There are multiple other openssl engines used by HSMs that can be used to
sign FIT images instead of forcing users to use pkcs11 type of service.
Relax engine selection so that other openssl engines can be specified and
use generic key id definition formula.
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Cc: Tom Rini <trini@konsulko.com>
FIT header verification in mkimage was treating a return code as a boolean,
which meant that failures in validating the fit were seen as successes.
Additionally, mkimage was checking all formats to find a header which
passes validation, rather than using the image type specified to
mkimage.
checkpatch.pl checks for lines ending with '(' and alignment matching
open parentheses are ignored to keep with existing coding style.
Signed-off-by: Jordan Hand <jorhand@microsoft.com>
i.MX8M bootable image type is like i.MX6/7, but there is signed HDMI
firmware image in front of A53 bootable image, which is also has an IVT
header.
Here we also include fit image to generate a bootable image.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Stefano Babic <sbabic@denx.de>
i.MX8/8X bootable image type is container type.
The bootable image, containers a container set which supports two
container. The 1st container is for SECO firmware, the 2nd container
needs to include scfw, m4_0/1 image, ACore images per your requirement.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
The set_header call in kwbimage.c adds a checksum to the end of the
image in addition to setting up the header. It 'helpfully' updates the
st_size to match the fact that the file is now longer. However, mkimage
uses this length in the munmap call. This can lead to unmapping an extra
page, of perhaps required data. When this happens, a SEGV can occur.
To prevent this from happening, the munmap call now uses the same length
that was passed to mmap. This could also have been fixed by not changing
the length in kwbimage.c, however changing it in the main file means
that other plugins will also not fall for the same trap.
Signed-off-by: Mark Tomlinson <mark.tomlinson@alliedtelesis.co.nz>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
[cp: resolve checkpatch complaints]
Tested-by: Chris Packham <judge.packham@gmail.com>
The officially described way to generate boot.bin files for ZynqMP is to
describe the contents of the target binary using a file of the "bif"
format. This file then links to other files that all get packed into a
bootable image.
This patch adds support to read such a .bif file and generate a respective
ZynqMP boot.bin file that can include the normal image and pmu files, but
also supports image partitions now. This makes it a handy replacement for
the proprietary "bootgen" utility that is currently used to generate
boot.bin files with FSBL.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
If generating a script image and no datafile has been passed in, mkimage
dies with SIGSEGV:
#0 __strchr_sse2 () at ../sysdeps/x86_64/multiarch/../strchr.S:32
#1 0x0000000000403818 in main
at tools/mkimage.c:503
Add explicit test for datafile to fix this.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Commit 253c60a breaks the exit value of 'mkimage -T rkimage'
and print the following error:
mkimage: Can't print header for Rockchip Boot Image support: Success
It is not a failure to not print headers, so just display the warning message,
and finish the function properly.
Signed-off-by: Guillaume GARDET <guillaume.gardet@free.fr>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Since commit 5b9d44df23 (mkimage: Display a better list of available image
types) mkimage usage text suggest to "use -T to see a list of available image
types". Unfortunately, commit 02221f29deb8 (mkimage: Convert to use getopt())
broke that feature, because getopt() fails when -T has no option argument.
Add a pseudo image type name 'list' that lists all image types. Update the
usage text accordingly.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.
Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
When we want to use Secure Boot with HAB from SPL over U-Boot.img,
we need to append the IVT to the image and leave space for the CSF.
Images generated as firmware_ivt can directly be signed using the
Freescale code signing tool. For creation of a CSF, mkimage outputs
the correct HAB Blocks for the image.
The changes to the usual firmware image class are quite small,
that is why I implemented that directly into the default_image.
Cc: sbabic@denx.de
v2-Changes: None
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
Adds -i option that allows specifying a ramdisk file to be added to the
FIT image when we are using the automatic FIT mode (no ITS file).
This makes adding Depthcharge support to LAVA much more convenient, as
no additional configuration files need to be kept around in the machine
that dispatches jobs to the boards.
Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Matt Hart <matthew.hart@linaro.org>
Cc: Neil Williams <codehelp@debian.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The allocated memory should be freed. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 150963)
Reviewed-by: Tom Rini <trini@konsulko.com>
Inform getopt that '-c' requires a parameter.
Fixes: a02221f29d ("mkimage: Convert to use getopt()")
Signed-off-by: Karl Beldan <kbeldan@baylibre.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Update the error-handling code for -A, -C and -O to show a list of valid
options when an invalid one is provided.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Vinoth Eswaran <evinoth1206@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The existing error code only displays image types which are claimed by a
particular U_BOOT_IMAGE_TYPE() driver. But this does not seem correct. The
mkimage tool should support all image types, so it makes sense to allow
creation of images of any type with the tool.
When an incorrect image type is provided, use generic code to display the
error.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a generic function which can display a list of items in any category.
This will allow displaying of images for the -A, -C, -O and -T flags. At
present only -T is supported.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There is no need to set params.fit_image_type while parsing the arguments.
It is set up later anyway.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
When auto-fit is used, it is not valid to create a FIT without an image
file. Add a check for this to avoid a very confusing error message later
("Can't open (null): Bad address").
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
There is a special case in the code when auto-fit is used. Add a comment to
make it easier to understand why this is needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
The default image type is supposed to be IH_TYPE_KERNEL, as set in the
'params' variable. Honour this with auto-fit also.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
When building a FIT with external data (-E), U-Boot proper may require
absolute positioning for executing the external firmware. To acheive this
use the (-p) switch, which will replace the amended 'data-offset' with
'data-position' indicating the absolute position of external data.
It is considered an error if the requested absolute position overlaps with the
initial data required for the compact FIT.
Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Some build systems want to be quiet unless there is a problem. At present
mkimage displays quite a bit of information when generating a FIT file. Add
a '-q' flag to silence this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Commit 7a439cadcf broke generation of SPL
loadable FIT images (CONFIG_SPL_LOAD_FIT).
Fix it by removing the unnecessary storage of expected image type. This was a
left over of the previous implementation. It is not longer necessary since the
mkimage -b switch always has one parameter.
Tested-by: Lokesh Vutla <lokeshvutla@ti.com>
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
The getopt(3) optstring '-' is a GNU extension which is not available on BSD
systems like OS X.
Remove this dependency by implementing argument parsing in another way. This
will also change the lately introduced '-b' switch behaviour.
Signed-off-by: Andreas Bießmann <andreas.devel@googlemail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
One limitation of FIT is that all the data is 'inline' within it, using a
'data' property in each image node. This means that to find out what is in
the FIT it is necessary to scan the entire file. Once loaded it can be
scanned and then the images can be copied to the correct place in memory.
In SPL it can take a significant amount of time to copy images around in
memory. Also loading data that does not end up being used is wasteful. It
would be useful if the FIT were small, acting as a directory, with the
actual data stored elsewhere.
This allows SPL to load the entire FIT, without the images, then load the
images it wants later.
Add a -E option to mkimage to request that it output an 'external' FIT.
Signed-off-by: Simon Glass <sjg@chromium.org>
To make the auto-FIT feature useful we need to be able to provide a list of
device tree files on the command line for mkimage to add into the FIT. Add
support for this feature.
So far there is no support for hashing or verified boot using this method.
For those cases, a .its file must still be provided.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present, when generating a FIT, mkimage requires a .its file containing
the structure of the FIT and referring to the images to be included.
Creating the .its file is a separate step that makes it harder to use FIT.
This is not required for creating legacy images.
Often the FIT is pretty standard, consisting of an OS image, some device
tree files and a single configuration. We can handle this case automatically
and avoid needing a .its file at all.
To start with, support automatically generate the FIT using a new '-f auto'
option. Initially this only supports adding a single image (e.g. a linux
kernel) and a single configuration.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present FIT images are set up by providing a device tree source file
which is a file with a .its extension. We want to support automatically
creating this file based on the image supplied to mkimage. This means that
even though the final file type is always IH_TYPE_FLATDT, the image inside
may be something else.
Signed-off-by: Simon Glass <sjg@chromium.org>
Sometimes incorrect arguments are supplied but the reason is not obvious to
the user. Add some helpful messages.
Signed-off-by: Simon Glass <sjg@chromium.org>
Adjust the code so that option alphabetical order matches the order in the
switch() statement. This makes it easier to find options.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current way of parsing arguments is a bit clumsy. It seems better to
use getopt() which is commonly used for this purpose.
Convert the code to use getopt() and make a few minor adjustments as needed.
Signed-off-by: Simon Glass <sjg@chromium.org>
To follow the MIPS 32-bit and 64-bit memory map conventions (*) recent
MIPS Linux kernels are using a 64-bit sign extended value
(0xffffffff80010000) for the 32-bit load address (0x80010000) of the
Creator CI20 board kernel. When this 64-bit argument was passed to
mkimage running on a 32-bit machine such as the Creator CI20 board the
load address was incorrectly formed from the upper 32-bit sign-extend
bits (0xffffffff) by the strtoul instead of from the lower 32-bits
(0x80010000). The mkimage should be able to tolerate the longer
sign-extended 64-bit version of the 32-bit arguments with the use of
strtoull. Use of the strtoll in place of the strtol in mkimage.c
resolves the issue of self hosted kernel builds for the Creator CI20
board (+) and (++).
(*) http://techpubs.sgi.com/library/dynaweb_docs/0620/SGI_Developer/books/DevDriver_PG/sgi_html/ch01.html
(+) https://github.com/MIPS/CI20_linux/issues/23
(++) https://github.com/MIPS/CI20_linux/issues/22
Signed-off-by: William Cohen <wcohen@redhat.com>
Seems 6ae6e160 broke creating images in certain cases, there
are two problems with that patch.
First is that the expression "!x == 4 || !x == 6" is ambiguous. The
intention here was "!(x == 4) || !(x == 6)" based on reading further in
the file, where this was borrowed from. This however is interpreted by
gcc as "(!x) == 4 || (!x) == 6" and always false. gcc-5.x will warn
about this case.
The second problem is that we do not want to test for the case of "(NOT x
is 4) OR (NOT x is 6)" but instead "(x is not equal to 4) AND (x is not
equal to 6)". This is because in those two cases we already execute the
code question in another part of the file. Rewrite the expression and
add parenthesis for clarity.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Philippe De Swert <philippedeswert@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
[trini: Re-word Marek's explanation]
Seems 92a655c3 broke creating multi and script type images.
Since the file1:file2:file3 string does not get split up,
it fails on trying to open an non-existing file.
mkimage -A arm -O linux -T multi -C none -d zImage:splash.bmp:device.dtb uimage
tools/mkimage: Can't open zImage:splash.bmp:device.dtb: No such file or directory
Since the sizes of the different parts seem to get added in the actual
routine that handles multi and script type images, we can probably skip the
bit of the code that causes the failure for that type of images.
Signed-off-by: Philippe De Swert <philippedeswert@gmail.com>
At present there is an arbitrary limit of 4KB for padding. Rockchip needs
more than that, so remove this restriction.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Some functions called by mkimage would like to know the output file size.
Initially this is the same as the input file size, but it may be affected by
adding headers, etc.
Add this information to the image parameters.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Offer to display the available image types in help. Also, rather than
hacking the genimg_get_type_id() function to display a list of types,
do this in the tool. Also, sort the list.
The list of image types is quite long, and hard to discover. Print it out
when we show help information.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some image types, like "KeyStone GP", do not have magic numbers to
distinguish them from other image types. Thus, the automatic image
type discovery does not work correctly.
This patch also fix some integer type mismatches.
Signed-off-by: Guilherme Maciel Ferreira <guilherme.maciel.ferreira@gmail.com>
