u-boot.git/tools/mkimage.c, branch v2018.11 Unnamed repository; edit this file 'description' to name the repository. tools: add i.MX8/8X image support 2018-10-22T11:01:27+00:00 Peng Fan peng.fan@nxp.com 2018-10-16T04:50:30+00:00 a2b96ece5be146f4995d737f047e5bbb76079b8f i.MX8/8X bootable image type is container type. The bootable image, containers a container set which supports two container. The 1st container is for SECO firmware, the 2nd container needs to include scfw, m4_0/1 image, ACore images per your requirement. Signed-off-by: Peng Fan <peng.fan@nxp.com> 
i.MX8/8X bootable image type is container type.
The bootable image, containers a container set which supports two
container. The 1st container is for SECO firmware, the 2nd container
needs to include scfw, m4_0/1 image, ACore images per your requirement.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
tools: mkimage: Ensure munmap unmaps the same length that was mapped 2018-09-11T01:19:32+00:00 Mark Tomlinson mark.tomlinson@alliedtelesis.co.nz 2018-08-28T22:51:14+00:00 8961c8ad252b8af887439e4e5c6c1bc0c912f2de The set_header call in kwbimage.c adds a checksum to the end of the image in addition to setting up the header. It 'helpfully' updates the st_size to match the fact that the file is now longer. However, mkimage uses this length in the munmap call. This can lead to unmapping an extra page, of perhaps required data. When this happens, a SEGV can occur. To prevent this from happening, the munmap call now uses the same length that was passed to mmap. This could also have been fixed by not changing the length in kwbimage.c, however changing it in the main file means that other plugins will also not fall for the same trap. Signed-off-by: Mark Tomlinson <mark.tomlinson@alliedtelesis.co.nz> Signed-off-by: Chris Packham <judge.packham@gmail.com> [cp: resolve checkpatch complaints] Tested-by: Chris Packham <judge.packham@gmail.com> 
The set_header call in kwbimage.c adds a checksum to the end of the
image in addition to setting up the header. It 'helpfully' updates the
st_size to match the fact that the file is now longer. However, mkimage
uses this length in the munmap call. This can lead to unmapping an extra
page, of perhaps required data. When this happens, a SEGV can occur.

To prevent this from happening, the munmap call now uses the same length
that was passed to mmap. This could also have been fixed by not changing
the length in kwbimage.c, however changing it in the main file means
that other plugins will also not fall for the same trap.

Signed-off-by: Mark Tomlinson <mark.tomlinson@alliedtelesis.co.nz>
Signed-off-by: Chris Packham <judge.packham@gmail.com>
[cp: resolve checkpatch complaints]
Tested-by: Chris Packham <judge.packham@gmail.com>
tools: zynqmpimage: Add bif support 2018-05-11T07:23:44+00:00 Alexander Graf agraf@suse.de 2018-04-13T12:18:52+00:00 6915dcf35987d654b491524f151e56b91e0d0ec9 The officially described way to generate boot.bin files for ZynqMP is to describe the contents of the target binary using a file of the "bif" format. This file then links to other files that all get packed into a bootable image. This patch adds support to read such a .bif file and generate a respective ZynqMP boot.bin file that can include the normal image and pmu files, but also supports image partitions now. This makes it a handy replacement for the proprietary "bootgen" utility that is currently used to generate boot.bin files with FSBL. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Michal Simek <michal.simek@xilinx.com> 
The officially described way to generate boot.bin files for ZynqMP is to
describe the contents of the target binary using a file of the "bif"
format.  This file then links to other files that all get packed into a
bootable image.

This patch adds support to read such a .bif file and generate a respective
ZynqMP boot.bin file that can include the normal image and pmu files, but
also supports image partitions now. This makes it a handy replacement for
the proprietary "bootgen" utility that is currently used to generate
boot.bin files with FSBL.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07T13:34:12+00:00 Tom Rini trini@konsulko.com 2018-05-06T21:58:06+00:00 83d290c56fab2d38cd1ab4c4cc7099559c1d5046 When U-Boot started using SPDX tags we were among the early adopters and there weren't a lot of other examples to borrow from. So we picked the area of the file that usually had a full license text and replaced it with an appropriate SPDX-License-Identifier: entry. Since then, the Linux Kernel has adopted SPDX tags and they place it as the very first line in a file (except where shebangs are used, then it's second line) and with slightly different comment styles than us. In part due to community overlap, in part due to better tag visibility and in part for other minor reasons, switch over to that style. This commit changes all instances where we have a single declared license in the tag as both the before and after are identical in tag contents. There's also a few places where I found we did not have a tag and have introduced one. Signed-off-by: Tom Rini <trini@konsulko.com> 
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
tools: mkimage: Check for datafile when type is script 2018-04-28T22:32:25+00:00 Alex Kiernan alex.kiernan@gmail.com 2018-04-22T05:11:17+00:00 8c84287a0f225e29b688bda848e49a555c68a442 If generating a script image and no datafile has been passed in, mkimage dies with SIGSEGV: #0 __strchr_sse2 () at ../sysdeps/x86_64/multiarch/../strchr.S:32 #1 0x0000000000403818 in main at tools/mkimage.c:503 Add explicit test for datafile to fix this. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> 
If generating a script image and no datafile has been passed in, mkimage
dies with SIGSEGV:

  #0  __strchr_sse2 () at ../sysdeps/x86_64/multiarch/../strchr.S:32
  #1  0x0000000000403818 in main
      at tools/mkimage.c:503

Add explicit test for datafile to fix this.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
mkimage: do not fail if there is no print_header function 2018-04-10T15:52:16+00:00 Guillaume GARDET guillaume.gardet@free.fr 2018-03-30T08:28:19+00:00 004d00914a1888a050ef2d30e52e8e3862983ccb Commit 253c60a breaks the exit value of 'mkimage -T rkimage' and print the following error: mkimage: Can't print header for Rockchip Boot Image support: Success It is not a failure to not print headers, so just display the warning message, and finish the function properly. Signed-off-by: Guillaume GARDET <guillaume.gardet@free.fr> Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Cc: Simon Glass <sjg@chromium.org> Cc: Tom Rini <trini@konsulko.com> Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> 
Commit 253c60a breaks the exit value of 'mkimage -T rkimage'
and print the following  error:
  mkimage: Can't print header for Rockchip Boot Image support: Success

It is not a failure to not print headers, so just display the warning message,
and finish the function properly.

Signed-off-by: Guillaume GARDET <guillaume.gardet@free.fr>

Cc: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Reviewed-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
mkimage: fix display of image types list 2017-07-06T20:17:16+00:00 Baruch Siach baruch@tkos.co.il 2017-06-29T17:37:08+00:00 79aa33cdb3d2a158c5ccb35173cbd2ab084d8e9c Since commit 5b9d44df2307f (mkimage: Display a better list of available image types) mkimage usage text suggest to "use -T to see a list of available image types". Unfortunately, commit 02221f29deb8 (mkimage: Convert to use getopt()) broke that feature, because getopt() fails when -T has no option argument. Add a pseudo image type name 'list' that lists all image types. Update the usage text accordingly. Cc: Simon Glass <sjg@chromium.org> Signed-off-by: Baruch Siach <baruch@tkos.co.il> 
Since commit 5b9d44df2307f (mkimage: Display a better list of available image
types) mkimage usage text suggest to "use -T to see a list of available image
types". Unfortunately, commit 02221f29deb8 (mkimage: Convert to use getopt())
broke that feature, because getopt() fails when -T has no option argument.

Add a pseudo image type name 'list' that lists all image types. Update the
usage text accordingly.

Cc: Simon Glass <sjg@chromium.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
tools: mkimage: fix sizeof_mismatch found by coverity 2017-01-20T20:38:04+00:00 Sven Ebenfeld sven.ebenfeld@gmail.com 2017-01-17T18:36:51+00:00 b4e923a8056c29ae978c2086b65be0cbc84cef4e Reported-by: Coverity (CID: 155214) Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com> 
Reported-by: Coverity (CID: 155214)
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
mkimage: Add support for signing with pkcs11 2017-01-14T21:47:13+00:00 George McCollister george.mccollister@gmail.com 2017-01-06T19:14:17+00:00 f1ca1fdebf1cde1c37c91b3d85f8b7af111112ea Add support for signing with the pkcs11 engine. This allows FIT images to be signed with keys securely stored on a smartcard, hardware security module, etc without exposing the keys. Support for other engines can be added in the future by modifying rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct correct key_id strings. Signed-off-by: George McCollister <george.mccollister@gmail.com> 
Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.

Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.

Signed-off-by: George McCollister <george.mccollister@gmail.com>
tools: mkimage: add firmware-ivt image type for HAB verification 2017-01-02T16:06:57+00:00 Sven Ebenfeld sven.ebenfeld@gmail.com 2016-11-06T15:37:56+00:00 d21bd69b6e95ca7824941e7f527871cd5c63c7f7 When we want to use Secure Boot with HAB from SPL over U-Boot.img, we need to append the IVT to the image and leave space for the CSF. Images generated as firmware_ivt can directly be signed using the Freescale code signing tool. For creation of a CSF, mkimage outputs the correct HAB Blocks for the image. The changes to the usual firmware image class are quite small, that is why I implemented that directly into the default_image. Cc: sbabic@denx.de v2-Changes: None Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com> Reviewed-by: George McCollister <george.mccollister@gmail.com> Tested-by: George McCollister <george.mccollister@gmail.com> 
When we want to use Secure Boot with HAB from SPL over U-Boot.img,
we need to append the IVT to the image and leave space for the CSF.
Images generated as firmware_ivt can directly be signed using the
Freescale code signing tool. For creation of a CSF, mkimage outputs
the correct HAB Blocks for the image.
The changes to the usual firmware image class are quite small,
that is why I implemented that directly into the default_image.

Cc: sbabic@denx.de

v2-Changes: None

Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>