| Age | Commit message (Collapse) | Author |
|---|
|
The predefined NAND headers take too much spaces in the mtk_image.c.
Moving them into a new file can significantly improve the readability of
both mtk_image.c and the new mtk_nand_headers.c.
This is a preparation for adding more NAND headers.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
|
|
Call pkg-config for each library individually.
This improves fallback handling.
Suggested-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Fixes: 31a7688cbe0e ("tools: mkeficapsule: use pkg-config to get -luuid and -lgnutls")
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
Instead of hardcoding -ltinfo as the flags needed to build
kwboot, use pkg-config when available.
We gracefully fallback on the previous behavior of hardcoding -ltinfo
if pkg-config is not available or fails with an error.
Reviewed-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
|
|
Instead of hardcoding -luuid -lgnutls as the flags needed to build
mkeficapsule, use pkg-config when available.
We gracefully fallback on the previous behavior of hardcoding -luuid
-lgnutls if pkg-config is not available or fails with an error.
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
|
|
U-Boot CRC-16 implementation uses polynomial x^16 + x^12 + x^5 + 1 which is
not standard CRC-16 algorithm, but it is known as CRC-16-CCITT. Rename file
crc16.c to crc16-ccitt.c to reduce confusion.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
|
|
Most Allwinner sunxi SoCs have separate boot ROMs in non-secure and
secure mode. The "non-secure" or "normal" boot ROM (NBROM) uses the
existing sunxi_egon image type. The secure boot ROM (SBROM) uses a
completely different image type, known as TOC0.
A TOC0 image is composed of a header and two or more items. One item
is the firmware binary. The others form a chain linking the firmware
signature to the root-of-trust public key (ROTPK), which has its hash
burned in the SoC's eFuses. Signatures are made using RSA-2048 + SHA256.
The pseudo-ASN.1 structure is manually assembled; this is done to work
around bugs/quirks in the boot ROM, which vary between SoCs. This TOC0
implementation has been verified to work with the A50, A64, H5, H6,
and H616 SBROMs, and it may work with other SoCs.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Acked-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
|
|
Marvell BootROM recognize only '\b' byte as backspace. Use terminfo
for retrieving current backspace sequence and replace any occurrence of
backspace sequence by the '\b' byte.
Reading terminfo database is possible via tigetstr() function from system
library libtinfo.so.*. So link kwboot with -ltinfo.
Normally terminfo functions are in <term.h> system header file. But this
header file conflicts with U-Boot "termios_linux.h" header file. So declare
terminfo functions manually.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
|
|
After BootROM successfully detects boot message pattern on UART it waits
until host stop sending data on UART. For example Armada 385 BootROM
requires that host does not send anything on UART at least 24 ms. If host
is still sending something then BootROM waits (possibly infinitely).
BootROM successfully detects boot message pattern if it receives it in
small period of time after power on.
So to ensure that host put BootROM into UART boot mode, host must send
continuous stream of boot message pattern with a small gap (for A385 at
least 24 ms) after series of pattern. But this gap cannot be too often or
too long to ensure that it does not cover whole BootROM time window when it
is detecting for boot message pattern.
Therefore it is needed to do following steps in cycle without any delay:
1. send series of boot message pattern over UART
2. wait until kernel transmit all data
3. sleep small period of time
At the same time, host needs to monitor input queue, data received on the
UART and checking if it contains NAK byte by which BootROM informs that
xmodem transfer is ready.
But it is not possible to wait until kernel transmit all data on UART and
at the same time in the one process to also wait for input data. This is
limitation of POSIX tty API and also by linux kernel that it does not
provide asynchronous function for waiting until all data are transmitted.
There is only synchronous variant tcdrain().
So to correctly implement this handshake on systems with linux kernel, it
is needed to use tcdrain() in separate thread.
Implement sending of boot message pattern in one thread and reading of
reply in the main thread. Use pthread library for threads.
This change makes UART booting on Armada 385 more reliable. It is possible
to start kwboot and power on board after minute and kwboot correctly put
board into UART boot mode.
Old implementation without separate thread has an issue that it read just
one byte from UART input queue and then it send 128 message pattern to the
output queue. If some noise was on UART then kwboot was not able to read
BootROM response as its input queue was just overflowed and kwboot was
sending more data than receiving.
This change basically fixed above issue too.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Stefan Roese <sr@denx.de>
|
|
The existing options, "--fit" and "--raw," are only used to put a proper
GUID in a capsule header, where GUID identifies a particular FMP (Firmware
Management Protocol) driver which then would handle the firmware binary in
a capsule. In fact, mkeficapsule does the exact same job in creating
a capsule file whatever the firmware binary type is.
To prepare for the future extension, the command syntax will be a bit
modified to allow users to specify arbitrary GUID for their own FMP driver.
OLD:
[--fit <image> | --raw <image>] <capsule file>
NEW:
[--fit | --raw | --guid <guid-string>] <image> <capsule file>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
With this enhancement, mkeficapsule will be able to sign a capsule
file when it is created. A signature added will be used later
in the verification at FMP's SetImage() call.
To do that, we need specify additional command parameters:
-monotonic-cout <count> : monotonic count
-private-key <private key file> : private key file
-certificate <certificate file> : certificate file
Only when all of those parameters are given, a signature will be added
to a capsule file.
Users are expected to maintain and increment the monotonic count at
every time of the update for each firmware image.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
|
Add CONFIG_TOOLS_MKEFICAPSULE. Then we want to always build mkeficapsule
if tools-only_defconfig is used.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Quite a lot of the code in common/relates to booting and images. Before
adding more it seems like a good time to move the code into its own
directory.
Most files with 'boot' or 'image' in them are moved, except:
- autoboot.c which relates to U-Boot automatically running a script
- bootstage.c which relates to U-Boot timing
Drop the removal of boot* files from the output directory, since this
interfers with the symlinks created by tools and there does not appear
to be any such file from my brief testing.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Artem Lapkin <email2tema@gmail.com>
Tested-by: Artem Lapkin <email2tema@gmail.com>
|
|
While we intentionally set -std=gnu11 for building host tools, and have
for quite some time, we never dropped -std=gnu99 from tools/Makefile.
This resulted in passing -std=gnu11 ... -std=gnu99 when building, and
gnu99 would win. This in turn would result now in warnings such as:
tools/mkeficapsule.c:25:15: warning: redefinition of typedef 'u32' is a C11 feature [-Wtypedef-redefinition]
typedef __u32 u32;
^
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
To avoid having #ifdefs in a few functions which are completely different
in the board and host code, create a new image-host.c file.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This padding depends on board config file and therefore it makes the
mkimage binary tool board specific, which is not correct. One cannot use
mkimage tool built as a result for board A to generate images for board
B, even if both A and B are on the same platform.
This CONFIG_SYS_U_BOOT_OFFS padding was needed when kwbimage v1 contained
SPL code which loaded U-Boot proper based on CONFIG_SYS_U_BOOT_OFFS,
instead of reading correct offset from kwbimage header.
Now that SPL code parses kwbimage header and deterinate correct offset,
there is no need for this CONFIG_SYS_U_BOOT_OFFS padding anymore.
By removing it we also reduce the size of SPL code and therefore also
decrease the final size of v1 kwbimage. This means there is more space
for U-Boot proper binary.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
|
|
The mkimage host tool can be used to generate kwbimage v1 image with
secure header on host system for A38x plaform also when U-Boot is being
compiled for different platform. So there is no reason to not allow
compiling of mkimage/kwbimage with secure header support for e.g. x86-64
host.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Stefan Roese <sr@denx.de>
Tested-by: Chris Packham <judge.packham@gmail.com>
|
|
The CONFIG_SYS_U_BOOT_OFFS option may be defined as empty string.
In this case it causes compilation error:
tools/kwbimage.c: In function ‘image_headersz_v1’:
tools/kwbimage.c:1002:39: error: expected expression before ‘)’ token
if (headersz > CONFIG_SYS_U_BOOT_OFFS) {
^
tools/kwbimage.c:1006:41: error: expected expression before ‘)’ token
(int)headersz, CONFIG_SYS_U_BOOT_OFFS);
^
tools/kwbimage.c:1011:35: error: expected expression before ‘;’ token
headersz = CONFIG_SYS_U_BOOT_OFFS;
^
make[1]: *** [scripts/Makefile.host:112: tools/kwbimage.o] Error 1
make: *** [Makefile:1822: tools] Error 2
Check whether the value of CONFIG_SYS_U_BOOT_OFFS is really set.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
|
|
Host tool features, such as mkimage's ability to sign FIT images were
enabled or disabled based on the target configuration. However, this
misses the point of a target-agnostic host tool.
A target's ability to verify FIT signatures is independent of
mkimage's ability to create those signatures. In fact, u-boot's build
system doesn't sign images. The target code can be successfully built
without relying on any ability to sign such code.
Conversely, mkimage's ability to sign images does not require that
those images will only work on targets which support FIT verification.
Linking mkimage cryptographic features to target support for FIT
verification is misguided.
Without loss of generality, we can say that host features are and
should be independent of target features.
While we prefer that a host tool always supports the same feature set,
we recognize the following
- some users prefer to build u-boot without a dependency on OpenSSL.
- some distros prefer to ship mkimage without linking to OpenSSL
To allow these use cases, introduce a host-only Kconfig which is used
to select or deselect libcrypto support. Some mkimage features or some
host tools might not be available, but this shouldn't affect the
u-boot build.
I also considered setting the default of this config based on
FIT_SIGNATURE. While it would preserve the old behaviour it's also
contrary to the goals of this change. I decided to enable it by
default, so that the default build yields the most feature-complete
mkimage.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
|
|
image-sig.c is used to map a hash or crypto algorithm name to a
handler of that algorithm. There is some similarity between the host
and target variants, with the differences worked out by #ifdefs. The
purpose of this change is to remove those ifdefs.
First, copy the file to a host-only version, and remove target
specific code. Although it looks like we are duplicating code,
subsequent patches will change the way target algorithms are searched.
Besides we are only duplicating three string to struct mapping
functions. This isn't something to fuss about.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
mkimage supports rsa2048, and rsa4096 signatures. With newer silicon
now supporting hardware-accelerated ECDSA, it makes sense to expand
signing support to elliptic curves.
Implement host-side ECDSA signing and verification with libcrypto.
Device-side implementation of signature verification is beyond the
scope of this patch.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
fdt_add_bignum() is useful for algorithms other than just RSA. To
allow its use for ECDSA, move it to a common file under lib/.
The new file is suffixed with '-libcrypto' because it has a direct
dependency on openssl. This is due to the use of the "BIGNUM *" type.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
rsa-checksum.c sontains the hash_calculate() implementations. Despite
the "rsa-" file prefix, this function is useful for other algorithms.
To prevent confusion, move this file to lib/, and rename it to
hash-checksum.c, to give it a more "generic" feel.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Config option ARMADA_39X is never set so remove all dead code hidden under
ifdef CONFIG_ARMADA_39X blocks.
Also remove useless checks for CONFIG_ARMADA_38X define as this macro is
always defined for a38x code path.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
|
|
If CONFIG_FIT_CIPHER is enabled without CONFIG_FIT_SIGNATURE then
mkimage/dumpimage will fail to link:
/usr/bin/ld: tools/common/image-cipher.o: in function `fit_image_decrypt_data':
image-cipher.c:(.text+0x9a): undefined reference to `image_get_host_blob'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x10): undefined reference to `EVP_aes_128_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x40): undefined reference to `EVP_aes_192_cbc'
/usr/bin/ld: tools/common/image-cipher.o:(.data.rel+0x70): undefined reference to `EVP_aes_256_cbc'
/usr/bin/ld: tools/lib/aes/aes-encrypt.o: in function `image_aes_encrypt':
aes-encrypt.c:(.text+0x22): undefined reference to `EVP_CIPHER_CTX_new'
/usr/bin/ld: aes-encrypt.c:(.text+0x6f): undefined reference to `EVP_EncryptInit_ex'
/usr/bin/ld: aes-encrypt.c:(.text+0x8d): undefined reference to `EVP_EncryptUpdate'
/usr/bin/ld: aes-encrypt.c:(.text+0xac): undefined reference to `EVP_CIPHER_CTX_free'
/usr/bin/ld: aes-encrypt.c:(.text+0xf2): undefined reference to `EVP_EncryptFinal_ex'
collect2: error: ld returned 1 exit status
Signed-off-by: Joel Stanley <joel@jms.id.au>
|
|
So far we used the separate mksunxiboot tool for generating a bootable
image for Allwinner SPLs, probably just for historical reasons.
Use the mkimage framework to generate a so called eGON image the
Allwinner BROM expects.
The new image type is called "sunxi_egon", to differentiate it
from the (still to be implemented) secure boot TOC0 image.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Jernej Skrabec <jernej.skrabec@siol.net>
Reviewed-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
Prepare v2021.01-rc5
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
Add options for embedding the public key esl(efi signature list) file
to the platform's dtb. The esl file is then retrieved and used for
authenticating the capsule to be used for updating firmare components
on the platform.
The esl file can now be embedded in the dtb by invoking the following
command
mkeficapsule -K <pub_key.esl> -D <dtb>
In the scenario where the esl file is to be embedded in an overlay,
this can be done through the following command
mkeficapsule -O -K <pub_key.esl> -D <dtb>
This will create a node named 'signature' in the dtb, and the esl file
will be stored as 'capsule-key'
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
|
|
This is a utility mainly for test purpose.
mkeficapsule -f: create a test capsule file for FIT image firmware
Having said that, you will be able to customize the code to fit
your specific requirements for your platform.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
|
|
Add a tool to update or insert an Octeon specific header into the U-Boot
image. This is needed e.g. for booting via SPI NOR, eMMC and NAND.
While working on this, move enum cvmx_board_types_enum and
cvmx_board_type_to_string() to cvmx-bootloader.h and remove the
unreferenced (unsupported) board definition.
Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Aaron Williams <awilliams@marvell.com>
Cc: Chandrakala Chavva <cchavva@marvell.com>
Cc: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
|
|
The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].
This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX
The SHA implementation is adapted from the linux kernel implementation.
[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm
Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
|
|
Have this symbol follow the pattern of all other such symbols.
This patch also removes a TODO from the code.
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
|
|
My goal is to sync lib/libfdt/ with scripts/dtc/libfdt/, that is,
make lib/libfdt/ contain only wrapper files.
fdt_region.c was written only for U-Boot to implement the verified
boot. So, this belongs to the same group as common/fdt_support.c,
which is a collection of U-Boot own fdt helpers.
Move lib/libfdt/fdt_region.c to common/fdt_region.c . This is
necessary only when CONFIG_(SPL_TPL_)_FIT_SIGNATURE is enabled.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
There is no essential difference between scripts/dtc/libfdt/fdt_ro.c
and lib/libfdt/fdt_ro.c
Migrate to a simple wrapper like the other files.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
Align Kconfig and Kbuild logic to Linux 4.19 release with minimal impact
on files outside of this scope.
Our previous Kconfig sync was done by commit 5972ff077e0f ("kconfig /
kbuild: re-sync with Linux 4.18").
In this particular re-sync in order to keep clang support working a
number of related changes needed to be pulled in that had been missed
previously. Not all of these changes we easily traceable and so have
been omitted from the list below.
The imported Linux commits are:
[From prior to v4.18]
9f3f1fd29976 kbuild: Add __cc-option macro
d7f14c66c273 kbuild: Enable Large File Support for hostprogs
6d79a7b424a5 kbuild: suppress warnings from 'getconf LFS_*'
24403874316a Shared library support
86a9df597cdd kbuild: fix linker feature test macros when cross compiling with Clang
0294e6f4a000 kbuild: simplify ld-option implementation
[From v4.18 to v4.19]
96f14fe738b6 kbuild: Rename HOSTCFLAGS to KBUILD_HOSTCFLAGS
10844aebf448 kbuild: Rename HOSTCXXFLAGS to KBUILD_HOSTCXXFLAGS
b90a368000ab kbuild: Rename HOSTLDFLAGS to KBUILD_HOSTLDFLAGS
8377bd2b9ee1 kbuild: Rename HOST_LOADLIBES to KBUILD_HOSTLDLIBS
f92d19e0ef9b kbuild: Use HOST*FLAGS options from the command line
4ab3b80159d4 kconfig: check for pkg-config on make {menu,n,g,x}config
693359f7ac90 kconfig: rename SYMBOL_AUTO to SYMBOL_NO_WRITE
f60b992e30ff kbuild: replace $(LDFLAGS) $(ldflags-y) with $(ld_flags)
2fb9279f2c3e kbuild: change ld_flags to contain LDFLAGS_$(@F)
c931d34ea085 arm64: build with baremetal linker target instead of Linux when available
5accd7f3360e kconfig: handle format string before calling conf_message_callback()
a2ff4040151a kconfig: rename file_write_dep and move it to confdata.c
0608182ad542 kconfig: split out useful helpers in confdata.c
adc18acf42a1 kconfig: remove unneeded directory generation from local*config
79123b1389cc kconfig: create directories needed for syncconfig by itself
16952b77d8b5 kconfig: make syncconfig update .config regardless of sym_change_count
d6c6ab93e17f kbuild: remove deprecated host-progs variable
56869d45e364 kconfig: fix the rule of mainmenu_stmt symbol
c151272d1687 kconfig: remove unused sym_get_env_prop() function
1880861226c1 kconfig: remove P_ENV property type
e3fd9b5384f3 scripts/dtc: consolidate include path options in Makefile
4bf6a9af0e91 kconfig: add build-only configurator targets
f1575595d156 kconfig: error out when seeing recursive dependency
5e8c5299d315 kconfig: report recursive dependency involving 'imply'
f498926c47aa kconfig: improve the recursive dependency report
98a4afbfafd2 kconfig: fix "Can't open ..." in parallel build
9a9ddcf47831 kconfig: suppress "configuration written to .config" for syncconfig
87a32e624037 kbuild: pass LDFLAGS to recordmcount.pl
d503ac531a52 kbuild: rename LDFLAGS to KBUILD_LDFLAGS
217c3e019675 disable stringop truncation warnings for now
bc8d2e20a3eb kconfig: remove a spurious self-assignment
fd65465b7016 kconfig: do not require pkg-config on make {menu,n}config
5a4630aadb9a ftrace: Build with CPPFLAGS to get -Qunused-arguments
Note that this adds new cleanup work to do in that we should adapt the
shared library support we have to what is now upstream.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Masahiro Yamada <masahiroy@kernel.org>
|
|
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
|
|
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
|
|
Imported from linux kernel v5.3:
asn1.h without changes
asn1_ber_bytecode.h without changes
asn1_decoder.h without changes
asn1_compiler.c without changes
This host command will be used to create a ASN1 parser, for example,
for pkcs7 messages or x509 certificates. More specifically, it will
generate *byte code* which will be interpreted by asn1 decoder library.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
include/video_logo.h once was created via the tool easylogo and than used
in cpu/mpc8xx/video.c to display Tux. video_logo.h has been replaced by
include/linux_logo.h and is not needed anymore.
Delete the include and the tool,
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
|
|
in case of bmp_logo, the video_bmp driver is used for
drawing a bmp logo. This driver supports only "full"
bmp data. Adding a logo with the bmp_logo tool to
u-boot binary adds currently only real data and drops
the bmp header.
This patch adds now the full bmp data to the u-boot
binary, so video_bmp driver works with the logo embedded
into u-boot.
Fixed also some checkpatch error poping up with this
patch.
Signed-off-by: Heiko Schocher <hs@denx.de>
|
|
Some Intel SoCs from about 2016 boot using an internal microcontroller via
an 'IFWI' image. This is a special format which can hold firmware images.
In U-Boot's case it holds u-boot-tpl.bin.
Add this tool, taken from coreboot, so that we can build bootable images
on apollolake SoCs.
This tool itself has no tests. Some amount of coverage will be provided by
the binman tests that use it, so enable building the tool on sandbox.
Signed-off-by: Simon Glass <sjg@chromium.org>
|
|
This adds a size check for SPL that can dynamically check generated
SPL binaries (including devicetree) for a size limit that ensures
this image plus global data, heap and stack fit in initial SRAM.
Since some of these sizes are not available to make, a new host tool
'spl_size_limit' is added that dumps the resulting maximum size for
an SPL binary to stdout. This tool is used in toplevel Makefile to
implement the size check on SPL binaries.
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
|
|
Due to some mistakes in the source code, it was not possible to really
turn FIT support off. This commit fixes the problem by means of the
following changes:
- Enclose "bootm_host_load_image" and "bootm_host_load_images" between
checks for CONFIG_FIT_SIGNATURE, in common/bootm.c.
- Enclose the declaration of "bootm_host_load_images" between checks for
CONFIG_FIT_SIGNATURE, in common/bootm.h.
- Condition the compilation and linking of fit_common.o fit_image.o
image-host.o common/image-fit.o to CONFIG_FIT=y, in tools/Makefile.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
[fabio: adapt for 2016.07]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Ricardo: fix conditional compilation and linking of the files mentioned above
for 2016.07]
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Jörg: adapt for 2019.01]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/uboot-tools/0003-Make-FIT-support-really-optional.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
When CROSS_BUILD_TOOLS is set, set HOSTCFLAGS to CFLAGS otherwise CC
will be used with HOSTCFLAGS which seems wrong
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
Fixes building mkimage on systems where OpenSSL header files do not
live in the standard include path.
Signed-off-by: Pierre Bourdon <delroth@gmail.com>
|
|
Parts of the code are using C99 constructs (such as variables declared
inside loops), but also GNU extensions (such as typeof), so using
-std=gnu99 is necessary to build with older versions of gcc that don't
default to building with gnu99.
It fixes the following build failure:
./tools/../lib/crc16.c: In function "crc16_ccitt":
./tools/../lib/crc16.c:70:2: error: "for" loop initial declarations are only allowed in C99 mode
for (int i = 0; i < len; i++)
^
./tools/../lib/crc16.c:70:2: note: use option -std=c99 or -std=gnu99 to compile your code
when building the host tools with gcc 4.7.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
|
|
imx for 2019.01
- introduce support for i.MX8M
- fix size limit for Vhybrid / pico boards
- several board fixes
- w1 driver for MX2x / MX5x
|
|
i.MX8M bootable image type is like i.MX6/7, but there is signed HDMI
firmware image in front of A53 bootable image, which is also has an IVT
header.
Here we also include fit image to generate a bootable image.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Stefano Babic <sbabic@denx.de>
|
|
The motivation for this is to allow distributions to distribute all
possible tools in a generic way, avoiding the need of specific tools
building for each machine.
Especially on OpenEmbedded / Yocto Project ecosystem, it is very
common each BSP to end providing their specific tools when they need
to generate images for some SoC (e.g MX23 / MX28 in meta-freescale
case).
Using this, we can package the tools doing:
$: make tools-only_defconfig
$: make tools-only
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
[trini: Add MAINTAINERS entry for myself, add to .travis.yml, make
U-Boot itself buildable to not trip up other frameworks]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
The CRC16-CCITT checksum function is useful for space-constrained
applications (such as obtaining a checksum across a 2KBit or 4KBit
EEPROM) in boot applications. It has not been accessible from boot
scripts until now (due to not having a dedicated command and not being
supported by the hash infrstructure) limiting its applicability
outside of custom commands.
This adds the CRC16-CCITT (poly 0x1021, init 0x0) algorithm to the
list of available hashes and adds a new crc16_ccitt_wd_buf() to make
this possible.
Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
[trini: Fix building crc16.o for SPL/TPL]
Signed-off-by: Tom Rini <trini@konsulko.com>
|
