Trying to call the following command causes NULL pointer dereference in
strlen():
./tools/dumpimage -T kwbimage -o /tmp/out u-boot-spl.kwb
Fix it by checking whether params->imagename is non-NULL before calling
strlen().
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
These structures must have specific size without padding, so mark them as
packed via the de-facto standard macro __packed. Also replace PACKED
macro.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The mkimage host tool can be used to generate kwbimage v1 image with
secure header on host system for A38x plaform also when U-Boot is being
compiled for different platform. So there is no reason to not allow
compiling of mkimage/kwbimage with secure header support for e.g. x86-64
host.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
This command is supported only by v1 images and specifies a milliseconds
delay after executing some set of DATA commands. The special string value
SDRAM_SETUP instructs BootROM to setup SDRAM controller instead of
executing delay. SDRAM_SETUP may be specified only once and after the
last DATA command.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
The DATA command is already supported by mkimage for v0 images, but not
for v1 images.
BootROM code which executes v1 images also supports DATA command via an
optional extended v1 header OPT_HDR_V1_REGISTER_TYPE.
Implement support for DATA command for v1 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
The PAYLOAD keyword does nothing. No code is using it and both mkimage
and kwbimage completely ignore it. It looks like a relict from the past.
The payload image itself can be specified only via -d parameter to
mkimage.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
The kwbimage v1 format supports multiple BINARY executable headers.
Add support for it into mkimage/kwbimage tool.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
Binary header consist of:
* 1 byte for header type
* 3 bytes for header size
* 1 byte for number of arguments
* 3 reserved bytes
* N*4 bytes for arguments
* M bytes (aligned to 4 bytes) for executable data
* 1 byte for information about next header
* 3 reserved bytes
The first four bytes are specified as
sizeof(struct opt_hdr_v1)
and the remaining bytes as
ALIGN(s.st_size, 4) + (binarye->binary.nargs + 2) * sizeof(uint32_t)
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The number is stored in one byte, so the maximum should be 255.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
The data part of v1 kwbimage currently contains U-Boot binary prepended
by 64 bytes long Legacy U-Boot image header. This means that the load
address is currently substracted by 64 bytes to ensure that U-Boot's
entry point is at specified execution address.
As mkimage has already separate arguments for load (-a) and execution
(-e) address, there is no need to derive fixed load address from
execution address.
Therefore remove this load address hack from the kwbimage tool and
support generating v1 kwbimage with arbitrary addresses for load and
execution.
Finally, calculate correct load address by caller for mkimage tool in
Makefile. File u-boot-spl.kwb is always a v1 kwbimage and it is the only
v1 kwbimage which U-Boot's build system generates.
Remove also useless overwriting of destaddr for /binary.0 to the value
which is already set on previous lines.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Remove this space, since the constants are indented by tabs.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The binary header in kwbimage contains executable SPL code.
Print information about this binary header and not only information
about it's data part.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The data part of v1 images contains 32-bit checksum after the data.
Validate whether this checksum is correct.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Add basic checks for extended headers of v1 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Extended header checksum for v0 image is present only in the case when
extended header is present. Skip checksum validation if extended header
is not present.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
In the case when the file name is specified relative to the current
working directory, it does not contain '/' character and strrchr()
returns NULL.
The following strcmp() function then crashes on NULL pointer
dereference.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
SATA and SDIO images must be aligned to sector size (which in most cases
is 512 bytes) and Source Address in main header is stored in number of
sectors from the beginning of the drive. SATA image must be stored at
sector 1 and SDIO image at sector 0. Source Address for PCIe image is
not used and must be set to 0xFFFFFFFF.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Add constant for SDIO value of the bootfrom header field.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
Writing into SPI NOR and NAND memory can be done only in 256 bytes long
blocks. Align final image size so that when it is burned into SPI NOR or
NAND memory via U-Boot's commands (sf or mtd), we can use the $filesize
variable directly as the length argument.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The return value of kwbimage_generate() is used for aligning the data
part of kwbimage. Use it for calculating proper 4 byte alignment as is
required by BootROM and also use it for allocating additional 4 bytes
for the 32-bit data checksum.
This simplifies the alignment code to be only at one place (in function
kwbimage_generate) and also simplifies setting checksum as it can be
directly updated in memory.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
The CONFIG_SYS_U_BOOT_OFFS option may be defined as empty string.
In this case it causes compilation error:
tools/kwbimage.c: In function ‘image_headersz_v1’:
tools/kwbimage.c:1002:39: error: expected expression before ‘)’ token
if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
^
tools/kwbimage.c:1006:41: error: expected expression before ‘)’ token
(int)headersz, CONFIG_SYS_U_BOOT_OFFS);
^
tools/kwbimage.c:1011:35: error: expected expression before ‘;’ token
headersz = CONFIG_SYS_U_BOOT_OFFS;
^
make[1]: *** [scripts/Makefile.host:112: tools/kwbimage.o] Error 1
make: *** [Makefile:1822: tools] Error 2
Check whether the value of CONFIG_SYS_U_BOOT_OFFS is really set.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
One of binman's attributes is that it is extremely fast, at least for a
Python program. Add some simple timing around operations that might take
a while, such as reading an image and compressing it. This should help
to maintain the performance as new features are added.
This is for debugging purposes only.
Signed-off-by: Simon Glass <sjg@chromium.org>
If the process outputs a lot of data on stdout this can be quite slow,
since the bytestring is regenerated each time. Use a bytearray instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
The constructor should not read the node information. Move it to the
ReadNode() method instead. This allows this etype to be subclassed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some images may take a while to build, e.g. if they are large and use slow
compression. Support compiling sections in parallel to speed things up.
Signed-off-by: Simon Glass <sjg@chromium.org>
(fixed to use a separate test file to fix flakiness)
At present compression uses the same temporary file for all invocations.
With multithreading this causes the data to become corrupted. Use a
different filename each time.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present if a driver is missing a uclass or compatible stirng, this
is silently ignored. This makes sense in most cases, particularly for
the compatible string, since it is not required except when the driver
is used with of-platdata.
But it is also not very helpful. When there is some sort of problem
with a driver, the missing compatible string (for example) may be the
cause.
Add a warning in this case, showing it only for drivers which are used
by the build.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
Some rockchip drivers use a suffix on the of_match line which is not
strictly valid. At present this causes the parsing to fail. Fix this
and offer a warning.
Signed-off-by: Simon Glass <sjg@chromium.org>
This expects a . before the field name (.e.g '.compatible = ...) but
presently accepts anything at all. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
At present we show when a driver is missing but this is not always that
useful. There are various reasons why a driver may appear to be missing,
such as a parse error in the source code or a missing field in the driver
declaration.
Update the implementation to record all warnings for each driver, showing
only those which relate to drivers that are actually used. This avoids
spamming the user with warnings related to a driver for a different board.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
Use this parser instead of OptionParser, which is deprecated.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
These are not supported before Python 3.6 so avoid them.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Walter Lozano <walter.lozano@collabora.com>
commit 322c813f4b ("mkeficapsule: Add support for embedding public key in a dtb")
added a bunch of options enabling the addition of the capsule public key
in a dtb. Since now we embedded the key in U-Boot's .rodata we don't this
this functionality anymore
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Host tool features, such as mkimage's ability to sign FIT images were
enabled or disabled based on the target configuration. However, this
misses the point of a target-agnostic host tool.
A target's ability to verify FIT signatures is independent of
mkimage's ability to create those signatures. In fact, u-boot's build
system doesn't sign images. The target code can be successfully built
without relying on any ability to sign such code.
Conversely, mkimage's ability to sign images does not require that
those images will only work on targets which support FIT verification.
Linking mkimage cryptographic features to target support for FIT
verification is misguided.
Without loss of generality, we can say that host features are and
should be independent of target features.
While we prefer that a host tool always supports the same feature set,
we recognize the following
- some users prefer to build u-boot without a dependency on OpenSSL.
- some distros prefer to ship mkimage without linking to OpenSSL
To allow these use cases, introduce a host-only Kconfig which is used
to select or deselect libcrypto support. Some mkimage features or some
host tools might not be available, but this shouldn't affect the
u-boot build.
I also considered setting the default of this config based on
FIT_SIGNATURE. While it would preserve the old behaviour it's also
contrary to the goals of this change. I decided to enable it by
default, so that the default build yields the most feature-complete
mkimage.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
image-sig.c is used to map a hash or crypto algorithm name to a
handler of that algorithm. There is some similarity between the host
and target variants, with the differences worked out by #ifdefs. The
purpose of this change is to remove those ifdefs.
First, copy the file to a host-only version, and remove target
specific code. Although it looks like we are duplicating code,
subsequent patches will change the way target algorithms are searched.
Besides we are only duplicating three string to struct mapping
functions. This isn't something to fuss about.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This value is either 0 for success or -1 for error. Coverity reports that
"ret" is passed to a parameter that cannot be negative, pointing to the
condition 'if (ret < 0)'.
Adjust it to just check for non-zero and avoid showing -1 in the error
message, which is pointless. Perhaps these changes will molify Coverity.
Reported-by: Coverity (CID: 312956)
Signed-off-by: Simon Glass <sjg@chromium.org>
With of-platdata-inst we want to set up a reference to each devices'
parent device, if there is one. If we find that the device has a parent
(i.e. is not a root node) but it is not in the list of devices being
written, then we cannot create the reference.
Report an error in this case, since it indicates that the parent node
is either missing a compatible string, is disabled, or perhaps does not
have any properties because it was not tagged for SPL.
Signed-off-by: Simon Glass <sjg@chromium.org>
The return value '-ENOSPC' of fit_set_timestamp function does not match
the caller fit_image_write_sig's expection which is '-FDT_ERR_NOSPACE'.
Fix it by not calling fit_set_timestamp, but call fdt_setprop instead.
This fixes a following mkimage error:
| Can't write signature for 'signature@1' signature node in
| 'conf@imx6ull-colibri-wifi-eval-v3.dtb' conf node: <unknown error>
| mkimage Can't add hashes to FIT blob: -1
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Tested-by: Igor Opaniuk <igor.opaniuk@foundries.io>
When "mkimage -l" was run on a block device it would fail with
erroneous message, because fstat reports a size of zero for those:
mkimage: Bad size: "/dev/sdb4" is not valid image
This patch identifies the "is a block device" case and reports it as
such, and if it knows how to determine the size of a block device on
the current OS, proceeds.
As shown in
http://www.mit.edu/afs.new/sipb/user/tytso/e2fsprogs/lib/blkid/getsize.c
this is no portable task, and I only handled the case of a modern
Linux kernel, which is what I can test.
Signed-off-by: Yann Dirson <yann@blade-group.com>
- Move to gcc-11.1.0 builds from kernel.org for supported platforms and
LLVM-11 for those tests.
- As Heinrich has noted, the RISC-V platform specification has a profile
OS-A for running rich operating systems like Linux and BSD. This profile
requires 64bit and UEFI conforming to the EBBR. Only the 'embedded'
profile may use 32bit. Given this, drop grub for 32bit RISC-V as it no
longer compiles with gcc-11.1 and upstream is unlikely to fix it:
https://www.mail-archive.com/grub-devel@gnu.org/msg30736.html
- Update to grub-2.06 release to address other issues of building with
gcc-11.1.
- Update to newer Xtensa (gcc-9.2.0) and ARC (gcc-10.2) toolchains
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Rick Chen <rick@andestech.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
In commit 1e4687aa47 ("binman: Use target-specific tools when
cross-compiling"), a utility function was implemented to get preferred
compilation tools using environment variables like CC and CROSS_COMPILE.
Although it intended to provide custom default tools (same as those in
the global Makefile) when no relevant variables were set (for example
using "gcc" for "cc"), it is only doing so when CROSS_COMPILE is set and
returning the literal name of the tool otherwise.
Remove the check for an empty CROSS_COMPILE, which makes the function
use it as an empty prefix to the custom defaults and return the intended
executables.
Fixes: 1e4687aa47 ("binman: Use target-specific tools when cross-compiling")
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Move us up to being based on Ubuntu 20.04 "focal" and the latest tag
from Ubuntu for this release. For this, we make sure that "python" is
now python3 but still include python2.7 for the rx51 qemu build as that
is very old and does not support python3.
Signed-off-by: Tom Rini <trini@konsulko.com>
The filesystem and EFI (capsule and secure boot) test setups try to use
guestmount and virt-make-fs respectively to prepare disk images to run
tests on. However, these libguestfs tools need a kernel image and fail
with the following message (revealed in debug/trace mode) if it can't
find one:
supermin: failed to find a suitable kernel (host_cpu=x86_64).
I looked for kernels in /boot and modules in /lib/modules.
If this is a Xen guest, and you only have Xen domU kernels
installed, try installing a fullvirt kernel (only for
supermin use, you shouldn't boot the Xen guest with it).
This failure then causes these tests to be skipped in CIs. Install a
kernel package in the Docker containers so the CIs can run these
tests with libguestfs tools again (assuming the container is run with
necessary host devices and privileges). As this kernel would be only
used for virtualization, we can use the kernel package specialized for
that. On Ubuntu systems kernel images are not readable by non-root
users, so explicitly add read permissions with chmod as well.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add DM (device manager) firmware image to the fit image that is loaded by
R5 SPL. This is needed with the HSM rearch where the firmware allocation
has been changed slightly.
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Signed-off-by: Tero Kristo <kristo@kernel.org>
Add support for providing ATF load address with a Kconfig symbol.
Signed-off-by: Aswath Govindraju <a-govindraju@ti.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: Suman Anna <s-anna@ti.com>
Link: https://lore.kernel.org/r/20210604163043.12811-2-a-govindraju@ti.com
