One of these has crept in in this commit:
40a808f1 ARCv2: SLC: Make sure busy bit is set properly on SLC flushing
Adjust buildman to handle it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Not force to use python from PATH. Issue was noted when building with
Yocto, because python from the distro is always taken instead of
python-native built during Yocto process.
Signed-off-by: Stefano Babic <sbabic@denx.de>
CC: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
With skeleton.dtsi being dropped it is more likely that the /aliases node
will be last in the device tree. Update fdtgrep to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Masahiro Yamada <yamada.masahiro@socionext.com>
With Python 3.5.2 encode will throw an exception if val is a byte array.
Decode it to a string first. This assumes it's utf-8, if it's not valid
utf-8 it will throw an exception.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
os.read() returns a byte array in Python 3.5.2 and needs to be converted
into a string. Check if the returned value is an instance of bytes and
if it is decode it as a utf-8 string. If it is not a utf-8 encoded string
the decoding may fail with an exception.
Prior to this fix the comparisions check data == "" would fail when data
was b'' and would cause an infinite memory leaking loop. joins would
also fail with an exception below but due to the infinite loop it never
made it that far.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
fw_env_open allocates buffers to store the environment, but these
buffers are never freed. This becomes quite nasty using the fw_ tools as
library, because each access to the environment (even just reading a
variable) generates a memory leak equal to the size of the environment.
Fix this renaming fw_env_close() as fw_env_flush(), because the function
really flushes the environment from RAM to storage, and add a
fw_env_close function to free the allocated resources.
Signed-off-by: Stefano Babic <sbabic@denx.de>
Changes in the environment library are difficult to tracked by programs
using the library. Add simply an API version number that must be
increased each time when the API is changed.
This can be detected and a program can work with different versions of
the library.
Signed-off-by: Stefano Babic <sbabic@denx.de>
Move U-Boot private data into a separate file. This
lets export fw_env.h to be used by external programs
that want to change the environment using the library
built in tools/env.
Signed-off-by: Stefano Babic <sbabic@denx.de>
aes.h is a too generic name if this file can
be exported and used by a program.
Rename it to avoid any conflicts with
other files (for example, from openSSL).
Signed-off-by: Stefano Babic <sbabic@denx.de>
With recent changes, some x86-specific rom tests of binman fail to
run. Fix it by adding missing filenames in corresponding entries.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Now that we have added file names from Kconfig in x86 u-boot.dtsi,
update binman to avoid using hard-coded names.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Bin Meng <bmeng.cn@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This program generates raw SPL images that can be flashed on the NAND with
the ECC and randomizer properly set up.
This has been copied (and tweaked to find the right headers) from the
sunxi-tools (https://github.com/linux-sunxi/sunxi-tools) upstream
repository, commit 1c3a6ca5.
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Jagan Teki <jagan@openedev.com>
To simplify the creation of AArch64 SPL images for the RK3399, we
use the ENABLE_ARM_SOC_BOOT0_HOOK option and prepend 4 bytes of
padding at the start of the text section. This makes it easy for
mkimage to rewrite this word with the 'RK33' boot magic.
This change brings logic to calculate the header size and allocate
the header back in sync. For the RK3399 we now limit the header to
before the payload (i.e. the 'header0' and the padding up to the
actual image) and overwrite the first word (inserted by the
boot0-hook for this purpose) with the 'RK33' magic in-place.
X-AffectedPlatforms: RK3399-Q7
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Tested-by: Klaus Goger <klaus.goger@theobroma-systems.com>
The RK3399 boot code (running as AArch64) poses a bit of a challenge
for SPL image generation:
* The BootROM will start execution right after the 4-byte header (at
the odd instruction word loaded into SRAM at 0xff8c2004, with the
'RK33' boot magic residing at 0xff8c2000).
* The default padding (during ELF generation) for AArch64 is 0x0,
which is an illegal instruction and the .text section needs to be
naturally aligned (someone might locate a 64bit constant relative
to the section start and unaligned loads trigger a fault for all
privileged modes of an ARMv8)... so we can't simply define the
CONFIG_SPL_TEXT_BASE option to the odd address (0xff8c2004).
* Finally, we don't want to change the values used for padding of
the SPL .text section for all ARMv8 targets to the instruction
word encoding 'nop', as this would affect all padding in this
section and might hide errors that would otherwise quickly trigger
an illegal insn exception.
To deal with this situation, we modify the rkimage generation to
- understand the fact that the RK3399 needs to pad the header to an
8 byte boundary using an AArch64 'nop'
- the necessary logic to adjust the header_size (which controls the
location where the payload is copied into the image) and to insert
this padding (AArch64 insn words are always little-endian) into
the image following the 4-byte header magic.
X-AffectedPlatforms: RK3399-Q7
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Tested-by: Klaus Goger <klaus.goger@theobroma-systems.com>
The RC4 encoding works on full blocks, but the calculation of the
starting offset and size are needlessly complicated by using a
reference value known to be offset into a block by the size of the
header and then correcting for the (hard-coded) size of the header
(i.e. 4 bytes).
We change this over to use the RK_SPL_HDR_START directly (which is
known to be on a block boundary).
X-AffectedPlatforms: RK3399-Q7
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Tested-by: Klaus Goger <klaus.goger@theobroma-systems.com>
some system will not generate pbl format u-boot, but require rcw.
Signed-off-by: yuan linyu <Linyu.Yuan@alcatel-sbell.com.cn>
Reviewed-by: Alison Wang <alison.wang@nxp.com>
Reviewed-by: York Sun <york.sun@nxp.com>
Previously, dtoc could only process the top-level nodes which led to
device nodes in hierarchical trees to be ignored. E.g. the mmc0 node
in the following example would be ignored, as only the soc node was
processed:
/ {
soc {
mmc0 {
/* ... */
};
};
};
This introduces a recursive helper method ScanNode, which is used by
ScanTree to recursively parse the entire tree hierarchy.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When building u-boot tools in cross-build environment CFLAGS environment
variable set up for target is taken into an account when building code
for host. Make it empty on invocation of python.
This fixes the following build errors when cross-compiling for xtensa:
cc1: error: unrecognized command line option "-mlongcalls"
cc1: error: unrecognized command line option "-mauto-litpools"
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add the entry for the rk3188 requiring rc4-encryption of the SPL.
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Rockchip SoCs allow the spl code to be rc4-encoded, not only the
image header, but only newer SoCs allow this encoding to be disabled.
The rk3188 is not part of those and requires its boot code to be
rc4-encoded with the regular key. So add the ability to do this
encoding via a setting on a per-soc basis when building spl images.
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
Tested-by: Kever Yang <kever.yang@rock-chips.com>
Right now the u-boot,dm-pre-reloc flag will make each marked node
always appear in both spl and tpl. But systems needing an additional
tpl might have special constraints for each, like the spl needing to
be very tiny.
So introduce two additional flags to mark nodes for only spl or tpl
environments and introduce a function dm_fdt_pre_reloc to automate
the necessary checks in code instances checking for pre-relocation
flags.
The behaviour of the original flag stays untouched and still marks
a node for both spl and tpl.
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Kever Yang <kever.yang@rock-chips.com>
Richard reported U-Boot tools issues in OpenEmbedded/Yocto project.
OE needs to be able to change the default compiler. If we pass in
HOSTCC through the make command, it overwrites all HOSTCC instances,
including ones in tools/Makefile and tools/env/Makefile, which breaks
"make cross_tools" and "make env", respectively.
Add "override" directives to avoid overriding HOSTCC instances that
really need to point to the cross-compiler.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The size field in GP header that is expected by ROM is size of the
image + size of the header. But omapimage generates a gp header
only with size of the image as size field. Fix it
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
This tool does not work with Python 3. Change the shebang to make sure the
script is run by a Python 2 interpreter.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Currently upstream does not yet understand the imply keyword. For what
we use kconfiglib.py for today, this is OK. We only need to be able to
evaluate in order to make boards.cfg and none of those choices will
depend on how imply evaluates out.
Signed-off-by: Tom Rini <trini@konsulko.com>
This define is not used in tools sources and can be removed
to avoid unnecessary link between tools and defconfig
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Commit 94084eea3b ("tools: kwbimage: Fix dest addr") changed kwbimage
to do this adjustment. So now the adjustment in kwboot is not needed
(and would prevent UART booting for images generated by the new
kwbimage). Remove the destaddr adjustment in kwboot.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
The return value of fstat was not checked in kwbimage, and in the case
of an error, the already open file was not closed. Fix both errors.
Reported-by: Coverity (CID: 155971)
Reported-by: Coverity (CID: 155969)
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Signed-off-by: Stefan Roese <sr@denx.de>
The previous commit ("add a new command to show .config contents")
improves the basic infrastructure of "embed a compressed file into
the U-Boot image, and print it by a command". The same pattern for
the "license" command.
This commit reworks the command to improve the following:
[1] Improve log style
Kbuild style log
GZIP cmd/license_data.gz
CHK cmd/license_data_gz.h
UPD cmd/license_data_gz.h
CHK cmd/license_data_size.h
UPD cmd/license_data_size.h
instead of the bare Make log:
cat ./Licenses/gpl-2.0.txt | gzip -9 -c | \
tools/bin2header license_gzip > ./include/license.h
[2] Collect related code into the "cmd" directory
Prior to this commit, the license.h was created by tools/Makefile,
placed under the "include" directory, included from cmd/license.c,
and deleted by the top-level Makefile. It is not a good idea to
scatter related code.
[3] Drop the fixed-malloc size LICENSE_MAX
Just allocate the minimum required size of buffer because we know
the size of the original gpl-2.0.txt.
[4] Fix more issues
Terminate the buffer with zero to prevent puts() from over-running.
Add "static" to do_license.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When gathering addresses for the Cc list patman would encounter a
UnicodeDecodeError due to non-ascii characters in the author name.
Address this by explicitly using utf-8 when building the Cc list.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
As well as showing the number of boards, allow showing the actual list of
boards that would be built, if -v is provided.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is convenient to be able to deal with checkpatch warnings in the same
way as build warnings. Tools such as emacs and kate can quickly locate
the source file and line automatically.
To achieve this, adjust the format to match the C compiler, and output to
stderr.
Signed-off-by: Simon Glass <sjg@chromium.org>
If there is a '.' in a compatible string, then dtoc will produce a struct
with a name containing a '.'. This won't work, so replace it with '_'.
Also add a suitable test to the sandbox device tree to catch this.
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch adds a little tool that takes a generic MAC address and
generates a CRC byte for it. The output is the full MAC address without
any separators, ready written into an EEPROM.
Signed-off-by: Olliver Schinagl <o.schinagl@ultimaker.com>
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
This patch enables crc8 to be used from within the tools directory using
u-boot/crc.h.
Signed-off-by: Olliver Schinagl <o.schinagl@ultimaker.com>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
On platforms which do not require microcode in SPL, handle such
case like U-Boot proper.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
u_boot_spl_with_ucode_ptr is derived from u_boot_with_ucode_ptr,
hence it should call its parent's init.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The patch implements secure booting for the mvebu architecture.
This includes:
- The addition of secure headers and all needed signatures and keys in
mkimage
- Commands capable of writing the board's efuses to both write the
needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary
commands to write the efuses
The KAK and CSK keys are expected to reside in the files kwb_kak.key and
kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
The function image_create_config_parse_oneline is pretty complex, and
since more parameters will be added to support secure booting, we
refactor the function to make it more readable.
Also, when a line contained just a keyword without any parameters,
strtok_r returned NULL, which was then indiscriminately fed into atoi,
causing a segfault. To correct this, we add a NULL check before feeding
the extracted token to atoi, and print an error message in case the
token is NULL.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
In preparation of adding the creation of secure headers, we factor the
add_binary_header_v1 function out of the image_create_v1 function.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
The parameter 'params' of the image_headersz_v1 function is never used
by the function.
Hence, remove it.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
This patch reduces the scope of some variables.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
Arithmetic with void pointers, e.g. a - b where both a and b are void
pointers, is undefined in the C standard. Since we are operating with
byte data here, we switch the void pointers to uint8_t pointers, and add
the necessary casts.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
Fix some style violations:
- nine instances of missing blank lines after declarations
- one overly long line
- one split string (which also rewords an error message more concisely)
- two superfluous else
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
To enable secure boot, we need to jump back into the BootROM to continue
the SoC's boot process instead of letting the SPL load and run the main
U-Boot image.
But, since the u-boot-spl.img (including the 64 byte header) is loaded
by the SoC as the main image, we need to compensate for the header
length to get a correct entry point.
Thus, we subtract the header size from the destination address, so that
the execution address points at the actual entry point of the image.
The current boards ignore both parameters anyway, so this change shouldn't
concern them.
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
To troubleshoot unexpected bhavior during building and what's more
important during execution it is strongly recommended to use recent
ARC toolchain, and so we're now referring to arc-2016.09 which is the
latest as of today.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We can use the same header length calculations for both imximage v1 and
v2. This addresses TODO comments about imximage v1 in the current code.
With this patch applied, *header_size_ptr in imximage_set_header() will
have the correct value for both imximage v1 and v2. This is necessary
for people wanting to add proprietary data behind the created imximage.
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Cc: sbabic@denx.de
When we have python building tools for the host it will not check HOSTXX
variables but only XX variables, for example LDFLAGS and not
HOSTLDFLAGS.
Cc: Simon Glass <sjg@chromium.org>
Reported-by: Heiko Schocher <hs@denx.de>
Fixes: 1905c8fc71 ("build: Always build the libfdt python module")
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org>
Tested-by: Heiko Schocher <hs@denx.de>
The built _libfdt.so is placed in the /tools dir and need to say here
as it contains relative paths.
Add the directory to the python path so binman can use this module.
Signed-off-by: Emmanuel Vadot <manu@bidouilliste.com>
Do not rely on CONFIG_SPL_OF_PLATDATA to build the libfdt python module.
If swig is present, this will be build
Signed-off-by: Emmanuel Vadot <manu@bidouilliste.com>
Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.
Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Some OS (all BSD and probably others) do not have python in /usr/bin
but in another directory.
It is a common usage to use /usr/bin/env python as shebang for python
scripts so use this for binman.
Signed-off-by: Emmanuel Vadot <manu@bidouilliste.com>
When we want to use Secure Boot with HAB from SPL over U-Boot.img,
we need to append the IVT to the image and leave space for the CSF.
Images generated as firmware_ivt can directly be signed using the
Freescale code signing tool. For creation of a CSF, mkimage outputs
the correct HAB Blocks for the image.
The changes to the usual firmware image class are quite small,
that is why I implemented that directly into the default_image.
Cc: sbabic@denx.de
v2-Changes: None
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
This patch is fixing missing fclose() calls
in error patch introduced by:
"tools: mkimage: Use fstat instead of stat to avoid malicious hacks"
(sha1: ebe0f53f48)
Reported-by: Coverity (CID: 155064, 155065)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Use the endian macros from u-boot's compiler.h instead of duplicating
the definitions.
This also avoids a build error on OpenBSD by removing swap64 which
collides with a system definition in endian.h pulled in by inttypes.h.
Signed-off-by: Jonathan Gray <jsg@jsg.id.au>
Now that we have added file names from Kconfig in x86 u-boot.dtsi,
update binman to avoid using hard-coded names.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Now that binman supports creating images with microcode, drop the code from
ifdtool.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
For boards that need U-Boot-specific additions to the device tree, it is
a minor annoyance to have to add these each time the tree is synced with
upstream.
Add a means to include a file (e.g. u-boot.dtsi) automatically into the .dts
file before it is compiled.
The file uses is the first one that exists in this list:
arch/<arch>/dts/<board.dts>-u-boot.dtsi
arch/<arch>/dts/<soc>-u-boot.dtsi
arch/<arch>/dts/<cpu>-u-boot.dtsi
arch/<arch>/dts/<vendor>-u-boot.dtsi
arch/<arch>/dts/u-boot.dtsi
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Add support for two more from the inexhaustible supply of x86 binary blob
types.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
When building for 64-bit x86 we need an SPL binary in the ROM. Add support
for this. Also increase entry test code coverage to 100%.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Add an entry type for u-boot.img (a legacy U-Boot image) and a simple test.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
The structure of x86 ROMs is pretty complex. There are various binary blobs
to place in the image. Microcode requires special handling so that it is
available to very early code and can be used without any memory whatsoever.
Add support for the various entry types that are currently needed, along
with some tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Add entries to support some standard U-Boot binaries, such as u-boot.bin,
u-boot.dtb, etc. Also add some tests for these.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
This adds the basic code for binman, including command parsing, processing
of entries and generation of images.
So far no entry types are supported. These will be added in future commits
as examples of how to add new types.
See the README for documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
The EVP_MD_CTX and EVP_CIPHER_CTX are made opaque since 1.1.x , so instead
of embedding them directly into struct sb_image_ctx and initializing them
using EVP_*_CTX_init(), we use pointers and allocate the crypto contexts
using EVP_*_CTX_new().
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Tom Rini <trini@konsulko.com>
The patch is fixing:
"tools: mkimage: Check if file is regular file"
(sha1: 56c7e80155)
which contains two issues reported by Coverity
Unchecked return value from stat and incorrect calling sequence where
attack can happen between calling stat and fopen.
Using pair in opposite order (fopen and fstat) is fixing this issue
because fstat is using the same file descriptor (FILE *).
Also fixing issue with:
"tools: mkimage: Add support for initialization table for Zynq and
ZynqMP" (sha1: 3b6460809c)
where file wasn't checked that it is regular file.
Reported-by: Coverity (CID: 154711, 154712)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
The patch is fixing:
"tools: mkimage: Check if file is regular file"
(sha1: 56c7e80155)
which contains two issues reported by Coverity
Unchecked return value from stat and incorrect calling sequence where
attack can happen between calling stat and fopen.
Using pair in opposite order (fopen and fstat) is fixing this issue
because fstat is using the same file descriptor (FILE *).
Also fixing issue with:
"tools: mkimage: Add support for initialization table for Zynq and
ZynqMP" (sha1: 3b6460809c)
where file wasn't checked that it is regular file.
Reported-by: Coverity (CID: 154711, 154712)
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Series-to: trini
Series-cc: u-boot
When using #define CONFIG_SOME_OPTION, the value it set to '1'. When using
defconfig (i.e. CONFIG_SOME_OPTION=y) the value is set to 'y'. This results
in differences showing up with -K. These differences are seldom useful.
Adjust buildman to suppress these differences by default.
Signed-off-by: Simon Glass <sjg@chromium.org>
Normally buildman does a full build of a board. This includes creating the
u-boot.cfg file which contains all the configuration options. Buildman uses
this file with the -K option, to show differences in effective configuration
for each commit.
Doing a full build of U-Boot just to create the u-boot.cfg file is wasteful.
Add a -D option which causes buildman to only create the configuration. This
is enough to support use of -K and can be done much more quickly (typically
5-10 times faster).
Signed-off-by: Simon Glass <sjg@chromium.org>
Offset 0x1 in the generated kwb image file is a set of flags, bit 0
enables debug output from the BootROM firmware. Allow a DEBUG option in
the kwb configuration to request debug output from the BootROM firmware.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
Offset 0x18 in some Marvell datasheets this field is redacted as
"reserved". This offset is actually a set of options and bits 2:0 allow
the selection of the UART baudrate.
Allow a BAUDRATE option to set the UART baudrate for any messages coming
from the BootROM firmware.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
commit 183923d3e4 enforces that the
environment must start at an erase block boundary.
For block devices the sample fw_env.config does not mandate a erase block size
for block devices. A missing setting defaults to the full env size.
Depending on the environment location the alignment check now errors out for
perfectly legal settings.
Fix this by defaulting to the standard blocksize of 0x200 for environments
stored in a block device.
That keeps the fw_env.config files for block devices working even with that
new check.
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
The Makefile in tools/ tries to find the "swig" utility by calling "which".
If nothing is found in the path, some versions of which will print an error
message:
$ make clean
which: no swig in (/usr/local/bin:/usr/bin:/bin)
This does not apply to all version of "which", though:
$ echo $0
bash
$ type which
which is aliased to `type -path'
$ which foo <== this version is OK
$ /usr/bin/which foo <== this one is chatty
/usr/bin/which: no foo in (/usr/local/bin:/usr/bin:/bin)
$ sh <== make uses /bin/sh
sh-4.3$ which foo <== no alias here
which: no foo in (/usr/local/bin:/usr/bin:/bin)
This error message is rather pointless in our case, since we just have
this very check to care for this. So add stderr redirection to suppress
the message.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
While we move some config macros to Kconfig, kconfig header is needed
to avoid compiling error if not already included.
Signed-off-by: York Sun <york.sun@nxp.com>
Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA
pairings will still fail on verify operations when the hash length is
longer than the key length.
Follow the same naming scheme "checksum,crytpo" without explicitly
defining the string.
Indirectly adds support for "sha1,rsa4096" signing/verification.
Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cut down on the repetition of algorithm information by defining separate
checksum and crypto structs. image_sig_algos are now simply pairs of
unique checksum and crypto algos.
Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Current Makefile.spl passes -R parameter which is not empty
and pointing to ./ folder.
"./tools/mkimage -T zynqmpimage -R ./"" -d spl/u-boot-spl.bin
spl/boot.bin"
That's why mkimage is trying to parse ./ file and generate
register init which is wrong.
Check that passed filename is regular file. If not do not work with it.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
The Zynq/ZynqMP boot.bin file contains a region for register initialization
data. Filling in proper values in this table can reduce boot time
(e.g. about 50ms faster on QSPI boot) and also reduce the size of
the SPL binary.
The table is a simple text file with register+data on each line. Other
lines are simply skipped. The file can be passed to mkimage using the
"-R" parameter.
It is recommended to add reg init file to board folder.
For example:
CONFIG_BOOT_INIT_FILE="board/xilinx/zynqmp/xilinx_zynqmp_zcu102/reg.int
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Commit fed329aebe ("tools: add mksunxiboot to tools-all target") added
mksunxiboot to the tools-all target, but used the CONFIG_SUNXI symbol
to enable its build. Now commit aec9a0f19f ("sunxi: Rename CONFIG_SUNXI
to CONFIG_ARCH_SUNXI"), merged before that, renamed that symbol, so that
the first patch basically gets ineffective.
Adjust the symbol name in tools/Makefile to make it build again.
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Adds -i option that allows specifying a ramdisk file to be added to the
FIT image when we are using the automatic FIT mode (no ITS file).
This makes adding Depthcharge support to LAVA much more convenient, as
no additional configuration files need to be kept around in the machine
that dispatches jobs to the boards.
Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Matt Hart <matthew.hart@linaro.org>
Cc: Neil Williams <codehelp@debian.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
The README for buildman says that we can use any field in boards.cfg to
decide what to build. However, we were not saving the options field
correctly.
Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Simon Glass <sjg@chromium.org>
Check return value when open the plugin file.
Coverity report:
** CID 153926: Error handling issues (NEGATIVE_RETURNS)
/tools/imximage.c: 542 in copy_plugin_code()
ifd = open(plugin_file, O_RDONLY|O_BINARY);
>>> CID 153926: Error handling issues (NEGATIVE_RETURNS)
>>> "ifd" is passed to a parameter that cannot be negative.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Reported-by: Coverity (CID: 153926)
Reviewed-by: Tom Rini <trini@konsulko.com>
The allocated memory should be freed. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Coverity (CID: 150963)
Reviewed-by: Tom Rini <trini@konsulko.com>
mksunxiboot is useful outside of u-boot, it is e.g. used by sunxi-tools.
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
CONFIG_SUNXI -> CONFIG_ARCH_SUNXI
and removed CONFIG_SUNIX from config_whitelist.txt
Cc: Simon Glass <sjg@chromium.org>
Cc: Ian Campbell <ijc@hellion.org.uk>
Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Jagan Teki <jteki@openedev.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Supporting shell-style wildcards for the --defconfigs option will be
useful to run the moveconfig tool against a specific platform. For
example, "uniphier*" in the file passed by --defconfigs option will
be expanded to defconfig files that start with "uniphier". This is
easier than listing out all defconfig files you are interested in.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Joe Hershberger <joe.hershberger@ni.com>
Add plugin support for imximage.
Define CONFIG_USE_IMXIMG_PLUGIN in defconfig to enable using plugin.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Stefano Babic <sbabic@denx.de>
Cc: Eric Nelson <eric@nelint.com>
Cc: Ye Li <ye.li@nxp.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
PBL flush command is restricted to CCSR memory space. So use WAIT
PBI command to provide enough time for data to get flush in
target memory.
Signed-off-by: Zhao Qiang <qiang.zhao@nxp.com>
[York Sun: rewrap commit message]
Reviewed-by: York Sun <york.sun@nxp.com>
Now we can use compiler wrapper such as ccache or distcc for buildman.
Signed-off-by: York Sun <york.sun@nxp.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
Signed-off-by: York Sun <york.sun@nxp.com>
CC: Simon Glass <sjg@chromium.org>
Fixed commit subject:
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
If we use the '/' operator then python 3.x will produce a float, and
refuse to multiply the string sequence in Conv_name_to_c by it with:
TypeError: can't multiply sequence by non-int of type 'float'
Use the '//' operator instead to enforce that we want integer rather
than floating point division.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
On python 3.x struct.unpack will complain if we provide it with a
string since it expects to operate on a bytes object. In order to
satisfy this requirement, encode the string to a bytes object when
running on python 3.x.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
In python 3.x the iteritems() method has been removed from dictionaries,
and the items() method does effectively the same thing. On python 2.x
using items() is a little less efficient since it involves copying data,
but as speed isn't a concern in the affected code switch to using
items() anyway for simplicity.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
In python 3.x StringIO is no longer a module, and the class can instead
be found in the io module. Adjust the code in the doctest input to
account for both.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
In python 3.x the iteritems() method has been removed from dictionaries,
and the items() method does effectively the same thing. On python 2.x
using items() is a little less efficient since it involves copying data,
but as speed isn't a concern in this code switch to using items() anyway
for simplicity.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
In python 3.x module names used in import statements are case sensitive,
and the configparser module is named in all lower-case. Import it as such
in order to avoid errors when running with python 3.x.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
Syntax for exception handling is a little more strict in python 3.x.
Convert all uses to a form accepted by both python 2.x & python 3.x.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
In python 3.x, print must be used as a function call. Convert all print
statements to the function call style, importing from __future__ where
we print with no trailing newline or print to a file object.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
In preparation for running on python 3.x, which will refuse to run
scripts which mix tabs & spaces for indentation, replace 2 tab
characters present in series.py with spaces.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Acked-by: Simon Glass <sjg@chromium.org>
We need to test both the normal (Python libfdt module) and fallback (fdtget)
implementations of the Fdt class. Add a way to select which implementation
to use.
Signed-off-by: Simon Glass <sjg@chromium.org>
There is no need to pass a node path separately. Instead we should use the
path for the node provided. Correct this.
Signed-off-by: Simon Glass <sjg@chromium.org>
When Ctrl-C is pressed, just exited quietly. There is no sense in displaying
a stack trace since buildman will always be in the same place: waiting for
threads to complete building all the jobs on the queue.
Signed-off-by: Simon Glass <sjg@chromium.org>
It is annoying that buildman does not respond cleanly to Ctrl-C or SIGINT,
particularly on machines with lots of CPUS. Unfortunately queue.join()
blocks the main thread and does not allow it to see the signal. Use a
separate thread instead,
Signed-off-by: Simon Glass <sjg@chromium.org>
If patman is installed on the machine (e.g. in the standard dist-packages
directory), it will find libraries from there in preference to our local
libraries. Adjust the order of the path to ensure that local libraries are
found first.
Signed-off-by: Simon Glass <sjg@chromium.org>
Make it clear when buildman actually starts building. This happens when it
has prepared the threads, working directory and output directories.
Signed-off-by: Simon Glass <sjg@chromium.org>
When buildman starts, it prepares its output directory by removing any old
build directories which will not be used this time. This can happen if a
previous build left directories around for commit hashes which are no-longer
part of the branch.
This can take quite a while, so print a message to indicate what is going
on.
Signed-off-by: Simon Glass <sjg@chromium.org>
On a machine with a lot of CPUs this prints a lot of useless lines of the
form:
Cloning repo for thread <n>
Adjust the output so that these all appear on one line, and disappear when
the cloning is complete.
Note: This cloning is actually unnecessary and very wasteful on disk space
(about 3.5GB each time). It would be better to create symlinks.
Signed-off-by: Simon Glass <sjg@chromium.org>
Output which does not include a newline will not be displayed unless
flushed. Add a flush to ensure that it becomes visible.
Signed-off-by: Simon Glass <sjg@chromium.org>
The default lockname is set to /var/lock. This limits the
usage of this application where OS uses different lockfile
location parameter.
For example, In case of android, the default lock
path location is /data.
Hence by providing the command line option to input lockfile
path will be useful to reuse the tool across multiple
operating system.
usage: ./fw_printenv -l <lockfile path>
Signed-off-by: Ravi Babu <ravibabu@ti.com>
Fix various misspellings of:
* deprecated
* partition
* preceding,preceded
* preparation
* its versus it's
* export
* existing
* scenario
* redundant
* remaining
* value
* architecture
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Jagan Teki <jteki@openedev.com>
Reviewed-by: Stefan Roese <sr@denx.de>
This allows to take advantage of the environment being block aligned.
This is not a new constraint. Writes always start at the begin of the
environment, since the header with CRC/length as there.
Every environment modification requires updating the header
Signed-off-by: Andreas Fenkart <andreas.fenkart@digitalstrom.com>
flash_write_buf already looks up size/offset/#sector from struct
envdev_s. It can look up mtd_type as well. Same applies to
flash_read_buf. Makes the interface simpler
Signed-off-by: Andreas Fenkart <andreas.fenkart@digitalstrom.com>
the offset is not modified by linux ioctl call
see mtd_ioctl{drivers/mtd/mtdchar.c}
Makes the interface less ambiguous, since the caller can
now exclude a modification of blockstart
Signed-off-by: Andreas Fenkart <andreas.fenkart@digitalstrom.com>
instead of adhoc computation of the environment end,
use a function with a proper name
Signed-off-by: Andreas Fenkart <andreas.fenkart@digitalstrom.com>
This format can be flashed directly at address 0 of
the NAND FLASH, as it contains all necessary headers.
Signed-off-by: Albert ARIBAUD (3ADEV) <albert.aribaud@3adev.fr>
Add a way to find the byte offset of a property within the device tree. This
is only supported with the normal libfdt implementation since fdtget does
not provide this information.
Signed-off-by: Simon Glass <sjg@chromium.org>
After any node/property deletion the device tree can be packed to remove
spare space. Add a way to perform this operation.
Note that for fdt_fallback, fdtput automatically packs the device tree after
deletion, so no action is required here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for deleting a device tree property. With the fallback
implementation this uses fdtput. With libfdt it uses the API call and
updates the offsets afterwards.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since we want to be able to change the in-memory device tree using libfdt,
use a bytearray instead of a string. This makes interfacing from Python
easier.
Signed-off-by: Simon Glass <sjg@chromium.org>
For binman we need to support deleting properties in the device tree. This
will change the offsets of nodes after the deletion. In preparation, add
code to keep track of when the offsets are invalid, and regenerate them.
Signed-off-by: Simon Glass <sjg@chromium.org>
If a source device tree is provide to the Fdt() constructors, compile it
automatically. This will be used in tests, where we want to build a
particular test .dts file and check that it works correctly in binman.
Signed-off-by: Simon Glass <sjg@chromium.org>
When tools want to display information of varying levels of importance, it
helps to provide the user with control over the verbosity of these messages.
Progress messages work best if they are displayed and then removed from the
display when no-longer relevant.
Add a new tout library (terminal out) to handle these tasks.
Signed-off-by: Simon Glass <sjg@chromium.org>
For tools which want to use input files and temporary output, it is useful
to have the handling of these dealt with in one place. Add a new library
which allows input files to be read, and output files to be written, all
based on a common directory structure.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some functions have the same code in the subclasses. Move these into the
superclass to avoid duplication.
Signed-off-by: Simon Glass <sjg@chromium.org>