The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].
This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX
The SHA implementation is adapted from the linux kernel implementation.
[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm
Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
Currently, there is no method that can detect compression types
given a file. This is very useful where a compressed kernel image
is loaded directly to the memory.
Inspect initial few bytes to figure out compression type of the
image. It will be used in booti method for now but can be reused
any other function in future as well.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
These are used in multiple places so update them to use a shared #define.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
For FIT verification, all the properties of a public key come from
"control fdt" pointed to by fdt_blob. In UEFI secure boot, on the other
hand, a public key is located and retrieved from dedicated signature
database stored as UEFI variables.
Added two fields may hold values of a public key if fdt_blob is NULL, and
will be used in rsa_verify_with_pkey() to verify a signature in UEFI
sub-system.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
On Feb. 16, 2020, Tom reported [1] build failure of U-Boot in-tree
tooling after applying https://patchwork.ozlabs.org/cover/1229663/
("[v6,0/7] rsa: extend rsa_verify() for UEFI secure boot").
Later on, Heinrich stressed the urgency of the issue in
https://patchwork.ozlabs.org/patch/1250858/#2379069:
>>>>>>>>>
We should finalize the topic as it stops EFI patches from being merged
>>>>>>>>>
On the surface, the problem is caused by U-Boot commits [2-3], which
employed 'u32' in 'include/image.h', while historically U-Boot tooling
stayed agnostic on the {u,s}{8,16,32} types.
Thanks to Tom, Yamada-san and Heinrich, the following solutions have
been put head-to-head ('+' pros, '-' cons):
A. Use an equivalent fixed-size type, i.e. s/u32/uint32_t/ in both
android function prototypes (image.h) and definitions (c file):
+ quick and low-line-count
- creates a 'soup' of fixed-sized types in the Android C file
- will confuse contributors
- is going against Linux kernel best practices [4]
B. Guard Android functions by '!defined(USE_HOSTCC)' in image.h:
+ quick and low-line-count
+ reflects the reality (no android function is used by tooling)
+ zero impact on other subsystems
- ifdeffery may look annoying (pre-existing problem of image.h)
C. Make {u8,u16,u32} available in U-Boot tooling:
+ quick and low-line-count
+ [Yamada-san][5]:
* forbidding u32 for tools is questionable to me
* Linux kernel and Barebox use {u8,u16,u32} for the tools space
- breaks U-Boot tradition?
- has larger impact than [A] and [B]
- adds type complexity/inconsistency in the tooling space
D. [Yamada-san] Refactor the headers to minimize the code shared
between U-Boot space and tooling space:
+ probably the long-term solution
- high effort
- can be seen/done as an incremental update on top of [B]
Looking at the above, [B] looks like the natural way to go forward.
[1] https://patchwork.ozlabs.org/patch/1238245/#2363052
[2] commit 7f2531502c ("image: android: Add routine to get dtbo params")
[3] commit c3bfad825a ("image: android: Add functions for handling dtb field")
[4] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6176fa4728fb6d
("checkpatch: add --strict warning for c99 fixed size typedefs : int<size>_t")
[5] https://patchwork.ozlabs.org/patch/1238245/#2363340
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Sam Protsenko <joe.skb7@gmail.com>
Cc: Lokesh Vutla <lokeshvutla@ti.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Tested-by: Heinrich Schuchardt <xpyron.glpk@gmx.de>
Android Boot Image v1 adds "Recovery DTB" field in image header and
associate payload in boot image itself [1]. Payload should be in
Android DTB/DTBO format [2]. That "Recovery DTB" area should be only
populated for non-A/B devices, and only in recovery image.
Add function to get an address and size of that payload. That function
can be further used e.g. in 'abootimg' command to provide the user a way
to get the address of recovery dtbo from U-Boot shell, which can be
further parsed using 'adtimg' command.
[1] https://source.android.com/devices/bootloader/boot-image-header
[2] https://source.android.com/devices/architecture/dto/partitions
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Android Boot Image v2 adds "DTB" payload (and corresponding field in the
image header). Provide functions for its handling:
- android_image_get_dtb_by_index(): Obtain DTB blob from "DTB" part of
boot image, by blob's index
- android_image_print_dtb_contents(): Iterate over all DTB blobs in
"DTB" part of boot image and print those blobs info
"DTB" payload might be in one of the following formats:
1. concatenated DTB blobs
2. Android DTBO format
The latter requires "android-image-dt.c" functionality, so this commit
selects that file for building for CONFIG_ANDROID_BOOT_IMAGE option.
Right now this new functionality isn't used, but it can be used further.
As it's required to apply some specific dtbo blob(s) from "dtbo"
partition, we can't automate this process inside of "bootm" command. But
we can do next:
- come up with some new command like "abootimg" to extract dtb blob
from boot image (using functions from this patch)
- extract desired dtbo blobs from "dtbo" partition using "adtimg"
command
- merge dtbo blobs into dtb blob using "fdt apply" command
- pass resulting dtb blob into bootm command in order to boot the
Android kernel with Android ramdisk from boot image
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
This function has a very generic name which does not adequately describe
its purpose. Rename it and move it to image.h, since it relates to reading
a script from an image.
Signed-off-by: Simon Glass <sjg@chromium.org>
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Add a new OS type to be used for chain-loading an EFI compatible
firmware or boot loader like GRUB2, possibly in a verified boot
scenario.
Bellow is sample ITS file that generates a FIT image supporting
secure boot. Please note the presence of 'os = "efi";' line, which
identifies the currently introduced OS type:
/ {
#address-cells = <1>;
images {
efi-grub {
description = "GRUB EFI";
data = /incbin/("bootarm.efi");
type = "kernel_noload";
arch = "arm";
os = "efi";
compression = "none";
load = <0x0>;
entry = <0x0>;
hash-1 {
algo = "sha256";
};
};
};
configurations {
default = "config-grub";
config-grub {
kernel = "efi-grub";
signature-1 {
algo = "sha256,rsa2048";
sign-images = "kernel";
};
};
};
};
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Define new image type for coprocessor images.
It is used in FIT to identify the files loaded
with remoteproc command (elf or bin).
Signed-off-by: Loic Pallardy <loic.pallardy@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
RISC-V OpenSBI is an open-source implementation of the RISC-V Supervisor
Binary Interface (SBI) specification. It is required by Linux and U-Boot
running in supervisor mode. This patch adds support for booting via the
OpenSBI FW_DYNAMIC firmware. It supports OpenSBI version 0.4 and higher.
In this configuration, U-Boot SPL starts in machine mode. After loading
OpenSBI and U-Boot proper, it will start OpenSBI. All necessary
parameters are generated by U-Boot SPL and are passed to OpenSBI. U-Boot
proper is started in supervisor mode by OpenSBI. Support for OpenSBI is
enabled with CONFIG_SPL_OPENSBI. An additional configuration entry,
CONFIG_SPL_OPENSBI_LOAD_ADDR, is used to specify the load address of the
OpenSBI firmware binary. It is not used directly in U-Boot and instead
is intended to make the value available to scripts such as FIT
configuration generators.
The header file include/opensbi.h is based on header files from the
OpenSBI project. They are recent, as of commit bae54f764570 ("firmware:
Add fw_dynamic firmware").
Signed-off-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
Upcoming patches want to add decompression to use cases that are no
longer directly related to booting. It makes sense to retain a single
decompression routine, but it should no longer be in bootm.c (which is
not compiled for all configurations). This patch moves
bootm_decomp_image() to image.c and renames it to image_decomp() in
preparation of those upcoming patches.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
[trini: Fix warning around handle_decomp_error being unused]
Signed-off-by: Tom Rini <trini@konsulko.com>
The name CONFIG_LEGACY_IMAGE_FORMAT reads slightly better along with
allowing us to avoid a rather nasty Kbuild/Kconfig issue down the line
with CONFIG_IS_ENABLED(IMAGE_FORMAT_LEGACY). In a few places outside of
cmd/ switch to using CONFIG_IS_ENABLED() to test what is set.
Signed-off-by: Tom Rini <trini@konsulko.com>
Add FPGA driver to support program FPGA with FPGA bitstream loading from
filesystem. The driver are designed based on generic firmware loader
framework. The driver can handle FPGA program operation from loading FPGA
bitstream in flash to memory and then to program FPGA.
Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
There is no check for CONFIG_CRC32 so the #define in image.h does
nothing. Remove it.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefano Babic <sbabic@denx.de>
Reviewed-by: Heiko Schocher <hs@denx.de>
If building with SPL_LOAD_FIT_FULL and FIT_SIGNATURE, but without
SPL_FIT_SIGNATURE then the build fails with:
common/built-in.o: In function `fit_image_verify_with_data':
common/image-fit.c:1220: undefined reference to `fit_image_verify_required_sigs'
common/image-fit.c:1244: undefined reference to `fit_image_check_sig'
common/built-in.o: In function `fit_image_load':
common/image-fit.c:1857: undefined reference to `fit_config_verify'
Refactor so that host builds still depend on FIT_SIGNATURE, but target
builds check FIT_SIGNATURE/SPL_FIT_SIGNATURE dependent on the build.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
According to Android image format [1], kernel image resides at 1 page
offset from the boot image address. Grab the magic number from there
and allow U-Boot to handle LZ4-compressed KNL binaries instead of
hardcoding compression type to IH_COMP_NONE. Other compression types,
if needed, can be added later.
Tested on H3ULCB-KF using the image detailed in [2].
[1] Excerpt from include/android_image.h
+-----------------+
| boot header | 1 page
+-----------------+
| kernel | n pages
+-----------------+
| ramdisk | m pages
+-----------------+
| second stage | o pages
+-----------------+
[2] => iminfo 4c000000
## Checking Image at 4c000000 ...
Android image found
kernel size: 85b9d1
kernel address: 48080000
ramdisk size: 54ddbc
ramdisk addrress: 4a180000
second size: 0
second address: 48000800
tags address: 48000100
page size: 800
os_version: 1200012a (ver: 0.9.0, level: 2018.10)
name:
cmdline: buildvariant=userdebug
Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com>
Commit a2b96ece5b breaks the enumeration
of the Image Types. New image types can be appended, but they cannot be
inserted in the list else backward compatibility is broken.
This restores the images types as before 2018.11 and move i.MX8 related
images at the end.
Signed-off-by: Robert Berger <robert.berger@ReliableEmbeddedSystems.com>
Signed-off-by: Stefano Babic <sbabic@denx.de>
CC: Tom Rini <trini@konsulko.com>
We add the support of the padding pss for rsa signature.
This new padding is often recommended instead of pkcs-1.5.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This patch adds support for MTK boot image generation.
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Signed-off-by: Ryder Lee <ryder.lee@mediatek.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
i.MX8/8X bootable image type is container type.
The bootable image, containers a container set which supports two
container. The 1st container is for SECO firmware, the 2nd container
needs to include scfw, m4_0/1 image, ACore images per your requirement.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
When generating timestamps in signatures, use imagetool_get_source_date()
so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
images.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Reviewed-by: Simon Glass <sjg@chromum.org>
Add option to the booti_setup() which indicates to it that the caller
requires the image to be relocated to the beginning of the RAM and
that the information whether the image can be located anywhere in RAM
at 2 MiB aligned boundary or not is to be ignored. This is useful ie.
in case the Image is wrapped in another envelope, ie. fitImage and not
relocating it but moving it would corrupt the envelope.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Bin Chen <bin.chen@linaro.org>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-By: Bin Chen <bin.chen@linaro.org>
Add FIT data-position & data-offset property support for bootm,
which were already supported in SPL.
Signed-off-by: Kelvin Cheung <keguang.zhang@gmail.com>
Just add IH_TYPE_STANDALONE to fit_get_image_type_property().
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
We only call fit_conf_print from one place in the code, so mark it as
static and move it up to where we call it. This in turn has us move a
few other already static functions up further as well.
Signed-off-by: Tom Rini <trini@konsulko.com>
microblaze:
- Align defconfig
zynq:
- Rework fpga initialization and cpuinfo handling
zynqmp:
- Add ZynqMP R5 support
- Wire and enable watchdog on zcu100-revC
- Setup MMU map for DDR at run time
- Show board info based on DT and cleanup IDENT_STRING
zynqmp tools:
- Add read partition support
- Add initial support for Xilinx bif format for boot.bin generation
mmc:
- Fix get_timer usage on 64bit cpus
- Add support for SD3.0 UHS mode
nand-zynq:
- Add support for 16bit buswidth
- Use address cycles from onfi params
scsi:
- convert ceva sata to UCLASS_AHCI
timer:
- Add Cadence TTC for ZynqMP r5
watchdog:
- Minor cadence driver cleanup
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAlr1ldMACgkQykllyylKDCHioACghoJw6+NqsZXl8zGWRP38yZ5K
mvgAnihfOQq125mpKPZmcc5yt6wVwYIU
=8ji9
-----END PGP SIGNATURE-----
Merge tag 'xilinx-for-v2018.07' of git://www.denx.de/git/u-boot-microblaze
Xilinx changes for v2018.07
microblaze:
- Align defconfig
zynq:
- Rework fpga initialization and cpuinfo handling
zynqmp:
- Add ZynqMP R5 support
- Wire and enable watchdog on zcu100-revC
- Setup MMU map for DDR at run time
- Show board info based on DT and cleanup IDENT_STRING
zynqmp tools:
- Add read partition support
- Add initial support for Xilinx bif format for boot.bin generation
mmc:
- Fix get_timer usage on 64bit cpus
- Add support for SD3.0 UHS mode
nand-zynq:
- Add support for 16bit buswidth
- Use address cycles from onfi params
scsi:
- convert ceva sata to UCLASS_AHCI
timer:
- Add Cadence TTC for ZynqMP r5
watchdog:
- Minor cadence driver cleanup
The officially described way to generate boot.bin files for ZynqMP is to
describe the contents of the target binary using a file of the "bif"
format. This file then links to other files that all get packed into a
bootable image.
This patch adds support to read such a .bif file and generate a respective
ZynqMP boot.bin file that can include the normal image and pmu files, but
also supports image partitions now. This makes it a handy replacement for
the proprietary "bootgen" utility that is currently used to generate
boot.bin files with FSBL.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Add support for the SoCFPGA header v1, which is used on Arria 10.
The layout of the v0 and v1 header is similar, yet there are a few
differences which make it incompatible with previous v0 header, so
add a new entry.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Dinh Nguyen <dinguyen@kernel.org>
Cc: Chin Liang See <chin.liang.see@intel.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
SPL ATF support requires to have firmware property which should be also
listed by mkimage -l when images is created.
The patch is also using this macro in spl_fit to match keyword.
When image is created:
Default Configuration: 'config'
Configuration 0 (config)
Description: ATF with full u-boot
Kernel: unavailable
Firmware: atf
FDT: dtb
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jun Nie <jun.nie@linaro.org>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
This header needs to know 'fdt_region' is a struct for the
fit_region_make_list() prototype.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This patch adds a new type IH_OS_TEE. This new OS type will be used for
chain-loading to Linux via a TEE.
With this patch in-place you can generate a bootable OPTEE image like this:
mkimage -A arm -T kernel -O tee -C none -d tee.bin uTee.optee
where "tee.bin" is the input binary prefixed with an OPTEE header and
uTee.optee is the output prefixed with a u-boot wrapper header.
This image type "-T kernel -O tee" is differentiated from the existing
IH_TYPE_TEE "-T tee" in that the IH_TYPE is installed by u-boot (flow
control returns to u-boot) whereas for the new IH_OS_TEE control passes to
the OPTEE firmware and the firmware chainloads onto Linux.
Andrew Davis gave the following ASCII diagram:
IH_OS_TEE: (mkimage -T kernel -O tee)
Non-Secure Secure
BootROM
|
-------------
|
v
SPL
|
v
U-Boot ------>
<----- OP-TEE
|
V
Linux
IH_TYPE_TEE: (mkimage -T tee)
Non-Secure Secure
BootROM
|
-------------
|
v
SPL ------->
<----- OP-TEE
|
v
U-Boot
|
V
Linux
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Suggested-by: Andrew F. Davis <afd@ti.com>
Cc: Harinarayan Bhatta <harinarayan@ti.com>
Cc: Andrew F. Davis <afd@ti.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Peng Fan <peng.fan@nxp.com>
Link: http://mrvan.github.io/optee-imx6ul
STM32MP157 bootrom needs a specific header for first boot stage.
This patch adds support of this header in mkimage.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
U-boot proper signature is not verified by SPL on most platforms
even config SPL_FIT_SIGNATURE is enabled. Only fsl-layerscape
platform support secure boot in platform specific code. So
verified boot cannot be achieved if u-boot proper is loaded by
SPL.
This patch add signature verification to u-boot proper images
when loading FIT image in SPL. It is tested on Allwinner bananapi
zero board with H2+ SoC.
Signed-off-by: Jun Nie <jun.nie@linaro.org>
Thomas reported U-Boot failed to build host tools if libfdt-devel
package is installed because tools include libfdt headers from
/usr/include/ instead of using internal ones.
This commit moves the header code:
include/libfdt.h -> include/linux/libfdt.h
include/libfdt_env.h -> include/linux/libfdt_env.h
and replaces include directives:
#include <libfdt.h> -> #include <linux/libfdt.h>
#include <libfdt_env.h> -> #include <linux/libfdt_env.h>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Follow bootz's pattern by moving the booti_setup to arch/arm/lib.
This allows to use booti_setup in other paths, e.g booting
an Android image containing Image format.
Note that kernel relocation is move out of booti_setup and it is the
caller's responsibility to do it and allows them do it differently. say,
cmd/booti.c just do a manually, while in the bootm path, we can use
bootm_load_os(with some changes).
Signed-off-by: Bin Chen <bin.chen@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
The second area of android image was intended to put a 2nd stage
bootloader but in practice were rarely used (in my knowledge).
An proposal was made to the AOSP to (re)use the second area as the dtb[1],
This patch itself doesn't depend on that proposal being accepted but it won't
be that helpful as well if that proposal won't be accepted. But don't do
any harm as well.
[1] https://android-review.googlesource.com/#/c/417447/
Signed-off-by: Bin Chen <bin.chen@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the tree where node names were mentioned in
comments, to not give bad examples to the reader.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Support common commands bdinfo and image format,
also modify common generic flow for RISC-V.
Signed-off-by: Rick Chen <rick@andestech.com>
Signed-off-by: Rick Chen <rickchen36@gmail.com>
Signed-off-by: Greentime Hu <green.hu@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
For external data, FIT has a optional property "data-position" which
can set the external data to a fixed offset to FIT beginning.
Add the support for this property in SPL FIT.
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tomas Melin <tomas.melin@vaisala.com>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: "Andrew F. Davis" <afd@ti.com>
Cc: Igor Grinberg <grinberg@compulab.co.il>
Cc: "tomas.melin@vaisala.com" <tomas.melin@vaisala.com>
Cc: Kever Yang <kever.yang@rock-chips.com>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: York Sun <york.sun@nxp.com>
Cc: Lokesh Vutla <lokeshvutla@ti.com>
Cc: "Cooper Jr., Franklin" <fcooper@ti.com>
Cc: George McCollister <george.mccollister@gmail.com>
Cc: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
Cc: Jean-Jacques Hiblot <jjhiblot@ti.com>
Cc: Rick Altherr <raltherr@google.com>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Reviewed-by: York Sun <york.sun@nxp.com>