Commit Graph

4061 Commits

Author SHA1 Message Date
Tom Rini
3ecda19009 Merge tag 'v2025.04-rc3' into next
Prepare v2025.04-rc3
2025-02-24 17:15:14 -06:00
Tom Rini
523a56cc54 Revert "Merge patch series "Add preload_check_sign tool""
This reverts commit c8750efe02, reversing
changes made to 8c6cf8aeea.

Unfortunately these changes do not build on macOS hosts.

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-24 10:32:04 -06:00
Simon Glass
7520827be3 buildman: Update tests for newer filelock module
Recent versions of this module call time.perf_counter() so add a patch
for this also.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
2025-02-21 14:11:05 -06:00
Tom Rini
c8750efe02 Merge patch series "Add preload_check_sign tool"
Paul HENRYS <paul.henrys_ext@softathome.com> says:

This serie of patches adds a new tool to authenticate files signed
with a preload header.
This tool is also used in the tests to actually verify the
authenticity of the file signed with such a preload header.

Link: https://lore.kernel.org/r/20250212093126.3722186-1-paul.henrys_ext@softathome.com
2025-02-21 11:37:27 -06:00
Paul HENRYS
a9842ac634 binman: Authenticate the image when testing the preload signature
Use preload_check_sign to authenticate the generated image when testing the
preload signature in testPreLoad().

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
2025-02-21 08:34:21 -06:00
Paul HENRYS
7dd0bf5279 tools: Add preload_check_sign to authenticate images with a pre-load
preload_check_sign is added so that it can be used to authenticate images
signed with the pre-load signature supported by binman and U-Boot.
It could also be used to test the signature in binman tests signing
images with the pre-load.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
2025-02-21 08:34:21 -06:00
Paul HENRYS
a85a67a160 image: Add an inline declaration of unmap_sysmem()
Add an empty inline declaration when compiling tools for a host where
unmap_sysmem() is not defined.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
2025-02-21 08:34:21 -06:00
Paul HENRYS
7771843786 rsa: Add rsa_verify_openssl() to use openssl for host builds
rsa_verify_openssl() is used in lib/rsa/rsa-verify.c to authenticate data
when building host tools.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
2025-02-21 08:34:21 -06:00
Simon Glass
6e628c221e tools: Fix pylint 3.3.4 errors
This newer pylint produces errors about variables possibly being used
before being set. Adjust the code to pass these checks.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Rini <trini@konsulko.com>
2025-02-21 08:24:37 -06:00
Tom Rini
8e233cca9d tools/patman: Don't call a non-existent suite
With a newer pylint we get a warning that gitutil.RunTests does not
exist, so remove the line.

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-21 08:24:33 -06:00
Tom Rini
a21f6efaf5 tools: binman: ti_board_cfg: Fix pylint error over 'br'
With a newer pylint, we get a warning that 'br' could be used before
assignment. Fix this by declaring br first as an empty bytearray.

Reviewed-by: Neha Malcom Francis <n-francis@ti.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-21 08:24:31 -06:00
Tom Rini
c128ec4647 binman: Switch to setuptools
With the distutils module having been removed with Python 3.12, switch
to using setuptools instead.

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-21 08:24:27 -06:00
Tom Rini
2fc363c700 dtoc: Switch to setuptools
With the distutils module having been removed with Python 3.12, switch
to using setuptools instead.

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-21 08:24:08 -06:00
Maks Mishin
320ba79911 tools: Fix potential null-deref with result of strtok_r
Return value of a function 'strtok_r' is dereferenced at kwbimage.c:1655
without checking for NULL, but it is usually checked for this function.

Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
2025-02-18 16:32:24 -06:00
Heinrich Schuchardt
50e8089c1d tools: use cryptographically safe RNG
The PRNG implementing the random() function only has 2^31 states and
therefore is unsafe to use for cryptography. Use arc4random() instead.

Fixes: cc34f04efd ("tools: image-host.c: use random instead of rand")
Addresses-Coverity-ID: 312953 Calling risky function
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2025-02-18 12:30:32 -06:00
Simon Glass
5c33fb0288 u_boot_pylib: Move gitutil into the library
Move this file into U-Boot's Python library, so that it is no-longer
part of patman.

This makes a start on:

https://source.denx.de/u-boot/custodians/u-boot-dm/-/issues/35

Signed-off-by: Simon Glass <sjg@chromium.org>
2025-02-17 11:17:55 -06:00
Tom Rini
8fe2c68c32 Merge patch series "Rework requirements.txt files"
Tom Rini <trini@konsulko.com> says:

A challenge we've run in to is making it easier for more people to use
various python tools that we include in the tree. Part of the problem is
that when we have a requirements.txt file, aside from the doc one we
share with the kernel, I created it using "pip freeze". And while this
might have been a best (or at least OK) practice at the time, that's no
longer the case and is why our files have so many things in them. What
this series does is create multiple files, one per project/tool and then
has CI install them as needed. There's a few places here where this
means that we update the requirements as well, but we keep a few big
things where they are currently. This is because updating them
introduces problems of their own and delaing with that would best be a
follow up series. I've put this through GitLab and Azure to make sure
everything is still going fine on both platforms.

Link: https://lore.kernel.org/r/20250205000743.949790-1-trini@konsulko.com
2025-02-14 17:11:37 -06:00
Tom Rini
fc9f3dd2e9 Dockerfile: Update for having more requirements.txt files
Now that we have more requirements.txt files we need to grab all of them
for creating our cache. Also, we do longer should install
python3-pyelftools on the host as it's not used.

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-14 17:11:35 -06:00
Tom Rini
859621b47f python: Recreate test/py and tools/buildman requirements.txt files
Use the "pipreqs" tool to re-create these files, with a few manual
corrections. We still need to include pytest-xdist which the tool does
not detect. We also for now don't upgrade most of the required tools as
that creates problems with various tests, which should be resolved
independently.

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-14 17:11:35 -06:00
Tom Rini
5818fcf32e python: Create requirements.txt files for each "project"
Rather than have a requirements.txt file that's shared between multiple
python projects within U-Boot, create one for each using "pipreqs".

Signed-off-by: Tom Rini <trini@konsulko.com>
2025-02-14 17:11:35 -06:00
Maks Mishin
4e18b47c73 tools: proftool: Fix potential memory leaks
Dynamic memory, referenced by 'line', is allocated by calling
function 'calloc' and lost when the function terminates with code -1.

Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
2025-02-11 08:17:23 -06:00
Maks Mishin
4545880c3c tools: ublimage: Fix memory leak in parse_cfg_file()
Dynamic memory, referenced by 'line', is allocated at ublimage.c:159
by calling function 'getline' and lost at ublimage.c:184.

Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
2025-02-11 08:17:22 -06:00
Anton Moryakov
25c03648e9 tools: fix NULL_AFTER_DEREF in image-host.c
Report of the static analyzer:
1. NULL_AFTER_DEREF Pointer 'str', which is dereferenced at
   image-host.c:688 by calling function 'strdup', is compared to a NULL
   value at image-host.c:691.
2. NULL_AFTER_DEREF Pointer 'list', which is dereferenced at
   image-host.c:689, is compared to a NULL value at image-host.c:691.

Corrections explained:
1. Checking for NULL before using pointers: The if (!list || !str) check
   is now performed before calling strdup and realloc, which prevents
   null pointer dereferences.
2. Checking the result of strdup: strdup can return NULL if memory
   allocation fails. This also needs to be checked.
3. Checking the result of realloc: If realloc returns NULL, then memory
   has not been allocated and dup must be freed to avoid memory leaks.

Triggers found by static analyzer Svace.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
2025-02-11 08:17:22 -06:00
Marek Vasut
7764d7d653 tools: mkenvimage: List -V parameter in help text
The -V version parameter is missing in the optional list of parameters
in help text. Add it.

Signed-off-by: Marek Vasut <marex@denx.de>
2025-02-10 10:27:01 -06:00
Simon Glass
5929c2f39f lib: Allow crc16 code to be dropped
This code is not necessarily needed in VPL, even if SPL uses it, so
adjust the rules to allow it to be dropped.

Do the same for the hash API.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2025-02-03 16:00:42 -06:00
Maks Mishin
f55fa90a95 tools: check result of lseek
Return value of function 'lseek', called at pblimage.c:211,
is not checked, but it is usually checked for this function.

This trigger was found using the Svace static analyzer.

Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2025-01-26 11:35:46 -06:00
Simon Glass
bd7883f346 buildman: Record an error if a toolchain is missing
Buildman has always treated the lack of a toolchain as an infrastructure
problem rather than a build failure.

However the logic for this is not correct, since it does not write a
'done' file in this case.

As a result, one of two things can happen.

1. If a previous build ran in the same (output) directory, the outcome
   of *that* build is recorded as the outcome of this one
2. Otherwise, no outcome is recorded

Obviously this inconsistency is not ideal. While (2) is rare, it can be
very confusing as the build sort-of fails but does not produce any
summary output with 'buildman -s'

Overall it seems better to attribute a toolchain issue to the boards
that it affects. This results in clear failures which can be examined,
no matter what happened in the .bm-work directory previously.

So write a 'done' file for each build when a toolchain is missing.

The end result of this patch is to make missing toolchains much more
obvious. It should be things a bit easier for novice users.

Signed-off-by: Simon Glass <sjg@chromium.org>
2025-01-25 16:27:24 -06:00
Simon Glass
dd7138dde7 buildman: Drop unused OUTPUT_FILE constant
This is not actually used but its presence suggests that it is the
filename for the board database. Drop it to avoid confusion.

Signed-off-by: Simon Glass <sjg@chromium.org>
2025-01-25 16:27:24 -06:00
Tom Rini
a3b71cc6f5 Merge patch series "upl: Prerequite patches for updated spec"
Simon Glass <sjg@chromium.org> says:

The current UPL spec[1] has been tidied up and improved over the last
year, since U-Boot's original UPL support was written.

This series includes some prerequisite patches needed for the real UPL
patches. It is split from [2]

[1] https://github.com/UniversalPayload/spec/tree/3f1450d
[2] https://patchwork.ozlabs.org/project/uboot/list/?series=438574&state=*

Link: https://lore.kernel.org/r/20250111000029.245022-1-sjg@chromium.org
2025-01-22 17:08:47 -06:00
Simon Glass
c83e71064e boot: Rename fit_image_get_data_and_size()
This function is really just getting the data. The size comes along for
the ride. In fact this function is only reliable way to obtain the data
for an image in a FIT, since the FIT may use external data.

Rename it to fit_image_get_data()

Signed-off-by: Simon Glass <sjg@chromium.org>
2025-01-22 15:58:04 -06:00
Simon Glass
dc39ce8d90 boot: Rename fit_image_get_data()
This function can only be used with FITs that use embedded data. Rename
it so this is clear.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2025-01-22 15:58:04 -06:00
Simon Glass
26001ee047 mkimage: Update map_to_sysmem() to match its prototype
Update the version of this function in mkimage so that it uses a const
pointer, as is done in the mapmem.h header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2025-01-22 15:58:03 -06:00
Tom Rini
639cd40998 Merge patch series "add the support of sha256_hmac and sha256_hkdf"
Philippe Reynes <philippe.reynes@softathome.com> says:

This serie adds the support of sha256_hmac and sha256_hkdf.
A first version was sent several months ago just before the
integration of mbedtls. This new version is based on mbedtls.

The first patch of this serie add the support of hkdf
using mbedtls.

Link: https://lore.kernel.org/r/20241219130554.49825-1-philippe.reynes@softathome.com
2025-01-18 17:13:01 -06:00
Philippe Reynes
ccc5e16683 lib: sha256: move common function to sha256_common.c
The function sha256_csum_wd is defined in lib/sha256.c
and in lib/mbedtls/sha256.c. To avoid duplicating this
function (and future function), we move this function
to the file lib/sha256_common.c

Reviewed-by: Raymond Mao <raymond.mao@linaro.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
2025-01-18 17:12:47 -06:00
Philippe Reynes
f88ccd32b5 tools: renesas_spkgimage.h: use linux/compiler_attributes.h
The attribute __packed was defined in the file
tools/renesas_spkgimage.h but this attribute is
already defined in linux/compiler_attributes.h.
So we include <linux/compiler_attributes.h.h>
and do not define __packed.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
2025-01-18 17:12:47 -06:00
Philippe Reynes
eec32a35d7 tools: kwbimage.h: use linux/compiler_attributes.h
The attribute __packed was defined in the file
tools/kwbimage.h but this attribute is already
defined in linux/compiler_attributes.h. So we
include <linux/compiler_attributes.h.h> and
do not define __packed.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
2025-01-18 17:12:47 -06:00
Tom Rini
a0defa4f35 qconfig.py: Update resync message
When using qconfig.py to resync defconfig files and commit the result,
update it to say:
Resync all defconfig files using qconfig.py

Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
2025-01-18 08:28:44 -06:00
Lothar Rubusch
e3b13ce84e doc: develop: Fix typos and wording in binman/binman.rst
Fix some typos and duplicate words in binman.rst.

Signed-off-by: Lothar Rubusch <l.rubusch@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2025-01-05 02:30:48 +01:00
Jerome Forissier
788b4609db trace: proftool: dump-ftrace should write funcgraph times in ns not us
When converting a U-Boot trace records file to ftrace function graph
format for use by trace-cmd ('proftool -f funcgraph dump-ftrace'), the
time associated to each function is incorrectly saved in microseconds
instead of nanoseconds. Multuply the value by 1000 to fix the issue.

With this change, the trace-cmd output looks consistent. Here is an
example with udelay(25) added to mem_malloc_init() as a test case:

 $ ./tools/proftool -m System.map -t /tmp/trace.bin -f funcgraph \
                    dump-ftrace -o /tmp/trace.dat
 $ trace-cmd report  /tmp/trace.dat >/tmp/trace.log
 $ vi /tmp/trace.log
 [...]
 u-boot-1     [000]     6.719659: funcgraph_entry:                   |    mem_malloc_init() {
 u-boot-1     [000]     6.719659: funcgraph_entry:                   |      udelay() {
 u-boot-1     [000]     6.719660: funcgraph_entry:                   |        schedule() {
 u-boot-1     [000]     6.719660: funcgraph_entry:                   |          cyclic_run() {
 u-boot-1     [000]     6.719660: funcgraph_entry:        1.000 us   |            cyclic_get_list();
 u-boot-1     [000]     6.719661: funcgraph_exit:         1.000 us   |            }
 u-boot-1     [000]     6.719661: funcgraph_exit:         1.000 us   |          }
 u-boot-1     [000]     6.719661: funcgraph_entry:                   |        __udelay() {
 u-boot-1     [000]     6.719662: funcgraph_entry:        0.000 us   |          usec_to_tick();
 u-boot-1     [000]     6.719687: funcgraph_exit:       + 26.000 us  |          }
 u-boot-1     [000]     6.719687: funcgraph_exit:       + 28.000 us  |        }
 u-boot-1     [000]     6.719687: funcgraph_entry:      # 37971.000 us |      memset();
 u-boot-1     [000]     6.757658: funcgraph_exit:       # 37999.000 us |      }
 u-boot-1     [000]     6.757658: funcgraph_exit:       # 38000.000 us |    }

In the above dump, the udelay() call is reported as taking 26 us which
is consistent with the timestamps (6.719687 - 6.719659 = 0.000026).
Without this patch we would have "0.026 us" instead of "+ 26.000 us".

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-12-31 19:00:37 -06:00
Tom Rini
5cfbf8c364 Merge tag 'v2025.01-rc5' into next
Prepare v2025.01-rc5
2024-12-25 22:31:04 -06:00
Tom Rini
b0f5ae8e5e docker: Update to latest "Jammy" tag
Bring us up to the current Ubuntu "Jammy" tag.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-21 12:27:46 -06:00
Tom Rini
9a87362962 docker: Prefer the kernelorg toolchains over "root"
We should always look in our downloaded toolchains first and then for
host-provided toolchains.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-21 12:27:46 -06:00
Tom Rini
a18235dd1a docker: Ensure we use the cross toolchain for aarch64 on arm64
We do not want to use the host toolchain for building our platforms in
CI (it is both too old, and would be inconsistent with our CI
practices). To do this we need to set the toolchain-prefix so that we
don't end up guessing "/opt/.../aarch64-linux-aarch64-linux-" as the
prefix.

Link: https://source.denx.de/u-boot/custodians/u-boot-dm/-/issues/32
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-21 12:27:46 -06:00
Tom Rini
e54796e61f docker: Use ${TCVER} more widely
Remove the rest of the places where we hard-code the version of the
toolchain we're using.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-21 12:27:46 -06:00
Tom Rini
12d7be498a Docker/CI: Only test Xtensa on amd64 hosts
The xtensa architecture is interesting in that the platforms we support
are only valid on the binary-only toolchains as the DC233C instruction
set requires those toolchains (and not the FSF instruction set). Only
install the binary toolchain on amd64 hosts and only run the tests on
them as well.

Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-21 12:27:46 -06:00
Tom Rini
9378307136 binman: Regenerate tools/binman/entries.rst
There have been a few changes to the areas that this file documents
without having regenerated the file. Do so now.

Signed-off-by: Tom Rini <trini@konsulko.com>
2024-12-19 10:19:57 -06:00
Paul HENRYS
e7d7d3307c tools: binman: etype: fit: Append DTB directory to the list of input directories
When specifying a directory containing DTBs with 'fit,fdt-list-dir', it can be
handy not to have to also specify this directory to the input directories of
binman with '-I' option and use the method tools.append_input_dirs() append it.
This avoids to have to specify the DTB directory in both the device tree
provided to binman and through '-I' option to binman.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-19 09:10:34 -06:00
Paul HENRYS
c7896b3e48 tools: u_boot_pylib: Allow to append input directories to indir
append_input_dirs() can be used to append a list of input directories to indir
global list.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-19 09:10:34 -06:00
Paul HENRYS
a4345b1934 tools: binman: etype: Allow to replace 'NAME' in node names
This change allows to replace both 'SEQ' and 'NAME' keywords by respectively a
sequence number and the name of the FDT to provide more flexibility in the node
name for the device trees included in the FIT.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-19 09:10:34 -06:00
Paul HENRYS
f5c1b12267 tools: binman: Pass a list of input directory to EnsureCompiled()
Input directories can be passed to binman using the '-I' option and those
input directories are now also passed to 'dtc' when run by binman.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2024-12-19 09:10:34 -06:00