Merge tag 'dm-pull-5aug23' of https://source.denx.de/u-boot/custodians/u-boot-dm
binman support for Xilinx signing
buildman minor fixes
diff --git a/common/event.c b/common/event.c
index 20720c5..3224e28 100644
--- a/common/event.c
+++ b/common/event.c
@@ -27,7 +27,7 @@
"test",
/* Events related to driver model */
- "dm_post_init",
+ "dm_post_init_f",
"dm_pre_probe",
"dm_post_probe",
"dm_pre_remove",
diff --git a/tools/binman/bintools.rst b/tools/binman/bintools.rst
index 20ee243..1336f4d 100644
--- a/tools/binman/bintools.rst
+++ b/tools/binman/bintools.rst
@@ -208,7 +208,7 @@
Bintool: bootgen: Sign ZynqMP FSBL image
----------------------------------------------
+----------------------------------------
This bintool supports running `bootgen` in order to sign a SPL for ZynqMP
devices.
diff --git a/tools/binman/btool/bootgen.py b/tools/binman/btool/bootgen.py
new file mode 100644
index 0000000..f2ca552
--- /dev/null
+++ b/tools/binman/btool/bootgen.py
@@ -0,0 +1,137 @@
+# SPDX-License-Identifier: GPL-2.0+
+# Copyright (C) 2023 Weidmüller Interface GmbH & Co. KG
+# Lukas Funke <lukas.funke@weidmueller.com>
+#
+"""Bintool implementation for bootgen
+
+bootgen allows creating bootable SPL for Zynq(MP)
+
+Documentation is available via:
+https://www.xilinx.com/support/documents/sw_manuals/xilinx2022_1/ug1283-bootgen-user-guide.pdf
+
+Source code is available at:
+https://github.com/Xilinx/bootgen
+
+"""
+
+from binman import bintool
+from u_boot_pylib import tools
+
+# pylint: disable=C0103
+class Bintoolbootgen(bintool.Bintool):
+ """Generate bootable fsbl image for zynq/zynqmp
+
+ This bintools supports running Xilinx "bootgen" in order
+ to generate a bootable, authenticated image form an SPL.
+
+ """
+ def __init__(self, name):
+ super().__init__(name, 'Xilinx Bootgen',
+ version_regex=r'^\*\*\*\*\*\* *Xilinx Bootgen *(.*)',
+ version_args='-help')
+
+ # pylint: disable=R0913
+ def sign(self, arch, spl_elf_fname, pmufw_elf_fname,
+ psk_fname, ssk_fname, fsbl_config, auth_params, keysrc_enc,
+ output_fname):
+ """Sign SPL elf file and bundle it with PMU firmware into an image
+
+ The method bundels the SPL together with a 'Platform Management Unit'
+ (PMU)[1] firmware into a single bootable image. The image in turn is
+ signed with the provided 'secondary secret key' (ssk), which in turn is
+ signed with the 'primary secret key' (psk). In order to verify the
+ authenticity of the ppk, it's hash has to be fused into the device
+ itself.
+
+ In Xilinx terms the SPL is usually called 'FSBL'
+ (First Stage Boot Loader). The jobs of the SPL and the FSBL are mostly
+ the same: load bitstream, bootstrap u-boot.
+
+ Args:
+ arch (str): Xilinx SoC architecture. Currently only 'zynqmp' is
+ supported.
+ spl_elf_fname (str): Filename of SPL ELF file. The filename must end
+ with '.elf' in order for bootgen to recognized it as an ELF
+ file. Otherwise the start address field is missinterpreted.
+ pmufw_elf_fname (str): Filename PMU ELF firmware.
+ psk_fname (str): Filename of the primary secret key (psk). The psk
+ is a .pem file which holds the RSA private key used for signing
+ the secondary secret key.
+ ssk_fname (str): Filename of the secondary secret key. The ssk
+ is a .pem file which holds the RSA private key used for signing
+ the actual boot firmware.
+ fsbl_config (str): FSBL config options. A string list of fsbl config
+ options. Valid values according to [2] are:
+ "bh_auth_enable": Boot Header Authentication Enable: RSA
+ authentication of the bootimage is done
+ excluding the verification of PPK hash and SPK ID. This is
+ useful for debugging before bricking a device.
+ "auth_only": Boot image is only RSA signed. FSBL should not be
+ decrypted. See the
+ Zynq UltraScale+ Device Technical Reference Manual (UG1085)
+ for more information.
+ There are more options which relate to PUF (physical unclonable
+ functions). Please refer to Xilinx manuals for further info.
+ auth_params (str): Authentication parameter. A semicolon separated
+ list of authentication parameters. Valid values according to [3]
+ are:
+ "ppk_select=<0|1>" - Select which ppk to use
+ "spk_id=<32-bit spk id>" - Specifies which SPK can be
+ used or revoked, default is 0x0
+ "spk_select=<spk-efuse/user-efuse>" - To differentiate spk and
+ user efuses.
+ "auth_header" - To authenticate headers when no partition
+ is authenticated.
+ keysrc_enc (str): This specifies the Key source for encryption.
+ Valid values according to [3] are:
+ "bbram_red_key" - RED key stored in BBRAM
+ "efuse_red_key" - RED key stored in eFUSE
+ "efuse_gry_key" - Grey (Obfuscated) Key stored in eFUSE.
+ "bh_gry_key" - Grey (Obfuscated) Key stored in boot header
+ "bh_blk_key" - Black Key stored in boot header
+ "efuse_blk_key" - Black Key stored in eFUSE
+ "kup_key" - User Key
+
+ output_fname (str): Filename where bootgen should write the result
+
+ Returns:
+ str: Bootgen output from stdout
+
+ [1] https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/18841724/PMU+Firmware
+ [2] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/fsbl_config
+ [3] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/auth_params
+ [4] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/keysrc_encryption
+ """
+
+ _fsbl_config = f"[fsbl_config] {fsbl_config}" if fsbl_config else ""
+ _auth_params = f"[auth_params] {auth_params}" if auth_params else ""
+ _keysrc_enc = f"[keysrc_encryption] {keysrc_enc}" if keysrc_enc else ""
+
+ bif_template = f"""u_boot_spl_aes_rsa: {{
+ [pskfile] {psk_fname}
+ [sskfile] {ssk_fname}
+ {_keysrc_enc}
+ {_fsbl_config}
+ {_auth_params}
+ [ bootloader,
+ authentication = rsa,
+ destination_cpu=a53-0] {spl_elf_fname}
+ [pmufw_image] {pmufw_elf_fname}
+ }}"""
+ args = ["-arch", arch]
+
+ bif_fname = tools.get_output_filename('bootgen-in.sign.bif')
+ tools.write_file(bif_fname, bif_template, False)
+ args += ["-image", bif_fname, '-w', '-o', output_fname]
+ return self.run_cmd(*args)
+
+ def fetch(self, method):
+ """Fetch bootgen from git"""
+ if method != bintool.FETCH_BUILD:
+ return None
+
+ result = self.build_from_git(
+ 'https://github.com/Xilinx/bootgen',
+ 'all',
+ 'bootgen')
+ return result
diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst
index f237693..e7dfe6b 100644
--- a/tools/binman/entries.rst
+++ b/tools/binman/entries.rst
@@ -2667,3 +2667,78 @@
+.. _etype_xilinx_bootgen:
+
+Entry: xilinx-bootgen: Signed SPL boot image for Xilinx ZynqMP devices
+----------------------------------------------------------------------
+
+Properties / Entry arguments:
+ - auth-params: (Optional) Authentication parameters passed to bootgen
+ - fsbl-config: (Optional) FSBL parameters passed to bootgen
+ - keysrc-enc: (Optional) Key source when using decryption engine
+ - pmufw-filename: Filename of PMU firmware. Default: pmu-firmware.elf
+ - psk-key-name-hint: Name of primary secret key to use for signing the
+ secondardy public key. Format: .pem file
+ - ssk-key-name-hint: Name of secondardy secret key to use for signing
+ the boot image. Format: .pem file
+
+The etype is used to create a boot image for Xilinx ZynqMP
+devices.
+
+Information for signed images:
+
+In AMD/Xilinx SoCs, two pairs of public and secret keys are used
+- primary and secondary. The function of the primary public/secret key pair
+is to authenticate the secondary public/secret key pair.
+The function of the secondary key is to sign/verify the boot image. [1]
+
+AMD/Xilinx uses the following terms for private/public keys [1]:
+
+ PSK = Primary Secret Key (Used to sign Secondary Public Key)
+ PPK = Primary Public Key (Used to verify Secondary Public Key)
+ SSK = Secondary Secret Key (Used to sign the boot image/partitions)
+ SPK = Used to verify the actual boot image
+
+The following example builds a signed boot image. The fuses of
+the primary public key (ppk) should be fused together with the RSA_EN flag.
+
+Example node::
+
+ spl {
+ filename = "boot.signed.bin";
+
+ xilinx-bootgen {
+ psk-key-name-hint = "psk0";
+ ssk-key-name-hint = "ssk0";
+ auth-params = "ppk_select=0", "spk_id=0x00000000";
+
+ u-boot-spl-nodtb {
+ };
+ u-boot-spl-pubkey-dtb {
+ algo = "sha384,rsa4096";
+ required = "conf";
+ key-name-hint = "dev";
+ };
+ };
+ };
+
+For testing purposes, e.g. if no RSA_EN should be fused, one could add
+the "bh_auth_enable" flag in the fsbl-config field. This will skip the
+verification of the ppk fuses and boot the image, even if ppk hash is
+invalid.
+
+Example node::
+
+ xilinx-bootgen {
+ psk-key-name-hint = "psk0";
+ psk-key-name-hint = "ssk0";
+ ...
+ fsbl-config = "bh_auth_enable";
+ ...
+ };
+
+[1] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/Using-Authentication
+
+
+
+
diff --git a/tools/binman/etype/xilinx_bootgen.py b/tools/binman/etype/xilinx_bootgen.py
new file mode 100644
index 0000000..70a4b2e
--- /dev/null
+++ b/tools/binman/etype/xilinx_bootgen.py
@@ -0,0 +1,225 @@
+# SPDX-License-Identifier: GPL-2.0+
+# Copyright (c) 2023 Weidmueller GmbH
+# Written by Lukas Funke <lukas.funke@weidmueller.com>
+#
+# Entry-type module for Zynq(MP) boot images (boot.bin)
+#
+
+import tempfile
+
+from collections import OrderedDict
+
+from binman import elf
+from binman.etype.section import Entry_section
+
+from dtoc import fdt_util
+
+from u_boot_pylib import tools
+from u_boot_pylib import command
+
+# pylint: disable=C0103
+class Entry_xilinx_bootgen(Entry_section):
+ """Signed SPL boot image for Xilinx ZynqMP devices
+
+ Properties / Entry arguments:
+ - auth-params: (Optional) Authentication parameters passed to bootgen
+ - fsbl-config: (Optional) FSBL parameters passed to bootgen
+ - keysrc-enc: (Optional) Key source when using decryption engine
+ - pmufw-filename: Filename of PMU firmware. Default: pmu-firmware.elf
+ - psk-key-name-hint: Name of primary secret key to use for signing the
+ secondardy public key. Format: .pem file
+ - ssk-key-name-hint: Name of secondardy secret key to use for signing
+ the boot image. Format: .pem file
+
+ The etype is used to create a boot image for Xilinx ZynqMP
+ devices.
+
+ Information for signed images:
+
+ In AMD/Xilinx SoCs, two pairs of public and secret keys are used
+ - primary and secondary. The function of the primary public/secret key pair
+ is to authenticate the secondary public/secret key pair.
+ The function of the secondary key is to sign/verify the boot image. [1]
+
+ AMD/Xilinx uses the following terms for private/public keys [1]:
+
+ PSK = Primary Secret Key (Used to sign Secondary Public Key)
+ PPK = Primary Public Key (Used to verify Secondary Public Key)
+ SSK = Secondary Secret Key (Used to sign the boot image/partitions)
+ SPK = Used to verify the actual boot image
+
+ The following example builds a signed boot image. The fuses of
+ the primary public key (ppk) should be fused together with the RSA_EN flag.
+
+ Example node::
+
+ spl {
+ filename = "boot.signed.bin";
+
+ xilinx-bootgen {
+ psk-key-name-hint = "psk0";
+ ssk-key-name-hint = "ssk0";
+ auth-params = "ppk_select=0", "spk_id=0x00000000";
+
+ u-boot-spl-nodtb {
+ };
+ u-boot-spl-pubkey-dtb {
+ algo = "sha384,rsa4096";
+ required = "conf";
+ key-name-hint = "dev";
+ };
+ };
+ };
+
+ For testing purposes, e.g. if no RSA_EN should be fused, one could add
+ the "bh_auth_enable" flag in the fsbl-config field. This will skip the
+ verification of the ppk fuses and boot the image, even if ppk hash is
+ invalid.
+
+ Example node::
+
+ xilinx-bootgen {
+ psk-key-name-hint = "psk0";
+ psk-key-name-hint = "ssk0";
+ ...
+ fsbl-config = "bh_auth_enable";
+ ...
+ };
+
+ [1] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/Using-Authentication
+
+ """
+ def __init__(self, section, etype, node):
+ super().__init__(section, etype, node)
+ self._auth_params = None
+ self._entries = OrderedDict()
+ self._filename = None
+ self._fsbl_config = None
+ self._keysrc_enc = None
+ self._pmufw_filename = None
+ self._psk_key_name_hint = None
+ self._ssk_key_name_hint = None
+ self.align_default = None
+ self.bootgen = None
+ self.required_props = ['pmufw-filename',
+ 'psk-key-name-hint',
+ 'ssk-key-name-hint']
+
+ def ReadNode(self):
+ """Read properties from the xilinx-bootgen node"""
+ super().ReadNode()
+ self._auth_params = fdt_util.GetStringList(self._node,
+ 'auth-params')
+ self._filename = fdt_util.GetString(self._node, 'filename')
+ self._fsbl_config = fdt_util.GetStringList(self._node,
+ 'fsbl-config')
+ self._keysrc_enc = fdt_util.GetString(self._node,
+ 'keysrc-enc')
+ self._pmufw_filename = fdt_util.GetString(self._node, 'pmufw-filename')
+ self._psk_key_name_hint = fdt_util.GetString(self._node,
+ 'psk-key-name-hint')
+ self._ssk_key_name_hint = fdt_util.GetString(self._node,
+ 'ssk-key-name-hint')
+ self.ReadEntries()
+
+ @classmethod
+ def _ToElf(cls, data, output_fname):
+ """Convert SPL object file to bootable ELF file
+
+ Args:
+ data (bytearray): u-boot-spl-nodtb + u-boot-spl-pubkey-dtb obj file
+ data
+ output_fname (str): Filename of converted FSBL ELF file
+ """
+ platform_elfflags = {"aarch64":
+ ["-B", "aarch64", "-O", "elf64-littleaarch64"],
+ # amd64 support makes no sense for the target
+ # platform, but we include it here to enable
+ # testing on hosts
+ "x86_64":
+ ["-B", "i386", "-O", "elf64-x86-64"]
+ }
+
+ gcc, args = tools.get_target_compile_tool('cc')
+ args += ['-dumpmachine']
+ stdout = command.output(gcc, *args)
+ # split target machine triplet (arch, vendor, os)
+ arch, _, _ = stdout.split('-')
+
+ spl_elf = elf.DecodeElf(tools.read_file(
+ tools.get_input_filename('spl/u-boot-spl')), 0)
+
+ # Obj file to swap data and text section (rename-section)
+ with tempfile.NamedTemporaryFile(prefix="u-boot-spl-pubkey-",
+ suffix=".o.tmp",
+ dir=tools.get_output_dir())\
+ as tmp_obj:
+ input_objcopy_fname = tmp_obj.name
+ # Align packed content to 4 byte boundary
+ pad = bytearray(tools.align(len(data), 4) - len(data))
+ tools.write_file(input_objcopy_fname, data + pad)
+ # Final output elf file which contains a valid start address
+ with tempfile.NamedTemporaryFile(prefix="u-boot-spl-pubkey-elf-",
+ suffix=".o.tmp",
+ dir=tools.get_output_dir())\
+ as tmp_elf_obj:
+ input_ld_fname = tmp_elf_obj.name
+ objcopy, args = tools.get_target_compile_tool('objcopy')
+ args += ["--rename-section", ".data=.text",
+ "-I", "binary"]
+ args += platform_elfflags[arch]
+ args += [input_objcopy_fname, input_ld_fname]
+ command.run(objcopy, *args)
+
+ ld, args = tools.get_target_compile_tool('ld')
+ args += [input_ld_fname, '-o', output_fname,
+ "--defsym", f"_start={hex(spl_elf.entry)}",
+ "-Ttext", hex(spl_elf.entry)]
+ command.run(ld, *args)
+
+ def BuildSectionData(self, required):
+ """Pack node content, and create bootable, signed ZynqMP boot image
+
+ The method collects the content of this node (usually SPL + dtb) and
+ converts them to an ELF file. The ELF file is passed to the
+ Xilinx bootgen tool which packs the SPL ELF file together with
+ Platform Management Unit (PMU) firmware into a bootable image
+ for ZynqMP devices. The image is signed within this step.
+
+ The result is a bootable, signed SPL image for Xilinx ZynqMP devices.
+ """
+ data = super().BuildSectionData(required)
+ bootbin_fname = self._filename if self._filename else \
+ tools.get_output_filename(
+ f'boot.{self.GetUniqueName()}.bin')
+
+ pmufw_elf_fname = tools.get_input_filename(self._pmufw_filename)
+ psk_fname = tools.get_input_filename(self._psk_key_name_hint + ".pem")
+ ssk_fname = tools.get_input_filename(self._ssk_key_name_hint + ".pem")
+ fsbl_config = ";".join(self._fsbl_config) if self._fsbl_config else None
+ auth_params = ";".join(self._auth_params) if self._auth_params else None
+
+ spl_elf_fname = tools.get_output_filename('u-boot-spl-pubkey.dtb.elf')
+
+ # We need to convert to node content (see above) into an ELF
+ # file in order to be processed by bootgen.
+ self._ToElf(bytearray(data), spl_elf_fname)
+
+ # Call Bootgen in order to sign the SPL
+ if self.bootgen.sign('zynqmp', spl_elf_fname, pmufw_elf_fname,
+ psk_fname, ssk_fname, fsbl_config,
+ auth_params, self._keysrc_enc, bootbin_fname) is None:
+ # Bintool is missing; just use empty data as the output
+ self.record_missing_bintool(self.bootgen)
+ data = tools.get_bytes(0, 1024)
+ else:
+ data = tools.read_file(bootbin_fname)
+
+ self.SetContents(data)
+
+ return data
+
+ # pylint: disable=C0116
+ def AddBintools(self, btools):
+ super().AddBintools(btools)
+ self.bootgen = self.AddBintool(btools, 'bootgen')
diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py
index 36428ec..1293e9d 100644
--- a/tools/binman/ftest.py
+++ b/tools/binman/ftest.py
@@ -6974,7 +6974,7 @@
entry_args = {
'atf-bl31-path': 'bl31.elf',
}
- data = self._DoReadFileDtb('291_template_phandle.dts',
+ data = self._DoReadFileDtb('309_template_phandle.dts',
entry_args=entry_args)
fname = tools.get_output_filename('image.bin')
out = tools.run('dumpimage', '-l', fname)
@@ -6990,7 +6990,7 @@
'atf-bl31-path': 'bl31.elf',
}
with self.assertRaises(ValueError) as e:
- self._DoReadFileDtb('292_template_phandle_dup.dts',
+ self._DoReadFileDtb('310_template_phandle_dup.dts',
entry_args=entry_args)
self.assertIn(
'Duplicate phandle 1 in nodes /binman/image/fit/images/atf/atf-bl31 and /binman/image-2/fit/images/atf/atf-bl31',
@@ -7139,5 +7139,82 @@
self.assertEqual(fdt_util.GetString(key_node, "key-name-hint"),
"key")
+ def testXilinxBootgenSigning(self):
+ """Test xilinx-bootgen etype"""
+ bootgen = bintool.Bintool.create('bootgen')
+ self._CheckBintool(bootgen)
+ data = tools.read_file(self.TestFile("key.key"))
+ self._MakeInputFile("psk.pem", data)
+ self._MakeInputFile("ssk.pem", data)
+ self._SetupPmuFwlElf()
+ self._SetupSplElf()
+ self._DoReadFileRealDtb('307_xilinx_bootgen_sign.dts')
+ image_fname = tools.get_output_filename('image.bin')
+
+ # Read partition header table and check if authentication is enabled
+ bootgen_out = bootgen.run_cmd("-arch", "zynqmp",
+ "-read", image_fname, "pht").splitlines()
+ attributes = {"authentication": None,
+ "core": None,
+ "encryption": None}
+
+ for l in bootgen_out:
+ for a in attributes.keys():
+ if a in l:
+ m = re.match(fr".*{a} \[([^]]+)\]", l)
+ attributes[a] = m.group(1)
+
+ self.assertTrue(attributes['authentication'] == "rsa")
+ self.assertTrue(attributes['core'] == "a53-0")
+ self.assertTrue(attributes['encryption'] == "no")
+
+ def testXilinxBootgenSigningEncryption(self):
+ """Test xilinx-bootgen etype"""
+ bootgen = bintool.Bintool.create('bootgen')
+ self._CheckBintool(bootgen)
+ data = tools.read_file(self.TestFile("key.key"))
+ self._MakeInputFile("psk.pem", data)
+ self._MakeInputFile("ssk.pem", data)
+ self._SetupPmuFwlElf()
+ self._SetupSplElf()
+ self._DoReadFileRealDtb('308_xilinx_bootgen_sign_enc.dts')
+ image_fname = tools.get_output_filename('image.bin')
+
+ # Read boot header in order to verify encryption source and
+ # encryption parameter
+ bootgen_out = bootgen.run_cmd("-arch", "zynqmp",
+ "-read", image_fname, "bh").splitlines()
+ attributes = {"auth_only":
+ {"re": r".*auth_only \[([^]]+)\]", "value": None},
+ "encryption_keystore":
+ {"re": r" *encryption_keystore \(0x28\) : (.*)",
+ "value": None},
+ }
+
+ for l in bootgen_out:
+ for a in attributes.keys():
+ if a in l:
+ m = re.match(attributes[a]['re'], l)
+ attributes[a] = m.group(1)
+
+ # Check if fsbl-attribute is set correctly
+ self.assertTrue(attributes['auth_only'] == "true")
+ # Check if key is stored in efuse
+ self.assertTrue(attributes['encryption_keystore'] == "0xa5c3c5a3")
+
+ def testXilinxBootgenMissing(self):
+ """Test that binman still produces an image if bootgen is missing"""
+ data = tools.read_file(self.TestFile("key.key"))
+ self._MakeInputFile("psk.pem", data)
+ self._MakeInputFile("ssk.pem", data)
+ self._SetupPmuFwlElf()
+ self._SetupSplElf()
+ with test_util.capture_sys_output() as (_, stderr):
+ self._DoTestFile('307_xilinx_bootgen_sign.dts',
+ force_missing_bintools='bootgen')
+ err = stderr.getvalue()
+ self.assertRegex(err,
+ "Image 'image'.*missing bintools.*: bootgen")
+
if __name__ == "__main__":
unittest.main()
diff --git a/tools/binman/test/307_xilinx_bootgen_sign.dts b/tools/binman/test/307_xilinx_bootgen_sign.dts
new file mode 100644
index 0000000..02acf86
--- /dev/null
+++ b/tools/binman/test/307_xilinx_bootgen_sign.dts
@@ -0,0 +1,22 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/dts-v1/;
+
+/ {
+ #address-cells = <1>;
+ #size-cells = <1>;
+
+ binman {
+ xilinx-bootgen {
+ auth-params = "ppk_select=0", "spk_id=0x00000000";
+ pmufw-filename = "pmu-firmware.elf";
+ psk-key-name-hint = "psk";
+ ssk-key-name-hint = "ssk";
+
+ u-boot-spl-nodtb {
+ };
+ u-boot-spl-dtb {
+ };
+ };
+ };
+};
diff --git a/tools/binman/test/308_xilinx_bootgen_sign_enc.dts b/tools/binman/test/308_xilinx_bootgen_sign_enc.dts
new file mode 100644
index 0000000..5d7ce4c
--- /dev/null
+++ b/tools/binman/test/308_xilinx_bootgen_sign_enc.dts
@@ -0,0 +1,24 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/dts-v1/;
+
+/ {
+ #address-cells = <1>;
+ #size-cells = <1>;
+
+ binman {
+ xilinx-bootgen {
+ auth-params = "ppk_select=0", "spk_id=0x00000000";
+ fsbl-config = "auth_only";
+ keysrc-enc = "efuse_red_key";
+ pmufw-filename = "pmu-firmware.elf";
+ psk-key-name-hint = "psk";
+ ssk-key-name-hint = "ssk";
+
+ u-boot-spl-nodtb {
+ };
+ u-boot-spl-dtb {
+ };
+ };
+ };
+};
diff --git a/tools/binman/test/291_template_phandle.dts b/tools/binman/test/309_template_phandle.dts
similarity index 100%
rename from tools/binman/test/291_template_phandle.dts
rename to tools/binman/test/309_template_phandle.dts
diff --git a/tools/binman/test/292_template_phandle_dup.dts b/tools/binman/test/310_template_phandle_dup.dts
similarity index 100%
rename from tools/binman/test/292_template_phandle_dup.dts
rename to tools/binman/test/310_template_phandle_dup.dts
diff --git a/tools/buildman/boards.py b/tools/buildman/boards.py
index 83adbf1..eef3f19 100644
--- a/tools/buildman/boards.py
+++ b/tools/buildman/boards.py
@@ -377,16 +377,9 @@
Args:
linenum (int): Current line number
"""
- added = False
if targets:
for target in targets:
self.database[target] = (status, maintainers)
- added = True
- if not added and (status != '-' and maintainers):
- leaf = fname[len(srcdir) + 1:]
- if leaf != 'MAINTAINERS':
- self.warnings.append(
- f'WARNING: orphaned defconfig in {leaf} ending at line {linenum + 1}')
targets = []
maintainers = []
diff --git a/tools/buildman/control.py b/tools/buildman/control.py
index 5c57200..f2ffb7f 100644
--- a/tools/buildman/control.py
+++ b/tools/buildman/control.py
@@ -610,6 +610,9 @@
toolchains = get_toolchains(toolchains, col, args.override_toolchain,
args.fetch_arch, args.list_tool_chains,
args.verbose)
+ if isinstance(toolchains, int):
+ return toolchains
+
output_dir = setup_output_dir(
args.output_dir, args.work_in_output, args.branch,
args.no_subdirs, col, clean_dir)
diff --git a/tools/buildman/func_test.py b/tools/buildman/func_test.py
index 3115700..55dd494 100644
--- a/tools/buildman/func_test.py
+++ b/tools/buildman/func_test.py
@@ -926,10 +926,7 @@
tools.write_file(main, data, binary=False)
params_list, warnings = self._boards.build_board_list(config_dir, src)
self.assertEquals(2, len(params_list))
- self.assertEquals(
- ["WARNING: no maintainers for 'board0'",
- 'WARNING: orphaned defconfig in boards/board0/MAINTAINERS ending at line 4',
- ], warnings)
+ self.assertEquals(["WARNING: no maintainers for 'board0'"], warnings)
# Mark a board as orphaned - this should give a warning
lines = ['S: Orphaned' if line.startswith('S') else line
@@ -969,9 +966,7 @@
tools.write_file(main, both_data + extra, binary=False)
params_list, warnings = self._boards.build_board_list(config_dir, src)
self.assertEquals(2, len(params_list))
- self.assertEquals(
- ['WARNING: orphaned defconfig in boards/board0/MAINTAINERS ending at line 16'],
- warnings)
+ self.assertFalse(warnings)
# Add another TARGET to the Kconfig
tools.write_file(main, both_data, binary=False)