Due to a bug in the H3 SoC, where the CPU 0 hotplug flag cannot be
written, resuming CPU 0 requires using the "Super Standby" code path in
the BROM instead of the hotplug path. This path requires jumping to an
eGON image in SRAM.
This resume image, whose single purpose is to jump back to the secure
monitor, only needs to contain a single instruction. Padding the image
to 8 KiB would be wasteful of SRAM. Hook up the -B (block size) option
so users can set the block/padding size.
Series-to: sunxi
Signed-off-by: Samuel Holland <samuel@sholland.org>
Currently, if the "offset" property is given for an entry, the section's
running offset is completely ignored. This causes entries to overlap if
the provided offset is less than the size of the entries earlier in the
section. Avoid the overlap by only using the provided offset when it is
greater than the running offset.
The motivation for this change is the rule used by SPL to find U-Boot on
sunxi boards: U-Boot starts 32 KiB after the start of SPL, unless SPL is
larger than 32 KiB, in which case U-Boot immediately follows SPL.
Signed-off-by: Samuel Holland <samuel@sholland.org>
TOC1 is an container format used by Allwinner's boot0 that can hold
multiple images. It supports encryption and signatures, but that
functionality is not implemented, only the basic "non-secure" subset.
A config file is used to provide the list of data files to include. Its
path is passed as the argument to "-d". It contains sections of the
following form:
[name]
file = /path/to/file
addr = 0x12345678
Specific well-known names, such as "dtb", "opensbi", and "u-boot", are
used by the bootloader to distinguish the items inside the image.
Cover-letter:
tools: mkimage: Add Allwinner TOC1 support
The SPL port for the Allwinner D1 RISC-V SoC will probably take a while
longer than porting U-Boot proper, as none of the relevant drivers are
set up for DM in SPL. In the meantime, we are using[1][2] a fork[3] of
Allwinner's boot0 loader, which they also call "spl" in their BSP. boot0
uses this TOC1 image format.
The vendor tools for generating TOC1 images require a binary config file
generated by their FEX compiler. Instead of trying to support that, I
made up a simple human-readable config file format. I didn't see any
existing platform-agnostic parser for multi-image containers in mkimage.
I am sending this as RFC because it is only of temporary/limited use.
It only works with one specific fork of boot0 which was modified to
"behave" (the the original vendor version monkey-patches a custom header
inside the U-Boot image during boot). So it will be obsolete once U-Boot
SPL is ported. And it is Yet Another Image Format. On the other hand, it
does work, and it is currently being used.
[1]: https://linux-sunxi.org/Allwinner_Nezha#U-Boot
[2]: https://fedoraproject.org/wiki/Architectures/RISC-V/Allwinner
[3]: https://github.com/smaeul/sun20i_d1_spl
END
Series-prefix: RFC
Series-to: sunxi
Signed-off-by: Samuel Holland <samuel@sholland.org>
Most Allwinner sunxi SoCs have separate boot ROMs in non-secure and
secure mode. The "non-secure" or "normal" boot ROM (NBROM) uses the
existing sunxi_egon image type. The secure boot ROM (SBROM) uses a
completely different image type, known as TOC0.
A TOC0 image is composed of a header and two or more items. One item
is the firmware binary. The others form a chain linking the firmware
signature to the root-of-trust public key (ROTPK), which has its hash
burned in the SoC's eFuses. Signatures are made using RSA-2048 + SHA256.
The pseudo-ASN.1 structure is manually assembled; this is done to work
around bugs/quirks in the boot ROM, which vary between SoCs. This TOC0
implementation has been verified to work with the A50, A64, H5, H6,
and H616 SBROMs, and it may work with other SoCs.
Series-changes: 2
- Moved certificate and key item structures out of sunxi_image.h
- Renamed "main" and "item" variables for clarity
- Improved error messages, and added a hint about key generation
- Added a comment explaining the purpose of the various key files
- Mentioned testing this code on A50 in the commit message
Series-changes: 3
- Removed TOOLS_LIBCRYPTO selection for sunxi, since most boards
do not need it
- Added __packed to all new "ABI" structs
- Added entry to MAINTAINERS for sunxi tools
Signed-off-by: Samuel Holland <samuel@sholland.org>
Some image types (kwbimage and mxsimage) always depend on OpenSSL, so
they can only be included in mkimage when TOOLS_LIBCRYPTO is selected.
Use Makefile logic to conditionally link the files.
Series-changes: 2
- Refactored the first patch on top of TOOLS_LIBCRYPTO
Series-changes: 3
- Selected TOOLS_LIBCRYPTO on all platforms that use kwbimage (as best
as I can tell, using the suggestions from Pali Rohár)
Series-changes: 4
- Do not select TOOLS_LIBCRYPTO anywhere
Patch-cc: Jernej Skrabec <jernej.skrabec@gmail.com>
Series-cc: Alex G. <mr.nuke.me@gmail.com>
Series-cc: Pali Rohár <pali@kernel.org>
Signed-off-by: Samuel Holland <samuel@sholland.org>
There's now a sun20i family in sunxi, which uses RISC-V CPU.
Add support for making eGON.BT0 image for RISC-V.
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Samuel Holland <samuel@sholland.org>
Refactor some functions in mkimage sunxi_egon type, in order to prepare
for adding support for more CPU architectures (e.g. RISC-V). In
addition, compatibility for operation w/o specified architecture is
kept, in this case the architecture is assumed as ARM.
Series-changes: 3
- Factor out an egon_get_arch() function as suggested by Andre
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Samuel Holland <samuel@sholland.org>
The sunxi_egon type used to take no -A argument (because we assume sunxi
targets are all ARM). However, as Allwinner D1 appears as the first
RISC-V sunxi target, we need to support -A; in addition, as external
projects rely on U-Boot mkimage to generate sunxi eGON.BT0 header, we
need to keep compatibility with command line without -A.
As the default value of arch in mkimage is not proper (IH_ARCH_PPC
instead of IH_ARCH_INVALID), to keep more compatibility, add an Aflag
field to image parameters to describe whether an architecture is
explicitly specified.
Reviewed-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Icenowy Zheng <icenowy@aosc.io>
Signed-off-by: Samuel Holland <samuel@sholland.org>
Do not check for kwbimage configuration file when just showing information
about existing kwbimage file.
The check for kwbimage configuration file is required only when creating
kwbimage, not when showing information about image or when extracting data
from image.
With this change, it is possible to call mkimage -l and dumpimage -l also
for existing kwbimage file.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When there is no -p argument for dumpimage tool specified, extract the main
data image from kwbimage file. This makes dumpimage consistent with other
image formats.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Despite the official specification, BootROM does not look at the lowest bit
of ext field but rather checks if ext field is non-zero.
Moreover original Marvell doimage tool puts into the mhdr->ext field the
number of extended headers, so basically it sets ext filed to non-zero
value if some extended header is present.
Fix U-Boot dumpimage and kwboot tools to parse correctly also kwbimage
files created by Marvell doimage tool, in the same way as the BootROM is
doing it when booting these images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
To regenerate kwbimage from existing image, it is needed to have kwbimage
config file. Add a new option to generate kwbimage config file from
existing kwbimage when '-p 1' option is given.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
For debugging purposes it is good to know where the binary image would be
loaded and also it is needed to know if printed size is image size or the
size of header together with image.
Make it unambiguous by showing that printed size is not the size of the
whole header, but only the size of executable code, and print also the
executable offset of this binary image. Load/execute address is the offset
relative to the base address (either 0x40004000 or 0x40000000).
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Data delay is stored as 8-bit number in kwbimage structure. Ensure the
given value is at most 255.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
This alignment is required only for platforms based on Sheeva CPU core
which are A370 and AXP. Now when U-Boot build system correctly propagates
LOAD_ADDRESS there is no need to have enabled 128-bit boundary alignment on
platforms which do not need it. Previously it was required because load
address was implicitly rounded to 128-bit boundary and U-Boot build system
expected it and misused it. Now with explicit setting of LOAD_ADDRESS there
is no guessing for load address anymore.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
BootROM loads kwbimage header to L2-SRAM and BootROM reserve only 192 kB for it.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Function image_headersz_v1() may return zero on fatal errors.
In this case the function already printed an error message.
Check the return value of image_headersz_v1() in kwbimage_generate(),
and exit on zero value with EXIT_FAILURE.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
ARM executable code included in kwbimage binary header, which is not
position independent, needs to be loaded and executed by BootROM at the
correct fixed address.
Armada BootROMs load kwbimage header (in which the executable code is also
stored) at fixed address 0x40004000 or 0x40000000 which is mapped to
L2-SRAM (L2 Cache as SRAM). Address 0x40004000 is used on Armada platforms
with Sheeva CPU core (A370 and AXP) where BootROM uses MMU with 0x4000
bytes for MMU translation table. Address 0x40000000 is used on all other
platforms.
Thus the only way to specify load and execute address of this executable
code in binary kwbimage header is by filling dummy arguments into the
binary header, using the same mechanism we already have for achieving
128-bit boundary alignment on A370 and AXP SoCs.
Extend kwbimage config file parser to allow to specify load address as
part of BINARY command with syntax:
BINARY path_to_binary arg1 arg2 ... argN LOAD_ADDRESS address
If the specified load address is invalid or cannot be used, mkimage will
throw fatal error and exit. This will prevent generating kwbimage with
invalid load address for non-position independent binary code.
If no load address is specified, kwbimage will not fill any the dummy
arguments, thus it will behave the same as before this change.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
For other changes it is required to know if CPU core is Sheeva or not.
Therefore add a new command CPU for specifying CPU.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Preserve the order of BINARY, DATA and DATA_DELAY commands as they appear
in the input file. They may depend on each other.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Register set header consists of sequence of DATA commands followed by
exactly one DATA_DELAY command. Thus if we are generating image with
multiple DATA_DELAY commands, we need to create more register set headers.
Fix calculation of image size with multiple DATA_DELAY commands and
correctly set pointer to struct register_set_hdr_v1 when initializing new
register set header.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Deduplicate code that finishes OPT_HDR_V1_REGISTER_TYPE header by
extracing it into separate function.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Mark all local functions as static.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
When genboardscfg.py is run on machines with 255 or more cores, the
process will consume more than 1024 file descriptors, which is a common
standard ulimit for user processes. As a consequence it will fail with a
lenghty Python trace, with the almost hidden message:
OSError: [Errno 24] Too many open files
It's somewhat questionable whether that level of parallelity is actually
useful for genboardscfg, so we limit the *default* number of jobs to the
safe number of 240, to avoid the problem.
If a user persists, she can still force a higher number via the -j
parameter - hopefully having raised the ulimit accordingly beforehand.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Python doesn't naturally support tilde (~) as a user-home marker in
paths, but git-config does. So we need to resolve it before continuing.
We also shouldn't blindly join the top-level tree with the aliasesfile
path, because it might be an absolute path.
This resolves warnings like the following:
Warning: Cannot find alias file '/path/to/source/tree/~/.git-email'
Seen when git-config is like:
$ git config sendemail.aliasesfile
~/.git-email
Signed-off-by: Brian Norris <briannorris@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Otavio Salvador <otavio@ossystems.com.br>
At present binman writes fake blobs to the current directory. This is not
very helpful, since the files serve no useful purpose once binman has
finished. They clutter up the source directory and affect future runs,
since the files in the current directory are often used in preference to
those in the board directory.
To avoid these problems, write them to the output directory instead.
Move the file-creation code to the Entry base class, so it can be used by
any entry type that needs it. This is required since some entry types,
such as Entry_blob_ext_list, are not subclasses of Entry_blob.
Signed-off-by: Simon Glass <sjg@chromium.org>
Use a unique number instead of the current 203, which is used by 203_fip
as well. Reformat the code to avoid a long line.
Signed-off-by: Simon Glass <sjg@chromium.org>
- meson64_android: add board specific env settings, in order to support VIM3/L for android
- add changes to support VIM3/L android boot by using meson64_android.h config
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEPVPGJshWBf4d9CyLd9zb2sjISdEFAmHYV8MACgkQd9zb2sjI
SdELkA/+LjyjJB1KI6/KLLg43zyFeeZX/SjQd5BUIx6EfaCgyTkuq2lzQnErGmbi
HoyMoNLpBxLIL27/5TXPzmKYAeOfKPxA/sXTTtx/l7PG8ncSZIoU0+utqjycdUsK
tSi7EdFzk7/kDDRkqqA7q9nxsPn/7GQNh/ZC9zstMXKaTO/TEb/sZWCMcvQ0MNoB
ynZKOCg5t60UkIYIRwZwC/OS/ssn86dovv/Aa/8D6qpL2AbS5DoCXHuAr8Dnz7fJ
q4rV7oLh7a+WHe/qC7R6ylYFIVVqY5JaIgbLDwuvk1z9o7txchMMQnGgllZ35sN9
LECD2iSDGjhPaHuGCvQwl3TWtIpvtdcP4sQTyJhsXNPxCG6HHvRz7xY4erUohR1I
LIddwCCHeCrBiaamXNbCzph2+JhfPSQ5ETCL9M6iBMxNUPunlCxjfjDzlT/pg11p
EO9PIPjRMR9QhxKtd3gZpyAqPuMBEmIwhDtHI6dL3DNOOsF44ObE4swnzS6qXIDn
jRZzFCC2f/Vyg11YnzFtV3A5eWwJahGDWAGAnnlg6Y8GCLlLmDJitcgA/rWSALko
T5fC8L8IFUx2RnHczyitJ/wqJl9FqOAnIaoB3Trpwp8gFQ15dQjbvoXldQnAjSS2
9bns3zOrx79EF4lbHhwNE9UDLm6OjK5vR3h4bGJvyZBmasVsA90=
=dLEg
-----END PGP SIGNATURE-----
Merge tag 'u-boot-amlogic-20220107' of https://source.denx.de/u-boot/custodians/u-boot-amlogic into next
- disable CONFIG_NET_RANDOM_ETHADDR when unnecessary on amlogic based configs
- meson64_android: add board specific env settings, in order to support VIM3/L for android
- add changes to support VIM3/L android boot by using meson64_android.h config
While converting to binman for an imx8mq board, it has been found that
building in the u-boot CI fails. This is because an imx8mq requires an
external binary (signed_hdmi_imx8m.bin). If this file cannot be found
mkimage fails.
To be able to build this board in the u-boot CI a binman option
(--fake-ext-blobs) is introduced that can be switched on via the u-boot
makefile option BINMAN_FAKE_EXT_BLOBS. With that the needed dummy files are
created.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Recent changes caused fields in the image main header to be modified
after the header checksum had already been computed. Move the checksum
computation to once again be the last operation performed on the header.
Fixes: 2b0980c24027 ("tools: kwbimage: Fill the real header size into the main header")
Signed-off-by: Pierre Bourdon <delroth@gmail.com>
Reviewed-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
UEFI:
* allow for more than 16 KiB UEFI variable size when using StMM
Others:
* make watchdog sysreset compatible with separate poweroff driver
* avoid OpenSSL deprecation warnings
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbcT5xx8ppvoGt20zxIHbvCwFGsQFAmHJm4UACgkQxIHbvCwF
GsT4Bw/8DdBhuNv/Pozn/5yYU/YQiy3cUrQys/xRMKqXT90920yhbSmbSc8IbDzr
A+k2bRhD13qQ/Onc2jj0p1AaB2FvThrnPpBqxrKoA++yBqi1LTPkRjRHvbVt1py8
VUDBxNRAhbI4jMS/AgvX9pcsVQr2PE6s+zmcm3klaBaFe6q07c489csgDOkTZIi7
grFAHq56XJq8mjVoKFpQVT9qrVkT2AsXPvMYz18h1CN7JmABqt1zd8vIWrLyOHf3
d3blaX26xgSMa5e4AlZrwG1vQ4INqNhLavHskodcSDlSQrZB6nrMow2A6kke8RDt
6yVzxOYfPpRkbbyyC2fxWSSuQlvaL0AzbH7mRQVwXIp2oM1DPLIGL0VNq/kSSB6b
EaSglHdVIahHvwObPHJecIYXlyOfd3dZ6JqeFt1o/zxtYJtWdNqdZN3oCHB9BPc/
L0Fkw96atdBxkwzqawUL6E215TytHo8bWB2DCGRuhi9XlfupLzs1CTcIBIlGDihT
ihoXqGjjxyplNaDg6P7uPR4QdrDgwoHYLmUGlge+ehtJ8TsDVwhnvvm0LBTfckEr
DPdNwUB9pIBgiAxgwdgxwxuB3YbftRdC/lUgrhB97/qlHrZ7KrJpwZI+QLmSaZLV
44V/OhP8bscEyBGhbpUa372tedD7IVko0B1ohQAIE/DnmMLFVFE=
=VFOg
-----END PGP SIGNATURE-----
Merge tag 'efi-2022-01-rc4-4' of https://source.denx.de/u-boot/custodians/u-boot-efi
Pull request for efi-2022-01-rc4-4
UEFI:
* allow for more than 16 KiB UEFI variable size when using StMM
Others:
* make watchdog sysreset compatible with separate poweroff driver
* avoid OpenSSL deprecation warnings
At present this uses RGB555 format for blitting to a display. Sandbox uses
565 and that seems to be more normal for BMP as well. Update the code
accordingly and add a test.
Note that this likely breaks the theadorable board so we may need to
discuss supporting both formats.
Signed-off-by: Simon Glass <sjg@chromium.org>
Our Gitlab CI buildsystem is set up to treat warnings as errors.
With OpenSSL 3.0 a lot of deprecation warnings occur.
With the patch compatibility with OpenSSL 1.1.1 is declared.
In the long run we should upgrade our code to use the current API.
A -Wdiscarded-qualifiers warning is muted by casting.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Rockchip BootRom supports new idb header v2 instead of legacy version.
Add support for it so that we can generate image for new SoCs.
Signed-off-by: Yi Liu <liuyi@rock-chips.com>
Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
At present one must hack the Makefile to see what is going on with these
files. Also it doesn't quite work correctly.
Fix this by using an environment variable for debugging. Update the docs
also.
Signed-off-by: Simon Glass <sjg@chromium.org>
This was added as a hack to work around not having an in-tree devicetree.
Now that this is fixed it is not needed.
Drop it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Commit "fw_setenv: lock the flash only if it was locked before"
checks for Locked status with uninitialized erase data.
Address by moving the test for MEMISLOCKED.
Fixes: 8a726b852502 ("fw_setenv: lock the flash only if it was locked before")
Signed-off-by: Joakim Tjernlund <joakim.tjernlund@infinera.com>
When outputting a devicetree we should not align the struct section to a
16-byte boundary. The normal position is fine, which is 8-byte aligned.
This avoids leaving adding 8 extra zero bytes in the output tree in the
case where the reserved section is empty (i.e has 16 zero bytes).
Signed-off-by: Simon Glass <sjg@chromium.org>
