| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default systemd generates a machine id on first boot and tries to
persist it (see `man machine-id`). When the root file system is read-only
systemd cannot persist the machine id. In case multiple redundant slots
are used the machine id will vary. When not handled explicitly the
machine id will also change during system updates.
It is possible to pass a machine id to the kernel which will be used by
systemd (systemd.machine_id=).
If global.bootm.provide_machine_id (or nv.bootm.provide_machine_id) is
true then provide the machine id from global.machine_id as
systemd.machine_id= parameter to the Kernel.
Note that global.machine_id must be set, either by the
machine_id_set_bootarg late init call or by setting it manually with
nv.machine_id if necessary.
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
When a tee_res has been acquired it must be released when bootm returns
(for dryrun)
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds initial support for OP-TEE, see https://www.op-tee.org/
barebox starts in secure mode as usual. When booting a kernel
the bootm code also loads the optee_os binary. Instead of jumping
into the kernel barebox jumps into the optee_os binary and puts
the kernel execution address into the lr register. OP-TEE then
jumps into the kernel in nonsecure mode.
The optee_os binary is passed with the -t option to bootm or
with global.bootm.tee.
Optionally OP-TEE can be compiled into barebox using the builtin firmware
feature. Enable the Kconfig option and place or link your tee binary as
optee.bin into the firmware directory.
The amount of SDRAM which is kept free for OP-TEE is configurable.
This patch was tested on a i.MX6 Nitrogen6x board.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
| |
When opening the OS image fails we used to print a message *which* file
could not be opened. This message is no longer printed since we now fail
in read_file_2 when there is an error. Move the message in the
read_file_2 failure path to print it again. file_detect_type() needs no
handling for ret < 0, in case of failure it returns filetype_unknown
which is handled later, so we can remove the error handling there.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is not always desired to get the devicetree from image data and load
it to a SDRAM region at the same time. Sometimes it's enough to just
load it to an allocated address (in case the user has no constraints
where the devicetree should be placed.
This patch splits bootm_load_devicetree into bootm_get_devicetree which
returns a pointer to the allocated devicetree and bootm_load_devicetree
which loads the devicetree to a specified region.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
It's no longer necessary to store the devicetree pointer in struct
image_data, it can be replaced with a local variable.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
The bootm code needs to read the beginning of the OS image in order to
determine the filetype. If it does so already, then we can provide the
handlers the buffer. This can help the handlers to find some image
metadata before loading the full image.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The images in FIT images can be opened in two different ways. They
can be either opened directly based on their names in the images/
node or as part of a configuration based on their names in the
corresponding /configuration/ node.
So far we only supported the latter. To prepare supporting the former
we return a cookie belonging to the configuration from
fit_open_configuration() which we use in fit_open_image() to refer
to the desired configuration.
While at it document fit_open_configuration().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
| |
When calling fit_open_configuration the FIT code already opens
the images "kernel", "ramdisk" and "dtb". This does not fit well
into the FIT code, so make the bootm code independent of these
pre-opened images so that we can drop the opening from the FIT
code in the next step.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
Currently only fit_open() is exported which only opens the predefined
images "kernel", "dtb" and "ramdisk". To make the FIT code more usable
for other code which may want to open other images export
fit_open_configuration() and fit_open_image().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From 24e24f9998342b23cd8de4145c8098f93c60cdc7 Mon Sep 17 00:00:00 2001
From: Clement Leger <clement.leger@kalray.eu>
Date: Thu, 14 Dec 2017 13:29:50 +0100
Subject: [PATCH] Bootm: fix double uimage_close
When uimage crc fails, the error handling path call uimage_close in
bootm_open_os_uimage and also in bootm_boot. This leads to crash/exception.
Keep the main error handling path in bootm_boot and remove uimage_close from
bootm_open_os_uimage to avoid double uimage_close.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
| |
If the verification of an initrd inside of an uImage fails an error message is
printed but the error is not propagated. Although this is not security
relevant, as the verification is currently only a CRC32 check, the error should
be returned. This patch fixes the problem.
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
This reverts commit 1b4a05c9263ae26083526acfabdea1ef96531a1d.
|
|
|
|
|
|
|
|
|
| |
Similar to the device parameter functions also make the globalvar
functions more consistent. This also adds support for readonly
globalvars and changes several existing globalvars which should
really be readonly to readonly.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Enrico Jorns <ejo@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
Of_unflatten_dtb returns a ERR_PTR value so checking it against NULL is
incorrect. Fix it in all of the places where this was happening.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
The majority of the stuff currently in include/boot.h is about bootm
code implemented common/bootm.c. To be more consistent move it to a
new file include/bootm.h.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
When the bootm code is not called directly by the bootm command it is
useful to control the verbosity with a globalvar. This introduces
global.bootm.verbose for this.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
Now that the bootm code can be used without the command, we have to
move the magicvar descriptions from the command code to the common
bootm code aswell.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
The verify "available" mode checks whatever is available in the
booted image, so when an image has a signature, it is checked and
must be correct and when an image is hashed, it is also checked
for correctness.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
When CONFIG_BOOTM_FORCE_SIGNED_IMAGES is enabled bootm_verify_mode
shall be forced to "signature", so set bootm_verify_mode to this
value during startup. Otherwise it shows up as "<NULL>" in devinfo.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
bootm has a C API, so the bootm options have to depend on the
option providing the bootm code (CONFIG_BOOTM), not on the
option providing the command (CONFIG_CMD_BOOTM). Fixing the
dependencies makes it possible to fully use bootm from C without
enabling the bootm command support.
This also removes the CMD_ prefix from the options which means
we have to update the defconfigs aswell.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
It becomes a common case that the Kernel is loaded from the filesystem
which later becomes the rootfs. This adds a possibility to let bootm
automatically append the root= option to the kernel command line. This
is done when global.bootm.appendroot is true.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes:
0a37e22d (bootm: use names instead of numbers for image parts)
This commit switches to strings for the image numbers for better FIT
image support (which uses names instead of numbers). These strings
may be NULL when no image number is given. They are used uninitialzed
in several places. Introduce a wrapper function to convert the string
into a number. Check for NULL here in which case we return 0 which
is the correct value.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
It seems like there is a memory leak in an error path of
bootm_open_oftree_uimage() where the memory allocated for the fdt is not
released again.
Signed-off-by: Harald Welte <laforge@gnumonks.org>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
The code parsing the oftree and initrd file names is clearly wrong,
leading to bootm not loading oftree or initrd files any more.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
This message was dropped when reorganizing the DT loading code,
and it's really confusing to miss this.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
printf now supports printing resource_size_t directly, convert
all users of the previously used PRINTF_CONVERSION_RESOURCE over
to %pa.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With CONFIG_BOOTM_FORCE_SIGNED_IMAGES the bootm code will refuse to boot
unsigned images. Since currently FIT is the only image type which
supports signing, this means with this option we enforce using FIT
images. All additionally passed in device trees and initrds will be
ignored, so that only the ones from the FIT image can be used.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This implementation is inspired by U-Boot's FIT support. Instead of
using libfdt (which does not exist in barebox), configuration signatures
are verified by using a simplified DT parser based on barebox's own
code.
Currently, only signed configurations with hashed images are supported,
as the other variants are less useful for verified boot. Compatible FIT
images can be created using U-Boot's mkimage tool.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
So long struct bootm_data.verify is a bool which enables CRC checking
(hashing). Extend this to a enum and add support for signature checking
in the same option. This also adds the corresponding globalvar and a
-s option to bootm.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Both the bootm and the boot code initialize the struct bootm_data
with defaults from the bootm global variables. Create a common
function for doing this.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| | |
The device tree code is distributed in several places in the bootm code.
Move it all together in bootm_load_devicetree().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| | |
The initrd code is distributed in several places in the bootm code.
Move it all together in bootm_load_initrd().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| | |
We can make the dryrun option more useful by calling into the handlers.
With this we can detect more cases that can go wrong during boot.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The uImage format uses numbers for to identify the different
parts of a image, but the FIT image format uses names. To better
integrate the FIT image format into bootm always use names and
convert them to numbers when necessary.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
ARM do_bootm_linux is not only called with uImages but also with
raw images, so we can't use uimage_get_size() here. Introduce
bootm_get_os_size() which handles the different image types.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|/
|
|
|
|
|
| |
uimage_close() is called on bootm cleanup, so do not close it
in the failure path in bootm_open_os_uimage().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
| |
Using a multi uimage stored in nand didn't work. Only one open for the
bb file is allowed. The file type detection after bootm_open_os_uimage
will fail. bootm_open_initrd_uimage and bootm_open_oftree_uimage already
check if they can reuse data->os.
Signed-off-by: Jan Remmet <j.remmet@phytec.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
Separate oftree file and uimage oftree handling.
Make fie_type checks in bootm_boot
Signed-off-by: Jan Remmet <j.remmet@phytec.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
| |
We have our file helper functions in several places. Move them
all to lib/libfile.c.
With this we no longer have file helpers in fs/fs.c which contains
the core fs functions and no functions in lib/libbb.c which are
not from busybox.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
* fix indentation of options in 'help bootm'
* add missing help for -m
* put some output into debug/verbose mode
Signed-off-by: Holger Schurig <holgerschurig@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Holger Schurig <holgerschurig@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
I assume I am the only person knowing that barebox is able to
merge devicetrees. This feature seems broken for a while now since
trying to merge devicetress results in:
unflatten: too many end nodes
Remove this feature to save the complexity.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
We check whether the file passed as devicetree actually is a devicetree,
but we missed to return an error if it's not. Fix this.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
Make the bootm handlers simpler by factoring out an initrd load
function.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|