u-boot.git/tools, branch v2026.01 Unnamed repository; edit this file 'description' to name the repository. test/py, buildman: Update filelock package version 2025-12-18T16:28:10+00:00 Tom Rini trini@konsulko.com 2025-12-16T22:19:35+00:00 d24f4ae65433aa7720c075a9f1d1aaf7e1985ced The GitHub dependabot tool has reported a "medium" priority bug CVE-2025-68146, with this package. Update to the patched version. Reported-by: GitHub dependabot Signed-off-by: Tom Rini <trini@konsulko.com> 
The GitHub dependabot tool has reported a "medium" priority bug
CVE-2025-68146, with this package. Update to the patched version.

Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <trini@konsulko.com>
tools/libfdt/fdt_rw: fix SPDX-License-Identifier 2025-12-16T17:02:27+00:00 Max Merchel Max.Merchel@ew.tq-group.com 2025-08-26T06:30:29+00:00 798bef8e8322101a6add9a5797f6dfc748f44ed6 Currently, the terms of both licenses (GPL 2.0 and BSD-2-Clause) must be met. However, before switching to the SPDX license identifier, the license information in the file begins with: "libfdt is dual licensed: you can use it either under the terms of the GPL, or the BSD license, at your option." Therefore, the missing "OR" between the licenses is added. Fixes: 3508476 ("libfdt: SPDX-License-Identifier: GPL-2.0+ BSD-2-Clause") Signed-off-by: Max Merchel <Max.Merchel@ew.tq-group.com> 
Currently, the terms of both licenses (GPL 2.0 and BSD-2-Clause) must be
met.
However, before switching to the SPDX license identifier, the license
information in the file begins with:

"libfdt is dual licensed: you can use it either under the terms of
the GPL, or the BSD license, at your option."

Therefore, the missing "OR" between the licenses is added.

Fixes: 3508476 ("libfdt: SPDX-License-Identifier: GPL-2.0+ BSD-2-Clause")

Signed-off-by: Max Merchel <Max.Merchel@ew.tq-group.com>
rockchip: mkimage: enhance comments for v1 header 2025-12-13T16:02:10+00:00 Quentin Schulz quentin.schulz@cherry.de 2025-11-12T14:58:00+00:00 0ed7abc85d1664a3d7432795a7126ff6a1d01147 Improve the image header documentation for v1 header: - specify this applies to all MMC, not only SD cards, - specify the offset for SPI flashes, - specify the key used for RC4 encoding, - specify what "init" refers to, especially since some configs enable TPL, - specify what "init_boot_size" refers to, especially since some configs enable TPL, - specify the size of a block, - add documentation for init_size and init_boot_size, Note that the offset on the storage medium isn't necessarily 32KiB (64 blocks) for MMC or 0 for SPI flashes, it's just the first offset the BootROM checks. Barebox[1] lists a few options, though those are applicable to RK35xx which use the v2 header, so not guaranteed they can be shared. On RK3399, the binary can at least be stored at offset 0 and 32KiB on SPI flashes. [1] https://git.pengutronix.de/cgit/barebox/tree/arch/arm/mach-rockchip/bbu.c#n19 Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> Reviewed-by: Kever Yang <kever.yang@rock-chips.com> 
Improve the image header documentation for v1 header:

- specify this applies to all MMC, not only SD cards,
- specify the offset for SPI flashes,
- specify the key used for RC4 encoding,
- specify what "init" refers to, especially since some configs enable
  TPL,
- specify what "init_boot_size" refers to, especially since some configs
  enable TPL,
- specify the size of a block,
- add documentation for init_size and init_boot_size,

Note that the offset on the storage medium isn't necessarily 32KiB (64
blocks) for MMC or 0 for SPI flashes, it's just the first offset the
BootROM checks. Barebox[1] lists a few options, though those are
applicable to RK35xx which use the v2 header, so not guaranteed they can
be shared. On RK3399, the binary can at least be stored at offset 0 and
32KiB on SPI flashes.

[1] https://git.pengutronix.de/cgit/barebox/tree/arch/arm/mach-rockchip/bbu.c#n19

Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
tools: use setuptools 78.1.1 2025-12-10T15:28:43+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2025-12-09T22:32:38+00:00 ff80e95fed188ec3d4001129445e414c9c811beb CVE-2025-47273 describes a path traversal vulnerability. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Tom Rini <trini@konsulko.com> 
CVE-2025-47273 describes a path traversal vulnerability.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
tools/logos: Add U-Boot logo with text 'U-Boot' 2025-12-06T10:32:02+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2025-11-22T22:17:37+00:00 56778d4c2787cb0eea35b5e9bb82e4782b17ff41 The logo with the text 'U-Boot' has been used in multiple presentations. Up to now it was only available from my upload to wikimedia.org. Make it available in our repository. Link: https://upload.wikimedia.org/wikipedia/commons/9/9e/U-Boot_Logo.svg Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
The logo with the text 'U-Boot' has been used in multiple presentations.
Up to now it was only available from my upload to wikimedia.org.
Make it available in our repository.

Link: https://upload.wikimedia.org/wikipedia/commons/9/9e/U-Boot_Logo.svg
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
binman: fallback to importlib_resources on Python 3.8 2025-12-04T19:45:10+00:00 Chukun Pan amadeus@jmu.edu.cn 2025-12-02T10:00:00+00:00 02aa1a56a7cfcb858973ef8965e54cf539060fd9 Python 3.7 and 3.8 lack the files attribute in importlib.resources. Use importlib_resources to fix build errors with Python 3.8: binman: module 'importlib.resources' has no attribute 'files' Fixes: 538719cb6a77 ("binman: migrate from pkg_resources to importlib") Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> Acked-by: Quentin Schulz <quentin.schulz@cherry.de> [trini: Re-add # pragma: no cover line] Signed-off-by: Tom Rini <trini@konsulko.com> 
Python 3.7 and 3.8 lack the files attribute in importlib.resources.
Use importlib_resources to fix build errors with Python 3.8:
binman: module 'importlib.resources' has no attribute 'files'

Fixes: 538719cb6a77 ("binman: migrate from pkg_resources to importlib")
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
Acked-by: Quentin Schulz <quentin.schulz@cherry.de>
[trini: Re-add # pragma: no cover line]
Signed-off-by: Tom Rini <trini@konsulko.com>
Cyclone V Board handsoff script 2025-12-01T06:01:12+00:00 Brian Sune briansune@gmail.com 2025-10-31T18:04:19+00:00 3ba9b1f7bd7e7c47ff2768fc88abeb249400d374 Since turning from old build flow. New Altera SoCFPGA requires converting handsoff conversion via the python script. This is from official provided, and now sync to U-Boot with better location at tools/cv_xxxx. Meantime, requirement.txt is also provided to further explain the libraries require for these scripts. Signed-off-by: Brian Sune <briansune@gmail.com> Reviewed-by: Tien Fong Chee <tien.fong.chee@altera.com> 
Since turning from old build flow.
New Altera SoCFPGA requires converting handsoff
conversion via the python script. This is from
official provided, and now sync to U-Boot with
better location at tools/cv_xxxx. Meantime,
requirement.txt is also provided to further
explain the libraries require for these scripts.

Signed-off-by: Brian Sune <briansune@gmail.com>
Reviewed-by: Tien Fong Chee <tien.fong.chee@altera.com>
CI: Update to latest container 2025-11-26T16:30:24+00:00 Tom Rini trini@konsulko.com 2025-11-26T16:30:24+00:00 0ae3dc6809ffb6568b5e46d9022829e36d473d36 - Move to jammy-20251013 tag - Bring in tkinter so that FATtools should run and more tests should be run. - Update to QEMU 10.0.6 - Pick tags for (most of) trace-cmd Signed-off-by: Tom Rini <trini@konsulko.com> 
- Move to jammy-20251013 tag
- Bring in tkinter so that FATtools should run and more tests should be
  run.
- Update to QEMU 10.0.6
- Pick tags for (most of) trace-cmd

Signed-off-by: Tom Rini <trini@konsulko.com>
Dockerfile: Update building trace tools slightly 2025-11-26T16:21:54+00:00 Tom Rini trini@konsulko.com 2025-11-26T16:21:54+00:00 4dfa4c14b8e5b37885f9eb281b3bc230938c5972 We have not been picking a tag for the trace-cmd build process. Currently the tip of libtraceevent fails to build. Address both problems here by picking recent stable tags for libtraceevent and libtracefs (trace-cmd has no recent tags). Further, as it is often reported that this fails to build due to a race, stop using "make -j$(nproc)" as this is also small enough of a set of builds to not be an issue. Signed-off-by: Tom Rini <trini@konsulko.com> 
We have not been picking a tag for the trace-cmd build process.
Currently the tip of libtraceevent fails to build. Address both problems
here by picking recent stable tags for libtraceevent and libtracefs
(trace-cmd has no recent tags). Further, as it is often reported that
this fails to build due to a race, stop using "make -j$(nproc)" as this
is also small enough of a set of builds to not be an issue.

Signed-off-by: Tom Rini <trini@konsulko.com>
Dockerfile: Include python3-tk for FATtools 2025-11-26T15:39:42+00:00 Tom Rini trini@konsulko.com 2025-11-13T22:09:56+00:00 bc4a1e56bfcdd70a5307c91c94dafcf6bb27da93 In some cases our tests for exFAT don't run because we fail to be able to create the underlying image. This is in turn because while creation of the image succeeds, it seems that some way of how we invoke FATtools wants to import tkinter, that fails and so the test stops there. Having tkinter available (and then presumably a fallback to non-GUI because it's not available) leads to the tests running as expected. Reviewed-by: Marek Vasut <marek.vasut@mailbox.org> Signed-off-by: Tom Rini <trini@konsulko.com> 
In some cases our tests for exFAT don't run because we fail to be able
to create the underlying image. This is in turn because while creation
of the image succeeds, it seems that some way of how we invoke FATtools
wants to import tkinter, that fails and so the test stops there. Having
tkinter available (and then presumably a fallback to non-GUI because
it's not available) leads to the tests running as expected.

Reviewed-by: Marek Vasut <marek.vasut@mailbox.org>
Signed-off-by: Tom Rini <trini@konsulko.com>