Build the imx code singing tool from source instead of relying on the
distro to provide the tool.
Use the debian/unstable branch because the default branch is outdated.
The binary is supposed to be build with docker, work around that by selecting
the correct Makefile directly.
Also append the description and add a link to documentation.
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add optional argument make_path to build_from git. The new argument
allows specifying the path to a Makefile in case it is not in the root
of the git repo.
Also adjust the corresponding test.
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add optional argument git_branch to build_from_git. The new argument
allows specifying which branch of the repo to use.
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmfPdnYACgkQFHw5/5Y0
tyw17wv+KqFxDoJKTGVWeP4fu+zhTQlFo0f2tAlWylAdJnDP6nR/I49zid2mjRbZ
2Bq3mE3G2Ag1efJ3UGHck0Zn1O9OpqVvk734IHSJFygN77l2xmNSMXZd8MLOsbaU
4JXhxbLUdumCSkwVjjc9/sN+kJUfpwmFBwjqPWmE8rVU+IjApdZP0hBmfxACivl3
p0JJZ870JkgSd5KuAGO/MUbinl/QYOdpitbo2EinOyqnLnivw5PzlcAYF0STNcgJ
XfsT7Ap9T3woPTkT1mXGo+0gBs1OPxXcXp6nywFY75EVIGYRetDEXr8/jf74Jg83
XK8+mqFP+bhlLOMydCdRHyQU8+WGNPfWtcOa7ekC3DjR9Kf7VwoTujqa9B9ILg6m
UBagI/zUIWGAHi4oe2vMV16nR1cPT1ZexPoswZJrj/iDC6WaN0gWwDQgcPODm0UL
rPYYNPWne/iGYgbkhy1zqZMEj7ytnvtjaVMRFdbTSwWUR3s23q9btqjlOwfXbtYZ
0ENfAAu0
=xGcd
-----END PGP SIGNATURE-----
Merge tag 'v2025.04-rc4' into next
This uses Heinrich's merge of lib/efi_loader/efi_net.c which results in
no changes.
Add a helper to avoid needing to use a list within a list for this
simple case.
Update existing users of runpipe() to use this where possible.
Signed-off-by: Simon Glass <sjg@chromium.org>
A discussion on the mailing list about dealing with block offsets and
binman symbols made me think that something is wrong with how Binman
deals with the skip-at-start property.
The feature was originally designed to handle x86 ROMs, which are mapped
at the top of the address space. That seemed too specific, whereas
skipping some space at the start seemed more generally useful.
It has proved useful. For example, rockchip images start at block 64,
so a skip-at-start of 0x8000 deals with this.
But it doesn't actually work correctly, since the image_pos value does
not give the actual position on the media.
Fix this and update the documentation, moving it into the 'section'
section.
Signed-off-by: Simon Glass <sjg@chromium.org>
Paul HENRYS <paul.henrys_ext@softathome.com> says:
This serie of patches adds a new tool to authenticate files signed with
a preload header. This tool is also used in the tests to actually
verify the authenticity of the file signed with such a preload header.
Link: https://lore.kernel.org/r/20250224212055.2992852-1-paul.henrys_ext@softathome.com
Use preload_check_sign to authenticate the generated image when testing the
preload signature in testPreLoad().
Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
This reverts commit c8750efe02c20725388dd4279896aaf306acfad4, reversing
changes made to 8c6cf8aeea7e57ca686de8b765e4baf3a7ef1fa7.
Unfortunately these changes do not build on macOS hosts.
Signed-off-by: Tom Rini <trini@konsulko.com>
Paul HENRYS <paul.henrys_ext@softathome.com> says:
This serie of patches adds a new tool to authenticate files signed
with a preload header.
This tool is also used in the tests to actually verify the
authenticity of the file signed with such a preload header.
Link: https://lore.kernel.org/r/20250212093126.3722186-1-paul.henrys_ext@softathome.com
Use preload_check_sign to authenticate the generated image when testing the
preload signature in testPreLoad().
Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
This newer pylint produces errors about variables possibly being used
before being set. Adjust the code to pass these checks.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
With a newer pylint, we get a warning that 'br' could be used before
assignment. Fix this by declaring br first as an empty bytearray.
Reviewed-by: Neha Malcom Francis <n-francis@ti.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Rather than have a requirements.txt file that's shared between multiple
python projects within U-Boot, create one for each using "pipreqs".
Signed-off-by: Tom Rini <trini@konsulko.com>
There have been a few changes to the areas that this file documents
without having regenerated the file. Do so now.
Signed-off-by: Tom Rini <trini@konsulko.com>
When specifying a directory containing DTBs with 'fit,fdt-list-dir', it can be
handy not to have to also specify this directory to the input directories of
binman with '-I' option and use the method tools.append_input_dirs() append it.
This avoids to have to specify the DTB directory in both the device tree
provided to binman and through '-I' option to binman.
Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This change allows to replace both 'SEQ' and 'NAME' keywords by respectively a
sequence number and the name of the FDT to provide more flexibility in the node
name for the device trees included in the FIT.
Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Input directories can be passed to binman using the '-I' option and those
input directories are now also passed to 'dtc' when run by binman.
Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
mkimage can be used for both signing the FIT or encrypt its content and the
option '-k' can be used to pass a directory where both signing and encryption
keys can be retrieved. Adding 'fit,encrypt' property to the 'fit' node, leads to
try to find keys directory among binman include directories.
_get_priv_keys_dir() is renamed as _get_keys_dir() and adapted to support both
signing and encryption nodes in the FIT.
Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Loading flash.bin using uuu fails when flash.bin does not have the
right size.
When flash.bin is loaded from some storage medium (sd card/emmc), SPL
just loads some random garbage bytes from beyond what has been
populated when flash.bin was written, but when loaded via uuu, SPL
hangs waiting for the host to send the expected number of bytes. Which
is (size of FIT image aligned to 0x1000)+CONFIG_CSF_SIZE. The
alignment to 0x1000 is already done and is necessary in all cases
because that's the exact expected location of the 32 byte IVT
header. But the IVT+CSF blob tacked onto the end must be a total of
CONFIG_CSF_SIZE.
This is exactly the same fix as 89f19f45d650, except that this time
around I don't know how to cleanly get CONFIG_CSF_SIZE.
Fixes: bc6beae7c55f (binman: Add nxp_imx8mcst etype for i.MX8M flash.bin signing)
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk>
Tested-by: Heiko Schocher <hs@denx.de>
Provide a short description of how tests work, why they are so critical
and how to resolve gaps in Binman's test coverage.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
Pass the arguments through to test_util so that a single test can be
used.
Update the docs and add some missing backquotes in the same section.
Signed-off-by: Simon Glass <sjg@chromium.org>
The patch implement new property 'fit,sign' that can be declared
at the top-level 'fit' node. If that option is declared, fit tryies
to detect private keys directory among binman include directories.
That directory than passed to mkimage using '-k' flag and that enable
signing of FIT.
Signed-off-by: Alexander Kochetkov <al.kochet@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Renumbered files, moved new tests to end:
Signed-off-by: Simon Glass <sjg@chromium.org>
FIT use mkimage from BuildSectionData() to build FIT entry contents.
BuildSectionData() get called several times during building FIT image.
Currently when fit inserts loadables, it use self._loadables property that
contain loadables computed during previuos BuildSectionData() invocation.
So for the first run it use empty list and pass no loadables to mkimage.
That makes problem for adding signature to FIT image because mkimage
fails to add signature and aborts building FIT if no loadables provided.
The patch fixes described behaviour in a way that BuildSectionData() uses
recently calculated loadables value, not previosly calculated.
Signed-off-by: Alexander Kochetkov <al.kochet@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Using the PKI tree with SRKs as intermediate CA isn't necessary or even
desirable in some situations (boot time, for example). Add the possibility
to use the "fast authentication" method where the image and CSF are both
signed using the SRK [1, p.63].
[1] https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/202591/1/CST_UG.pdf
Signed-off-by: Brian Ruley <brian.ruley@gehealthcare.com>
Cc: Marek Vasut <marex@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Simplify code and conform to the style guide used in the project by
making the following changes:
* Capitalize global constants
* Use single quotes for multiline strings (except docstrings)
* Fix line width to 79 cols
* Use f-string instead of formatting a regular string or using a
complicated concatenation
* Move common suffix used in keys to a global variable "KEY_NAME"
to reduce the likelihood of typos and making future changes
easier
Signed-off-by: Brian Ruley <brian.ruley@gehealthcare.com>
Cc: Marek Vasut <marex@denx.de>
The TF-A URL was updated, as a result the name of the
directory changed as part of the new git URL and not
all the referenced directories were updated.
Fixes: 0ec0207fe07 ("Update the ARM trusted firmware git URL")
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
The primary upstream URL for tf-a has moved, in some cases
things like tags are not always pushed to the old URL so
update the URLs to the primary upstream project URL.
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
This patch is for Marek, to provide a starting point.
To try it, use 'binman test -T' and see the missing coverage.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some images do not have an image_pos value, for example an image which
is part of a compressed section and therefore cannot be accessed
directly.
Handle this case, returning None as the value.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move the check for this further out, so that base_addr is computed in
Entry.WriteSymbols() rather than at lower levels.
Signed-off-by: Simon Glass <sjg@chromium.org>
The base address of the ELF containing symbols is normally added to
any symbols written, so that the value points to the correct address in
memory when everything is loaded. When the binary resides on disk, a
different offset may be needed, typically 0. Provide a way to specify
this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a clarification to the documentation and add a missing comment. Also
update the test so that when it fails it is easier to see what is going
on, rather than having to decode hex strings.
Signed-off-by: Simon Glass <sjg@chromium.org>
These functions get the value of a symbol. The reference to ELF files
is confusing since they are reading the position/size of entries, not
ELF symbols. Rename the functions and adjust the comments also.
Signed-off-by: Simon Glass <sjg@chromium.org>
With OF_UPSTREAM the dts files are in an SoC-specific subdirectory,
meaning that the resulting dtb files all end up in a similar
subdirectory.
We don't want the subdirectory name to appear as a node name in the FIT,
so handle this as a special case.
Also the default devicetree may have a directory-name prefix, so handle
that when searching through the available devicetree files.
Signed-off-by: Simon Glass <sjg@chromium.org>
The section etype has its own implementation of SetImagePos(), most of
which is not useful since the code is included here. So call
Entry.SetImagePos() which has the only piece of this which we actually
want.
Signed-off-by: Simon Glass <sjg@chromium.org>
Since the files are known to be in the provided directory, use that
instead of requiring it to be added to the list of input directories.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update this entry type to resolve some pylint warnings and make sure
that functions and members are fully commented.
Signed-off-by: Simon Glass <sjg@chromium.org>
