At present this function does not accept a size for the FIT. This means
that it must be read from the FIT itself, introducing potential security
risk. Update the function to include a size parameter, which can be
invalid, in which case fit_check_format() calculates it.
For now no callers pass the size, but this can be updated later.
Also adjust the return value to an error code so that all the different
types of problems can be distinguished by the user.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
The isAlive() method was deprecated in Python 3.8 and has been removed in
Python 3.9. See https://bugs.python.org/issue37804. Use is_alive() instead.
Since Python 2.6 is_alive() has been a synonym for isAlive(). So there
should be no problems for users using elder Python 3 versions.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
binman fixes support for symbols in sub-sections
support for additional cros_ec commands
various minor fixes / tweaks
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmAV6K8RHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreYERgf/QbwOL87yPbf9SyXBQ0EMTmn1ve9HCiv9
yeXrijvA0/wtTVoM44d/z7THb+7Zqw6LbsVOXUSicdGqaogy10xIuz5we0CoGJm6
iwYWV6kaAqjCxDTlSToGnR/TCjiOVgXC6u5QPCZC0LGbAmDbAl4jyCuQxxq2eXYD
hrLSzZPHDe0s2BeWZKRQJ26qyPfWIribXNJXG78/FsvDrdWPPc5K+/ZEb2IWawWR
nEZ8GTEYZpik/niEJ3gFozwCwpJQi3PyukjZvzTGn6tBqg12YXE4dbSzcj48Uj4o
prwUFAGKRR97zFB6c4+NUvd3VBUgPtPdZrtzZ1nNCppiMq1E4BKiDg==
=kijh
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-30jan21' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm
tpm fixes for coral
binman fixes support for symbols in sub-sections
support for additional cros_ec commands
various minor fixes / tweaks
The offset of an entry needs to be adjusted by its skip-at-start value.
This is currently missing when reading entry data. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
When packing files it is sometimes useful to align the start of each file,
e.g. if the flash driver can only access 32-bit-aligned data. Provides a
new property to support this.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present if a devicetree blob is included in a vblock it does not deal
with updates. This is because the vblock is created once at the start and
does not have a method to update itself later, after all the entry
contents are finalised.
Fix this by adjusting how the vblock is created.
Also simplify Image.ProcessEntryContents() since it effectively duplicates
the code in Section.ProcessContents().
Signed-off-by: Simon Glass <sjg@chromium.org>
Normally when an entry is created, any entry arguments it has are required
to be provided, so it can actually generate its contents correctly.
However when an existing image is read, Entry objects are created for each
of the entries in the image. This happens as part of the process of
reading the image into binman.
In this case we don't need the entry arguments, since we do not intend to
regenerate the entries, or at least not unless requested. So there is no
sense in reporting an error for missing entry arguments.
Add a new property for the Image to handle this case. Update the error
reporting to be conditional on this property.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present binman only supports resolving symbols in the same section as
the binary that uses it. This is quite limited because we often need to
group entries into different sections.
Enhance the algorithm to search the entire image for symbols.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present on large files, lz4 uses a larger block size (e.g. 256KB) than
the 64KB supported by the U-Boot decompression implementation. Also it is
optimised for maximum compression speed, producing larger output than we
would like.
Update the parameters to correct these problems.
Signed-off-by: Simon Glass <sjg@chromium.org>
Miscellaneous fixes in the mkeficapsule utility -- these include a few
resource leak issues flagged by Coverity along with some additional
code improvements suggested by Heinrich during code review.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Fill reserved members of efi_firmware_management_capsule_image_header
structure with zero's for safety.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: CID 316354
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UBI_IOCVOLUP ioctl can fail if exclusive access to the volume isn't
obtained. If this happens, the flush operation doesn't return error,
leaving the caller without knowledge of missing flush.
Fix this by forwarding the error (-1) from ubi_update_start().
Fixes: 34255b92e6 ("tools: env: Add support for direct read/write UBI volumes")
Signed-off-by: Martin Hundebøll <martin@geanix.com>
These commands were disabled when CONFIG_FIT_SIGNATURE is disabled, but
they do not depend on crypto support so they can be unconditionally
enabled.
Signed-off-by: Joel Stanley <joel@jms.id.au>
If CONFIG_FIT_CIPHER is enabled without CONFIG_FIT_SIGNATURE then
mkimage/dumpimage will fail to link:
/usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x10): undefined reference to `EVP_aes_128_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x40): undefined reference to `EVP_aes_192_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x70): undefined reference to `EVP_aes_256_cbc'
/usr/bin/ld: tools/lib/aes/aes-encrypt.o: in function `image_aes_encrypt':
aes-encrypt.c:(.text+0x22): undefined reference to `EVP_CIPHER_CTX_new'
/usr/bin/ld: aes-encrypt.c:(.text+0x6f): undefined reference to `EVP_EncryptInit_ex'
/usr/bin/ld: aes-encrypt.c:(.text+0x8d): undefined reference to `EVP_EncryptUpdate'
/usr/bin/ld: aes-encrypt.c:(.text+0xac): undefined reference to `EVP_CIPHER_CTX_free'
/usr/bin/ld: aes-encrypt.c:(.text+0xf2): undefined reference to `EVP_EncryptFinal_ex'
collect2: error: ld returned 1 exit status
Signed-off-by: Joel Stanley <joel@jms.id.au>
The propoerty sign-images points to images in the configuration
node. But thoses images may references severals "sub-images" (for
example for images loadable). This commit adds the support of
severals sub-images.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit creates a function fit_config_add_hash that will be
used in the next commit to support several 'sub-images'.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
mkimage is only able to package aarch32 binaries. Add support for
AArch64 images.
One can create a ARM64 image using the following command line:
mkimage -T mtk_image -a 0x201000 -e 0x201000 -n "media=emmc;arm64=1"
-d bl2.bin bl2.img
Signed-off-by: Fabien Parent <fparent@baylibre.com>
The existing socfpgaimage always pads the image to the maximum size of
OCRAM size. This will break in the encryption flow where it expects the
image to be un-padded. The encryption tool will do the encryption for
the whole image and append the signature key at end of the image.
The signature key will append to beyond the size of OCRAM if the image
is padded with the maximum size before encryption.
Move the padding step from socfpgaimage to Makefile and pads with objcopy
command.
socfpgaimage will pad the image with 16 bytes aligned (including CRC word),
this is a requirement in encryption flow.
Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
Print image header information if the header is verified.
Example output from mkimage "-l" option:
$ ./tools/mkimage -l spl/u-boot-spl.sfp
Image Type : Cyclone V / Arria V SoC Image
Validation word : 0x31305341
Version : 0x00000000
Flags : 0x00000000
Program length : 0x00003a59
Header checksum : 0x00000188
$ ./tools/mkimage -l spl/u-boot-spl.sfp
Image Type : Arria 10 SoC Image
Validation word : 0x31305341
Version : 0x00000001
Flags : 0x00000000
Header length : 0x00000014
Program length : 0x000138e0
Program entry : 0x00000014
Header checksum : 0x00000237
Signed-off-by: Ley Foon Tan <ley.foon.tan@intel.com>
When deleting a variable we must check that the GUID provided by the
user matches the GUID of the variable.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
According to https://pep8.org/#indentation we should use 4 spaces per
indentation level.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
When tools: efivar.py is called without arguments an error occurs:
Traceback (most recent call last):
File "tools/efivar.py", line 380, in <module>
main()
File "tools/efivar.py", line 360, in main
args.func(args)
AttributeError: 'Namespace' object has no attribute 'func'
Show the online help if the arguments do not specify a function.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
So far we used the separate mksunxiboot tool for generating a bootable
image for Allwinner SPLs, probably just for historical reasons.
Use the mkimage framework to generate a so called eGON image the
Allwinner BROM expects.
The new image type is called "sunxi_egon", to differentiate it
from the (still to be implemented) secure boot TOC0 image.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jernej Skrabec <jernej.skrabec@siol.net>
Reviewed-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
arm64:
- DT updates
microblaze:
- Add support for NOR device support
spi:
- Fix unaligned data write issue
nand:
- Minor code change
xilinx:
- Fru fix in limit calculation
- Fill git repo link for all Xilinx boards
video:
- Add support for seps525 spi display
tools:
- Minor Vitis file support
cmd/common
- Minor code indentation fixes
serial:
- Uartlite debug uart initialization fix
-----BEGIN PGP SIGNATURE-----
iFsEABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCX/ROlgAKCRDKSWXLKUoM
IRC5AIkBzg4Sz8fQgdCiOK89k7tdFKMAnA9SYhgm4TSCzffZCJwnm78QoGAC
=4FnY
-----END PGP SIGNATURE-----
Merge tag 'xilinx-for-v2021.04' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next
Xilinx changes for v2021.04
arm64:
- DT updates
microblaze:
- Add support for NOR device support
spi:
- Fix unaligned data write issue
nand:
- Minor code change
xilinx:
- Fru fix in limit calculation
- Fill git repo link for all Xilinx boards
video:
- Add support for seps525 spi display
tools:
- Minor Vitis file support
cmd/common
- Minor code indentation fixes
serial:
- Uartlite debug uart initialization fix
Driver model: Rename U_BOOT_DEVICE et al.
dtoc: Tidy up and add more tests
ns16550 code clean-up
x86 and sandbox minor fixes for of-platdata
dtoc prepration for adding build-time instantiation
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl/09LURHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIrebjwwf/fHRjYsAY/Yj/+y1xgo3L3sphIvQUqTDF
KkLl+kHdV5r8W/HJULxLQcF2r7pcPEI6TAQxuj3qQ5SUvm2HviS8GHGPawDEwyht
HgBp9VD56+HUadMfnbG//DVS73ycbL4XSKlYqpkINEejtnlttsCIawUXX5cTyGM/
59VkgnKrKvJQRUXvYLa8MTugTs4fkPJGDqhActBk/7SP1SImj+rfalNSqA2/dx6y
2RnPCSzB1x2231KSj+B1NgGlR3Xb8P8zgh20ijcEU/hrlXBTZyi7K7f4SJR30Efu
LYkkuj4VbxcV/25RozR0fmknqCs0QyAI+/dql6TNtbTSPC/jAfj0jQ==
=9kN3
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-5jan21' of git://git.denx.de/u-boot-dm into next
Driver model: make some udevice fields private
Driver model: Rename U_BOOT_DEVICE et al.
dtoc: Tidy up and add more tests
ns16550 code clean-up
x86 and sandbox minor fixes for of-platdata
dtoc prepration for adding build-time instantiation
Some of these tests don't actually check anything. Add a few more checks
to complete the tests.
Also add a simple scan test that does the basics.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move the tests related to scanning into their own class, updating them
to avoid using dtb_platdata as a pass-through.
Signed-off-by: Simon Glass <sjg@chromium.org>
Before expanding the scanning features any more, move this into a separate
file. This will make it easier to maintain in the future. In particular,
it reduces the size of dtb_platdata.py and allows us to add tests
specifically for scanning, without going through that file.
The pieces moved are the Driver class, the scanning code and the various
naming functions, since they mostly depend on the scanning results.
So far there is are no separate tests for src_scan. These will be added
as new functionality appears.
This introduces no functional change.
Signed-off-by: Simon Glass <sjg@chromium.org>
This has not been needed since parent information was added and we started
using indicies for references to other drivers instead of pointers. It was
kept around in the expectation that it might be needed later.
However with the latest updates, it doesn't seem likely that we'll need
this in the foreseeable future.
Drop dm_populate_phandle_data() from dtoc and driver model.
Signed-off-by: Simon Glass <sjg@chromium.org>
Previously we had to worry about nodes being output before those that they
depended on, thus causing build errors. So the current algorithm is
careful to output nodes in the right order.
We now use a different method for outputting phandles that does not
involve pointers. Also we plan to add a 'declarations' header file to
declare all drivers as 'extern'.
Update the code to drop the dependency checking and output in a simple
loop. This makes the output easier to follow since drivers are in order of
thier indices (0, 1, ...), which is also the order it appears in in the
linker list.
Signed-off-by: Simon Glass <sjg@chromium.org>
The base directory of U-Boot, where the source is, it currently calculated
from the directory of the dtb_platdata.py script. If this is installed
elsewhere that will not work. Also it is inconvenient for tests.
Add a parameter to allow specifying this base directory.
To test this, pass a temporary directory with some files in it and check
that they are passed to scan_driver().
Signed-off-by: Simon Glass <sjg@chromium.org>
Rather than the if/else construct, update OutputFile with the method to
call to process each command. This is easier to maintain as the number of
commands increases.
Rename generate_tables to generate_plat since it better describes what is
being generated ('plat' is the U-Boot name for platform data).
With this, each output method needs to have the same signature. Store the
output structures in a member variable instead of using parameters, to
accomplish this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use this new name to be consistent with the rest of U-Boot, which talks
about 'plat' for the platform data, which is what this file holds.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is currently fairly obvious what the two generated files are for, but
this will change as more are added. It is helpful for readers to describe
the purpose of each file.
Add a header commment field to OutputFile and use it to generate a comment
at the top of each file.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use the standard function for running tests and reported results. This
allows the tests to run in parallel, which is a significant speed-up on
most machines (e.g. 4.5 seconds -> 1.5s on mine).
Signed-off-by: Simon Glass <sjg@chromium.org>
This gives a warning in some situations:
File "tools/dtoc/../concurrencytest/concurrencytest.py", line 95,
in do_fork
stream = os.fdopen(c2pread, 'rb', 1)
File "/usr/lib/python3.8/os.py", line 1023, in fdopen
return io.open(fd, *args, **kwargs)
RuntimeWarning: line buffering (buffering=1) isn't supported in binary
mode, the default buffer size will be used
Fix this by dropping the line-buffer parameter.
Signed-off-by: Simon Glass <sjg@chromium.org>
We use the U_BOOT_ prefix (i.e. U_BOOT_DRIVER) to declare a driver but
in every other case we just use DM_. Update the alias macros to use the
DM_ prefix.
We could perhaps rename U_BOOT_DRIVER() to DM_DRIVER(), but this macro
is widely used and there is at least some benefit to indicating it us a
U-Boot driver, particularly for code ported from Linux. So for now, let's
keep that name.
Signed-off-by: Simon Glass <sjg@chromium.org>
This does not get a device (struct udevice *) but a struct driver_info *
so the name is confusing.
Rename it accordingly. Since we plan to have several various of these
macros, put GET at the end instead of the middle, so it is easier to spot
the related macros.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current macro is a misnomer since it does not declare a device
directly. Instead, it declares driver_info record which U-Boot uses at
runtime to create a device.
The distinction seems somewhat minor most of the time, but is becomes
quite confusing when we actually want to declare a device, with
of-platdata. We are left trying to distinguish between a device which
isn't actually device, and a device that is (perhaps an 'instance'?)
It seems better to rename this macro to describe what it actually is. The
macros is not widely used, since boards should use devicetree to declare
devices.
Rename it to U_BOOT_DRVINFO(), which indicates clearly that this is
declaring a new driver_info record, not a device.
Signed-off-by: Simon Glass <sjg@chromium.org>
With upcoming changes, dtoc will output several files for different
of-platdata components.
Add a way to output all ava!ilable files at once ('all'), to the
appropriate directories, without needing to specify each one invidually.
This puts the commands in alphabetical order, so update the tests
accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
