When importing data, the data-offset property is removed and the data
content is imported inside the data property of the node.
When mkimage is run twice on the same FIT, data-size property is already
set in the second run, from the first run (via the fit_export_data
function). If we don't remove the data-size property, nothing guarantees
it matches the actual size of data within the data property. To avoid
possible mistakes when handling the data property, let's simply remove
the data-size property as well.
This also fixes an ordering issue of the data-size and data-offset
properties in FIT when comparing the FIT after one run of mkimage and a
second run. This is due to fit_export_data setting data-offset property
first (it doesn't exist so it's added) and then data-size (it doesn't
exist so it's added) for the first run, while it sets data-offset
property first (removed in fit_import_data, so it doesn't exist so it's
added) and then data-size (it exists already from the first run, so it's
simply modified) for the second run.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
All explicit calls to fdt_setprop* in tools/ are checked except those
three. Let's add a check for the return code of fdt_setprop_u32() calls.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
The return code of fdt_setprop is overwritten by the one from
fdt_delprop meaning we could very well have an issue when setting the
property that would be ignored if the deletion of the property that
comes right after passes.
Let's add a separate check for each.
Fixes: 4860ee9b09e0 ("mkimage: allow internalization of data-position")
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Add missing help text for the -y and -Y parameters of mkimage.
Fixes: 6dfd14e1228e ("mkimage: Add support for bundling TFA BL31 in mkimage -f auto")
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
This reverts commit 4d84fa1261eb27d57687f2e4c404a78b8653c183, reversing
changes made to b82a1fa7ddc7f3be2f3b75898d5dc44c34420bdd.
I had missed some feedback on this series from earlier, and we have
since had reports of regressions due to this as well. For now, revert
this.
Signed-off-by: Tom Rini <trini@konsulko.com>
Aristo Chen <jj251510319013@gmail.com> says:
This patch series enhances FIT image robustness by adding **memory
region overlap detection** to `mkimage` and fixing existing overlaps
in DTS files and `binman` tests.
The primary goal is to prevent runtime memory corruption from
conflicting load addresses in FIT images.
Key Changes:
1. `mkimage` Overlap Detection: A new validation in
`tools/fit_image.c` checks for overlapping load addresses
within FIT configurations. `mkimage` now errors out with
detailed info on conflicts, preventing bad FIT image creation.
2. New Test Case: A Python test verifies the new detection.
It intentionally creates an overlap (kernel and FDT)
to confirm correct error handling.
3. Fixes for Existing Overlaps:
* Board DTS (k3-am6xx): Adjusted load addresses for TI
firmware stubs to prevent conflicts. This resolves
previously undetected overlaps.
* `binman` Tests: Fixed several tests. U-Boot load
addresses were shifted to avoid ATF conflicts. A new
linker script for TEE ELF sections ensures distinct
memory layouts.
4. Documentation: Added guidance for developers on how to
determine ELF load addresses using readelf, linker scripts,
and objdump when working with binman FIT images.
Impact:
This series improves FIT image reliability by catching overlaps
at build time, helping developers resolve issues before runtime
failures.
Link: https://lore.kernel.org/r/20250914110021.4103-1-aristo.chen@canonical.com
Add documentation to help users understand how to determine where ELF
files will be loaded when using binman's 'fit,load' property. This
addresses the common confusion about how load addresses are determined
from ELF files.
The documentation explains three methods:
1. Using readelf to examine program headers
2. Checking the linker script (.lds file)
3. Using objdump to see section addresses
Also includes a specific example from binman tests showing how
elf_sections.lds sets ATF load address to 0x00000010 and
elf_sections_tee.lds sets TEE load address to 0x00100010 to avoid
memory overlap conflicts.
This helps users debug memory layout conflicts more efficiently when
working with FIT images containing multiple ELF components.
Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
This patch adds a validation step in mkimage to detect memory region
overlaps between images specified in the same configuration of a
FIT image. If any overlaps are found, the tool prints an error and
aborts the build.
This helps prevent runtime memory corruption caused by conflicting
load addresses between images.
Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Fix one binman test that has memory region overlap issue, the test case
needed to be updated to use non-overlapping memory layouts.
* Tests fixed:
- testFitSplitElf
* Changes made:
1. ELF section layouts: added elf_sections_tee.lds with different
address for TEE to avoid overlap with ATF address defined in
elf_sections.lds
2. Makefile to properly build elf_sections_tee binary
3. Updat ftest.py to use separate ELF files for TEE vs ATF components
in split-elf operations.
An upcoming commit will validate if the memory region is overlapped
Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Fix three binman tests that has memory region overlap issue, the test
cases needed to be updated to use non-overlapping memory layouts.
* Tests fixed:
- testFitFirmwareLoadables
- testFitSignSimple
- testFitSignNoSignatureNodes
* Changes made:
Updated DTB test files to change U-Boot load addresses from 0x0 to
0x2000 to avoid overlapping with ATF in the 0x10-0xfc range:
- 276_fit_firmware_loadables.dts
- 340_fit_signature.dts
- 342_fit_signature.dts
An upcoming commit will validate if the memory region is overlapped
Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Reviewed-by: Neha Malcom Francis <n-francis@ti.com>
To support passing specific commands defined in enum imx8image_cmd to
the imx8image_copy_image() function, this patch introduces a new entry
type nxp-imx9image. This entry generates a plain text data file
containing the relevant commands, enabling flexible configuration during
image creation.
Signed-off-by: Alice Guo <alice.guo@nxp.com>
Javier Tia <javier.tia@linaro.org> says:
This patch series modernizes U-Boot's code formatting infrastructure by
with current Linux kernel practices and providing a more robust and
comprehensive formatting solution.
Link: https://lore.kernel.org/r/20250905205349.127333-1-javier.tia@linaro.org
Replace the use of scripts/Lindent with clang-format in
zynqmp_psu_init_minimize.sh. This change is made to align with the rest
of the codebase that uses clang-format for code formatting. This ensures
consistency across all scripts in terms of code style and formatting.
Tested-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Javier Tia <javier.tia@linaro.org>
Introduce two new parameters to be used with mkimage -f auto to bundle
TFA BL31 image into fitImage, using auto-generated fitImage. Add -y to
specify TFA BL31 file name and -Y to specify TFA BL31 load and entry
point address. This is meant to be used with systems which boot all of
TFA BL31, Linux and its DT from a single fitImage, all booted by U-Boot.
Example invocation:
"
$ mkimage -E -A arm64 -C none -e 0x50200000 -a 0x50200000 -f auto \
-d arch/arm64/boot/Image \
-b arch/arm64/boot/dts/renesas/r8a779g3-sparrow-hawk.dtb \
-y ../tfa/build/rcar_gen4/release/bl31.bin -Y 0x46400000 \
/path/to/output/fitImage
"
Documentation update and test are also included, the test validates
both positive and negative test cases, where fitImage does not include
TFA BL31 and does include TFA BL31 blobs.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
This cannot work (unless qemu-user is registered in binfmt_misc) as the
tools will be for a different architecture.
Fixes "make cross_tools" in case CONFIG_VIDEO_LOGO is enabled.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This series from Ilias Apalodimas <ilias.apalodimas@linaro.org> lays
some of the groundwork for being able to enable the -Wmissing-prototypes
compiler flag while building U-Boot by fixing the obvious problems in
the tools directory.
Link: https://lore.kernel.org/r/20250829081628.2327372-1-ilias.apalodimas@linaro.org
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The function is only used locally. Enabling -Wmissing-prototypes
triggers a warning. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Introduced by 245b1029e1af, probably a debug left-over.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Heiko Schocher <hs@nabladev.com>
We are trying to enable -Wmissing-prototypes and this functiion is only
used locally. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Acked-by: Peng Fan <peng.fan@nxp.com>
riscv was missing from the list.
To some, the architecture's name may not be obvious from the code name.
Signed-off-by: Adriano Carvalho <adrianocarvalho.pt@gmail.com>
Strictly speaking, "has" doesn't make sense.
"supports" seems like a better word and it probably was what the original author meant.
Signed-off-by: Adriano Carvalho <adrianocarvalho.pt@gmail.com>
These are fixes to what looks like obvious typos.
Some minor improvments are also included, such as:
- Write "symbolic link" instead of symlink
- Correct capitalization for LLVM (all caps)
- Remove dead link and surrounding sentence
Signed-off-by: Adriano Carvalho <adrianocarvalho.pt@gmail.com>
We are trying to enable -Wmissing-prototypes and this functiion is only
used locally. Mark it as static.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Free the allocated buffer in case of an error.
Fixes: 9e63786e2b4b ("tools: mkeficapsule: rework the code a little bit")
Addresses-Coverity-ID: 345917 Resource leak
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Jerome Forissier <jerome.forissier@linaro.org> says:
Two small fixes for binman (bintool). The first patch avoids a warning,
the second one makes sure the APT package list is up-to-date when
running apt_install(). That one fixes a CI issue I encountered.
Link: https://lore.kernel.org/r/20250724091342.59902-1-jerome.forissier@linaro.org
'apt-get update -y' may be required to make sure that the list of
packages is up-to-date and that the subsequent 'apt-get install'
operations can find the requested packages.
Fixes the following CI error:
Fetch: zstd
- trying method: binary download
- sudo apt-get install -y zstd
Exception: Error 100 running 'sudo apt-get install -y zstd': E: Unable to locate package zstd
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Bryan Brattlof <bb@ti.com>
The 'apt' command is not meant to be used in scripts or tools. Please
see the man page [1] for details. Therefore, use 'apt-get' instead.
This avoids the following warning:
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
[1] https://manpages.debian.org/bookworm/apt/apt.8.en.html#SCRIPT_USAGE_AND_DIFFERENCES_FROM_OTHER_APT_TOOLS
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Bryan Brattlof <bb@ti.com>
The statement that prints the ELF object type value assumes that "%lx"
(long unsigned int, hexadecimal) is suitable for printing a uint64_t
typed value. While this may seem to work for some machines, ie. amd64,
it isn't ideal on a 32-bit system, such as x86 where uint64_t is likely
to be equivalent to a long long unsigned int, as indicated by:
../tools/mips-relocs.c:275:34:
warning: format '%lx' expects argument of type 'long unsigned int',
but argument 2 has type 'uint64_t'
{aka 'long long unsigned int'} [-Wformat=]
275 | printf("type 0x%lx\n", ehdr_field(e_type));
| ~~^
| |
| long unsigned int
| %llx
As the ehdr_field function-like macro expands to a uint64_t value,
it is better to use the PRIx64 macro in place of "%lx" to ensure that
the correct format string introducer is specified for the actual type
hiding behind uint64_t.
A similar issue is also present in the report of .rel section overflow,
where "%lx" is used to print a few size_t typed values, and would be
better served by "%zx" instead.
Signed-off-by: Justin Swartz <justin.swartz@risingedge.co.za>
Fixes: 963014641117 ("MIPS: make size of relocation table fixed but configurable")
Fixes: 703ec9ddf965 ("MIPS: Stop building position independent code")
Cc: Paul Burton <paulburton@kernel.org>
Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Cc: Masahiro Yamada <masahiroy@kernel.org>
- Update to Ubuntu "Jammy" 20250714 tag
- Update to current Dockerfile which brings us QEMU 10.0.2 and newer
coreboot and pulls in lz4 via the non-legacy package name.
Signed-off-by: Tom Rini <trini@konsulko.com>
This series from myself brings CI up to using QEMU 10.0.2 for platforms.
We need to disable one test for now while a report to upstream QEMU is
resolved and also need to now update coreboot in order to be able to
build a version of it non-interactively (source locations have changed).
Link: https://lore.kernel.org/r/20250716001539.2483390-1-trini@konsulko.com
At this point there's problems rebuilding coreboot-24.08 without manual
intervention. Let us upgrade to a newer version.
Signed-off-by: Tom Rini <trini@konsulko.com>
