u-boot.git/tools/default_image.c, branch v2023.04 Unnamed repository; edit this file 'description' to name the repository. tools: default_image: Accept images with padding 2023-02-06T22:10:14+00:00 Pali Rohár pali@kernel.org 2023-01-29T16:44:11+00:00 598e911f2391d0a9f002bc49d37a06b5ef3213cb If image file is stored on flash partition then it contains padding, which is not part of the image itself. Image data size is stored in the image header. So use image size from the header instead of expecting that total image file size is size of the header plus size of the image data. This allows dumpimage to parse image files with padding (e.g. dumped from flash partition). Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Simon Glass <sjg@chromium.org> 
If image file is stored on flash partition then it contains padding, which
is not part of the image itself. Image data size is stored in the image
header. So use image size from the header instead of expecting that total
image file size is size of the header plus size of the image data. This
allows dumpimage to parse image files with padding (e.g. dumped from flash
partition).

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
tools: default_image: Verify header size 2023-02-06T19:35:14+00:00 Pali Rohár pali@kernel.org 2023-01-29T16:44:10+00:00 3f837b06b76d06189055a0fcdaee4d31c7758d9e Before reading image header, verify that image size is at least size of the image header. Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Simon Glass <sjg@chromium.org> 
Before reading image header, verify that image size is at least size of
the image header.

Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
tools: mkimage: add new image type "fdt_legacy" 2022-12-08T14:29:02+00:00 Marc Kleine-Budde mkl@pengutronix.de 2022-11-23T11:55:33+00:00 28f924f2650ed2229fd712620c36a41dc0610fcb If the user select the image type "flat_dt" a FIT image will be build. This breaks the legacy use case of putting a Flat Device Tree into a legacy u-boot image. Add a new image type "fdt_legacy" to build a legacy u-boot image with a "flat_dt" type. Link: https://lore.kernel.org/all/20221028155205.ojw6tcso2fofgnhm@pengutronix.de Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> Reviewed-by: Sean Anderson <seanga2@gmail.com> 
If the user select the image type "flat_dt" a FIT image will be build.
This breaks the legacy use case of putting a Flat Device Tree into a
legacy u-boot image.

Add a new image type "fdt_legacy" to build a legacy u-boot image
with a "flat_dt" type.

Link: https://lore.kernel.org/all/20221028155205.ojw6tcso2fofgnhm@pengutronix.de
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Reviewed-by: Sean Anderson <seanga2@gmail.com>
treewide: Drop image_header_t typedef 2022-09-29T20:07:57+00:00 Simon Glass sjg@chromium.org 2022-09-07T02:26:52+00:00 f3543e69442ca393e52df253d9c5d45bc189d471 This is not needed and we should avoid typedefs. Use the struct instead and rename it to indicate that it really is a legacy struct. Signed-off-by: Simon Glass <sjg@chromium.org> 
This is not needed and we should avoid typedefs. Use the struct instead
and rename it to indicate that it really is a legacy struct.

Signed-off-by: Simon Glass <sjg@chromium.org>
crc32: Use the crc.h header for crc functions 2019-12-02T23:23:08+00:00 Simon Glass sjg@chromium.org 2019-11-14T19:57:16+00:00 3db7110857524cf1b7d0a374c1ebcde8a2680de0 Drop inclusion of crc.h in common.h and use the correct header directly instead. With this we can drop the conflicting definition in fw_env.h and rely on the crc.h header, which is already included. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com> 
Drop inclusion of crc.h in common.h and use the correct header directly
instead.

With this we can drop the conflicting definition in fw_env.h and rely on
the crc.h header, which is already included.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
imx: Kconfig: Reduce default CONFIG_CSF_SIZE 2019-10-08T14:36:36+00:00 Breno Matheus Lima breno.lima@nxp.com 2019-09-23T18:39:47+00:00 5b20d141f209a62596f38ee42b0622280636a7ae The default CSF_SIZE defined in Kconfig is too high and SPL cannot fit into the OCRAM in certain cases. The CSF cannot achieve 0x2000 length when using RSA 4K key which is the largest key size supported by HABv4. According to AN12056 "Encrypted Boot on HABv4 and CAAM Enabled Devices" it's recommended to pad CSF binary to 0x2000 and append DEK blob to deploy encrypted boot images. As the maximum DEK blob size is 0x58 we can reduce CSF_SIZE to 0x2060 which should cover both CSF and DEK blob length. Update default_image.c and image.c to align with this change and avoid a U-Boot proper authentication failure in HAB closed devices: Authenticate image from DDR location 0x877fffc0... bad magic magic=0x32 length=0x6131 version=0x38 bad length magic=0x32 length=0x6131 version=0x38 bad version magic=0x32 length=0x6131 version=0x38 spl: ERROR: image authentication fail Fixes: 96d27fb218 (Revert "habv4: tools: Avoid hardcoded CSF size for SPL targets") Reported-by: Jagan Teki <jagan@amarulasolutions.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> 
The default CSF_SIZE defined in Kconfig is too high and SPL cannot
fit into the OCRAM in certain cases.

The CSF cannot achieve 0x2000 length when using RSA 4K key which is
the largest key size supported by HABv4.

According to AN12056 "Encrypted Boot on HABv4 and CAAM Enabled Devices"
it's recommended to pad CSF binary to 0x2000 and append DEK blob to
deploy encrypted boot images.

As the maximum DEK blob size is 0x58 we can reduce CSF_SIZE to 0x2060
which should cover both CSF and DEK blob length.

Update default_image.c and image.c to align with this change and avoid
a U-Boot proper authentication failure in HAB closed devices:

Authenticate image from DDR location 0x877fffc0...
bad magic magic=0x32 length=0x6131 version=0x38
bad length magic=0x32 length=0x6131 version=0x38
bad version magic=0x32 length=0x6131 version=0x38
spl: ERROR:  image authentication fail

Fixes: 96d27fb218 (Revert "habv4: tools: Avoid hardcoded CSF size for SPL targets")

Reported-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Breno Lima <breno.lima@nxp.com>
Revert "habv4: tools: Avoid hardcoded CSF size for SPL targets" 2019-10-08T14:35:59+00:00 Stefano Babic sbabic@denx.de 2019-09-13T16:53:03+00:00 70026345ed9131ef74b923f6b81196581235f127 This reverts commit 62a52f3f85bf33e286632e99f0d39b2c166af0c4. 
This reverts commit 62a52f3f85bf33e286632e99f0d39b2c166af0c4.
habv4: tools: Avoid hardcoded CSF size for SPL targets 2019-10-08T14:35:59+00:00 Breno Matheus Lima breno.lima@nxp.com 2019-07-18T12:34:15+00:00 40af7d39aab46383e3b0d52b4b06928231807637 Currently it's not possible to authenticate the U-Boot proper of mx6ul_14x14_evk_defconfig target: Authenticate image from DDR location 0x877fffc0... bad magic magic=0x0 length=0x00 version=0x3 bad length magic=0x0 length=0x00 version=0x3 bad version magic=0x0 length=0x00 version=0x3 spl: ERROR: image authentication fail Commit 0633e134784a ("imx: hab: Increase CSF_SIZE for i.MX6 and i.MX7 devices") has increased CSF_SIZE to avoid a possible issue when booting encrypted boot images. Commit d21bd69b6e95 ("tools: mkimage: add firmware-ivt image type for HAB verification") is hardcoding the CSF and IVT sizes, the new CSF size is not being considered and u-boot-ivt.img fails to boot. Avoid hardcoded CSF and IVT size to fix this issue. Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <festevam@gmail.com> 
Currently it's not possible to authenticate the U-Boot proper of
mx6ul_14x14_evk_defconfig target:

Authenticate image from DDR location 0x877fffc0...
bad magic magic=0x0 length=0x00 version=0x3
bad length magic=0x0 length=0x00 version=0x3
bad version magic=0x0 length=0x00 version=0x3
spl: ERROR:  image authentication fail

Commit 0633e134784a ("imx: hab: Increase CSF_SIZE for i.MX6 and
i.MX7 devices") has increased CSF_SIZE to avoid a possible issue
when booting encrypted boot images.

Commit d21bd69b6e95 ("tools: mkimage: add firmware-ivt image type
for HAB verification") is hardcoding the CSF and IVT sizes, the
new CSF size is not being considered and u-boot-ivt.img fails to
boot.

Avoid hardcoded CSF and IVT size to fix this issue.

Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
mkimage: Refactor imagetool_get_source_date to take command name 2018-07-10T20:56:00+00:00 Alex Kiernan alex.kiernan@gmail.com 2018-06-20T20:10:51+00:00 87925df2b3f8d308addc5c0fe5a22ae9712ca5ec So we can use imagetool_get_source_date() from callers who do not have the image tool params struct, just pass in the command name for the error message. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Reviewed-by: Simon Glass <sjg@chromum.org> 
So we can use imagetool_get_source_date() from callers who do not have
the image tool params struct, just pass in the command name for the error
message.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Reviewed-by: Simon Glass <sjg@chromum.org>
SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07T13:34:12+00:00 Tom Rini trini@konsulko.com 2018-05-06T21:58:06+00:00 83d290c56fab2d38cd1ab4c4cc7099559c1d5046 When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com> 
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>