Age | Commit message (Collapse) | Author |
|
When authenticating the initial boot binary the ROM will check a debug
type value in the certificate and based on that open JTAG access to that
core. This only effects HS devices as non-HS device ROM allows JTAG
by default.
This can be useful for HS developers working in the early boot stage,
before SYSFW is loaded. After that point the JTAG access can be
changed based on board configurations passed to SYSFW.
This access can also be a large security problem as JTAG access on
HS devices can be used to circumvent the chain-of-trust controls.
Accidentally leaving this open defeats the security on HS, due to this
change the default to disabled.
This should only effect those working on early HS boot code, which
is a limited crowd who will already know how to re-enable this access
as needed.
Signed-off-by: Andrew F. Davis <afd@ti.com>
|
|
When authenticating the initial boot binary the ROM will check a debug
type value in the certificate and based on that open JTAG access to that
core.
Make this selectable in the signing tool to allow it to be enabled or
disabled based on user command line input.
This does not change the default behavior.
Signed-off-by: Andrew F. Davis <afd@ti.com>
|
|
This option currently does not add any sort of hash to the images in the
FIT.
Add a hash node requesting a crc32 checksum, which at least provides some
protection.
The crc32 value is easily ignored (e.g. in SPL) if not needed. and takes
up only about 48 bytes per image, including overhead.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Wolfgang Denk <wd@denx.de>
|
|
When using CONFIG_ENV_IS_IN_FAT and the config-file specifies a size
larger than what U-Boot wrote into the env-file, a confusing error
message is shown:
$ fw_printenv
Read error on /boot/uboot.env: Success
Fix this by showing a different error message when read returns too
little data.
Signed-off-by: Harald Seiler <hws@denx.de>
|
|
This patch adds or modifies functional tests for the Cover-changes,
Commit-changes, and Series-process-log tags in order to account for new
behavior added in the previous few patches. The '(no changes since v1)'
case is not tested for, since that would need an additional commit to test
in addition to testing the existing code paths.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This patch adds support to multi-line changes. That is, if one has a line
in a changelog like
- Do a thing but
it spans multiple lines
Using Series-process-log sort would sort as if those lines were unrelated.
With this patch, any change line starting with whitespace will be
considered part of the change before it.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
By default patman generates a combined changelog for the cover letter. This
may not always be desirable.
Many patches may have the same changes. These can be coalesced with
"Series-process-log: uniq", but this is imperfect. Similar changes like
"Move foo to patch 7" will not be merged with the similar "Move foo to this
patch from patch 6".
Changes may not make sense outside of the patch they are written for. For
example, a change line of "Add check for bar" does not make sense outside
of the context in which bar might be checked for. Some changes like "New"
or "Lint" may be repeated many times throughout different change logs, but
carry no useful information in a summary.
Lastly, I like to summarize the broad strokes of the changes I have made in
the cover letter, while documenting all the details in the appropriate
patches. I think this makes it easier to get a good feel for what has
changed, without making it difficult to wade through every change in the
whole series.
This patch adds two new tags to add changelog entries which only appear in
the cover letter, or only appear in the commit. Changes documented with
"Commit-changes" will only appear in the commit, and will not appear in the
cover letter. Changes documented with "Cover-changes" will not appear in
any commit, and will only appear in the cover letter.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Patman outputs a line for every edition of the series in every patch,
regardless of whether any changes were made. This can result in many
redundant lines in patch changelogs, especially when a patch did not exist
before a certain revision. For example, the existing behaviour could result
in a changelog of
Changes in v7: None
Changes in v6: None
Changes in v5:
- Make a change
Changes in v4: None
Changes in v3:
- New
Changes in v2: None
With this patch applied and with --no-empty-changes, the same patch would
look like
(no changes since v5)
Changes in v5:
- Make a change
Changes in v3:
- New
This is entirely aesthetic, but I think it reduces clutter, especially for
patches added later on in a series.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Some mailing lists have size limits and when we add binary contents
to our patches it's easy to exceed the size limits.
Git supports a command line option "--no-binary" to generate patches
without any binary contents. Add an option in patman to handle this.
Note with this option patches cannot be applied properly, but they
are still useful for code review.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Sort the existing command line options by:
- help comes first
- option starts with '-'
- option starts with '--'
Lower case followed by upper case letters, in alphabetical order.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
As reported by Nicolas Carrier on the Buildroot mailing list [1],
there is a new build issue while building a program which interacts with
the u-boot environment. This program uses the headers of the ubootenv
library provided by uboot-tools.
This is a recent change from uboot [2] adding "#include <env.h>" to
fw_env.h. Adding env.h require a board configuration to build since
it also include compiler.h (and others uboot internal includes).
env.h include seems not needed since env_set() is not used in fw_env tool.
Nicolas removed env.h from fw_env tool and fixed it's build issue.
This problem is present since uboot v2019.10.
[1] http://lists.busybox.net/pipermail/buildroot/2020-April/280307.html
[2] https://gitlab.denx.de/u-boot/u-boot/-/commit/9fb625ce05539fe6876a59ce1dcadb76b33c6f6e
Reported-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
|
|
Building with -Wtype-limits yields
tools/rkcommon.c: In function ‘rkcommon_check_params’:
tools/rkcommon.c:158:27: warning: comparison of
unsigned expression < 0 is always false [-Wtype-limits]
158 | if (spl_params.init_size < 0)
| ^
tools/rkcommon.c:165:28: warning: comparison of
unsigned expression < 0 is always false [-Wtype-limits]
165 | if (spl_params.boot_size < 0)
|
Fix the value checks.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
|
|
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Move this uncommon header out of the common header.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
GCC recognizes /* fallthrough */ if -Wimplicit-fallthrough=3 is enabled.
Let's use it consistently.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
GCC recognizes /* fallthrough */ if -Wimplicit-fallthrough=3 is enabled.
Let's use it consistently.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
Have this symbol follow the pattern of all other such symbols.
This patch also removes a TODO from the code.
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
|
|
This has been reported to break booting of U-Boot from SPL on a number
of platforms due to a lack of alignment of the external data. The
issues this commit is addressing will need to be resolved another way.
Re-introduce a data leak in the padding for now.
This reverts commit 20a154f95bfe0a3b5bfba90bea7f001c58217536.
Reported-by: Alex Kiernan <alex.kiernan@gmail.com>
Reported-by: Michael Walle <michael@walle.cc>
Tested-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
There is no reason to tail-pad fitImage with external data to 4-bytes,
while fitImage without external data does not have any such padding and
is often unaligned. DT spec also does not mandate any such padding.
Moreover, the tail-pad fills the last few bytes with uninitialized data,
which could lead to a potential information leak.
$ echo -n xy > /tmp/data ; \
./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; \
hexdump -vC /tmp/fitImage | tail -n 3
before:
00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si|
00000270 7a 65 00 00 78 79 64 64 |ze..xydd|
^^ ^^ ^^
after:
00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si|
00000270 7a 65 00 78 79 |ze.xy|
Signed-off-by: Marek Vasut <marex@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Tom Rini <trini@konsulko.com>
|
|
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
|
|
The cmdline for calling the dtc was cut-off when using long filenames (e.g.
245 bytes) for output-file and datafile of "-f" parameter.
For FIT-images cmd[MKIMAGE_MAX_DTC_CMDLINE_LEN] is declared (hardcoded 512 bytes),
and contains some static values, the path of a tmpfile and a datafile. tmpfile is
max MKIMAGE_MAX_TMPFILE_LEN (256) and datafile might be also this size. Having two
very long pathname results in a truncation os the executed shell command, as the
truncated datafile path will not be found.
Redefine MKIMAGE_MAX_DTC_CMDLINE_LEN to "2 * MKIMAGE_MAX_TMPFILE_LEN + 35 for the
parameters.
This likely applies to the "-d" parameter, too.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
|
|
Move Python tools to use absolute paths
Minor buildman fixes for new features
Make libfdt code more similar to upsteam
|
|
We have a board with several revisions. The older ones use a nor flash
with 64k erase size, while the newer have a flash with 4k sectors. The
environment size is 8k.
Currently, we have to put a column containing 0x10000 (64k) in
fw_env.config in order for it to work on the older boards. But that
ends up wasting quite a lot of time on the newer boards that could
just erase the 8k occupied by the environment - strace says the 64k
erase takes 0.405 seconds. With this patch, as expected, that's about
an 8-fold better, at 0.043 seconds.
Having different fw_env.config files for the different revisions is
highly impractical, and the correct information is already available
right at our fingertips. So use the erasesize returned by the
MEMGETINFO ioctl when the fourth and fifth columns (sector size and
#sectors, respectively) are absent or contain 0, a case where the
logic previously used to use the environment size as erase size (and
consequently computed ENVSECTORS(dev) as 1).
As I'm only testing this on a NOR flash, I'm only changing the logic
for that case, though I think it should be possible for the other
types as well.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
|
|
Now that we are using absolute paths we can remove some of the sys.path
mangling that appears in the tools.
We only need to add the path to 'tools/' so that everything can find
modules relative to that directory.
The special paths for finding pylibfdt remain.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present patman sets the python path on startup so that it can access
the libraries it needs. If we convert to use absolute imports this is not
necessary.
Move patman to use absolute imports. This requires changes in tools which
use the patman libraries (which is most of them).
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present binman sets the python path on startup so that it can access
the libraries it needs. If we convert to use absolute imports this is not
necessary.
Move binman to use absolute imports. This enables removable of the path
adjusting in Entry also.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present buildman sets the python path on startup so that it can access
the libraries it needs. If we convert to use absolute imports this is not
necessary.
Move buildman to use absolute imports. Also adjust moveconfig.py too since
it uses some buildman modules and cannot work without this.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This code is useful in other tools. Move it into a common file so it can
be shared.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We don't need to run test coverage with Python 2 now. Drop the
special-case code.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Python does not like the module name being the same as the module
directory. To allow buildman modules to be used from other tools, rename
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Python does not like the module name being the same as the module
directory. To allow dtoc modules to be used from other tools, rename
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Python does not like the module name being the same as the module
directory. To allow buildman modules to be used from other tools, rename
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We can rely on Python 3 now, so drop the workaround for importing
StringIO.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
We don't need these now that the tools using Python 3. Drop them.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This script already works with Python 3. Make it use that by default so
that it can import the patman libraries.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
Python does not like the module name being the same as the module
directory. To allow patman modules to be used from other tools, rename
it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present buildman does not write its own output files (err, done, the
environment) when using -w. However this is useful for when the build is
run with -s to check it.
In fact ProduceResultSummary() reads the result from those files rather
than using the 'result' info directly. So ProcessResult() does not work
with -w at present. It does not print any output.
Fix this by writing output files even when -w is used.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
At present the environment used by U-Boot is written to the 'env'
directory. This is fine when the output directory is not the same as the
source directory, but when it is (as with -w) it conflicts with the source
directory of the same name.
Rename 'env' to 'out-env' to fix this.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
It is a bad idea to use the default output directory ('..') with -w since
it does a build in that directory and writes various files these.
Require that -o is given to avoid this problem.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This was broken when -a was removed and unfortunately there are no tests
for this. Fix it.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
The naming is slightly different on kernel.org now. Update the regex so
that the test still passes.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
fdt_region APIs are not part of libfdt. They are U-Boot extension
for the verified boot. Split the declarations related to fdt_region
out of <fdt_region.h>. This allows <linux/libfdt.h> to become a
simple wrapper file, like Linux does.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
My goal is to sync lib/libfdt/ with scripts/dtc/libfdt/, that is,
make lib/libfdt/ contain only wrapper files.
fdt_region.c was written only for U-Boot to implement the verified
boot. So, this belongs to the same group as common/fdt_support.c,
which is a collection of U-Boot own fdt helpers.
Move lib/libfdt/fdt_region.c to common/fdt_region.c . This is
necessary only when CONFIG_(SPL_TPL_)_FIT_SIGNATURE is enabled.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
There is no essential difference between scripts/dtc/libfdt/fdt_ro.c
and lib/libfdt/fdt_ro.c
Migrate to a simple wrapper like the other files.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
If given ptr to free() is NULL, no operation is performed.
Hence we can just free buf directly in fit_extract_data().
Signed-off-by: Bin Meng <bin.meng@windriver.com>
|
|
Without calling munmap(), the follow-up call to open() the same file
with a flag O_TRUNC seems not to cause any issue on Linux, but it fails
on Windows with error like below:
Can't open kernel_fdt.itb.tmp: Permission denied
Fix this by unmapping the memory before closing fd in fit_import_data().
Signed-off-by: Lihua Zhao <lihua.zhao@windriver.com>
Signed-off-by: Bin Meng <bin.meng@windriver.com>
|
|
MinGW build for U-Boot tools has been broken for years. The official
support of Windows build is now MSYS2. Remove the MinGW support codes.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
|
|
When building on a 32bit host the following warning occurs:
tools/image-host.c: In function ‘fit_image_read_data’:
tools/image-host.c:310:42: warning: format ‘%ld’ expects argument of type
‘long int’, but argument 3 has type ‘ssize_t’ {aka ‘int’} [-Wformat=]
printf("Can't read all file %s (read %ld bytes, expexted %ld)\n",
~~^
%d
filename, n, sbuf.st_size);
~
n is of type ssize_t so we should use %zd for printing.
Fixes: 7298e422504e ("mkimage: fit: add support to encrypt image with aes")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
The image is usually stored in block device like emmc, SD card, make the
offset of image data aligned to block(512 byte) can avoid data copy
during boot process.
eg. SPL boot from FIT image with external data:
- SPL read the first block of FIT image, and then parse the header;
- SPL read image data separately;
- The first image offset is the base_offset which is the header size;
- The second image offset is just after the first image;
- If the offset of imge does not aligned, SPL will do memcpy;
The header size is a ramdon number, which is very possible not aligned, so
add '-B size'to specify the align size in hex for better performance.
example usage:
./tools/mkimage -E -f u-boot.its -B 0x200 u-boot.itb
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp>
Reviewed-by: Tom Rini <trini@konsulko.com>
|
|
Use the ALIGN() for size align so that the code is more readable.
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
Reviewed-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|