01 Apr, 2020
3 commits
-
These are used in multiple places so update them to use a shared #define.
Signed-off-by: Simon Glass
Reviewed-by: Philippe Reynes -
It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.Signed-off-by: Simon Glass
-
This should mention that conf_uname can be NULL and should be in the
header file. Fix this.Signed-off-by: Simon Glass
31 Mar, 2020
1 commit
-
This adds the check against IH_OS_VXWORKS during FIT image load,
to allow loading FIT image for VxWorks.Signed-off-by: Lihua Zhao
Signed-off-by: Bin Meng
Reviewed-by: Bin Meng
13 Mar, 2020
1 commit
-
GCC-10 reports:
In file included from tools/common/image-fit.c:1:
include/image.h: In function ‘fit_image_get_data_and_size’:
./tools/../common/image-fit.c:1015:9: warning: ‘len’ may be used
uninitialized in this function [-Wmaybe-uninitialized]
1015 | *size = len;
| ~~~~~~^~~~~
./tools/../common/image-fit.c:996:6: note: ‘len’ was declared here
996 | int len;
| ^~~Add the missing check of the return value of fit_image_get_data_size().
Fixes: c3c863880479 ("add FIT data-position & data-offset property support")
Signed-off-by: Heinrich Schuchardt
Reviewed-by: Simon Goldschmidt
17 Jan, 2020
2 commits
-
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.Signed-off-by: Philippe Reynes
-
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.Signed-off-by: Philippe Reynes
08 Jan, 2020
1 commit
-
Add a new OS type to be used for chain-loading an EFI compatible
firmware or boot loader like GRUB2, possibly in a verified boot
scenario.Bellow is sample ITS file that generates a FIT image supporting
secure boot. Please note the presence of 'os = "efi";' line, which
identifies the currently introduced OS type:/ {
#address-cells = ;images {
efi-grub {
description = "GRUB EFI";
data = /incbin/("bootarm.efi");
type = "kernel_noload";
arch = "arm";
os = "efi";
compression = "none";
load = ;
entry = ;
hash-1 {
algo = "sha256";
};
};
};configurations {
default = "config-grub";
config-grub {
kernel = "efi-grub";
signature-1 {
algo = "sha256,rsa2048";
sign-images = "kernel";
};
};
};
};Signed-off-by: Cristian Ciocaltea
Reviewed-by: Heinrich Schuchardt
03 Dec, 2019
1 commit
-
Drop inclusion of crc.h in common.h and use the correct header directly
instead.With this we can drop the conflicting definition in fw_env.h and rely on
the crc.h header, which is already included.Signed-off-by: Simon Glass
Reviewed-by: Tom Rini
08 Aug, 2019
1 commit
-
The Linux ramdisk should always be decompressed by the kernel itself,
not by U-Boot. Therefore, the 'compression' node in the FIT image should
always be set to "none" for ramdisk images, since the only point of
using that node is if you want U-Boot to do the decompression itself.Yet some systems populate the node to the compression algorithm used by
the kernel instead. This used to be ignored, but now that we support
decompression of all image types it becomes a problem. Since ramdisks
should never be decompressed by U-Boot anyway, this patch adds a special
exception for them to avoid these issues. Still, setting the
'compression' node like that is wrong in the first place, so we still
want to print out a warning so that third-party distributions doing this
can notice and fix it.Signed-off-by: Julius Werner
Reviewed-by: Heiko Schocher
Tested-by: Heiko Schocher
Reviewed-by: Simon Goldschmidt
29 Jul, 2019
2 commits
-
This patch adds support for an optional optimization to compatible
string matching where the compatible string property from the root node
of the kernel FDT can be copied into the configuration node of the FIT
image. This is most useful when using compressed FDTs or when using FDT
overlays, where the traditional extraction of the compatible string from
the kernel FDT itself is not easily possible.Signed-off-by: Julius Werner
Reviewed-by: Simon Glass -
This patch adds support for compressing non-kernel image nodes in a FIT
image (kernel nodes could already be compressed previously). This can
reduce the size of FIT images and therefore improve boot times
(especially when an image bundles many different kernel FDTs). The
images will automatically be decompressed on load.This patch does not support extracting compatible strings from
compressed FDTs, so it's not very helpful in conjunction with
CONFIG_FIT_BEST_MATCH yet, but it can already be used in environments
that select the configuration to load explicitly.Signed-off-by: Julius Werner
Reviewed-by: Simon Glass
Reviewed-by: Simon Goldschmidt
23 Apr, 2019
1 commit
-
Currently only the first fdt is loaded from the extra configuration of
FIT image.
If the configuration have multiple fdt, load them all as well.Signed-off-by: Peter Ujfalusi
Reviewed-by: Lokesh Vutla
03 Dec, 2018
1 commit
-
The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.Signed-off-by: Philippe Reynes
Reviewed-by: Simon Glass
11 Jul, 2018
1 commit
-
Rather than verifying configuration signature of the configuration node
containing the kernel image types, verify all configuration nodes, even
those that do not contain kernel images. This is useful when the nodes
contain ie. standalone OSes or U-Boot.Signed-off-by: Marek Vasut
Cc: Tom Rini
Cc: Pantelis Antoniou
Cc: Simon Glass
Reviewed-by: Simon Glass
27 May, 2018
1 commit
-
Add FIT data-position & data-offset property support for bootm,
which were already supported in SPL.Signed-off-by: Kelvin Cheung
24 May, 2018
4 commits
-
Just add IH_TYPE_STANDALONE to fit_get_image_type_property().
Signed-off-by: Marek Vasut
Cc: Pantelis Antoniou
Cc: Simon Glass
Reviewed-by: Simon Glass -
These functions may be needed in SPL, so add empty variants of them
if CONFIG_SPL_FIT_PRINT is disabled.Signed-off-by: Marek Vasut
Cc: Pantelis Antoniou
Cc: Simon Glass
Reviewed-by: Simon Glass -
Rename CONFIG_FIT_SPL_PRINT to CONFIG_SPL_FIT_PRINT and add Kconfig
entry for it.Signed-off-by: Marek Vasut
Cc: Pantelis Antoniou
Cc: Simon Glass
Reviewed-by: Simon Glass -
We only call fit_conf_print from one place in the code, so mark it as
static and move it up to where we call it. This in turn has us move a
few other already static functions up further as well.Signed-off-by: Tom Rini
09 May, 2018
1 commit
-
The signature/hash information are displayed for images but nor for
configurations.Add subnodes printing in fit_conf_print() like it's done in fit_image_print()
Signed-off-by: Clément Péron
[trini: Add guards around fit_conf_print to avoid warnings]
Signed-off-by: Tom Rini
07 May, 2018
1 commit
-
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.Signed-off-by: Tom Rini
07 Apr, 2018
2 commits
-
SPL ATF implementation requires FIT image with partitions where the one
is Firmware/ATF and another one Firmware/U-Boot. OS field is used for
recording that difference that's why make sense to show values there for
Firmware types.For example:
Image 0 (atf)
Description: ATF bl31.bin
Created: Mon Mar 26 15:58:14 2018
Type: Firmware
Compression: uncompressed
Data Size: 51152 Bytes = 49.95 KiB = 0.05 MiB
Architecture: ARM
OS: ARM Trusted Firmware
Load Address: 0xfffe0000
Hash algo: md5
Hash value: 36a4212bbb698126bf5a248f0f4b5336
Image 1 (uboot)
Description: u-boot.bin
Created: Mon Mar 26 15:58:14 2018
Type: Firmware
Compression: uncompressed
Data Size: 761216 Bytes = 743.38 KiB = 0.73 MiB
Architecture: ARM
OS: U-Boot
Load Address: 0x08000000
Hash algo: md5
Hash value: f22960fe429be72296dc8dc59a47d566Signed-off-by: Michal Simek
Reviewed-by: Simon Glass
Reviewed-by: Jun Nie -
SPL ATF support requires to have firmware property which should be also
listed by mkimage -l when images is created.The patch is also using this macro in spl_fit to match keyword.
When image is created:
Default Configuration: 'config'
Configuration 0 (config)
Description: ATF with full u-boot
Kernel: unavailable
Firmware: atf
FDT: dtbSigned-off-by: Michal Simek
Reviewed-by: Simon Glass
Reviewed-by: Jun Nie
Reviewed-by: Philipp Tomsich
19 Mar, 2018
1 commit
-
U-boot proper signature is not verified by SPL on most platforms
even config SPL_FIT_SIGNATURE is enabled. Only fsl-layerscape
platform support secure boot in platform specific code. So
verified boot cannot be achieved if u-boot proper is loaded by
SPL.This patch add signature verification to u-boot proper images
when loading FIT image in SPL. It is tested on Allwinner bananapi
zero board with H2+ SoC.Signed-off-by: Jun Nie
16 Jan, 2018
1 commit
-
The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the tree where node names were mentioned in
comments, to not give bad examples to the reader.Signed-off-by: Andre Przywara
13 Dec, 2017
1 commit
-
For external data, FIT has a optional property "data-position" which
can set the external data to a fixed offset to FIT beginning.
Add the support for this property in SPL FIT.Signed-off-by: Ye Li
Signed-off-by: Peng Fan
Reviewed-by: Simon Glass
Reviewed-by: Tomas Melin
Cc: Pantelis Antoniou
Cc: "Andrew F. Davis"
Cc: Igor Grinberg
Cc: "tomas.melin@vaisala.com"
Cc: Kever Yang
Cc: Andre Przywara
Cc: York Sun
Cc: Lokesh Vutla
Cc: "Cooper Jr., Franklin"
Cc: George McCollister
Cc: Tuomas Tynkkynen
Cc: Jean-Jacques Hiblot
Cc: Rick Altherr
Cc: Tom Rini
Reviewed-by: Lokesh Vutla
Reviewed-by: York Sun
15 Sep, 2017
3 commits
-
Introduce an overlay based method for constructing a base DT blob
to pass to the kernel.It is based on a specific method now to get the FDT from a FIT image
named boot_get_fdt_fit().Signed-off-by: Pantelis Antoniou
Acked-by: Simon Glass -
fit_image_load() threw away the extra configuration parts when
loading. We need them around for applying extra overlays for
building the boot fdt.Signed-off-by: Pantelis Antoniou
Acked-by: Simon Glass -
As part of the fdt overlay support which need it, allow
a list of configurations per property.Signed-off-by: Pantelis Antoniou
Acked-by: Simon Glass
14 Jan, 2017
1 commit
-
Enable support for loading a splash image from within a FIT image.
The image is assumed to be generated with mkimage -E flag to hold
the data external to the FIT.Signed-off-by: Tomas Melin
Acked-by: Igor Grinberg
05 Dec, 2016
1 commit
-
After an image is selected out of a FIT blob for further processing we
run an optional, platform specific, post-processing function on this
component. This post-processing may modify the position and size of the
image, so after post-processing we update the location and size for this
image in the FIT header. This can cause problems as the position of
subsequent components in the FIT blob are only referenced by relative
position to the end of the last component. When we resize or move a
component the following components position will be calculated
incorrectly. To fix this, we do not update the FIT header but instead
only update our local understanding of the image data. This also allows
us to re-run post-processing steps if needed.Signed-off-by: Andrew F. Davis
Tested-by: Carlos Hernandez
Reviewed-by: Simon Glass
Reviewed-by: Lokesh Vutla
24 Nov, 2016
1 commit
-
Commit ec6617c3 includes autoconf.h in image-fit.c, causing conflict
for board odroid-xu3 which overwrites CONFIG_SYS_BOARD in header
file. Move the include higher and use linux/kconfig.h instead of
generated/autoconf.h.Signed-off-by: York Sun
CC: Alison Wang
23 Nov, 2016
1 commit
-
To support loading a 32-bit OS, the execution state will change from
AArch64 to AArch32 when jumping to kernel.The architecture information will be got through checking FIT image,
then U-Boot will load 32-bit OS or 64-bit OS automatically.Signed-off-by: Ebony Zhu
Signed-off-by: Alison Wang
Signed-off-by: Chenhui Zhao
Reviewed-by: York Sun
14 Oct, 2016
2 commits
-
The signature for this macro has changed. Bring in the upstream version and
adjust U-Boot's usages to suit.Signed-off-by: Simon Glass
Update to drivers/power/pmic/palmas.c:
Signed-off-by: KeerthyChange-Id: I6cc9021339bfe686f9df21d61a1095ca2b3776e8
-
These have now landed upstream. The naming is different and in one case the
function signature has changed. Update the code to match.This applies the following upstream commits by
Thierry Reding :604e61e fdt: Add functions to retrieve strings
8702bd1 fdt: Add a function to get the index of a string
2218387 fdt: Add a function to count stringsSigned-off-by: Simon Glass
22 Sep, 2016
1 commit
-
Commit bac17b78dace ("image-fit: switch ENOLINK to ENOENT") changed
fit_get_node_from_config to return -ENOENT when a property doesn't
exist, but didn't change any of its callers which check return values.
Notably it didn't change boot_get_ramdisk, which leads to U-Boot failing
to boot FIT images which don't include ramdisks with the following
message:Ramdisk image is corrupt or invalid
It also didn't take into account that by returning -ENOENT to denote the
lack of a property we lost the ability to determine from the return
value of fit_get_node_from_config whether it was the property or the
configuration node that was missing, which may potentially lead callers
to accept invalid FIT images.Fix this by having fit_get_node_from_config return -EINVAL when the
configuration node isn't found and -ENOENT when the property isn't
found, which seems to make semantic sense. Callers that previously
checked for -ENOLINK are adjusted to check for -ENOENT, which fixes the
breakage introduced by commit bac17b78dace ("image-fit: switch ENOLINK
to ENOENT").The only other user of the return fit_get_node_from_config return value,
indirectly, is bootm_find_os which already checked for -ENOENT. From a
read-through of the code I suspect it ought to have been checking for
-ENOLINK prior to bac17b78dace ("image-fit: switch ENOLINK to ENOENT")
anyway, which would make it right after this patch, but this would be
good to get verified by someone who knows this x86 code or is able to
test it.Signed-off-by: Paul Burton
Cc: Jonathan Gray
Cc: Marek Vasut
Acked-by: Marek Vasut
Acked-by: Stefan Roese
Acked-by: George McCollister
Tested-by: George McCollister
07 Sep, 2016
2 commits
-
ENOLINK is not required by POSIX and does not exist on OpenBSD
and likely other systems.Signed-off-by: Jonathan Gray
-
Commit 62afc601883e788f3f22291202d5b2a23c1a8b06 introduced fpga image load via
bootm but broke the OS check in fit_image_load().This commit removes following compiler warning:
---88---
Signed-off-by: Andreas Bießmann
Cc: Michal Simek
Acked-by: Michal Simek
12 Aug, 2016
1 commit
-
This commit allows injecting a board/platform/device-specific post-
processing function into the FIT image data loading process, which can
include modifying the size and altering the starting source address of
an image data artifact. This might be desired to do things like strip
headers or footers attached to the images before they were packaged into
the FIT, or to perform operations such as decryption or authentication.
Introduce new configuration option CONFIG_FIT_IMAGE_POST_PROCESS to
allow controlling this feature. If enabled, a platform-specific post-
process function must be provided.Signed-off-by: Andreas Dannenberg
Reviewed-by: Tom Rini
Reviewed-by: Simon Glass
