to a parameter that cannot be negative.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Reported-by: Coverity (CID: 153926)
Reviewed-by: Tom Rini <trini@konsulko.com>
2016-11-05 07:27:44 -04:00
Simon Glass
0cd82e255f mkimage: Fix missing free() in show_valid_options()
The allocated memory should be freed. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 150963)
Reviewed-by: Tom Rini <trini@konsulko.com>
2016-10-31 10:13:18 -04:00
Vagrant Cascadian
82bd2f29ea Fix spelling of "occur".
Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
Acked-by: Angelo Dureghello <angelo@sysam.it>
Reviewed-by: Simon Glass <sjg@chromium.org>
2016-10-31 10:13:16 -04:00
Stefan Brüns
fed329aebe tools: add mksunxiboot to tools-all target
mksunxiboot is useful outside of u-boot, it is e.g. used by sunxi-tools.

Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2016-10-30 11:38:04 +01:00
Jagan Teki
aec9a0f19f sunxi: Rename CONFIG_SUNXI to CONFIG_ARCH_SUNXI
CONFIG_SUNXI -> CONFIG_ARCH_SUNXI
and removed CONFIG_SUNIX from config_whitelist.txt

Cc: Simon Glass <sjg@chromium.org>
Cc: Ian Campbell <ijc@hellion.org.uk>
Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Jagan Teki <jteki@openedev.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2016-10-30 11:38:04 +01:00
Tom Rini
4f892924d2 Merge branch 'master' of git://www.denx.de/git/u-boot-imx
Signed-off-by: Tom Rini <trini@konsulko.com>

Conflicts:
	common/Kconfig
	configs/dms-ba16_defconfig
2016-10-28 11:12:03 -04:00
Masahiro Yamada
0dbc9b591a tools: moveconfig: support wildcards in --defconfigs file
Supporting shell-style wildcards for the --defconfigs option will be
useful to run the moveconfig tool against a specific platform.  For
example, "uniphier*" in the file passed by --defconfigs option will
be expanded to defconfig files that start with "uniphier".  This is
easier than listing out all defconfig files you are interested in.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
2016-10-24 08:04:42 -04:00
Peng Fan
b55e4f48db tools: imximage: add plugin support
Add plugin support for imximage.

Define CONFIG_USE_IMXIMG_PLUGIN in defconfig to enable using plugin.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Eric Nelson <eric@nelint.com>
Cc: Ye Li <ye.li@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2016-10-24 10:57:16 +02:00
Zhao Qiang
c5938c10ef pbl: use "wait" command instead of "flush" command
PBL flush command is restricted to CCSR memory space. So use WAIT
PBI command to provide enough time for data to get flush in
target memory.

Signed-off-by: Zhao Qiang <qiang.zhao@nxp.com>
[York Sun: rewrap commit message]
Reviewed-by: York Sun <york.sun@nxp.com>
2016-10-14 10:21:30 -07:00
York Sun
d5fe013cee tools: buildman: Add compiler wrapper
Now we can use compiler wrapper such as ccache or distcc for buildman.

Signed-off-by: York Sun <york.sun@nxp.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
York Sun
f40fa9b36f tools: buildman: Remove duplicated code
Signed-off-by: York Sun <york.sun@nxp.com>
CC: Simon Glass <sjg@chromium.org>
Fixed commit subject:
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
34c3889635 dtoc: Make integer division python 3.x safe
If we use the '/' operator then python 3.x will produce a float, and
refuse to multiply the string sequence in Conv_name_to_c by it with:

    TypeError: can't multiply sequence by non-int of type 'float'

Use the '//' operator instead to enforce that we want integer rather
than floating point division.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
c4c5f9eefb dtoc: Decode strings for struct.unpack on python 3.x
On python 3.x struct.unpack will complain if we provide it with a
string since it expects to operate on a bytes object. In order to
satisfy this requirement, encode the string to a bytes object when
running on python 3.x.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
4ae6549f8e dtoc: Use items() to iterate over dictionaries in python 3.x
In python 3.x the iteritems() method has been removed from dictionaries,
and the items() method does effectively the same thing. On python 2.x
using items() is a little less efficient since it involves copying data,
but as speed isn't a concern in the affected code switch to using
items() anyway for simplicity.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
f5d44b9bae patman: Fix doctest StringIO import for python 3.x
In python 3.x StringIO is no longer a module, and the class can instead
be found in the io module. Adjust the code in the doctest input to
account for both.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
c9eac38a25 patman: Use items() to iterate over dictionaries
In python 3.x the iteritems() method has been removed from dictionaries,
and the items() method does effectively the same thing. On python 2.x
using items() is a little less efficient since it involves copying data,
but as speed isn't a concern in this code switch to using items() anyway
for simplicity.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
2ce7b21e6c patman: Import 'configparser' lower case to be python 3.x safe
In python 3.x module names used in import statements are case sensitive,
and the configparser module is named in all lower-case. Import it as such
in order to avoid errors when running with python 3.x.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
ac3fde9394 patman: Make exception handling python 3.x safe
Syntax for exception handling is a little more strict in python 3.x.
Convert all uses to a form accepted by both python 2.x & python 3.x.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
a920a17b2f patman: Make print statements python 3.x safe
In python 3.x, print must be used as a function call. Convert all print
statements to the function call style, importing from __future__ where
we print with no trailing newline or print to a file object.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Paul Burton
12e5476df3 patman: Replace tabs with spaces
In preparation for running on python 3.x, which will refuse to run
scripts which mix tabs & spaces for indentation, replace 2 tab
characters present in series.py with spaces.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
3cb44ba80c dtoc: Add a way for tests to request the fallback library
We need to test both the normal (Python libfdt module) and fallback (fdtget)
implementations of the Fdt class. Add a way to select which implementation
to use.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
8828254cae dtoc: Adjust GetProps() in fdt_normal to use the node path
There is no need to pass a node path separately. Instead we should use the
path for the node provided. Correct this.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
0734b70c9c dtoc: Fix bug in GetProp()
This does not actually call fdtget correctly when requesting a particular
type. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
2880e6b5e2 buildman: Drop the 'alive' flag in BuilderThread
This is not used, so drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
2f2566482f buildman: Don't show a stacktrace on Ctrl-C
When Ctrl-C is pressed, just exited quietly. There is no sense in displaying
a stack trace since buildman will always be in the same place: waiting for
threads to complete building all the jobs on the queue.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
63781bd65e buildman: Drop the 'active' flag in the builder
This serves no real purpose, since when we are not active, we exit. Drop it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00
Simon Glass
d436e38189 buildman: Allow builds to terminate cleanly
It is annoying that buildman does not respond cleanly to Ctrl-C or SIGINT,
particularly on machines with lots of CPUS. Unfortunately queue.join()
blocks the main thread and does not allow it to see the signal. Use a
separate thread instead,

Signed-off-by: Simon Glass <sjg@chromium.org>
2016-10-09 09:30:32 -06:00