| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
.imxcfg configuration files support few more commands, all starting
with "hab_encrypt" string. That way it is possible to easily ignore
these commands, when image encryption was not requested. Hence, we can
use single .imxcfg file to generate signed and encrypted images in the
same build.
Images are encrypted in place by Freescale Code Signing Tool (cst),
using Data Encryption Key (DEK). This key needs to be encapsulated
by processor's hardware encryption engine to produce DEK blob, which
is unique for each device. DEK blob needs to be part of CSF area,
so we make enough space on the end of image to simply append it later,
e.g. during device flash procedure.
Introduced code was developed and tested on NXP i.MX6UL platform.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
hab_blocks command is used to specify image authentication blocks for
HAB. Currently it was configured to authenticate full barebox
image. However in case of booting from SD card and adding MBR
partition table, HAB authentication fails, as final boot image is
modified.
Add an optional argument to hab_blocks command, to select between
3 types of authentication areas:
- full: whole barebox image will be authenticated (this is default to
keep compatibility),
- from-dcdofs: image area up to dcdofs is not authenticated, so any
changes up to dcdofs are possible,
- skip-mbr: image area from 440 to 512 bytes is excluded from beeing
authenticated, which allows to add / modify MBR partition table
after building barebox image.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Older versions of "cst" want to read the CSF from STDIN, while newer versions
want to read the CSF from a file. Sadly, the "-i" option doesn't understand
"-i -" to read from STDIN, so we give it "/dev/stdin" instead.
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Now that users can select the device type on the command line, having a
name without whitespace makes input for that device type easier.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some vendors fuse their devices so that the IMX USB ROM loader
identifies itself with a different Vendor and Product ID on USB
enumeration. Currently, imx-usb-loader will refuse to detect and work
with such devices, so let's teach it.
Because we cannot easily detect the device type from the USB ID in this
case, introduce the new command line parameter -d <type> to specify the
device type to use on the device path specified with -p <path>, even if
the VID/PID pair of that device is unknown. The device name is sourced
from the "name" field of the imx_ids array of known devices at the top
of the file. Using "-d list" will print a list of known device types.
Using -d without -p will not do anything useful, except generate a
warning.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
find_imx_dev() loops through all USB devices, tries to open them, and
then compares the chosen device path (given with -p on the command line)
to the path of the currently opened device. The device path can be
checked earlier, opening the device is not neccessary.
We fail early here because in the next commit we want to enable the user
to force using a device by specifying its path. Opening every single
device available on the system then leads to unnecessary error messages
for all devices that do not match the provided path.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Make its purpose more clear when we introduce other similar functions
in one of the next commits.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Boot header on i.MX8MQ SoC allows embedding signed HDMI firmware
images that are used by mask ROM code during the very early stages of
boot. Since providing that firmware appear to be necessary to enable
SoC's HDMI/DP functionality extend imx-image tool to support this
feature. To do that add code implementing "signed_hdmi_firmware"
keyword, which allows users to specify a path to a binary blob
containing all of the necessary headers and footers as well firmware
data and code sections (this is how such images are provieded by NXP)
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
Move i.MX header definitions from scripts to mach-imx in order to make
it available to both script and bootloader code.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1.x made some of the types opaque, so peeking inside directly
doesn't work anymore. Use the correct accessors instead.
I've dropped the algorithm check, as EVP_PKEY_get0_RSA() already verifies
that the pubkey is RSA and returns NULL if it isn't.
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
| |
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
Use a loop to create multiple header copies on i.MX35 to avoid code
duplication.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This allows to enable host tools even if they are not needed for the
current configuration to improve compile coverage and simplify packaging
these tools. The conversion doesn't cover all tools available but can be
extended later.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Given the following:
1. Assembly code, namely "b 0x1000" instruction, in bb_header[]
assumes that i.MX image header occupies first HEADER_LEN bytes and
bootloader executable is located right after.
2. Code in imx_image_size() assumes that i.MX image header is
HEADER_LEN bytes
3. Original code handling v2 header allocated more than HEADER_LEN
buffer to store IVT + boot data + DCD. However, the code writing
that buffer to disk is only set up to use first HEADER_LEN bytes
and to silently discard the rest as a side effect.
Let's be conservative and limit total size of v2 header to not exceed
Inital Load Region (4K or HEADER_LEN) to match what's being done for
v1.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Write_dcd() exits early in case of failure, so there's no realy reason
to have it return a error code as a result. Drop it and simplify the
caller code.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dump_long only prints the full words and does not print the unaligned
rest. This means that some bytes (and maybe actually the interesting
ones) may not be printed. Use dump_bytes instead which does not have
this problem.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Verifying the uploaded image fails when the length is not word aligned.
This is because read_memory reads full words, so the input length must
be word aligned. Align the length up to 4 bytes so that we do not pass
unaligned lengths to read_memory.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|/
|
|
|
|
|
|
| |
At least i.MX25 does not properly upload a non word aligned file length.
Align the uploaded length to word length to make sure the end of the
file is also transferred properly.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
| |
Reading the manual more carefully discovers a different logic for the
DCD 'check' command. They use the term "until". In order to get the
manual and the software in sync, this change switches to the term
"until" as well. Changing must happen at compiler and interpreter level
to make it work.
Signed-off-by: Juergen Borleis <jbe@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
| |
When doing memory read transfers there will always be 64 bytes
transferred, even when less bytes are requested. This is expected
and there is a test skipping the error message in this case. The
test is wrong though since cnt is not decremented and will never
be equal to rem. Fix the test so that verifying memory does
not give a bogus error message.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
| |
Same as other i.MX6 variants, just add the product id.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
| |
add_header_v2 might need a buffer that is bigger than HEADER_LEN
(0x1000) as MAX_DCD * sizeof(u32) (i.e. the maximal size of the dcd
table alone) is already 0x1000. Additionally add_header_v2 adds padding
(usually 0x400) and a struct imx_flash_header_v2 (48). So expand the
buffer size accordingly for v2.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by: Stefan Lengfeld <contact@stefanchrist.eu>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
... and use imx-usb-loader instead
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
This code was rewrtitten from mxs-usb-loader.
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
notify user about the reason why device was ignored by imx-usb-loader.
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
In some cases we need to work with more than one device attached
to one host. For this situation we need path filter to make sure
we talk with proper device.
Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DCD v2 check command supported by i.MX53 and later SoC polls a given
memory location as long as a given condition is true.
Enable imx-usb-loader to perform this check. When the timeout is hit,
imx-usb-loader returns an error. For practical reasons the timeout
computation will differ from the native implementation, since performing
check commands via USB will be much slower compared to native processing.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
| |
Signed-off-by Juergen Borleis <jbe@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Juergen Borleis <jbe@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Juergen Borleis <jbe@pengutronix.de>
|
|
|
|
| |
Signed-off-by: Juergen Borleis <jbe@pengutronix.de>
|
|
|
|
|
|
|
| |
Add the i.MX6SL USB id to the list of known ids.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
| |
For better readability sort the list of known USB ids by VID and PID.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
Needed in order to support Vybrid SoCs.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|/
|
|
|
|
|
|
| |
The DCD NOP command is available for all flash header v2 devices (i.MX28,
50, 53, 6 and 7).
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add imximg support for i.MX50 processors which use the i.MX flash
header v2 format.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Re-Implement the DCD v2 processing.
Processing for the DCD write command went into a separate function enabling
the over-all DCD processing to handle check, nop and unlock commands as well.
The trivial NOP command is supported right away.
Further changes: put in some data consistancy checks and error handling, do
structured member access and proper endianess handling and direct error
messages to stderr.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| | |
DCD v1 elements are encoded little endian.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| | |
Do some cleanup which enables DCDv1 16 bit write access as side effect.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
DCD check command is currently implemented for imximg v2 only.
This command may also be available for v1 as mentioned in IMX35RM as
DCD-address-type "wait/read", but due to the lack of further details
it will be not supported.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Only the first encountered DCD block should be processed, optional DCD
processing may be switched off by command option.
Clean up the corresponding logic.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|/
|
|
|
|
|
|
|
|
| |
In order to clear a bitmask, "Set" bit has to be '0' and "Mask" bit
'1'. Since "Set" is bit 4 and "Mask" is bit 3 this leaves us with a
overal or-mask of 1 << 3. Orginal code was doing the inverse and setting
bit #4 to '1' bit #3 to '0'.
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
|
| |
Improve code understandability: extract the "jump application" Serial
Download Protocol access method and file-to-buffer reader functionality
out of do_irom_download().
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
|
|
|
|
|
|
|
| |
Do some cleanup and access the elements of Serial Download Protocol
messages in endianess-portable manner using proper typed struct members.
Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|