mirror of
https://github.com/AsahiLinux/u-boot
synced 2025-01-10 12:18:55 +00:00
b214e88071
Title underlines should match the length of the title. Unfortunately docutils only catches underlines that are too short. Add some missing empty lines after titles. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2853 lines
93 KiB
ReStructuredText
2853 lines
93 KiB
ReStructuredText
Binman Entry Documentation
|
|
==========================
|
|
|
|
This file describes the entry types supported by binman. These entry types can
|
|
be placed in an image one by one to build up a final firmware image. It is
|
|
fairly easy to create new entry types. Just add a new file to the 'etype'
|
|
directory. You can use the existing entries as examples.
|
|
|
|
Note that some entries are subclasses of others, using and extending their
|
|
features to produce new behaviours.
|
|
|
|
|
|
|
|
.. _etype_atf_bl31:
|
|
|
|
Entry: atf-bl31: ARM Trusted Firmware (ATF) BL31 blob
|
|
-----------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- atf-bl31-path: Filename of file to read into entry. This is typically
|
|
called bl31.bin or bl31.elf
|
|
|
|
This entry holds the run-time firmware, typically started by U-Boot SPL.
|
|
See the U-Boot README for your architecture or board for how to use it. See
|
|
https://github.com/ARM-software/arm-trusted-firmware for more information
|
|
about ATF.
|
|
|
|
|
|
|
|
.. _etype_atf_fip:
|
|
|
|
Entry: atf-fip: ARM Trusted Firmware's Firmware Image Package (FIP)
|
|
-------------------------------------------------------------------
|
|
|
|
A FIP_ provides a way to group binaries in a firmware image, used by ARM's
|
|
Trusted Firmware A (TF-A) code. It is a simple format consisting of a
|
|
table of contents with information about the type, offset and size of the
|
|
binaries in the FIP. It is quite similar to FMAP, with the major difference
|
|
that it uses UUIDs to indicate the type of each entry.
|
|
|
|
Note: It is recommended to always add an fdtmap to every image, as well as
|
|
any FIPs so that binman and other tools can access the entire image
|
|
correctly.
|
|
|
|
The UUIDs correspond to useful names in `fiptool`, provided by ATF to
|
|
operate on FIPs. Binman uses these names to make it easier to understand
|
|
what is going on, although it is possible to provide a UUID if needed.
|
|
|
|
The contents of the FIP are defined by subnodes of the atf-fip entry, e.g.::
|
|
|
|
atf-fip {
|
|
soc-fw {
|
|
filename = "bl31.bin";
|
|
};
|
|
|
|
scp-fwu-cfg {
|
|
filename = "bl2u.bin";
|
|
};
|
|
|
|
u-boot {
|
|
fip-type = "nt-fw";
|
|
};
|
|
};
|
|
|
|
This describes a FIP with three entries: soc-fw, scp-fwu-cfg and nt-fw.
|
|
You can use normal (non-external) binaries like U-Boot simply by adding a
|
|
FIP type, with the `fip-type` property, as above.
|
|
|
|
Since FIP exists to bring blobs together, Binman assumes that all FIP
|
|
entries are external binaries. If a binary may not exist, you can use the
|
|
`--allow-missing` flag to Binman, in which case the image is still created,
|
|
even though it will not actually work.
|
|
|
|
The size of the FIP depends on the size of the binaries. There is currently
|
|
no way to specify a fixed size. If the `atf-fip` node has a `size` entry,
|
|
this affects the space taken up by the `atf-fip` entry, but the FIP itself
|
|
does not expand to use that space.
|
|
|
|
Some other FIP features are available with Binman. The header and the
|
|
entries have 64-bit flag works. The flag flags do not seem to be defined
|
|
anywhere, but you can use `fip-hdr-flags` and fip-flags` to set the values
|
|
of the header and entries respectively.
|
|
|
|
FIP entries can be aligned to a particular power-of-two boundary. Use
|
|
fip-align for this.
|
|
|
|
Binman only understands the entry types that are included in its
|
|
implementation. It is possible to specify a 16-byte UUID instead, using the
|
|
fip-uuid property. In this case Binman doesn't know what its type is, so
|
|
just uses the UUID. See the `u-boot` node in this example::
|
|
|
|
binman {
|
|
atf-fip {
|
|
fip-hdr-flags = /bits/ 64 <0x123>;
|
|
fip-align = <16>;
|
|
soc-fw {
|
|
fip-flags = /bits/ 64 <0x456>;
|
|
filename = "bl31.bin";
|
|
};
|
|
|
|
scp-fwu-cfg {
|
|
filename = "bl2u.bin";
|
|
};
|
|
|
|
u-boot {
|
|
fip-uuid = [fc 65 13 92 4a 5b 11 ec
|
|
94 35 ff 2d 1c fc 79 9c];
|
|
};
|
|
};
|
|
fdtmap {
|
|
};
|
|
};
|
|
|
|
Binman allows reading and updating FIP entries after the image is created,
|
|
provided that an FDPMAP is present too. Updates which change the size of a
|
|
FIP entry will cause it to be expanded or contracted as needed.
|
|
|
|
Properties for top-level atf-fip node
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
fip-hdr-flags (64 bits)
|
|
Sets the flags for the FIP header.
|
|
|
|
Properties for subnodes
|
|
~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
fip-type (str)
|
|
FIP type to use for this entry. This is needed if the entry
|
|
name is not a valid type. Value types are defined in `fip_util.py`.
|
|
The FIP type defines the UUID that is used (they map 1:1).
|
|
|
|
fip-uuid (16 bytes)
|
|
If there is no FIP-type name defined, or it is not supported by Binman,
|
|
this property sets the UUID. It should be a 16-byte value, following the
|
|
hex digits of the UUID.
|
|
|
|
fip-flags (64 bits)
|
|
Set the flags for a FIP entry. Use in one of the subnodes of the
|
|
7atf-fip entry.
|
|
|
|
fip-align
|
|
Set the alignment for a FIP entry, FIP entries can be aligned to a
|
|
particular power-of-two boundary. The default is 1.
|
|
|
|
Adding new FIP-entry types
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
When new FIP entries are defined by TF-A they appear in the
|
|
`TF-A source tree`_. You can use `fip_util.py` to update Binman to support
|
|
new types, then `send a patch`_ to the U-Boot mailing list. There are two
|
|
source files that the tool examples:
|
|
|
|
- `include/tools_share/firmware_image_package.h` has the UUIDs
|
|
- `tools/fiptool/tbbr_config.c` has the name and descripion for each UUID
|
|
|
|
To run the tool::
|
|
|
|
$ tools/binman/fip_util.py -s /path/to/arm-trusted-firmware
|
|
Warning: UUID 'UUID_NON_TRUSTED_WORLD_KEY_CERT' is not mentioned in tbbr_config.c file
|
|
Existing code in 'tools/binman/fip_util.py' is up-to-date
|
|
|
|
If it shows there is an update, it writes a new version of `fip_util.py`
|
|
to `fip_util.py.out`. You can change the output file using the `-i` flag.
|
|
If you have a problem, use `-D` to enable traceback debugging.
|
|
|
|
FIP commentary
|
|
~~~~~~~~~~~~~~
|
|
|
|
As a side effect of use of UUIDs, FIP does not support multiple
|
|
entries of the same type, such as might be used to store fonts or graphics
|
|
icons, for example. For verified boot it could be used for each part of the
|
|
image (e.g. separate FIPs for A and B) but cannot describe the whole
|
|
firmware image. As with FMAP there is no hierarchy defined, although FMAP
|
|
works around this by having 'section' areas which encompass others. A
|
|
similar workaround would be possible with FIP but is not currently defined.
|
|
|
|
It is recommended to always add an fdtmap to every image, as well as any
|
|
FIPs so that binman and other tools can access the entire image correctly.
|
|
|
|
.. _FIP: https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#firmware-image-package-fip
|
|
.. _`TF-A source tree`: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
|
|
.. _`send a patch`: https://www.denx.de/wiki/U-Boot/Patches
|
|
|
|
|
|
|
|
.. _etype_blob:
|
|
|
|
Entry: blob: Arbitrary binary blob
|
|
----------------------------------
|
|
|
|
Note: This should not be used by itself. It is normally used as a parent
|
|
class by other entry types.
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
- compress: Compression algorithm to use:
|
|
none: No compression
|
|
lz4: Use lz4 compression (via 'lz4' command-line utility)
|
|
|
|
This entry reads data from a file and places it in the entry. The
|
|
default filename is often specified specified by the subclass. See for
|
|
example the 'u-boot' entry which provides the filename 'u-boot.bin'.
|
|
|
|
If compression is enabled, an extra 'uncomp-size' property is written to
|
|
the node (if enabled with -u) which provides the uncompressed size of the
|
|
data.
|
|
|
|
|
|
|
|
.. _etype_blob_dtb:
|
|
|
|
Entry: blob-dtb: A blob that holds a device tree
|
|
------------------------------------------------
|
|
|
|
This is a blob containing a device tree. The contents of the blob are
|
|
obtained from the list of available device-tree files, managed by the
|
|
'state' module.
|
|
|
|
Additional attributes:
|
|
prepend: Header used (e.g. 'length')
|
|
|
|
|
|
|
|
.. _etype_blob_ext:
|
|
|
|
Entry: blob-ext: Externally built binary blob
|
|
---------------------------------------------
|
|
|
|
Note: This should not be used by itself. It is normally used as a parent
|
|
class by other entry types.
|
|
|
|
If the file providing this blob is missing, binman can optionally ignore it
|
|
and produce a broken image with a warning.
|
|
|
|
See 'blob' for Properties / Entry arguments.
|
|
|
|
|
|
|
|
.. _etype_blob_ext_list:
|
|
|
|
Entry: blob-ext-list: List of externally built binary blobs
|
|
-----------------------------------------------------------
|
|
|
|
This is like blob-ext except that a number of blobs can be provided,
|
|
typically with some sort of relationship, e.g. all are DDC parameters.
|
|
|
|
If any of the external files needed by this llist is missing, binman can
|
|
optionally ignore it and produce a broken image with a warning.
|
|
|
|
Args:
|
|
filenames: List of filenames to read and include
|
|
|
|
|
|
|
|
.. _etype_blob_named_by_arg:
|
|
|
|
Entry: blob-named-by-arg: A blob entry which gets its filename property from its subclass
|
|
-----------------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- <xxx>-path: Filename containing the contents of this entry (optional,
|
|
defaults to None)
|
|
|
|
where <xxx> is the blob_fname argument to the constructor.
|
|
|
|
This entry cannot be used directly. Instead, it is used as a parent class
|
|
for another entry, which defined blob_fname. This parameter is used to
|
|
set the entry-arg or property containing the filename. The entry-arg or
|
|
property is in turn used to set the actual filename.
|
|
|
|
See cros_ec_rw for an example of this.
|
|
|
|
|
|
|
|
.. _etype_blob_phase:
|
|
|
|
Entry: blob-phase: Section that holds a phase binary
|
|
----------------------------------------------------
|
|
|
|
This is a base class that should not normally be used directly. It is used
|
|
when converting a 'u-boot' entry automatically into a 'u-boot-expanded'
|
|
entry; similarly for SPL.
|
|
|
|
|
|
|
|
.. _etype_cbfs:
|
|
|
|
Entry: cbfs: Coreboot Filesystem (CBFS)
|
|
---------------------------------------
|
|
|
|
A CBFS provides a way to group files into a group. It has a simple directory
|
|
structure and allows the position of individual files to be set, since it is
|
|
designed to support execute-in-place in an x86 SPI-flash device. Where XIP
|
|
is not used, it supports compression and storing ELF files.
|
|
|
|
CBFS is used by coreboot as its way of orgnanising SPI-flash contents.
|
|
|
|
The contents of the CBFS are defined by subnodes of the cbfs entry, e.g.::
|
|
|
|
cbfs {
|
|
size = <0x100000>;
|
|
u-boot {
|
|
cbfs-type = "raw";
|
|
};
|
|
u-boot-dtb {
|
|
cbfs-type = "raw";
|
|
};
|
|
};
|
|
|
|
This creates a CBFS 1MB in size two files in it: u-boot.bin and u-boot.dtb.
|
|
Note that the size is required since binman does not support calculating it.
|
|
The contents of each entry is just what binman would normally provide if it
|
|
were not a CBFS node. A blob type can be used to import arbitrary files as
|
|
with the second subnode below::
|
|
|
|
cbfs {
|
|
size = <0x100000>;
|
|
u-boot {
|
|
cbfs-name = "BOOT";
|
|
cbfs-type = "raw";
|
|
};
|
|
|
|
dtb {
|
|
type = "blob";
|
|
filename = "u-boot.dtb";
|
|
cbfs-type = "raw";
|
|
cbfs-compress = "lz4";
|
|
cbfs-offset = <0x100000>;
|
|
};
|
|
};
|
|
|
|
This creates a CBFS 1MB in size with u-boot.bin (named "BOOT") and
|
|
u-boot.dtb (named "dtb") and compressed with the lz4 algorithm.
|
|
|
|
|
|
Properties supported in the top-level CBFS node:
|
|
|
|
cbfs-arch:
|
|
Defaults to "x86", but you can specify the architecture if needed.
|
|
|
|
|
|
Properties supported in the CBFS entry subnodes:
|
|
|
|
cbfs-name:
|
|
This is the name of the file created in CBFS. It defaults to the entry
|
|
name (which is the node name), but you can override it with this
|
|
property.
|
|
|
|
cbfs-type:
|
|
This is the CBFS file type. The following are supported:
|
|
|
|
raw:
|
|
This is a 'raw' file, although compression is supported. It can be
|
|
used to store any file in CBFS.
|
|
|
|
stage:
|
|
This is an ELF file that has been loaded (i.e. mapped to memory), so
|
|
appears in the CBFS as a flat binary. The input file must be an ELF
|
|
image, for example this puts "u-boot" (the ELF image) into a 'stage'
|
|
entry::
|
|
|
|
cbfs {
|
|
size = <0x100000>;
|
|
u-boot-elf {
|
|
cbfs-name = "BOOT";
|
|
cbfs-type = "stage";
|
|
};
|
|
};
|
|
|
|
You can use your own ELF file with something like::
|
|
|
|
cbfs {
|
|
size = <0x100000>;
|
|
something {
|
|
type = "blob";
|
|
filename = "cbfs-stage.elf";
|
|
cbfs-type = "stage";
|
|
};
|
|
};
|
|
|
|
As mentioned, the file is converted to a flat binary, so it is
|
|
equivalent to adding "u-boot.bin", for example, but with the load and
|
|
start addresses specified by the ELF. At present there is no option
|
|
to add a flat binary with a load/start address, similar to the
|
|
'add-flat-binary' option in cbfstool.
|
|
|
|
cbfs-offset:
|
|
This is the offset of the file's data within the CBFS. It is used to
|
|
specify where the file should be placed in cases where a fixed position
|
|
is needed. Typical uses are for code which is not relocatable and must
|
|
execute in-place from a particular address. This works because SPI flash
|
|
is generally mapped into memory on x86 devices. The file header is
|
|
placed before this offset so that the data start lines up exactly with
|
|
the chosen offset. If this property is not provided, then the file is
|
|
placed in the next available spot.
|
|
|
|
The current implementation supports only a subset of CBFS features. It does
|
|
not support other file types (e.g. payload), adding multiple files (like the
|
|
'files' entry with a pattern supported by binman), putting files at a
|
|
particular offset in the CBFS and a few other things.
|
|
|
|
Of course binman can create images containing multiple CBFSs, simply by
|
|
defining these in the binman config::
|
|
|
|
|
|
binman {
|
|
size = <0x800000>;
|
|
cbfs {
|
|
offset = <0x100000>;
|
|
size = <0x100000>;
|
|
u-boot {
|
|
cbfs-type = "raw";
|
|
};
|
|
u-boot-dtb {
|
|
cbfs-type = "raw";
|
|
};
|
|
};
|
|
|
|
cbfs2 {
|
|
offset = <0x700000>;
|
|
size = <0x100000>;
|
|
u-boot {
|
|
cbfs-type = "raw";
|
|
};
|
|
u-boot-dtb {
|
|
cbfs-type = "raw";
|
|
};
|
|
image {
|
|
type = "blob";
|
|
filename = "image.jpg";
|
|
};
|
|
};
|
|
};
|
|
|
|
This creates an 8MB image with two CBFSs, one at offset 1MB, one at 7MB,
|
|
both of size 1MB.
|
|
|
|
|
|
|
|
.. _etype_collection:
|
|
|
|
Entry: collection: An entry which contains a collection of other entries
|
|
------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- content: List of phandles to entries to include
|
|
|
|
This allows reusing the contents of other entries. The contents of the
|
|
listed entries are combined to form this entry. This serves as a useful
|
|
base class for entry types which need to process data from elsewhere in
|
|
the image, not necessarily child entries.
|
|
|
|
The entries can generally be anywhere in the same image, even if they are in
|
|
a different section from this entry.
|
|
|
|
|
|
|
|
.. _etype_cros_ec_rw:
|
|
|
|
Entry: cros-ec-rw: A blob entry which contains a Chromium OS read-write EC image
|
|
--------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- cros-ec-rw-path: Filename containing the EC image
|
|
|
|
This entry holds a Chromium OS EC (embedded controller) image, for use in
|
|
updating the EC on startup via software sync.
|
|
|
|
|
|
|
|
.. _etype_efi_capsule:
|
|
|
|
Entry: capsule: Entry for generating EFI Capsule files
|
|
------------------------------------------------------
|
|
|
|
The parameters needed for generation of the capsules can be provided
|
|
as properties in the entry.
|
|
|
|
Properties / Entry arguments:
|
|
- image-index: Unique number for identifying corresponding
|
|
payload image. Number between 1 and descriptor count, i.e.
|
|
the total number of firmware images that can be updated. Mandatory
|
|
property.
|
|
- image-guid: Image GUID which will be used for identifying the
|
|
updatable image on the board. Mandatory property.
|
|
- hardware-instance: Optional number for identifying unique
|
|
hardware instance of a device in the system. Default value of 0
|
|
for images where value is not to be used.
|
|
- fw-version: Value of image version that can be put on the capsule
|
|
through the Firmware Management Protocol(FMP) header.
|
|
- monotonic-count: Count used when signing an image.
|
|
- private-key: Path to PEM formatted .key private key file. Mandatory
|
|
property for generating signed capsules.
|
|
- public-key-cert: Path to PEM formatted .crt public key certificate
|
|
file. Mandatory property for generating signed capsules.
|
|
- oem-flags - OEM flags to be passed through capsule header.
|
|
|
|
Since this is a subclass of Entry_section, all properties of the parent
|
|
class also apply here. Except for the properties stated as mandatory, the
|
|
rest of the properties are optional.
|
|
|
|
For more details on the description of the capsule format, and the capsule
|
|
update functionality, refer Section 8.5 and Chapter 23 in the `UEFI
|
|
specification`_.
|
|
|
|
The capsule parameters like image index and image GUID are passed as
|
|
properties in the entry. The payload to be used in the capsule is to be
|
|
provided as a subnode of the capsule entry.
|
|
|
|
A typical capsule entry node would then look something like this::
|
|
|
|
capsule {
|
|
type = "efi-capsule";
|
|
image-index = <0x1>;
|
|
/* Image GUID for testing capsule update */
|
|
image-guid = SANDBOX_UBOOT_IMAGE_GUID;
|
|
hardware-instance = <0x0>;
|
|
private-key = "path/to/the/private/key";
|
|
public-key-cert = "path/to/the/public-key-cert";
|
|
oem-flags = <0x8000>;
|
|
|
|
u-boot {
|
|
};
|
|
};
|
|
|
|
In the above example, the capsule payload is the U-Boot image. The
|
|
capsule entry would read the contents of the payload and put them
|
|
into the capsule. Any external file can also be specified as the
|
|
payload using the blob-ext subnode.
|
|
|
|
.. _`UEFI specification`: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf
|
|
|
|
|
|
|
|
.. _etype_efi_empty_capsule:
|
|
|
|
Entry: efi-empty-capsule: Entry for generating EFI Empty Capsule files
|
|
----------------------------------------------------------------------
|
|
|
|
The parameters needed for generation of the empty capsules can
|
|
be provided as properties in the entry.
|
|
|
|
Properties / Entry arguments:
|
|
- image-guid: Image GUID which will be used for identifying the
|
|
updatable image on the board. Mandatory for accept capsule.
|
|
- capsule-type - String to indicate type of capsule to generate. Valid
|
|
values are 'accept' and 'revert'.
|
|
|
|
For more details on the description of the capsule format, and the capsule
|
|
update functionality, refer Section 8.5 and Chapter 23 in the `UEFI
|
|
specification`_. For more information on the empty capsule, refer the
|
|
sections 2.3.2 and 2.3.3 in the `Dependable Boot specification`_.
|
|
|
|
A typical accept empty capsule entry node would then look something
|
|
like this::
|
|
|
|
empty-capsule {
|
|
type = "efi-empty-capsule";
|
|
/* GUID of the image being accepted */
|
|
image-type-id = SANDBOX_UBOOT_IMAGE_GUID;
|
|
capsule-type = "accept";
|
|
};
|
|
|
|
A typical revert empty capsule entry node would then look something
|
|
like this::
|
|
|
|
empty-capsule {
|
|
type = "efi-empty-capsule";
|
|
capsule-type = "revert";
|
|
};
|
|
|
|
The empty capsules do not have any input payload image.
|
|
|
|
.. _`UEFI specification`: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf
|
|
.. _`Dependable Boot specification`: https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
|
|
|
|
|
|
|
|
.. _etype_encrypted:
|
|
|
|
Entry: encrypted: Externally built encrypted binary blob
|
|
--------------------------------------------------------
|
|
|
|
This entry provides the functionality to include information about how to
|
|
decrypt an encrypted binary. This information is added to the
|
|
resulting device tree by adding a new cipher node in the entry's parent
|
|
node (i.e. the binary).
|
|
|
|
The key that must be used to decrypt the binary is either directly embedded
|
|
in the device tree or indirectly by specifying a key source. The key source
|
|
can be used as an id of a key that is stored in an external device.
|
|
|
|
Using an embedded key
|
|
~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
This is an example using an embedded key::
|
|
|
|
blob-ext {
|
|
filename = "encrypted-blob.bin";
|
|
};
|
|
|
|
encrypted {
|
|
algo = "aes256-gcm";
|
|
iv-filename = "encrypted-blob.bin.iv";
|
|
key-filename = "encrypted-blob.bin.key";
|
|
};
|
|
|
|
This entry generates the following device tree structure form the example
|
|
above::
|
|
|
|
data = [...]
|
|
cipher {
|
|
algo = "aes256-gcm";
|
|
key = <0x...>;
|
|
iv = <0x...>;
|
|
};
|
|
|
|
The data property is generated by the blob-ext etype, the cipher node and
|
|
its content is generated by this etype.
|
|
|
|
Using an external key
|
|
~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Instead of embedding the key itself into the device tree, it is also
|
|
possible to address an externally stored key by specifying a 'key-source'
|
|
instead of the 'key'::
|
|
|
|
blob-ext {
|
|
filename = "encrypted-blob.bin";
|
|
};
|
|
|
|
encrypted {
|
|
algo = "aes256-gcm";
|
|
iv-filename = "encrypted-blob.bin.iv";
|
|
key-source = "external-key-id";
|
|
};
|
|
|
|
This entry generates the following device tree structure form the example
|
|
above::
|
|
|
|
data = [...]
|
|
cipher {
|
|
algo = "aes256-gcm";
|
|
key-source = "external-key-id";
|
|
iv = <0x...>;
|
|
};
|
|
|
|
Properties
|
|
~~~~~~~~~~
|
|
|
|
Properties / Entry arguments:
|
|
- algo: The encryption algorithm. Currently no algorithm is supported
|
|
out-of-the-box. Certain algorithms will be added in future
|
|
patches.
|
|
- iv-filename: The name of the file containing the initialization
|
|
vector (in short iv). See
|
|
https://en.wikipedia.org/wiki/Initialization_vector
|
|
- key-filename: The name of the file containing the key. Either
|
|
key-filename or key-source must be provided.
|
|
- key-source: The key that should be used. Either key-filename or
|
|
key-source must be provided.
|
|
|
|
|
|
|
|
.. _etype_fdtmap:
|
|
|
|
Entry: fdtmap: An entry which contains an FDT map
|
|
-------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
None
|
|
|
|
An FDT map is just a header followed by an FDT containing a list of all the
|
|
entries in the image. The root node corresponds to the image node in the
|
|
original FDT, and an image-name property indicates the image name in that
|
|
original tree.
|
|
|
|
The header is the string _FDTMAP_ followed by 8 unused bytes.
|
|
|
|
When used, this entry will be populated with an FDT map which reflects the
|
|
entries in the current image. Hierarchy is preserved, and all offsets and
|
|
sizes are included.
|
|
|
|
Note that the -u option must be provided to ensure that binman updates the
|
|
FDT with the position of each entry.
|
|
|
|
Example output for a simple image with U-Boot and an FDT map::
|
|
|
|
/ {
|
|
image-name = "binman";
|
|
size = <0x00000112>;
|
|
image-pos = <0x00000000>;
|
|
offset = <0x00000000>;
|
|
u-boot {
|
|
size = <0x00000004>;
|
|
image-pos = <0x00000000>;
|
|
offset = <0x00000000>;
|
|
};
|
|
fdtmap {
|
|
size = <0x0000010e>;
|
|
image-pos = <0x00000004>;
|
|
offset = <0x00000004>;
|
|
};
|
|
};
|
|
|
|
If allow-repack is used then 'orig-offset' and 'orig-size' properties are
|
|
added as necessary. See the binman README.
|
|
|
|
When extracting files, an alternative 'fdt' format is available for fdtmaps.
|
|
Use `binman extract -F fdt ...` to use this. It will export a devicetree,
|
|
without the fdtmap header, so it can be viewed with `fdtdump`.
|
|
|
|
|
|
|
|
.. _etype_files:
|
|
|
|
Entry: files: A set of files arranged in a section
|
|
--------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- pattern: Filename pattern to match the files to include
|
|
- files-compress: Compression algorithm to use:
|
|
none: No compression
|
|
lz4: Use lz4 compression (via 'lz4' command-line utility)
|
|
- files-align: Align each file to the given alignment
|
|
|
|
This entry reads a number of files and places each in a separate sub-entry
|
|
within this entry. To access these you need to enable device-tree updates
|
|
at run-time so you can obtain the file positions.
|
|
|
|
|
|
|
|
.. _etype_fill:
|
|
|
|
Entry: fill: An entry which is filled to a particular byte value
|
|
----------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- fill-byte: Byte to use to fill the entry
|
|
|
|
Note that the size property must be set since otherwise this entry does not
|
|
know how large it should be.
|
|
|
|
You can often achieve the same effect using the pad-byte property of the
|
|
overall image, in that the space between entries will then be padded with
|
|
that byte. But this entry is sometimes useful for explicitly setting the
|
|
byte value of a region.
|
|
|
|
|
|
|
|
.. _etype_fit:
|
|
|
|
Entry: fit: Flat Image Tree (FIT)
|
|
---------------------------------
|
|
|
|
This calls mkimage to create a FIT (U-Boot Flat Image Tree) based on the
|
|
input provided.
|
|
|
|
Nodes for the FIT should be written out in the binman configuration just as
|
|
they would be in a file passed to mkimage.
|
|
|
|
For example, this creates an image containing a FIT with U-Boot SPL::
|
|
|
|
binman {
|
|
fit {
|
|
description = "Test FIT";
|
|
fit,fdt-list = "of-list";
|
|
|
|
images {
|
|
kernel@1 {
|
|
description = "SPL";
|
|
os = "u-boot";
|
|
type = "rkspi";
|
|
arch = "arm";
|
|
compression = "none";
|
|
load = <0>;
|
|
entry = <0>;
|
|
|
|
u-boot-spl {
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
More complex setups can be created, with generated nodes, as described
|
|
below.
|
|
|
|
Properties (in the 'fit' node itself)
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Special properties have a `fit,` prefix, indicating that they should be
|
|
processed but not included in the final FIT.
|
|
|
|
The top-level 'fit' node supports the following special properties:
|
|
|
|
fit,external-offset
|
|
Indicates that the contents of the FIT are external and provides the
|
|
external offset. This is passed to mkimage via the -E and -p flags.
|
|
|
|
fit,align
|
|
Indicates what alignment to use for the FIT and its external data,
|
|
and provides the alignment to use. This is passed to mkimage via
|
|
the -B flag.
|
|
|
|
fit,fdt-list
|
|
Indicates the entry argument which provides the list of device tree
|
|
files for the gen-fdt-nodes operation (as below). This is often
|
|
`of-list` meaning that `-a of-list="dtb1 dtb2..."` should be passed
|
|
to binman.
|
|
|
|
fit,fdt-list-val
|
|
As an alternative to fit,fdt-list the list of device tree files
|
|
can be provided in this property as a string list, e.g.::
|
|
|
|
fit,fdt-list-val = "dtb1", "dtb2";
|
|
|
|
Substitutions
|
|
~~~~~~~~~~~~~
|
|
|
|
Node names and property values support a basic string-substitution feature.
|
|
Available substitutions for '@' nodes (and property values) are:
|
|
|
|
SEQ:
|
|
Sequence number of the generated fdt (1, 2, ...)
|
|
NAME
|
|
Name of the dtb as provided (i.e. without adding '.dtb')
|
|
|
|
The `default` property, if present, will be automatically set to the name
|
|
if of configuration whose devicetree matches the `default-dt` entry
|
|
argument, e.g. with `-a default-dt=sun50i-a64-pine64-lts`.
|
|
|
|
Available substitutions for property values in these nodes are:
|
|
|
|
DEFAULT-SEQ:
|
|
Sequence number of the default fdt, as provided by the 'default-dt'
|
|
entry argument
|
|
|
|
Available operations
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
You can add an operation to an '@' node to indicate which operation is
|
|
required::
|
|
|
|
@fdt-SEQ {
|
|
fit,operation = "gen-fdt-nodes";
|
|
...
|
|
};
|
|
|
|
Available operations are:
|
|
|
|
gen-fdt-nodes
|
|
Generate FDT nodes as above. This is the default if there is no
|
|
`fit,operation` property.
|
|
|
|
split-elf
|
|
Split an ELF file into a separate node for each segment.
|
|
|
|
Generating nodes from an FDT list (gen-fdt-nodes)
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
U-Boot supports creating fdt and config nodes automatically. To do this,
|
|
pass an `of-list` property (e.g. `-a of-list=file1 file2`). This tells
|
|
binman that you want to generates nodes for two files: `file1.dtb` and
|
|
`file2.dtb`. The `fit,fdt-list` property (see above) indicates that
|
|
`of-list` should be used. If the property is missing you will get an error.
|
|
|
|
Then add a 'generator node', a node with a name starting with '@'::
|
|
|
|
images {
|
|
@fdt-SEQ {
|
|
description = "fdt-NAME";
|
|
type = "flat_dt";
|
|
compression = "none";
|
|
};
|
|
};
|
|
|
|
This tells binman to create nodes `fdt-1` and `fdt-2` for each of your two
|
|
files. All the properties you specify will be included in the node. This
|
|
node acts like a template to generate the nodes. The generator node itself
|
|
does not appear in the output - it is replaced with what binman generates.
|
|
A 'data' property is created with the contents of the FDT file.
|
|
|
|
You can create config nodes in a similar way::
|
|
|
|
configurations {
|
|
default = "@config-DEFAULT-SEQ";
|
|
@config-SEQ {
|
|
description = "NAME";
|
|
firmware = "atf";
|
|
loadables = "uboot";
|
|
fdt = "fdt-SEQ";
|
|
};
|
|
};
|
|
|
|
This tells binman to create nodes `config-1` and `config-2`, i.e. a config
|
|
for each of your two files.
|
|
|
|
Note that if no devicetree files are provided (with '-a of-list' as above)
|
|
then no nodes will be generated.
|
|
|
|
Generating nodes from an ELF file (split-elf)
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
This uses the node as a template to generate multiple nodes. The following
|
|
special properties are available:
|
|
|
|
split-elf
|
|
Split an ELF file into a separate node for each segment. This uses the
|
|
node as a template to generate multiple nodes. The following special
|
|
properties are available:
|
|
|
|
fit,load
|
|
Generates a `load = <...>` property with the load address of the
|
|
segment
|
|
|
|
fit,entry
|
|
Generates a `entry = <...>` property with the entry address of the
|
|
ELF. This is only produced for the first entry
|
|
|
|
fit,data
|
|
Generates a `data = <...>` property with the contents of the segment
|
|
|
|
fit,firmware
|
|
Generates a `firmware = <...>` property. Provides a list of possible
|
|
nodes to be used as the `firmware` property value. The first valid
|
|
node is picked as the firmware. Any remaining valid nodes is
|
|
prepended to the `loadable` property generated by `fit,loadables`
|
|
|
|
fit,loadables
|
|
Generates a `loadable = <...>` property with a list of the generated
|
|
nodes (including all nodes if this operation is used multiple times)
|
|
|
|
|
|
Here is an example showing ATF, TEE and a device tree all combined::
|
|
|
|
fit {
|
|
description = "test-desc";
|
|
#address-cells = <1>;
|
|
fit,fdt-list = "of-list";
|
|
|
|
images {
|
|
u-boot {
|
|
description = "U-Boot (64-bit)";
|
|
type = "standalone";
|
|
os = "U-Boot";
|
|
arch = "arm64";
|
|
compression = "none";
|
|
load = <CONFIG_TEXT_BASE>;
|
|
u-boot-nodtb {
|
|
};
|
|
};
|
|
@fdt-SEQ {
|
|
description = "fdt-NAME.dtb";
|
|
type = "flat_dt";
|
|
compression = "none";
|
|
};
|
|
@atf-SEQ {
|
|
fit,operation = "split-elf";
|
|
description = "ARM Trusted Firmware";
|
|
type = "firmware";
|
|
arch = "arm64";
|
|
os = "arm-trusted-firmware";
|
|
compression = "none";
|
|
fit,load;
|
|
fit,entry;
|
|
fit,data;
|
|
|
|
atf-bl31 {
|
|
};
|
|
hash {
|
|
algo = "sha256";
|
|
};
|
|
};
|
|
|
|
@tee-SEQ {
|
|
fit,operation = "split-elf";
|
|
description = "TEE";
|
|
type = "tee";
|
|
arch = "arm64";
|
|
os = "tee";
|
|
compression = "none";
|
|
fit,load;
|
|
fit,entry;
|
|
fit,data;
|
|
|
|
tee-os {
|
|
};
|
|
hash {
|
|
algo = "sha256";
|
|
};
|
|
};
|
|
};
|
|
|
|
configurations {
|
|
default = "@config-DEFAULT-SEQ";
|
|
@config-SEQ {
|
|
description = "conf-NAME.dtb";
|
|
fdt = "fdt-SEQ";
|
|
fit,firmware = "atf-1", "u-boot";
|
|
fit,loadables;
|
|
};
|
|
};
|
|
};
|
|
|
|
If ATF-BL31 is available, this generates a node for each segment in the
|
|
ELF file, for example::
|
|
|
|
images {
|
|
atf-1 {
|
|
data = <...contents of first segment...>;
|
|
data-offset = <0x00000000>;
|
|
entry = <0x00040000>;
|
|
load = <0x00040000>;
|
|
compression = "none";
|
|
os = "arm-trusted-firmware";
|
|
arch = "arm64";
|
|
type = "firmware";
|
|
description = "ARM Trusted Firmware";
|
|
hash {
|
|
algo = "sha256";
|
|
value = <...hash of first segment...>;
|
|
};
|
|
};
|
|
atf-2 {
|
|
data = <...contents of second segment...>;
|
|
load = <0xff3b0000>;
|
|
compression = "none";
|
|
os = "arm-trusted-firmware";
|
|
arch = "arm64";
|
|
type = "firmware";
|
|
description = "ARM Trusted Firmware";
|
|
hash {
|
|
algo = "sha256";
|
|
value = <...hash of second segment...>;
|
|
};
|
|
};
|
|
};
|
|
|
|
The same applies for OP-TEE if that is available.
|
|
|
|
If each binary is not available, the relevant template node (@atf-SEQ or
|
|
@tee-SEQ) is removed from the output.
|
|
|
|
This also generates a `config-xxx` node for each device tree in `of-list`.
|
|
Note that the U-Boot build system uses `-a of-list=$(CONFIG_OF_LIST)`
|
|
so you can use `CONFIG_OF_LIST` to define that list. In this example it is
|
|
set up for `firefly-rk3399` with a single device tree and the default set
|
|
with `-a default-dt=$(CONFIG_DEFAULT_DEVICE_TREE)`, so the resulting output
|
|
is::
|
|
|
|
configurations {
|
|
default = "config-1";
|
|
config-1 {
|
|
loadables = "u-boot", "atf-2", "atf-3", "tee-1", "tee-2";
|
|
description = "rk3399-firefly.dtb";
|
|
fdt = "fdt-1";
|
|
firmware = "atf-1";
|
|
};
|
|
};
|
|
|
|
U-Boot SPL can then load the firmware (ATF) and all the loadables (U-Boot
|
|
proper, ATF and TEE), then proceed with the boot.
|
|
|
|
|
|
|
|
.. _etype_fmap:
|
|
|
|
Entry: fmap: An entry which contains an Fmap section
|
|
----------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
None
|
|
|
|
FMAP is a simple format used by flashrom, an open-source utility for
|
|
reading and writing the SPI flash, typically on x86 CPUs. The format
|
|
provides flashrom with a list of areas, so it knows what it in the flash.
|
|
It can then read or write just a single area, instead of the whole flash.
|
|
|
|
The format is defined by the flashrom project, in the file lib/fmap.h -
|
|
see www.flashrom.org/Flashrom for more information.
|
|
|
|
When used, this entry will be populated with an FMAP which reflects the
|
|
entries in the current image. Note that any hierarchy is squashed, since
|
|
FMAP does not support this. Sections are represented as an area appearing
|
|
before its contents, so that it is possible to reconstruct the hierarchy
|
|
from the FMAP by using the offset information. This convention does not
|
|
seem to be documented, but is used in Chromium OS.
|
|
|
|
To mark an area as preserved, use the normal 'preserved' flag in the entry.
|
|
This will result in the corresponding FMAP area having the
|
|
FMAP_AREA_PRESERVE flag. This flag does not automatically propagate down to
|
|
child entries.
|
|
|
|
CBFS entries appear as a single entry, i.e. the sub-entries are ignored.
|
|
|
|
|
|
|
|
.. _etype_gbb:
|
|
|
|
Entry: gbb: An entry which contains a Chromium OS Google Binary Block
|
|
---------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- hardware-id: Hardware ID to use for this build (a string)
|
|
- keydir: Directory containing the public keys to use
|
|
- bmpblk: Filename containing images used by recovery
|
|
|
|
Chromium OS uses a GBB to store various pieces of information, in particular
|
|
the root and recovery keys that are used to verify the boot process. Some
|
|
more details are here:
|
|
|
|
https://www.chromium.org/chromium-os/firmware-porting-guide/2-concepts
|
|
|
|
but note that the page dates from 2013 so is quite out of date. See
|
|
README.chromium for how to obtain the required keys and tools.
|
|
|
|
|
|
|
|
.. _etype_image_header:
|
|
|
|
Entry: image-header: An entry which contains a pointer to the FDT map
|
|
---------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
location: Location of header ("start" or "end" of image). This is
|
|
optional. If omitted then the entry must have an offset property.
|
|
|
|
This adds an 8-byte entry to the start or end of the image, pointing to the
|
|
location of the FDT map. The format is a magic number followed by an offset
|
|
from the start or end of the image, in twos-compliment format.
|
|
|
|
This entry must be in the top-level part of the image.
|
|
|
|
NOTE: If the location is at the start/end, you will probably need to specify
|
|
sort-by-offset for the image, unless you actually put the image header
|
|
first/last in the entry list.
|
|
|
|
|
|
|
|
.. _etype_intel_cmc:
|
|
|
|
Entry: intel-cmc: Intel Chipset Micro Code (CMC) file
|
|
-----------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains microcode for some devices in a special format. An
|
|
example filename is 'Microcode/C0_22211.BIN'.
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_descriptor:
|
|
|
|
Entry: intel-descriptor: Intel flash descriptor block (4KB)
|
|
-----------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
filename: Filename of file containing the descriptor. This is typically
|
|
a 4KB binary file, sometimes called 'descriptor.bin'
|
|
|
|
This entry is placed at the start of flash and provides information about
|
|
the SPI flash regions. In particular it provides the base address and
|
|
size of the ME (Management Engine) region, allowing us to place the ME
|
|
binary in the right place.
|
|
|
|
With this entry in your image, the position of the 'intel-me' entry will be
|
|
fixed in the image, which avoids you needed to specify an offset for that
|
|
region. This is useful, because it is not possible to change the position
|
|
of the ME region without updating the descriptor.
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_fit:
|
|
|
|
Entry: intel-fit: Intel Firmware Image Table (FIT)
|
|
--------------------------------------------------
|
|
|
|
This entry contains a dummy FIT as required by recent Intel CPUs. The FIT
|
|
contains information about the firmware and microcode available in the
|
|
image.
|
|
|
|
At present binman only supports a basic FIT with no microcode.
|
|
|
|
|
|
|
|
.. _etype_intel_fit_ptr:
|
|
|
|
Entry: intel-fit-ptr: Intel Firmware Image Table (FIT) pointer
|
|
--------------------------------------------------------------
|
|
|
|
This entry contains a pointer to the FIT. It is required to be at address
|
|
0xffffffc0 in the image.
|
|
|
|
|
|
|
|
.. _etype_intel_fsp:
|
|
|
|
Entry: intel-fsp: Intel Firmware Support Package (FSP) file
|
|
-----------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains binary blobs which are used on some devices to make the
|
|
platform work. U-Boot executes this code since it is not possible to set up
|
|
the hardware using U-Boot open-source code. Documentation is typically not
|
|
available in sufficient detail to allow this.
|
|
|
|
An example filename is 'FSP/QUEENSBAY_FSP_GOLD_001_20-DECEMBER-2013.fd'
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_fsp_m:
|
|
|
|
Entry: intel-fsp-m: Intel Firmware Support Package (FSP) memory init
|
|
--------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains a binary blob which is used on some devices to set up
|
|
SDRAM. U-Boot executes this code in SPL so that it can make full use of
|
|
memory. Documentation is typically not available in sufficient detail to
|
|
allow U-Boot do this this itself..
|
|
|
|
An example filename is 'fsp_m.bin'
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_fsp_s:
|
|
|
|
Entry: intel-fsp-s: Intel Firmware Support Package (FSP) silicon init
|
|
---------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains a binary blob which is used on some devices to set up
|
|
the silicon. U-Boot executes this code in U-Boot proper after SDRAM is
|
|
running, so that it can make full use of memory. Documentation is typically
|
|
not available in sufficient detail to allow U-Boot do this this itself.
|
|
|
|
An example filename is 'fsp_s.bin'
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_fsp_t:
|
|
|
|
Entry: intel-fsp-t: Intel Firmware Support Package (FSP) temp ram init
|
|
----------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains a binary blob which is used on some devices to set up
|
|
temporary memory (Cache-as-RAM or CAR). U-Boot executes this code in TPL so
|
|
that it has access to memory for its stack and initial storage.
|
|
|
|
An example filename is 'fsp_t.bin'
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_ifwi:
|
|
|
|
Entry: intel-ifwi: Intel Integrated Firmware Image (IFWI) file
|
|
--------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry. This is either the
|
|
IFWI file itself, or a file that can be converted into one using a
|
|
tool
|
|
- convert-fit: If present this indicates that the ifwitool should be
|
|
used to convert the provided file into a IFWI.
|
|
|
|
This file contains code and data used by the SoC that is required to make
|
|
it work. It includes U-Boot TPL, microcode, things related to the CSE
|
|
(Converged Security Engine, the microcontroller that loads all the firmware)
|
|
and other items beyond the wit of man.
|
|
|
|
A typical filename is 'ifwi.bin' for an IFWI file, or 'fitimage.bin' for a
|
|
file that will be converted to an IFWI.
|
|
|
|
The position of this entry is generally set by the intel-descriptor entry.
|
|
|
|
The contents of the IFWI are specified by the subnodes of the IFWI node.
|
|
Each subnode describes an entry which is placed into the IFWFI with a given
|
|
sub-partition (and optional entry name).
|
|
|
|
Properties for subnodes:
|
|
- ifwi-subpart: sub-parition to put this entry into, e.g. "IBBP"
|
|
- ifwi-entry: entry name t use, e.g. "IBBL"
|
|
- ifwi-replace: if present, indicates that the item should be replaced
|
|
in the IFWI. Otherwise it is added.
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_me:
|
|
|
|
Entry: intel-me: Intel Management Engine (ME) file
|
|
--------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains code used by the SoC that is required to make it work.
|
|
The Management Engine is like a background task that runs things that are
|
|
not clearly documented, but may include keyboard, display and network
|
|
access. For platform that use ME it is not possible to disable it. U-Boot
|
|
does not directly execute code in the ME binary.
|
|
|
|
A typical filename is 'me.bin'.
|
|
|
|
The position of this entry is generally set by the intel-descriptor entry.
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_mrc:
|
|
|
|
Entry: intel-mrc: Intel Memory Reference Code (MRC) file
|
|
--------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains code for setting up the SDRAM on some Intel systems. This
|
|
is executed by U-Boot when needed early during startup. A typical filename
|
|
is 'mrc.bin'.
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_refcode:
|
|
|
|
Entry: intel-refcode: Intel Reference Code file
|
|
-----------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains code for setting up the platform on some Intel systems.
|
|
This is executed by U-Boot when needed early during startup. A typical
|
|
filename is 'refcode.bin'.
|
|
|
|
See README.x86 for information about x86 binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_vbt:
|
|
|
|
Entry: intel-vbt: Intel Video BIOS Table (VBT) file
|
|
---------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains code that sets up the integrated graphics subsystem on
|
|
some Intel SoCs. U-Boot executes this when the display is started up.
|
|
|
|
See README.x86 for information about Intel binary blobs.
|
|
|
|
|
|
|
|
.. _etype_intel_vga:
|
|
|
|
Entry: intel-vga: Intel Video Graphics Adaptor (VGA) file
|
|
---------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of file to read into entry
|
|
|
|
This file contains code that sets up the integrated graphics subsystem on
|
|
some Intel SoCs. U-Boot executes this when the display is started up.
|
|
|
|
This is similar to the VBT file but in a different format.
|
|
|
|
See README.x86 for information about Intel binary blobs.
|
|
|
|
|
|
|
|
.. _etype_mkimage:
|
|
|
|
Entry: mkimage: Binary produced by mkimage
|
|
------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- args: Arguments to pass
|
|
- data-to-imagename: Indicates that the -d data should be passed in as
|
|
the image name also (-n)
|
|
- multiple-data-files: boolean to tell binman to pass all files as
|
|
datafiles to mkimage instead of creating a temporary file the result
|
|
of datafiles concatenation
|
|
- filename: filename of output binary generated by mkimage
|
|
|
|
The data passed to mkimage via the -d flag is collected from subnodes of the
|
|
mkimage node, e.g.::
|
|
|
|
mkimage {
|
|
filename = "imximage.bin";
|
|
args = "-n test -T imximage";
|
|
|
|
u-boot-spl {
|
|
};
|
|
};
|
|
|
|
This calls mkimage to create an imximage with `u-boot-spl.bin` as the data
|
|
file, with mkimage being called like this::
|
|
|
|
mkimage -d <data_file> -n test -T imximage <output_file>
|
|
|
|
The output from mkimage then becomes part of the image produced by
|
|
binman but also is written into `imximage.bin` file. If you need to put
|
|
multiple things in the data file, you can use a section, or just multiple
|
|
subnodes like this::
|
|
|
|
mkimage {
|
|
args = "-n test -T imximage";
|
|
|
|
u-boot-spl {
|
|
};
|
|
|
|
u-boot-tpl {
|
|
};
|
|
};
|
|
|
|
Note that binman places the contents (here SPL and TPL) into a single file
|
|
and passes that to mkimage using the -d option.
|
|
|
|
To pass all datafiles untouched to mkimage::
|
|
|
|
mkimage {
|
|
args = "-n rk3399 -T rkspi";
|
|
multiple-data-files;
|
|
|
|
u-boot-tpl {
|
|
};
|
|
|
|
u-boot-spl {
|
|
};
|
|
};
|
|
|
|
This calls mkimage to create a Rockchip RK3399-specific first stage
|
|
bootloader, made of TPL+SPL. Since this first stage bootloader requires to
|
|
align the TPL and SPL but also some weird hacks that is handled by mkimage
|
|
directly, binman is told to not perform the concatenation of datafiles prior
|
|
to passing the data to mkimage.
|
|
|
|
To use CONFIG options in the arguments, use a string list instead, as in
|
|
this example which also produces four arguments::
|
|
|
|
mkimage {
|
|
args = "-n", CONFIG_SYS_SOC, "-T imximage";
|
|
|
|
u-boot-spl {
|
|
};
|
|
};
|
|
|
|
If you need to pass the input data in with the -n argument as well, then use
|
|
the 'data-to-imagename' property::
|
|
|
|
mkimage {
|
|
args = "-T imximage";
|
|
data-to-imagename;
|
|
|
|
u-boot-spl {
|
|
};
|
|
};
|
|
|
|
That will pass the data to mkimage both as the data file (with -d) and as
|
|
the image name (with -n). In both cases, a filename is passed as the
|
|
argument, with the actual data being in that file.
|
|
|
|
If need to pass different data in with -n, then use an `imagename` subnode::
|
|
|
|
mkimage {
|
|
args = "-T imximage";
|
|
|
|
imagename {
|
|
blob {
|
|
filename = "spl/u-boot-spl.cfgout"
|
|
};
|
|
};
|
|
|
|
u-boot-spl {
|
|
};
|
|
};
|
|
|
|
This will pass in u-boot-spl as the input data and the .cfgout file as the
|
|
-n data.
|
|
|
|
|
|
|
|
.. _etype_null:
|
|
|
|
Entry: null: An entry which has no contents of its own
|
|
------------------------------------------------------
|
|
|
|
Note that the size property must be set since otherwise this entry does not
|
|
know how large it should be.
|
|
|
|
The contents are set by the containing section, e.g. the section's pad
|
|
byte.
|
|
|
|
|
|
|
|
.. _etype_opensbi:
|
|
|
|
Entry: opensbi: RISC-V OpenSBI fw_dynamic blob
|
|
----------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- opensbi-path: Filename of file to read into entry. This is typically
|
|
called fw_dynamic.bin
|
|
|
|
This entry holds the run-time firmware, typically started by U-Boot SPL.
|
|
See the U-Boot README for your architecture or board for how to use it. See
|
|
https://github.com/riscv/opensbi for more information about OpenSBI.
|
|
|
|
|
|
|
|
.. _etype_powerpc_mpc85xx_bootpg_resetvec:
|
|
|
|
Entry: powerpc-mpc85xx-bootpg-resetvec: PowerPC mpc85xx bootpg + resetvec code for U-Boot
|
|
-----------------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-br.bin (default 'u-boot-br.bin')
|
|
|
|
This entry is valid for PowerPC mpc85xx cpus. This entry holds
|
|
'bootpg + resetvec' code for PowerPC mpc85xx CPUs which needs to be
|
|
placed at offset 'RESET_VECTOR_ADDRESS - 0xffc'.
|
|
|
|
|
|
|
|
.. _etype_pre_load:
|
|
|
|
Entry: pre-load: Pre load image header
|
|
--------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- pre-load-key-path: Path of the directory that store key (provided by
|
|
the environment variable PRE_LOAD_KEY_PATH)
|
|
- content: List of phandles to entries to sign
|
|
- algo-name: Hash and signature algo to use for the signature
|
|
- padding-name: Name of the padding (pkcs-1.5 or pss)
|
|
- key-name: Filename of the private key to sign
|
|
- header-size: Total size of the header
|
|
- version: Version of the header
|
|
|
|
This entry creates a pre-load header that contains a global
|
|
image signature.
|
|
|
|
For example, this creates an image with a pre-load header and a binary::
|
|
|
|
binman {
|
|
image2 {
|
|
filename = "sandbox.bin";
|
|
|
|
pre-load {
|
|
content = <&image>;
|
|
algo-name = "sha256,rsa2048";
|
|
padding-name = "pss";
|
|
key-name = "private.pem";
|
|
header-size = <4096>;
|
|
version = <1>;
|
|
};
|
|
|
|
image: blob-ext {
|
|
filename = "sandbox.itb";
|
|
};
|
|
};
|
|
};
|
|
|
|
|
|
|
|
.. _etype_rockchip_tpl:
|
|
|
|
Entry: rockchip-tpl: Rockchip TPL binary
|
|
----------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- rockchip-tpl-path: Filename of file to read into the entry,
|
|
typically <soc>_ddr_<version>.bin
|
|
|
|
This entry holds an external TPL binary used by some Rockchip SoCs
|
|
instead of normal U-Boot TPL, typically to initialize DRAM.
|
|
|
|
|
|
|
|
.. _etype_scp:
|
|
|
|
Entry: scp: System Control Processor (SCP) firmware blob
|
|
--------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- scp-path: Filename of file to read into the entry, typically scp.bin
|
|
|
|
This entry holds firmware for an external platform-specific coprocessor.
|
|
|
|
|
|
|
|
.. _etype_section:
|
|
|
|
Entry: section: Entry that contains other entries
|
|
-------------------------------------------------
|
|
|
|
A section is an entry which can contain other entries, thus allowing
|
|
hierarchical images to be created. See 'Sections and hierarchical images'
|
|
in the binman README for more information.
|
|
|
|
The base implementation simply joins the various entries together, using
|
|
various rules about alignment, etc.
|
|
|
|
Subclassing
|
|
~~~~~~~~~~~
|
|
|
|
This class can be subclassed to support other file formats which hold
|
|
multiple entries, such as CBFS. To do this, override the following
|
|
functions. The documentation here describes what your function should do.
|
|
For example code, see etypes which subclass `Entry_section`, or `cbfs.py`
|
|
for a more involved example::
|
|
|
|
$ grep -l \(Entry_section tools/binman/etype/*.py
|
|
|
|
ReadNode()
|
|
Call `super().ReadNode()`, then read any special properties for the
|
|
section. Then call `self.ReadEntries()` to read the entries.
|
|
|
|
Binman calls this at the start when reading the image description.
|
|
|
|
ReadEntries()
|
|
Read in the subnodes of the section. This may involve creating entries
|
|
of a particular etype automatically, as well as reading any special
|
|
properties in the entries. For each entry, entry.ReadNode() should be
|
|
called, to read the basic entry properties. The properties should be
|
|
added to `self._entries[]`, in the correct order, with a suitable name.
|
|
|
|
Binman calls this at the start when reading the image description.
|
|
|
|
BuildSectionData(required)
|
|
Create the custom file format that you want and return it as bytes.
|
|
This likely sets up a file header, then loops through the entries,
|
|
adding them to the file. For each entry, call `entry.GetData()` to
|
|
obtain the data. If that returns None, and `required` is False, then
|
|
this method must give up and return None. But if `required` is True then
|
|
it should assume that all data is valid.
|
|
|
|
Binman calls this when packing the image, to find out the size of
|
|
everything. It is called again at the end when building the final image.
|
|
|
|
SetImagePos(image_pos):
|
|
Call `super().SetImagePos(image_pos)`, then set the `image_pos` values
|
|
for each of the entries. This should use the custom file format to find
|
|
the `start offset` (and `image_pos`) of each entry. If the file format
|
|
uses compression in such a way that there is no offset available (other
|
|
than reading the whole file and decompressing it), then the offsets for
|
|
affected entries can remain unset (`None`). The size should also be set
|
|
if possible.
|
|
|
|
Binman calls this after the image has been packed, to update the
|
|
location that all the entries ended up at.
|
|
|
|
ReadChildData(child, decomp, alt_format):
|
|
The default version of this may be good enough, if you are able to
|
|
implement SetImagePos() correctly. But that is a bit of a bypass, so
|
|
you can override this method to read from your custom file format. It
|
|
should read the entire entry containing the custom file using
|
|
`super().ReadData(True)`, then parse the file to get the data for the
|
|
given child, then return that data.
|
|
|
|
If your file format supports compression, the `decomp` argument tells
|
|
you whether to return the compressed data (`decomp` is False) or to
|
|
uncompress it first, then return the uncompressed data (`decomp` is
|
|
True). This is used by the `binman extract -U` option.
|
|
|
|
If your entry supports alternative formats, the alt_format provides the
|
|
alternative format that the user has selected. Your function should
|
|
return data in that format. This is used by the 'binman extract -l'
|
|
option.
|
|
|
|
Binman calls this when reading in an image, in order to populate all the
|
|
entries with the data from that image (`binman ls`).
|
|
|
|
WriteChildData(child):
|
|
Binman calls this after `child.data` is updated, to inform the custom
|
|
file format about this, in case it needs to do updates.
|
|
|
|
The default version of this does nothing and probably needs to be
|
|
overridden for the 'binman replace' command to work. Your version should
|
|
use `child.data` to update the data for that child in the custom file
|
|
format.
|
|
|
|
Binman calls this when updating an image that has been read in and in
|
|
particular to update the data for a particular entry (`binman replace`)
|
|
|
|
Properties / Entry arguments
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
See :ref:`develop/package/binman:Image description format` for more
|
|
information.
|
|
|
|
align-default
|
|
Default alignment for this section, if no alignment is given in the
|
|
entry
|
|
|
|
pad-byte
|
|
Pad byte to use when padding
|
|
|
|
sort-by-offset
|
|
True if entries should be sorted by offset, False if they must be
|
|
in-order in the device tree description
|
|
|
|
end-at-4gb
|
|
Used to build an x86 ROM which ends at 4GB (2^32)
|
|
|
|
name-prefix
|
|
Adds a prefix to the name of every entry in the section when writing out
|
|
the map
|
|
|
|
skip-at-start
|
|
Number of bytes before the first entry starts. These effectively adjust
|
|
the starting offset of entries. For example, if this is 16, then the
|
|
first entry would start at 16. An entry with offset = 20 would in fact
|
|
be written at offset 4 in the image file, since the first 16 bytes are
|
|
skipped when writing.
|
|
|
|
filename
|
|
filename to write the unpadded section contents to within the output
|
|
directory (None to skip this).
|
|
|
|
Since a section is also an entry, it inherits all the properies of entries
|
|
too.
|
|
|
|
Note that the `allow_missing` member controls whether this section permits
|
|
external blobs to be missing their contents. The option will produce an
|
|
image but of course it will not work. It is useful to make sure that
|
|
Continuous Integration systems can build without the binaries being
|
|
available. This is set by the `SetAllowMissing()` method, if
|
|
`--allow-missing` is passed to binman.
|
|
|
|
|
|
|
|
.. _etype_tee_os:
|
|
|
|
Entry: tee-os: Entry containing an OP-TEE Trusted OS (TEE) blob
|
|
---------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- tee-os-path: Filename of file to read into entry. This is typically
|
|
called tee.bin or tee.elf
|
|
|
|
This entry holds the run-time firmware, typically started by U-Boot SPL.
|
|
See the U-Boot README for your architecture or board for how to use it. See
|
|
https://github.com/OP-TEE/optee_os for more information about OP-TEE.
|
|
|
|
Note that if the file is in ELF format, it must go in a FIT. In that case,
|
|
this entry will mark itself as absent, providing the data only through the
|
|
read_elf_segments() method.
|
|
|
|
Marking this entry as absent means that it if is used in the wrong context
|
|
it can be automatically dropped. Thus it is possible to add an OP-TEE entry
|
|
like this::
|
|
|
|
binman {
|
|
tee-os {
|
|
};
|
|
};
|
|
|
|
and pass either an ELF or plain binary in with -a tee-os-path <filename>
|
|
and have binman do the right thing:
|
|
|
|
- include the entry if tee.bin is provided and it does NOT have the v1
|
|
header
|
|
- drop it otherwise
|
|
|
|
When used within a FIT, we can do::
|
|
|
|
binman {
|
|
fit {
|
|
tee-os {
|
|
};
|
|
};
|
|
};
|
|
|
|
which will split the ELF into separate nodes for each segment, if an ELF
|
|
file is provided (see :ref:`etype_fit`), or produce a single node if the
|
|
OP-TEE binary v1 format is provided (see optee_doc_) .
|
|
|
|
.. _optee_doc: https://optee.readthedocs.io/en/latest/architecture/core.html#partitioning-of-the-binary
|
|
|
|
|
|
|
|
.. _etype_text:
|
|
|
|
Entry: text: An entry which contains text
|
|
-----------------------------------------
|
|
|
|
The text can be provided either in the node itself or by a command-line
|
|
argument. There is a level of indirection to allow multiple text strings
|
|
and sharing of text.
|
|
|
|
Properties / Entry arguments:
|
|
text-label: The value of this string indicates the property / entry-arg
|
|
that contains the string to place in the entry
|
|
<xxx> (actual name is the value of text-label): contains the string to
|
|
place in the entry.
|
|
<text>: The text to place in the entry (overrides the above mechanism).
|
|
This is useful when the text is constant.
|
|
|
|
Example node::
|
|
|
|
text {
|
|
size = <50>;
|
|
text-label = "message";
|
|
};
|
|
|
|
You can then use:
|
|
|
|
binman -amessage="this is my message"
|
|
|
|
and binman will insert that string into the entry.
|
|
|
|
It is also possible to put the string directly in the node::
|
|
|
|
text {
|
|
size = <8>;
|
|
text-label = "message";
|
|
message = "a message directly in the node"
|
|
};
|
|
|
|
or just::
|
|
|
|
text {
|
|
size = <8>;
|
|
text = "some text directly in the node"
|
|
};
|
|
|
|
The text is not itself nul-terminated. This can be achieved, if required,
|
|
by setting the size of the entry to something larger than the text.
|
|
|
|
|
|
|
|
.. _etype_ti_board_config:
|
|
|
|
Entry: ti-board-config: An entry containing a TI schema validated board config binary
|
|
-------------------------------------------------------------------------------------
|
|
|
|
This etype supports generation of two kinds of board configuration
|
|
binaries: singular board config binary as well as combined board config
|
|
binary.
|
|
|
|
Properties / Entry arguments:
|
|
- config-file: File containing board configuration data in YAML
|
|
- schema-file: File containing board configuration YAML schema against
|
|
which the config file is validated
|
|
|
|
Output files:
|
|
- board config binary: File containing board configuration binary
|
|
|
|
These above parameters are used only when the generated binary is
|
|
intended to be a single board configuration binary. Example::
|
|
|
|
my-ti-board-config {
|
|
ti-board-config {
|
|
config = "board-config.yaml";
|
|
schema = "schema.yaml";
|
|
};
|
|
};
|
|
|
|
To generate a combined board configuration binary, we pack the
|
|
needed individual binaries into a ti-board-config binary. In this case,
|
|
the available supported subnode names are board-cfg, pm-cfg, sec-cfg and
|
|
rm-cfg. The final binary is prepended with a header containing details about
|
|
the included board config binaries. Example::
|
|
|
|
my-combined-ti-board-config {
|
|
ti-board-config {
|
|
board-cfg {
|
|
config = "board-cfg.yaml";
|
|
schema = "schema.yaml";
|
|
};
|
|
sec-cfg {
|
|
config = "sec-cfg.yaml";
|
|
schema = "schema.yaml";
|
|
};
|
|
}
|
|
}
|
|
|
|
|
|
|
|
.. _etype_ti_secure:
|
|
|
|
Entry: ti-secure: Entry containing a TI x509 certificate binary
|
|
---------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- content: List of phandles to entries to sign
|
|
- keyfile: Filename of file containing key to sign binary with
|
|
- sha: Hash function to be used for signing
|
|
|
|
Output files:
|
|
- input.<unique_name> - input file passed to openssl
|
|
- config.<unique_name> - input file generated for openssl (which is
|
|
used as the config file)
|
|
- cert.<unique_name> - output file generated by openssl (which is
|
|
used as the entry contents)
|
|
|
|
openssl signs the provided data, using the TI templated config file and
|
|
writes the signature in this entry. This allows verification that the
|
|
data is genuine.
|
|
|
|
|
|
|
|
.. _etype_ti_secure_rom:
|
|
|
|
Entry: ti-secure-rom: Entry containing a TI x509 certificate binary for images booted by ROM
|
|
--------------------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- keyfile: Filename of file containing key to sign binary with
|
|
- combined: boolean if device follows combined boot flow
|
|
- countersign: boolean if device contains countersigned system firmware
|
|
- load: load address of SPL
|
|
- sw-rev: software revision
|
|
- sha: Hash function to be used for signing
|
|
- core: core on which bootloader runs, valid cores are 'secure' and 'public'
|
|
- content: phandle of SPL in case of legacy bootflow or phandles of component binaries
|
|
in case of combined bootflow
|
|
- core-opts (optional): lockstep (0) or split (2) mode set to 0 by default
|
|
|
|
The following properties are only for generating a combined bootflow binary:
|
|
- sysfw-inner-cert: boolean if binary contains sysfw inner certificate
|
|
- dm-data: boolean if binary contains dm-data binary
|
|
- content-sbl: phandle of SPL binary
|
|
- content-sysfw: phandle of sysfw binary
|
|
- content-sysfw-data: phandle of sysfw-data or tifs-data binary
|
|
- content-sysfw-inner-cert (optional): phandle of sysfw inner certificate binary
|
|
- content-dm-data (optional): phandle of dm-data binary
|
|
- load-sysfw: load address of sysfw binary
|
|
- load-sysfw-data: load address of sysfw-data or tifs-data binary
|
|
- load-sysfw-inner-cert (optional): load address of sysfw inner certificate binary
|
|
- load-dm-data (optional): load address of dm-data binary
|
|
|
|
Output files:
|
|
- input.<unique_name> - input file passed to openssl
|
|
- config.<unique_name> - input file generated for openssl (which is
|
|
used as the config file)
|
|
- cert.<unique_name> - output file generated by openssl (which is
|
|
used as the entry contents)
|
|
|
|
openssl signs the provided data, using the TI templated config file and
|
|
writes the signature in this entry. This allows verification that the
|
|
data is genuine.
|
|
|
|
|
|
|
|
.. _etype_u_boot:
|
|
|
|
Entry: u-boot: U-Boot flat binary
|
|
---------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.bin (default 'u-boot.bin')
|
|
|
|
This is the U-Boot binary, containing relocation information to allow it
|
|
to relocate itself at runtime. The binary typically includes a device tree
|
|
blob at the end of it.
|
|
|
|
U-Boot can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
Note that this entry is automatically replaced with u-boot-expanded unless
|
|
--no-expanded is used or the node has a 'no-expanded' property.
|
|
|
|
|
|
|
|
.. _etype_u_boot_dtb:
|
|
|
|
Entry: u-boot-dtb: U-Boot device tree
|
|
-------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.dtb (default 'u-boot.dtb')
|
|
|
|
This is the U-Boot device tree, containing configuration information for
|
|
U-Boot. U-Boot needs this to know what devices are present and which drivers
|
|
to activate.
|
|
|
|
Note: This is mostly an internal entry type, used by others. This allows
|
|
binman to know which entries contain a device tree.
|
|
|
|
|
|
|
|
.. _etype_u_boot_dtb_with_ucode:
|
|
|
|
Entry: u-boot-dtb-with-ucode: A U-Boot device tree file, with the microcode removed
|
|
-----------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.dtb (default 'u-boot.dtb')
|
|
|
|
See Entry_u_boot_ucode for full details of the three entries involved in
|
|
this process. This entry provides the U-Boot device-tree file, which
|
|
contains the microcode. If the microcode is not being collated into one
|
|
place then the offset and size of the microcode is recorded by this entry,
|
|
for use by u-boot-with-ucode_ptr. If it is being collated, then this
|
|
entry deletes the microcode from the device tree (to save space) and makes
|
|
it available to u-boot-ucode.
|
|
|
|
|
|
|
|
.. _etype_u_boot_elf:
|
|
|
|
Entry: u-boot-elf: U-Boot ELF image
|
|
-----------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot (default 'u-boot')
|
|
|
|
This is the U-Boot ELF image. It does not include a device tree but can be
|
|
relocated to any address for execution.
|
|
|
|
|
|
|
|
.. _etype_u_boot_env:
|
|
|
|
Entry: u-boot-env: An entry which contains a U-Boot environment
|
|
---------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: File containing the environment text, with each line in the
|
|
form var=value
|
|
|
|
|
|
|
|
.. _etype_u_boot_expanded:
|
|
|
|
Entry: u-boot-expanded: U-Boot flat binary broken out into its component parts
|
|
------------------------------------------------------------------------------
|
|
|
|
This is a section containing the U-Boot binary and a devicetree. Using this
|
|
entry type automatically creates this section, with the following entries
|
|
in it:
|
|
|
|
u-boot-nodtb
|
|
u-boot-dtb
|
|
|
|
Having the devicetree separate allows binman to update it in the final
|
|
image, so that the entries positions are provided to the running U-Boot.
|
|
|
|
|
|
|
|
.. _etype_u_boot_img:
|
|
|
|
Entry: u-boot-img: U-Boot legacy image
|
|
--------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.img (default 'u-boot.img')
|
|
|
|
This is the U-Boot binary as a packaged image, in legacy format. It has a
|
|
header which allows it to be loaded at the correct address for execution.
|
|
|
|
You should use FIT (Flat Image Tree) instead of the legacy image for new
|
|
applications.
|
|
|
|
|
|
|
|
.. _etype_u_boot_nodtb:
|
|
|
|
Entry: u-boot-nodtb: U-Boot flat binary without device tree appended
|
|
--------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename to include (default 'u-boot-nodtb.bin')
|
|
|
|
This is the U-Boot binary, containing relocation information to allow it
|
|
to relocate itself at runtime. It does not include a device tree blob at
|
|
the end of it so normally cannot work without it. You can add a u-boot-dtb
|
|
entry after this one, or use a u-boot entry instead, normally expands to a
|
|
section containing u-boot and u-boot-dtb
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl:
|
|
|
|
Entry: u-boot-spl: U-Boot SPL binary
|
|
------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-spl.bin (default 'spl/u-boot-spl.bin')
|
|
|
|
This is the U-Boot SPL (Secondary Program Loader) binary. This is a small
|
|
binary which loads before U-Boot proper, typically into on-chip SRAM. It is
|
|
responsible for locating, loading and jumping to U-Boot. Note that SPL is
|
|
not relocatable so must be loaded to the correct address in SRAM, or written
|
|
to run from the correct address if direct flash execution is possible (e.g.
|
|
on x86 devices).
|
|
|
|
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
in the binman README for more information.
|
|
|
|
The ELF file 'spl/u-boot-spl' must also be available for this to work, since
|
|
binman uses that to look up symbols to write into the SPL binary.
|
|
|
|
Note that this entry is automatically replaced with u-boot-spl-expanded
|
|
unless --no-expanded is used or the node has a 'no-expanded' property.
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_bss_pad:
|
|
|
|
Entry: u-boot-spl-bss-pad: U-Boot SPL binary padded with a BSS region
|
|
---------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
None
|
|
|
|
This holds the padding added after the SPL binary to cover the BSS (Block
|
|
Started by Symbol) region. This region holds the various variables used by
|
|
SPL. It is set to 0 by SPL when it starts up. If you want to append data to
|
|
the SPL image (such as a device tree file), you must pad out the BSS region
|
|
to avoid the data overlapping with U-Boot variables. This entry is useful in
|
|
that case. It automatically pads out the entry size to cover both the code,
|
|
data and BSS.
|
|
|
|
The contents of this entry will a certain number of zero bytes, determined
|
|
by __bss_size
|
|
|
|
The ELF file 'spl/u-boot-spl' must also be available for this to work, since
|
|
binman uses that to look up the BSS address.
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_dtb:
|
|
|
|
Entry: u-boot-spl-dtb: U-Boot SPL device tree
|
|
---------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.dtb (default 'spl/u-boot-spl.dtb')
|
|
|
|
This is the SPL device tree, containing configuration information for
|
|
SPL. SPL needs this to know what devices are present and which drivers
|
|
to activate.
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_elf:
|
|
|
|
Entry: u-boot-spl-elf: U-Boot SPL ELF image
|
|
-------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of SPL u-boot (default 'spl/u-boot-spl')
|
|
|
|
This is the U-Boot SPL ELF image. It does not include a device tree but can
|
|
be relocated to any address for execution.
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_expanded:
|
|
|
|
Entry: u-boot-spl-expanded: U-Boot SPL flat binary broken out into its component parts
|
|
--------------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- spl-dtb: Controls whether this entry is selected (set to 'y' or '1' to
|
|
select)
|
|
|
|
This is a section containing the U-Boot binary, BSS padding if needed and a
|
|
devicetree. Using this entry type automatically creates this section, with
|
|
the following entries in it:
|
|
|
|
u-boot-spl-nodtb
|
|
u-boot-spl-bss-pad
|
|
u-boot-dtb
|
|
|
|
Having the devicetree separate allows binman to update it in the final
|
|
image, so that the entries positions are provided to the running U-Boot.
|
|
|
|
This entry is selected based on the value of the 'spl-dtb' entryarg. If
|
|
this is non-empty (and not 'n' or '0') then this expanded entry is selected.
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_nodtb:
|
|
|
|
Entry: u-boot-spl-nodtb: SPL binary without device tree appended
|
|
----------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename to include (default 'spl/u-boot-spl-nodtb.bin')
|
|
|
|
This is the U-Boot SPL binary, It does not include a device tree blob at
|
|
the end of it so may not be able to work without it, assuming SPL needs
|
|
a device tree to operate on your platform. You can add a u-boot-spl-dtb
|
|
entry after this one, or use a u-boot-spl entry instead' which normally
|
|
expands to a section containing u-boot-spl-dtb, u-boot-spl-bss-pad and
|
|
u-boot-spl-dtb
|
|
|
|
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
in the binman README for more information.
|
|
|
|
The ELF file 'spl/u-boot-spl' must also be available for this to work, since
|
|
binman uses that to look up symbols to write into the SPL binary.
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_pubkey_dtb:
|
|
|
|
Entry: u-boot-spl-pubkey-dtb: U-Boot SPL device tree including public key
|
|
-------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- key-name-hint: Public key name without extension (.crt).
|
|
Default is determined by underlying
|
|
bintool (fdt_add_pubkey), usually 'key'.
|
|
- algo: (Optional) Algorithm used for signing. Default is determined by
|
|
underlying bintool (fdt_add_pubkey), usually 'sha1,rsa2048'
|
|
- required: (Optional) If present this indicates that the key must be
|
|
verified for the image / configuration to be
|
|
considered valid
|
|
|
|
The following example shows an image containing an SPL which
|
|
is packed together with the dtb. Binman will add a signature
|
|
node to the dtb.
|
|
|
|
Example node::
|
|
|
|
image {
|
|
...
|
|
spl {
|
|
filename = "spl.bin"
|
|
|
|
u-boot-spl-nodtb {
|
|
};
|
|
u-boot-spl-pubkey-dtb {
|
|
algo = "sha384,rsa4096";
|
|
required = "conf";
|
|
key-name-hint = "dev";
|
|
};
|
|
};
|
|
...
|
|
}
|
|
|
|
|
|
|
|
.. _etype_u_boot_spl_with_ucode_ptr:
|
|
|
|
Entry: u-boot-spl-with-ucode-ptr: U-Boot SPL with embedded microcode pointer
|
|
----------------------------------------------------------------------------
|
|
|
|
This is used when SPL must set up the microcode for U-Boot.
|
|
|
|
See Entry_u_boot_ucode for full details of the entries involved in this
|
|
process.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl:
|
|
|
|
Entry: u-boot-tpl: U-Boot TPL binary
|
|
------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-tpl.bin (default 'tpl/u-boot-tpl.bin')
|
|
|
|
This is the U-Boot TPL (Tertiary Program Loader) binary. This is a small
|
|
binary which loads before SPL, typically into on-chip SRAM. It is
|
|
responsible for locating, loading and jumping to SPL, the next-stage
|
|
loader. Note that SPL is not relocatable so must be loaded to the correct
|
|
address in SRAM, or written to run from the correct address if direct
|
|
flash execution is possible (e.g. on x86 devices).
|
|
|
|
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
in the binman README for more information.
|
|
|
|
The ELF file 'tpl/u-boot-tpl' must also be available for this to work, since
|
|
binman uses that to look up symbols to write into the TPL binary.
|
|
|
|
Note that this entry is automatically replaced with u-boot-tpl-expanded
|
|
unless --no-expanded is used or the node has a 'no-expanded' property.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_bss_pad:
|
|
|
|
Entry: u-boot-tpl-bss-pad: U-Boot TPL binary padded with a BSS region
|
|
---------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
None
|
|
|
|
This holds the padding added after the TPL binary to cover the BSS (Block
|
|
Started by Symbol) region. This region holds the various variables used by
|
|
TPL. It is set to 0 by TPL when it starts up. If you want to append data to
|
|
the TPL image (such as a device tree file), you must pad out the BSS region
|
|
to avoid the data overlapping with U-Boot variables. This entry is useful in
|
|
that case. It automatically pads out the entry size to cover both the code,
|
|
data and BSS.
|
|
|
|
The contents of this entry will a certain number of zero bytes, determined
|
|
by __bss_size
|
|
|
|
The ELF file 'tpl/u-boot-tpl' must also be available for this to work, since
|
|
binman uses that to look up the BSS address.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_dtb:
|
|
|
|
Entry: u-boot-tpl-dtb: U-Boot TPL device tree
|
|
---------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.dtb (default 'tpl/u-boot-tpl.dtb')
|
|
|
|
This is the TPL device tree, containing configuration information for
|
|
TPL. TPL needs this to know what devices are present and which drivers
|
|
to activate.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_dtb_with_ucode:
|
|
|
|
Entry: u-boot-tpl-dtb-with-ucode: U-Boot TPL with embedded microcode pointer
|
|
----------------------------------------------------------------------------
|
|
|
|
This is used when TPL must set up the microcode for U-Boot.
|
|
|
|
See Entry_u_boot_ucode for full details of the entries involved in this
|
|
process.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_elf:
|
|
|
|
Entry: u-boot-tpl-elf: U-Boot TPL ELF image
|
|
-------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of TPL u-boot (default 'tpl/u-boot-tpl')
|
|
|
|
This is the U-Boot TPL ELF image. It does not include a device tree but can
|
|
be relocated to any address for execution.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_expanded:
|
|
|
|
Entry: u-boot-tpl-expanded: U-Boot TPL flat binary broken out into its component parts
|
|
--------------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- tpl-dtb: Controls whether this entry is selected (set to 'y' or '1' to
|
|
select)
|
|
|
|
This is a section containing the U-Boot binary, BSS padding if needed and a
|
|
devicetree. Using this entry type automatically creates this section, with
|
|
the following entries in it:
|
|
|
|
u-boot-tpl-nodtb
|
|
u-boot-tpl-bss-pad
|
|
u-boot-dtb
|
|
|
|
Having the devicetree separate allows binman to update it in the final
|
|
image, so that the entries positions are provided to the running U-Boot.
|
|
|
|
This entry is selected based on the value of the 'tpl-dtb' entryarg. If
|
|
this is non-empty (and not 'n' or '0') then this expanded entry is selected.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_nodtb:
|
|
|
|
Entry: u-boot-tpl-nodtb: TPL binary without device tree appended
|
|
----------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename to include (default 'tpl/u-boot-tpl-nodtb.bin')
|
|
|
|
This is the U-Boot TPL binary, It does not include a device tree blob at
|
|
the end of it so may not be able to work without it, assuming TPL needs
|
|
a device tree to operate on your platform. You can add a u-boot-tpl-dtb
|
|
entry after this one, or use a u-boot-tpl entry instead, which normally
|
|
expands to a section containing u-boot-tpl-dtb, u-boot-tpl-bss-pad and
|
|
u-boot-tpl-dtb
|
|
|
|
TPL can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
in the binman README for more information.
|
|
|
|
The ELF file 'tpl/u-boot-tpl' must also be available for this to work, since
|
|
binman uses that to look up symbols to write into the TPL binary.
|
|
|
|
|
|
|
|
.. _etype_u_boot_tpl_with_ucode_ptr:
|
|
|
|
Entry: u-boot-tpl-with-ucode-ptr: U-Boot TPL with embedded microcode pointer
|
|
----------------------------------------------------------------------------
|
|
|
|
See Entry_u_boot_ucode for full details of the entries involved in this
|
|
process.
|
|
|
|
|
|
|
|
.. _etype_u_boot_ucode:
|
|
|
|
Entry: u-boot-ucode: U-Boot microcode block
|
|
-------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
None
|
|
|
|
The contents of this entry are filled in automatically by other entries
|
|
which must also be in the image.
|
|
|
|
U-Boot on x86 needs a single block of microcode. This is collected from
|
|
the various microcode update nodes in the device tree. It is also unable
|
|
to read the microcode from the device tree on platforms that use FSP
|
|
(Firmware Support Package) binaries, because the API requires that the
|
|
microcode is supplied before there is any SRAM available to use (i.e.
|
|
the FSP sets up the SRAM / cache-as-RAM but does so in the call that
|
|
requires the microcode!). To keep things simple, all x86 platforms handle
|
|
microcode the same way in U-Boot (even non-FSP platforms). This is that
|
|
a table is placed at _dt_ucode_base_size containing the base address and
|
|
size of the microcode. This is either passed to the FSP (for FSP
|
|
platforms), or used to set up the microcode (for non-FSP platforms).
|
|
This all happens in the build system since it is the only way to get
|
|
the microcode into a single blob and accessible without SRAM.
|
|
|
|
There are two cases to handle. If there is only one microcode blob in
|
|
the device tree, then the ucode pointer it set to point to that. This
|
|
entry (u-boot-ucode) is empty. If there is more than one update, then
|
|
this entry holds the concatenation of all updates, and the device tree
|
|
entry (u-boot-dtb-with-ucode) is updated to remove the microcode. This
|
|
last step ensures that that the microcode appears in one contiguous
|
|
block in the image and is not unnecessarily duplicated in the device
|
|
tree. It is referred to as 'collation' here.
|
|
|
|
Entry types that have a part to play in handling microcode:
|
|
|
|
Entry_u_boot_with_ucode_ptr:
|
|
Contains u-boot-nodtb.bin (i.e. U-Boot without the device tree).
|
|
It updates it with the address and size of the microcode so that
|
|
U-Boot can find it early on start-up.
|
|
Entry_u_boot_dtb_with_ucode:
|
|
Contains u-boot.dtb. It stores the microcode in a
|
|
'self.ucode_data' property, which is then read by this class to
|
|
obtain the microcode if needed. If collation is performed, it
|
|
removes the microcode from the device tree.
|
|
Entry_u_boot_ucode:
|
|
This class. If collation is enabled it reads the microcode from
|
|
the Entry_u_boot_dtb_with_ucode entry, and uses it as the
|
|
contents of this entry.
|
|
|
|
|
|
|
|
.. _etype_u_boot_vpl:
|
|
|
|
Entry: u-boot-vpl: U-Boot VPL binary
|
|
------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-vpl.bin (default 'vpl/u-boot-vpl.bin')
|
|
|
|
This is the U-Boot VPL (Verifying Program Loader) binary. This is a small
|
|
binary which loads before SPL, typically into on-chip SRAM. It is
|
|
responsible for locating, loading and jumping to SPL, the next-stage
|
|
loader. Note that VPL is not relocatable so must be loaded to the correct
|
|
address in SRAM, or written to run from the correct address if direct
|
|
flash execution is possible (e.g. on x86 devices).
|
|
|
|
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
in the binman README for more information.
|
|
|
|
The ELF file 'vpl/u-boot-vpl' must also be available for this to work, since
|
|
binman uses that to look up symbols to write into the VPL binary.
|
|
|
|
|
|
|
|
.. _etype_u_boot_vpl_bss_pad:
|
|
|
|
Entry: u-boot-vpl-bss-pad: U-Boot VPL binary padded with a BSS region
|
|
---------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
None
|
|
|
|
This holds the padding added after the VPL binary to cover the BSS (Block
|
|
Started by Symbol) region. This region holds the various variables used by
|
|
VPL. It is set to 0 by VPL when it starts up. If you want to append data to
|
|
the VPL image (such as a device tree file), you must pad out the BSS region
|
|
to avoid the data overlapping with U-Boot variables. This entry is useful in
|
|
that case. It automatically pads out the entry size to cover both the code,
|
|
data and BSS.
|
|
|
|
The contents of this entry will a certain number of zero bytes, determined
|
|
by __bss_size
|
|
|
|
The ELF file 'vpl/u-boot-vpl' must also be available for this to work, since
|
|
binman uses that to look up the BSS address.
|
|
|
|
|
|
|
|
.. _etype_u_boot_vpl_dtb:
|
|
|
|
Entry: u-boot-vpl-dtb: U-Boot VPL device tree
|
|
---------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot.dtb (default 'vpl/u-boot-vpl.dtb')
|
|
|
|
This is the VPL device tree, containing configuration information for
|
|
VPL. VPL needs this to know what devices are present and which drivers
|
|
to activate.
|
|
|
|
|
|
|
|
.. _etype_u_boot_vpl_elf:
|
|
|
|
Entry: u-boot-vpl-elf: U-Boot VPL ELF image
|
|
-------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of VPL u-boot (default 'vpl/u-boot-vpl')
|
|
|
|
This is the U-Boot VPL ELF image. It does not include a device tree but can
|
|
be relocated to any address for execution.
|
|
|
|
|
|
|
|
.. _etype_u_boot_vpl_expanded:
|
|
|
|
Entry: u-boot-vpl-expanded: U-Boot VPL flat binary broken out into its component parts
|
|
--------------------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- vpl-dtb: Controls whether this entry is selected (set to 'y' or '1' to
|
|
select)
|
|
|
|
This is a section containing the U-Boot binary, BSS padding if needed and a
|
|
devicetree. Using this entry type automatically creates this section, with
|
|
the following entries in it:
|
|
|
|
u-boot-vpl-nodtb
|
|
u-boot-vpl-bss-pad
|
|
u-boot-dtb
|
|
|
|
Having the devicetree separate allows binman to update it in the final
|
|
image, so that the entries positions are provided to the running U-Boot.
|
|
|
|
This entry is selected based on the value of the 'vpl-dtb' entryarg. If
|
|
this is non-empty (and not 'n' or '0') then this expanded entry is selected.
|
|
|
|
|
|
|
|
.. _etype_u_boot_vpl_nodtb:
|
|
|
|
Entry: u-boot-vpl-nodtb: VPL binary without device tree appended
|
|
----------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename to include (default 'vpl/u-boot-vpl-nodtb.bin')
|
|
|
|
This is the U-Boot VPL binary, It does not include a device tree blob at
|
|
the end of it so may not be able to work without it, assuming VPL needs
|
|
a device tree to operate on your platform. You can add a u_boot_vpl_dtb
|
|
entry after this one, or use a u_boot_vpl entry instead, which normally
|
|
expands to a section containing u-boot-vpl-dtb, u-boot-vpl-bss-pad and
|
|
u-boot-vpl-dtb
|
|
|
|
VPL can access binman symbols at runtime. See :ref:`binman_fdt`.
|
|
|
|
The ELF file 'vpl/u-boot-vpl' must also be available for this to work, since
|
|
binman uses that to look up symbols to write into the VPL binary.
|
|
|
|
|
|
|
|
.. _etype_u_boot_with_ucode_ptr:
|
|
|
|
Entry: u-boot-with-ucode-ptr: U-Boot with embedded microcode pointer
|
|
--------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-nodtb.bin (default 'u-boot-nodtb.bin')
|
|
- optional-ucode: boolean property to make microcode optional. If the
|
|
u-boot.bin image does not include microcode, no error will
|
|
be generated.
|
|
|
|
See Entry_u_boot_ucode for full details of the three entries involved in
|
|
this process. This entry updates U-Boot with the offset and size of the
|
|
microcode, to allow early x86 boot code to find it without doing anything
|
|
complicated. Otherwise it is the same as the u-boot entry.
|
|
|
|
|
|
|
|
.. _etype_vblock:
|
|
|
|
Entry: vblock: An entry which contains a Chromium OS verified boot block
|
|
------------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- content: List of phandles to entries to sign
|
|
- keydir: Directory containing the public keys to use
|
|
- keyblock: Name of the key file to use (inside keydir)
|
|
- signprivate: Name of provide key file to use (inside keydir)
|
|
- version: Version number of the vblock (typically 1)
|
|
- kernelkey: Name of the kernel key to use (inside keydir)
|
|
- preamble-flags: Value of the vboot preamble flags (typically 0)
|
|
|
|
Output files:
|
|
- input.<unique_name> - input file passed to futility
|
|
- vblock.<unique_name> - output file generated by futility (which is
|
|
used as the entry contents)
|
|
|
|
Chromium OS signs the read-write firmware and kernel, writing the signature
|
|
in this block. This allows U-Boot to verify that the next firmware stage
|
|
and kernel are genuine.
|
|
|
|
|
|
|
|
.. _etype_x509_cert:
|
|
|
|
Entry: x509-cert: An entry which contains an X509 certificate
|
|
-------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- content: List of phandles to entries to sign
|
|
|
|
Output files:
|
|
- input.<unique_name> - input file passed to openssl
|
|
- cert.<unique_name> - output file generated by openssl (which is
|
|
used as the entry contents)
|
|
|
|
openssl signs the provided data, writing the signature in this entry. This
|
|
allows verification that the data is genuine
|
|
|
|
|
|
|
|
.. _etype_x86_reset16:
|
|
|
|
Entry: x86-reset16: x86 16-bit reset code for U-Boot
|
|
----------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-x86-reset16.bin (default
|
|
'u-boot-x86-reset16.bin')
|
|
|
|
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
|
|
must be placed at a particular address. This entry holds that code. It is
|
|
typically placed at offset CONFIG_RESET_VEC_LOC. The code is responsible
|
|
for jumping to the x86-start16 code, which continues execution.
|
|
|
|
For 64-bit U-Boot, the 'x86_reset16_spl' entry type is used instead.
|
|
|
|
|
|
|
|
.. _etype_x86_reset16_spl:
|
|
|
|
Entry: x86-reset16-spl: x86 16-bit reset code for U-Boot
|
|
--------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-x86-reset16.bin (default
|
|
'u-boot-x86-reset16.bin')
|
|
|
|
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
|
|
must be placed at a particular address. This entry holds that code. It is
|
|
typically placed at offset CONFIG_RESET_VEC_LOC. The code is responsible
|
|
for jumping to the x86-start16 code, which continues execution.
|
|
|
|
For 32-bit U-Boot, the 'x86_reset_spl' entry type is used instead.
|
|
|
|
|
|
|
|
.. _etype_x86_reset16_tpl:
|
|
|
|
Entry: x86-reset16-tpl: x86 16-bit reset code for U-Boot
|
|
--------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-x86-reset16.bin (default
|
|
'u-boot-x86-reset16.bin')
|
|
|
|
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
|
|
must be placed at a particular address. This entry holds that code. It is
|
|
typically placed at offset CONFIG_RESET_VEC_LOC. The code is responsible
|
|
for jumping to the x86-start16 code, which continues execution.
|
|
|
|
For 32-bit U-Boot, the 'x86_reset_tpl' entry type is used instead.
|
|
|
|
|
|
|
|
.. _etype_x86_start16:
|
|
|
|
Entry: x86-start16: x86 16-bit start-up code for U-Boot
|
|
-------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of u-boot-x86-start16.bin (default
|
|
'u-boot-x86-start16.bin')
|
|
|
|
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
|
|
must be placed in the top 64KB of the ROM. The reset code jumps to it. This
|
|
entry holds that code. It is typically placed at offset
|
|
CONFIG_SYS_X86_START16. The code is responsible for changing to 32-bit mode
|
|
and jumping to U-Boot's entry point, which requires 32-bit mode (for 32-bit
|
|
U-Boot).
|
|
|
|
For 64-bit U-Boot, the 'x86_start16_spl' entry type is used instead.
|
|
|
|
|
|
|
|
.. _etype_x86_start16_spl:
|
|
|
|
Entry: x86-start16-spl: x86 16-bit start-up code for SPL
|
|
--------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of spl/u-boot-x86-start16-spl.bin (default
|
|
'spl/u-boot-x86-start16-spl.bin')
|
|
|
|
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
|
|
must be placed in the top 64KB of the ROM. The reset code jumps to it. This
|
|
entry holds that code. It is typically placed at offset
|
|
CONFIG_SYS_X86_START16. The code is responsible for changing to 32-bit mode
|
|
and jumping to U-Boot's entry point, which requires 32-bit mode (for 32-bit
|
|
U-Boot).
|
|
|
|
For 32-bit U-Boot, the 'x86-start16' entry type is used instead.
|
|
|
|
|
|
|
|
.. _etype_x86_start16_tpl:
|
|
|
|
Entry: x86-start16-tpl: x86 16-bit start-up code for TPL
|
|
--------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- filename: Filename of tpl/u-boot-x86-start16-tpl.bin (default
|
|
'tpl/u-boot-x86-start16-tpl.bin')
|
|
|
|
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
|
|
must be placed in the top 64KB of the ROM. The reset code jumps to it. This
|
|
entry holds that code. It is typically placed at offset
|
|
CONFIG_SYS_X86_START16. The code is responsible for changing to 32-bit mode
|
|
and jumping to U-Boot's entry point, which requires 32-bit mode (for 32-bit
|
|
U-Boot).
|
|
|
|
If TPL is not being used, the 'x86-start16-spl or 'x86-start16' entry types
|
|
may be used instead.
|
|
|
|
|
|
|
|
.. _etype_xilinx_bootgen:
|
|
|
|
Entry: xilinx-bootgen: Signed SPL boot image for Xilinx ZynqMP devices
|
|
----------------------------------------------------------------------
|
|
|
|
Properties / Entry arguments:
|
|
- auth-params: (Optional) Authentication parameters passed to bootgen
|
|
- fsbl-config: (Optional) FSBL parameters passed to bootgen
|
|
- keysrc-enc: (Optional) Key source when using decryption engine
|
|
- pmufw-filename: Filename of PMU firmware. Default: pmu-firmware.elf
|
|
- psk-key-name-hint: Name of primary secret key to use for signing the
|
|
secondardy public key. Format: .pem file
|
|
- ssk-key-name-hint: Name of secondardy secret key to use for signing
|
|
the boot image. Format: .pem file
|
|
|
|
The etype is used to create a boot image for Xilinx ZynqMP
|
|
devices.
|
|
|
|
Information for signed images:
|
|
|
|
In AMD/Xilinx SoCs, two pairs of public and secret keys are used
|
|
- primary and secondary. The function of the primary public/secret key pair
|
|
is to authenticate the secondary public/secret key pair.
|
|
The function of the secondary key is to sign/verify the boot image. [1]
|
|
|
|
AMD/Xilinx uses the following terms for private/public keys [1]:
|
|
|
|
PSK = Primary Secret Key (Used to sign Secondary Public Key)
|
|
PPK = Primary Public Key (Used to verify Secondary Public Key)
|
|
SSK = Secondary Secret Key (Used to sign the boot image/partitions)
|
|
SPK = Used to verify the actual boot image
|
|
|
|
The following example builds a signed boot image. The fuses of
|
|
the primary public key (ppk) should be fused together with the RSA_EN flag.
|
|
|
|
Example node::
|
|
|
|
spl {
|
|
filename = "boot.signed.bin";
|
|
|
|
xilinx-bootgen {
|
|
psk-key-name-hint = "psk0";
|
|
ssk-key-name-hint = "ssk0";
|
|
auth-params = "ppk_select=0", "spk_id=0x00000000";
|
|
|
|
u-boot-spl-nodtb {
|
|
};
|
|
u-boot-spl-pubkey-dtb {
|
|
algo = "sha384,rsa4096";
|
|
required = "conf";
|
|
key-name-hint = "dev";
|
|
};
|
|
};
|
|
};
|
|
|
|
For testing purposes, e.g. if no RSA_EN should be fused, one could add
|
|
the "bh_auth_enable" flag in the fsbl-config field. This will skip the
|
|
verification of the ppk fuses and boot the image, even if ppk hash is
|
|
invalid.
|
|
|
|
Example node::
|
|
|
|
xilinx-bootgen {
|
|
psk-key-name-hint = "psk0";
|
|
psk-key-name-hint = "ssk0";
|
|
...
|
|
fsbl-config = "bh_auth_enable";
|
|
...
|
|
};
|
|
|
|
[1] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/Using-Authentication
|
|
|
|
|
|
|
|
|