blob: 254afe7607472d8ba1650f7517c4c43ebf09ce0f [file] [log] [blame]
Binman Entry Documentation
==========================
This file describes the entry types supported by binman. These entry types can
be placed in an image one by one to build up a final firmware image. It is
fairly easy to create new entry types. Just add a new file to the 'etype'
directory. You can use the existing entries as examples.
Note that some entries are subclasses of others, using and extending their
features to produce new behaviours.
.. _etype_atf_bl31:
Entry: atf-bl31: ARM Trusted Firmware (ATF) BL31 blob
-----------------------------------------------------
Properties / Entry arguments:
- atf-bl31-path: Filename of file to read into entry. This is typically
called bl31.bin or bl31.elf
This entry holds the run-time firmware, typically started by U-Boot SPL.
See the U-Boot README for your architecture or board for how to use it. See
https://github.com/ARM-software/arm-trusted-firmware for more information
about ATF.
.. _etype_atf_fip:
Entry: atf-fip: ARM Trusted Firmware's Firmware Image Package (FIP)
-------------------------------------------------------------------
A FIP_ provides a way to group binaries in a firmware image, used by ARM's
Trusted Firmware A (TF-A) code. It is a simple format consisting of a
table of contents with information about the type, offset and size of the
binaries in the FIP. It is quite similar to FMAP, with the major difference
that it uses UUIDs to indicate the type of each entry.
Note: It is recommended to always add an fdtmap to every image, as well as
any FIPs so that binman and other tools can access the entire image
correctly.
The UUIDs correspond to useful names in `fiptool`, provided by ATF to
operate on FIPs. Binman uses these names to make it easier to understand
what is going on, although it is possible to provide a UUID if needed.
The contents of the FIP are defined by subnodes of the atf-fip entry, e.g.::
atf-fip {
soc-fw {
filename = "bl31.bin";
};
scp-fwu-cfg {
filename = "bl2u.bin";
};
u-boot {
fip-type = "nt-fw";
};
};
This describes a FIP with three entries: soc-fw, scp-fwu-cfg and nt-fw.
You can use normal (non-external) binaries like U-Boot simply by adding a
FIP type, with the `fip-type` property, as above.
Since FIP exists to bring blobs together, Binman assumes that all FIP
entries are external binaries. If a binary may not exist, you can use the
`--allow-missing` flag to Binman, in which case the image is still created,
even though it will not actually work.
The size of the FIP depends on the size of the binaries. There is currently
no way to specify a fixed size. If the `atf-fip` node has a `size` entry,
this affects the space taken up by the `atf-fip` entry, but the FIP itself
does not expand to use that space.
Some other FIP features are available with Binman. The header and the
entries have 64-bit flag works. The flag flags do not seem to be defined
anywhere, but you can use `fip-hdr-flags` and fip-flags` to set the values
of the header and entries respectively.
FIP entries can be aligned to a particular power-of-two boundary. Use
fip-align for this.
Binman only understands the entry types that are included in its
implementation. It is possible to specify a 16-byte UUID instead, using the
fip-uuid property. In this case Binman doesn't know what its type is, so
just uses the UUID. See the `u-boot` node in this example::
binman {
atf-fip {
fip-hdr-flags = /bits/ 64 <0x123>;
fip-align = <16>;
soc-fw {
fip-flags = /bits/ 64 <0x456>;
filename = "bl31.bin";
};
scp-fwu-cfg {
filename = "bl2u.bin";
};
u-boot {
fip-uuid = [fc 65 13 92 4a 5b 11 ec
94 35 ff 2d 1c fc 79 9c];
};
};
fdtmap {
};
};
Binman allows reading and updating FIP entries after the image is created,
provided that an FDPMAP is present too. Updates which change the size of a
FIP entry will cause it to be expanded or contracted as needed.
Properties for top-level atf-fip node
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fip-hdr-flags (64 bits)
Sets the flags for the FIP header.
Properties for subnodes
~~~~~~~~~~~~~~~~~~~~~~~
fip-type (str)
FIP type to use for this entry. This is needed if the entry
name is not a valid type. Value types are defined in `fip_util.py`.
The FIP type defines the UUID that is used (they map 1:1).
fip-uuid (16 bytes)
If there is no FIP-type name defined, or it is not supported by Binman,
this property sets the UUID. It should be a 16-byte value, following the
hex digits of the UUID.
fip-flags (64 bits)
Set the flags for a FIP entry. Use in one of the subnodes of the
7atf-fip entry.
fip-align
Set the alignment for a FIP entry, FIP entries can be aligned to a
particular power-of-two boundary. The default is 1.
Adding new FIP-entry types
~~~~~~~~~~~~~~~~~~~~~~~~~~
When new FIP entries are defined by TF-A they appear in the
`TF-A source tree`_. You can use `fip_util.py` to update Binman to support
new types, then `send a patch`_ to the U-Boot mailing list. There are two
source files that the tool examples:
- `include/tools_share/firmware_image_package.h` has the UUIDs
- `tools/fiptool/tbbr_config.c` has the name and descripion for each UUID
To run the tool::
$ tools/binman/fip_util.py -s /path/to/arm-trusted-firmware
Warning: UUID 'UUID_NON_TRUSTED_WORLD_KEY_CERT' is not mentioned in tbbr_config.c file
Existing code in 'tools/binman/fip_util.py' is up-to-date
If it shows there is an update, it writes a new version of `fip_util.py`
to `fip_util.py.out`. You can change the output file using the `-i` flag.
If you have a problem, use `-D` to enable traceback debugging.
FIP commentary
~~~~~~~~~~~~~~
As a side effect of use of UUIDs, FIP does not support multiple
entries of the same type, such as might be used to store fonts or graphics
icons, for example. For verified boot it could be used for each part of the
image (e.g. separate FIPs for A and B) but cannot describe the whole
firmware image. As with FMAP there is no hierarchy defined, although FMAP
works around this by having 'section' areas which encompass others. A
similar workaround would be possible with FIP but is not currently defined.
It is recommended to always add an fdtmap to every image, as well as any
FIPs so that binman and other tools can access the entire image correctly.
.. _FIP: https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#firmware-image-package-fip
.. _`TF-A source tree`: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
.. _`send a patch`: https://www.denx.de/wiki/U-Boot/Patches
.. _etype_blob:
Entry: blob: Arbitrary binary blob
----------------------------------
Note: This should not be used by itself. It is normally used as a parent
class by other entry types.
Properties / Entry arguments:
- filename: Filename of file to read into entry
- compress: Compression algorithm to use:
none: No compression
lz4: Use lz4 compression (via 'lz4' command-line utility)
This entry reads data from a file and places it in the entry. The
default filename is often specified specified by the subclass. See for
example the 'u-boot' entry which provides the filename 'u-boot.bin'.
If compression is enabled, an extra 'uncomp-size' property is written to
the node (if enabled with -u) which provides the uncompressed size of the
data.
.. _etype_blob_dtb:
Entry: blob-dtb: A blob that holds a device tree
------------------------------------------------
This is a blob containing a device tree. The contents of the blob are
obtained from the list of available device-tree files, managed by the
'state' module.
Additional attributes:
prepend: Header used (e.g. 'length')
.. _etype_blob_ext:
Entry: blob-ext: Externally built binary blob
---------------------------------------------
Note: This should not be used by itself. It is normally used as a parent
class by other entry types.
If the file providing this blob is missing, binman can optionally ignore it
and produce a broken image with a warning.
See 'blob' for Properties / Entry arguments.
.. _etype_blob_ext_list:
Entry: blob-ext-list: List of externally built binary blobs
-----------------------------------------------------------
This is like blob-ext except that a number of blobs can be provided,
typically with some sort of relationship, e.g. all are DDC parameters.
If any of the external files needed by this llist is missing, binman can
optionally ignore it and produce a broken image with a warning.
Args:
filenames: List of filenames to read and include
.. _etype_blob_named_by_arg:
Entry: blob-named-by-arg: A blob entry which gets its filename property from its subclass
-----------------------------------------------------------------------------------------
Properties / Entry arguments:
- <xxx>-path: Filename containing the contents of this entry (optional,
defaults to None)
where <xxx> is the blob_fname argument to the constructor.
This entry cannot be used directly. Instead, it is used as a parent class
for another entry, which defined blob_fname. This parameter is used to
set the entry-arg or property containing the filename. The entry-arg or
property is in turn used to set the actual filename.
See cros_ec_rw for an example of this.
.. _etype_blob_phase:
Entry: blob-phase: Section that holds a phase binary
----------------------------------------------------
This is a base class that should not normally be used directly. It is used
when converting a 'u-boot' entry automatically into a 'u-boot-expanded'
entry; similarly for SPL.
.. _etype_cbfs:
Entry: cbfs: Coreboot Filesystem (CBFS)
---------------------------------------
A CBFS provides a way to group files into a group. It has a simple directory
structure and allows the position of individual files to be set, since it is
designed to support execute-in-place in an x86 SPI-flash device. Where XIP
is not used, it supports compression and storing ELF files.
CBFS is used by coreboot as its way of orgnanising SPI-flash contents.
The contents of the CBFS are defined by subnodes of the cbfs entry, e.g.::
cbfs {
size = <0x100000>;
u-boot {
cbfs-type = "raw";
};
u-boot-dtb {
cbfs-type = "raw";
};
};
This creates a CBFS 1MB in size two files in it: u-boot.bin and u-boot.dtb.
Note that the size is required since binman does not support calculating it.
The contents of each entry is just what binman would normally provide if it
were not a CBFS node. A blob type can be used to import arbitrary files as
with the second subnode below::
cbfs {
size = <0x100000>;
u-boot {
cbfs-name = "BOOT";
cbfs-type = "raw";
};
dtb {
type = "blob";
filename = "u-boot.dtb";
cbfs-type = "raw";
cbfs-compress = "lz4";
cbfs-offset = <0x100000>;
};
};
This creates a CBFS 1MB in size with u-boot.bin (named "BOOT") and
u-boot.dtb (named "dtb") and compressed with the lz4 algorithm.
Properties supported in the top-level CBFS node:
cbfs-arch:
Defaults to "x86", but you can specify the architecture if needed.
Properties supported in the CBFS entry subnodes:
cbfs-name:
This is the name of the file created in CBFS. It defaults to the entry
name (which is the node name), but you can override it with this
property.
cbfs-type:
This is the CBFS file type. The following are supported:
raw:
This is a 'raw' file, although compression is supported. It can be
used to store any file in CBFS.
stage:
This is an ELF file that has been loaded (i.e. mapped to memory), so
appears in the CBFS as a flat binary. The input file must be an ELF
image, for example this puts "u-boot" (the ELF image) into a 'stage'
entry::
cbfs {
size = <0x100000>;
u-boot-elf {
cbfs-name = "BOOT";
cbfs-type = "stage";
};
};
You can use your own ELF file with something like::
cbfs {
size = <0x100000>;
something {
type = "blob";
filename = "cbfs-stage.elf";
cbfs-type = "stage";
};
};
As mentioned, the file is converted to a flat binary, so it is
equivalent to adding "u-boot.bin", for example, but with the load and
start addresses specified by the ELF. At present there is no option
to add a flat binary with a load/start address, similar to the
'add-flat-binary' option in cbfstool.
cbfs-offset:
This is the offset of the file's data within the CBFS. It is used to
specify where the file should be placed in cases where a fixed position
is needed. Typical uses are for code which is not relocatable and must
execute in-place from a particular address. This works because SPI flash
is generally mapped into memory on x86 devices. The file header is
placed before this offset so that the data start lines up exactly with
the chosen offset. If this property is not provided, then the file is
placed in the next available spot.
The current implementation supports only a subset of CBFS features. It does
not support other file types (e.g. payload), adding multiple files (like the
'files' entry with a pattern supported by binman), putting files at a
particular offset in the CBFS and a few other things.
Of course binman can create images containing multiple CBFSs, simply by
defining these in the binman config::
binman {
size = <0x800000>;
cbfs {
offset = <0x100000>;
size = <0x100000>;
u-boot {
cbfs-type = "raw";
};
u-boot-dtb {
cbfs-type = "raw";
};
};
cbfs2 {
offset = <0x700000>;
size = <0x100000>;
u-boot {
cbfs-type = "raw";
};
u-boot-dtb {
cbfs-type = "raw";
};
image {
type = "blob";
filename = "image.jpg";
};
};
};
This creates an 8MB image with two CBFSs, one at offset 1MB, one at 7MB,
both of size 1MB.
.. _etype_collection:
Entry: collection: An entry which contains a collection of other entries
------------------------------------------------------------------------
Properties / Entry arguments:
- content: List of phandles to entries to include
This allows reusing the contents of other entries. The contents of the
listed entries are combined to form this entry. This serves as a useful
base class for entry types which need to process data from elsewhere in
the image, not necessarily child entries.
The entries can generally be anywhere in the same image, even if they are in
a different section from this entry.
.. _etype_cros_ec_rw:
Entry: cros-ec-rw: A blob entry which contains a Chromium OS read-write EC image
--------------------------------------------------------------------------------
Properties / Entry arguments:
- cros-ec-rw-path: Filename containing the EC image
This entry holds a Chromium OS EC (embedded controller) image, for use in
updating the EC on startup via software sync.
.. _etype_efi_capsule:
Entry: capsule: Entry for generating EFI Capsule files
------------------------------------------------------
The parameters needed for generation of the capsules can be provided
as properties in the entry.
Properties / Entry arguments:
- image-index: Unique number for identifying corresponding
payload image. Number between 1 and descriptor count, i.e.
the total number of firmware images that can be updated. Mandatory
property.
- image-guid: Image GUID which will be used for identifying the
updatable image on the board. Mandatory property.
- hardware-instance: Optional number for identifying unique
hardware instance of a device in the system. Default value of 0
for images where value is not to be used.
- fw-version: Value of image version that can be put on the capsule
through the Firmware Management Protocol(FMP) header.
- monotonic-count: Count used when signing an image.
- private-key: Path to PEM formatted .key private key file. Mandatory
property for generating signed capsules.
- public-key-cert: Path to PEM formatted .crt public key certificate
file. Mandatory property for generating signed capsules.
- oem-flags - OEM flags to be passed through capsule header.
Since this is a subclass of Entry_section, all properties of the parent
class also apply here. Except for the properties stated as mandatory, the
rest of the properties are optional.
For more details on the description of the capsule format, and the capsule
update functionality, refer Section 8.5 and Chapter 23 in the `UEFI
specification`_.
The capsule parameters like image index and image GUID are passed as
properties in the entry. The payload to be used in the capsule is to be
provided as a subnode of the capsule entry.
A typical capsule entry node would then look something like this::
capsule {
type = "efi-capsule";
image-index = <0x1>;
/* Image GUID for testing capsule update */
image-guid = SANDBOX_UBOOT_IMAGE_GUID;
hardware-instance = <0x0>;
private-key = "path/to/the/private/key";
public-key-cert = "path/to/the/public-key-cert";
oem-flags = <0x8000>;
u-boot {
};
};
In the above example, the capsule payload is the U-Boot image. The
capsule entry would read the contents of the payload and put them
into the capsule. Any external file can also be specified as the
payload using the blob-ext subnode.
.. _`UEFI specification`: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf
.. _etype_efi_empty_capsule:
Entry: efi-empty-capsule: Entry for generating EFI Empty Capsule files
----------------------------------------------------------------------
The parameters needed for generation of the empty capsules can
be provided as properties in the entry.
Properties / Entry arguments:
- image-guid: Image GUID which will be used for identifying the
updatable image on the board. Mandatory for accept capsule.
- capsule-type - String to indicate type of capsule to generate. Valid
values are 'accept' and 'revert'.
For more details on the description of the capsule format, and the capsule
update functionality, refer Section 8.5 and Chapter 23 in the `UEFI
specification`_. For more information on the empty capsule, refer the
sections 2.3.2 and 2.3.3 in the `Dependable Boot specification`_.
A typical accept empty capsule entry node would then look something
like this::
empty-capsule {
type = "efi-empty-capsule";
/* GUID of the image being accepted */
image-type-id = SANDBOX_UBOOT_IMAGE_GUID;
capsule-type = "accept";
};
A typical revert empty capsule entry node would then look something
like this::
empty-capsule {
type = "efi-empty-capsule";
capsule-type = "revert";
};
The empty capsules do not have any input payload image.
.. _`UEFI specification`: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf
.. _`Dependable Boot specification`: https://git.codelinaro.org/linaro/dependable-boot/mbfw/uploads/6f7ddfe3be24e18d4319e108a758d02e/mbfw.pdf
.. _etype_encrypted:
Entry: encrypted: Externally built encrypted binary blob
--------------------------------------------------------
This entry provides the functionality to include information about how to
decrypt an encrypted binary. This information is added to the
resulting device tree by adding a new cipher node in the entry's parent
node (i.e. the binary).
The key that must be used to decrypt the binary is either directly embedded
in the device tree or indirectly by specifying a key source. The key source
can be used as an id of a key that is stored in an external device.
Using an embedded key
~~~~~~~~~~~~~~~~~~~~~
This is an example using an embedded key::
blob-ext {
filename = "encrypted-blob.bin";
};
encrypted {
algo = "aes256-gcm";
iv-filename = "encrypted-blob.bin.iv";
key-filename = "encrypted-blob.bin.key";
};
This entry generates the following device tree structure form the example
above::
data = [...]
cipher {
algo = "aes256-gcm";
key = <0x...>;
iv = <0x...>;
};
The data property is generated by the blob-ext etype, the cipher node and
its content is generated by this etype.
Using an external key
~~~~~~~~~~~~~~~~~~~~~
Instead of embedding the key itself into the device tree, it is also
possible to address an externally stored key by specifying a 'key-source'
instead of the 'key'::
blob-ext {
filename = "encrypted-blob.bin";
};
encrypted {
algo = "aes256-gcm";
iv-filename = "encrypted-blob.bin.iv";
key-source = "external-key-id";
};
This entry generates the following device tree structure form the example
above::
data = [...]
cipher {
algo = "aes256-gcm";
key-source = "external-key-id";
iv = <0x...>;
};
Properties
~~~~~~~~~~
Properties / Entry arguments:
- algo: The encryption algorithm. Currently no algorithm is supported
out-of-the-box. Certain algorithms will be added in future
patches.
- iv-filename: The name of the file containing the initialization
vector (in short iv). See
https://en.wikipedia.org/wiki/Initialization_vector
- key-filename: The name of the file containing the key. Either
key-filename or key-source must be provided.
- key-source: The key that should be used. Either key-filename or
key-source must be provided.
.. _etype_fdtmap:
Entry: fdtmap: An entry which contains an FDT map
-------------------------------------------------
Properties / Entry arguments:
None
An FDT map is just a header followed by an FDT containing a list of all the
entries in the image. The root node corresponds to the image node in the
original FDT, and an image-name property indicates the image name in that
original tree.
The header is the string _FDTMAP_ followed by 8 unused bytes.
When used, this entry will be populated with an FDT map which reflects the
entries in the current image. Hierarchy is preserved, and all offsets and
sizes are included.
Note that the -u option must be provided to ensure that binman updates the
FDT with the position of each entry.
Example output for a simple image with U-Boot and an FDT map::
/ {
image-name = "binman";
size = <0x00000112>;
image-pos = <0x00000000>;
offset = <0x00000000>;
u-boot {
size = <0x00000004>;
image-pos = <0x00000000>;
offset = <0x00000000>;
};
fdtmap {
size = <0x0000010e>;
image-pos = <0x00000004>;
offset = <0x00000004>;
};
};
If allow-repack is used then 'orig-offset' and 'orig-size' properties are
added as necessary. See the binman README.
When extracting files, an alternative 'fdt' format is available for fdtmaps.
Use `binman extract -F fdt ...` to use this. It will export a devicetree,
without the fdtmap header, so it can be viewed with `fdtdump`.
.. _etype_files:
Entry: files: A set of files arranged in a section
--------------------------------------------------
Properties / Entry arguments:
- pattern: Filename pattern to match the files to include
- files-compress: Compression algorithm to use:
none: No compression
lz4: Use lz4 compression (via 'lz4' command-line utility)
- files-align: Align each file to the given alignment
This entry reads a number of files and places each in a separate sub-entry
within this entry. To access these you need to enable device-tree updates
at run-time so you can obtain the file positions.
.. _etype_fill:
Entry: fill: An entry which is filled to a particular byte value
----------------------------------------------------------------
Properties / Entry arguments:
- fill-byte: Byte to use to fill the entry
Note that the size property must be set since otherwise this entry does not
know how large it should be.
You can often achieve the same effect using the pad-byte property of the
overall image, in that the space between entries will then be padded with
that byte. But this entry is sometimes useful for explicitly setting the
byte value of a region.
.. _etype_fit:
Entry: fit: Flat Image Tree (FIT)
---------------------------------
This calls mkimage to create a FIT (U-Boot Flat Image Tree) based on the
input provided.
Nodes for the FIT should be written out in the binman configuration just as
they would be in a file passed to mkimage.
For example, this creates an image containing a FIT with U-Boot SPL::
binman {
fit {
description = "Test FIT";
fit,fdt-list = "of-list";
images {
kernel@1 {
description = "SPL";
os = "u-boot";
type = "rkspi";
arch = "arm";
compression = "none";
load = <0>;
entry = <0>;
u-boot-spl {
};
};
};
};
};
More complex setups can be created, with generated nodes, as described
below.
Properties (in the 'fit' node itself)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Special properties have a `fit,` prefix, indicating that they should be
processed but not included in the final FIT.
The top-level 'fit' node supports the following special properties:
fit,external-offset
Indicates that the contents of the FIT are external and provides the
external offset. This is passed to mkimage via the -E and -p flags.
fit,align
Indicates what alignment to use for the FIT and its external data,
and provides the alignment to use. This is passed to mkimage via
the -B flag.
fit,fdt-list
Indicates the entry argument which provides the list of device tree
files for the gen-fdt-nodes operation (as below). This is often
`of-list` meaning that `-a of-list="dtb1 dtb2..."` should be passed
to binman.
fit,fdt-list-val
As an alternative to fit,fdt-list the list of device tree files
can be provided in this property as a string list, e.g.::
fit,fdt-list-val = "dtb1", "dtb2";
Substitutions
~~~~~~~~~~~~~
Node names and property values support a basic string-substitution feature.
Available substitutions for '@' nodes (and property values) are:
SEQ:
Sequence number of the generated fdt (1, 2, ...)
NAME
Name of the dtb as provided (i.e. without adding '.dtb')
The `default` property, if present, will be automatically set to the name
if of configuration whose devicetree matches the `default-dt` entry
argument, e.g. with `-a default-dt=sun50i-a64-pine64-lts`.
Available substitutions for property values in these nodes are:
DEFAULT-SEQ:
Sequence number of the default fdt, as provided by the 'default-dt'
entry argument
Available operations
~~~~~~~~~~~~~~~~~~~~
You can add an operation to an '@' node to indicate which operation is
required::
@fdt-SEQ {
fit,operation = "gen-fdt-nodes";
...
};
Available operations are:
gen-fdt-nodes
Generate FDT nodes as above. This is the default if there is no
`fit,operation` property.
split-elf
Split an ELF file into a separate node for each segment.
Generating nodes from an FDT list (gen-fdt-nodes)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
U-Boot supports creating fdt and config nodes automatically. To do this,
pass an `of-list` property (e.g. `-a of-list=file1 file2`). This tells
binman that you want to generates nodes for two files: `file1.dtb` and
`file2.dtb`. The `fit,fdt-list` property (see above) indicates that
`of-list` should be used. If the property is missing you will get an error.
Then add a 'generator node', a node with a name starting with '@'::
images {
@fdt-SEQ {
description = "fdt-NAME";
type = "flat_dt";
compression = "none";
};
};
This tells binman to create nodes `fdt-1` and `fdt-2` for each of your two
files. All the properties you specify will be included in the node. This
node acts like a template to generate the nodes. The generator node itself
does not appear in the output - it is replaced with what binman generates.
A 'data' property is created with the contents of the FDT file.
You can create config nodes in a similar way::
configurations {
default = "@config-DEFAULT-SEQ";
@config-SEQ {
description = "NAME";
firmware = "atf";
loadables = "uboot";
fdt = "fdt-SEQ";
};
};
This tells binman to create nodes `config-1` and `config-2`, i.e. a config
for each of your two files.
Note that if no devicetree files are provided (with '-a of-list' as above)
then no nodes will be generated.
Generating nodes from an ELF file (split-elf)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This uses the node as a template to generate multiple nodes. The following
special properties are available:
split-elf
Split an ELF file into a separate node for each segment. This uses the
node as a template to generate multiple nodes. The following special
properties are available:
fit,load
Generates a `load = <...>` property with the load address of the
segment
fit,entry
Generates a `entry = <...>` property with the entry address of the
ELF. This is only produced for the first entry
fit,data
Generates a `data = <...>` property with the contents of the segment
fit,firmware
Generates a `firmware = <...>` property. Provides a list of possible
nodes to be used as the `firmware` property value. The first valid
node is picked as the firmware. Any remaining valid nodes is
prepended to the `loadable` property generated by `fit,loadables`
fit,loadables
Generates a `loadable = <...>` property with a list of the generated
nodes (including all nodes if this operation is used multiple times)
Here is an example showing ATF, TEE and a device tree all combined::
fit {
description = "test-desc";
#address-cells = <1>;
fit,fdt-list = "of-list";
images {
u-boot {
description = "U-Boot (64-bit)";
type = "standalone";
os = "U-Boot";
arch = "arm64";
compression = "none";
load = <CONFIG_TEXT_BASE>;
u-boot-nodtb {
};
};
@fdt-SEQ {
description = "fdt-NAME.dtb";
type = "flat_dt";
compression = "none";
};
@atf-SEQ {
fit,operation = "split-elf";
description = "ARM Trusted Firmware";
type = "firmware";
arch = "arm64";
os = "arm-trusted-firmware";
compression = "none";
fit,load;
fit,entry;
fit,data;
atf-bl31 {
};
hash {
algo = "sha256";
};
};
@tee-SEQ {
fit,operation = "split-elf";
description = "TEE";
type = "tee";
arch = "arm64";
os = "tee";
compression = "none";
fit,load;
fit,entry;
fit,data;
tee-os {
};
hash {
algo = "sha256";
};
};
};
configurations {
default = "@config-DEFAULT-SEQ";
@config-SEQ {
description = "conf-NAME.dtb";
fdt = "fdt-SEQ";
fit,firmware = "atf-1", "u-boot";
fit,loadables;
};
};
};
If ATF-BL31 is available, this generates a node for each segment in the
ELF file, for example::
images {
atf-1 {
data = <...contents of first segment...>;
data-offset = <0x00000000>;
entry = <0x00040000>;
load = <0x00040000>;
compression = "none";
os = "arm-trusted-firmware";
arch = "arm64";
type = "firmware";
description = "ARM Trusted Firmware";
hash {
algo = "sha256";
value = <...hash of first segment...>;
};
};
atf-2 {
data = <...contents of second segment...>;
load = <0xff3b0000>;
compression = "none";
os = "arm-trusted-firmware";
arch = "arm64";
type = "firmware";
description = "ARM Trusted Firmware";
hash {
algo = "sha256";
value = <...hash of second segment...>;
};
};
};
The same applies for OP-TEE if that is available.
If each binary is not available, the relevant template node (@atf-SEQ or
@tee-SEQ) is removed from the output.
This also generates a `config-xxx` node for each device tree in `of-list`.
Note that the U-Boot build system uses `-a of-list=$(CONFIG_OF_LIST)`
so you can use `CONFIG_OF_LIST` to define that list. In this example it is
set up for `firefly-rk3399` with a single device tree and the default set
with `-a default-dt=$(CONFIG_DEFAULT_DEVICE_TREE)`, so the resulting output
is::
configurations {
default = "config-1";
config-1 {
loadables = "u-boot", "atf-2", "atf-3", "tee-1", "tee-2";
description = "rk3399-firefly.dtb";
fdt = "fdt-1";
firmware = "atf-1";
};
};
U-Boot SPL can then load the firmware (ATF) and all the loadables (U-Boot
proper, ATF and TEE), then proceed with the boot.
.. _etype_fmap:
Entry: fmap: An entry which contains an Fmap section
----------------------------------------------------
Properties / Entry arguments:
None
FMAP is a simple format used by flashrom, an open-source utility for
reading and writing the SPI flash, typically on x86 CPUs. The format
provides flashrom with a list of areas, so it knows what it in the flash.
It can then read or write just a single area, instead of the whole flash.
The format is defined by the flashrom project, in the file lib/fmap.h -
see www.flashrom.org/Flashrom for more information.
When used, this entry will be populated with an FMAP which reflects the
entries in the current image. Note that any hierarchy is squashed, since
FMAP does not support this. Sections are represented as an area appearing
before its contents, so that it is possible to reconstruct the hierarchy
from the FMAP by using the offset information. This convention does not
seem to be documented, but is used in Chromium OS.
To mark an area as preserved, use the normal 'preserved' flag in the entry.
This will result in the corresponding FMAP area having the
FMAP_AREA_PRESERVE flag. This flag does not automatically propagate down to
child entries.
CBFS entries appear as a single entry, i.e. the sub-entries are ignored.
.. _etype_gbb:
Entry: gbb: An entry which contains a Chromium OS Google Binary Block
---------------------------------------------------------------------
Properties / Entry arguments:
- hardware-id: Hardware ID to use for this build (a string)
- keydir: Directory containing the public keys to use
- bmpblk: Filename containing images used by recovery
Chromium OS uses a GBB to store various pieces of information, in particular
the root and recovery keys that are used to verify the boot process. Some
more details are here:
https://www.chromium.org/chromium-os/firmware-porting-guide/2-concepts
but note that the page dates from 2013 so is quite out of date. See
README.chromium for how to obtain the required keys and tools.
.. _etype_image_header:
Entry: image-header: An entry which contains a pointer to the FDT map
---------------------------------------------------------------------
Properties / Entry arguments:
location: Location of header ("start" or "end" of image). This is
optional. If omitted then the entry must have an offset property.
This adds an 8-byte entry to the start or end of the image, pointing to the
location of the FDT map. The format is a magic number followed by an offset
from the start or end of the image, in twos-compliment format.
This entry must be in the top-level part of the image.
NOTE: If the location is at the start/end, you will probably need to specify
sort-by-offset for the image, unless you actually put the image header
first/last in the entry list.
.. _etype_intel_cmc:
Entry: intel-cmc: Intel Chipset Micro Code (CMC) file
-----------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains microcode for some devices in a special format. An
example filename is 'Microcode/C0_22211.BIN'.
See README.x86 for information about x86 binary blobs.
.. _etype_intel_descriptor:
Entry: intel-descriptor: Intel flash descriptor block (4KB)
-----------------------------------------------------------
Properties / Entry arguments:
filename: Filename of file containing the descriptor. This is typically
a 4KB binary file, sometimes called 'descriptor.bin'
This entry is placed at the start of flash and provides information about
the SPI flash regions. In particular it provides the base address and
size of the ME (Management Engine) region, allowing us to place the ME
binary in the right place.
With this entry in your image, the position of the 'intel-me' entry will be
fixed in the image, which avoids you needed to specify an offset for that
region. This is useful, because it is not possible to change the position
of the ME region without updating the descriptor.
See README.x86 for information about x86 binary blobs.
.. _etype_intel_fit:
Entry: intel-fit: Intel Firmware Image Table (FIT)
--------------------------------------------------
This entry contains a dummy FIT as required by recent Intel CPUs. The FIT
contains information about the firmware and microcode available in the
image.
At present binman only supports a basic FIT with no microcode.
.. _etype_intel_fit_ptr:
Entry: intel-fit-ptr: Intel Firmware Image Table (FIT) pointer
--------------------------------------------------------------
This entry contains a pointer to the FIT. It is required to be at address
0xffffffc0 in the image.
.. _etype_intel_fsp:
Entry: intel-fsp: Intel Firmware Support Package (FSP) file
-----------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains binary blobs which are used on some devices to make the
platform work. U-Boot executes this code since it is not possible to set up
the hardware using U-Boot open-source code. Documentation is typically not
available in sufficient detail to allow this.
An example filename is 'FSP/QUEENSBAY_FSP_GOLD_001_20-DECEMBER-2013.fd'
See README.x86 for information about x86 binary blobs.
.. _etype_intel_fsp_m:
Entry: intel-fsp-m: Intel Firmware Support Package (FSP) memory init
--------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains a binary blob which is used on some devices to set up
SDRAM. U-Boot executes this code in SPL so that it can make full use of
memory. Documentation is typically not available in sufficient detail to
allow U-Boot do this this itself..
An example filename is 'fsp_m.bin'
See README.x86 for information about x86 binary blobs.
.. _etype_intel_fsp_s:
Entry: intel-fsp-s: Intel Firmware Support Package (FSP) silicon init
---------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains a binary blob which is used on some devices to set up
the silicon. U-Boot executes this code in U-Boot proper after SDRAM is
running, so that it can make full use of memory. Documentation is typically
not available in sufficient detail to allow U-Boot do this this itself.
An example filename is 'fsp_s.bin'
See README.x86 for information about x86 binary blobs.
.. _etype_intel_fsp_t:
Entry: intel-fsp-t: Intel Firmware Support Package (FSP) temp ram init
----------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains a binary blob which is used on some devices to set up
temporary memory (Cache-as-RAM or CAR). U-Boot executes this code in TPL so
that it has access to memory for its stack and initial storage.
An example filename is 'fsp_t.bin'
See README.x86 for information about x86 binary blobs.
.. _etype_intel_ifwi:
Entry: intel-ifwi: Intel Integrated Firmware Image (IFWI) file
--------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry. This is either the
IFWI file itself, or a file that can be converted into one using a
tool
- convert-fit: If present this indicates that the ifwitool should be
used to convert the provided file into a IFWI.
This file contains code and data used by the SoC that is required to make
it work. It includes U-Boot TPL, microcode, things related to the CSE
(Converged Security Engine, the microcontroller that loads all the firmware)
and other items beyond the wit of man.
A typical filename is 'ifwi.bin' for an IFWI file, or 'fitimage.bin' for a
file that will be converted to an IFWI.
The position of this entry is generally set by the intel-descriptor entry.
The contents of the IFWI are specified by the subnodes of the IFWI node.
Each subnode describes an entry which is placed into the IFWFI with a given
sub-partition (and optional entry name).
Properties for subnodes:
- ifwi-subpart: sub-parition to put this entry into, e.g. "IBBP"
- ifwi-entry: entry name t use, e.g. "IBBL"
- ifwi-replace: if present, indicates that the item should be replaced
in the IFWI. Otherwise it is added.
See README.x86 for information about x86 binary blobs.
.. _etype_intel_me:
Entry: intel-me: Intel Management Engine (ME) file
--------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains code used by the SoC that is required to make it work.
The Management Engine is like a background task that runs things that are
not clearly documented, but may include keyboard, display and network
access. For platform that use ME it is not possible to disable it. U-Boot
does not directly execute code in the ME binary.
A typical filename is 'me.bin'.
The position of this entry is generally set by the intel-descriptor entry.
See README.x86 for information about x86 binary blobs.
.. _etype_intel_mrc:
Entry: intel-mrc: Intel Memory Reference Code (MRC) file
--------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains code for setting up the SDRAM on some Intel systems. This
is executed by U-Boot when needed early during startup. A typical filename
is 'mrc.bin'.
See README.x86 for information about x86 binary blobs.
.. _etype_intel_refcode:
Entry: intel-refcode: Intel Reference Code file
-----------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains code for setting up the platform on some Intel systems.
This is executed by U-Boot when needed early during startup. A typical
filename is 'refcode.bin'.
See README.x86 for information about x86 binary blobs.
.. _etype_intel_vbt:
Entry: intel-vbt: Intel Video BIOS Table (VBT) file
---------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains code that sets up the integrated graphics subsystem on
some Intel SoCs. U-Boot executes this when the display is started up.
See README.x86 for information about Intel binary blobs.
.. _etype_intel_vga:
Entry: intel-vga: Intel Video Graphics Adaptor (VGA) file
---------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of file to read into entry
This file contains code that sets up the integrated graphics subsystem on
some Intel SoCs. U-Boot executes this when the display is started up.
This is similar to the VBT file but in a different format.
See README.x86 for information about Intel binary blobs.
.. _etype_mkimage:
Entry: mkimage: Binary produced by mkimage
------------------------------------------
Properties / Entry arguments:
- args: Arguments to pass
- data-to-imagename: Indicates that the -d data should be passed in as
the image name also (-n)
- multiple-data-files: boolean to tell binman to pass all files as
datafiles to mkimage instead of creating a temporary file the result
of datafiles concatenation
- filename: filename of output binary generated by mkimage
The data passed to mkimage via the -d flag is collected from subnodes of the
mkimage node, e.g.::
mkimage {
filename = "imximage.bin";
args = "-n test -T imximage";
u-boot-spl {
};
};
This calls mkimage to create an imximage with `u-boot-spl.bin` as the data
file, with mkimage being called like this::
mkimage -d <data_file> -n test -T imximage <output_file>
The output from mkimage then becomes part of the image produced by
binman but also is written into `imximage.bin` file. If you need to put
multiple things in the data file, you can use a section, or just multiple
subnodes like this::
mkimage {
args = "-n test -T imximage";
u-boot-spl {
};
u-boot-tpl {
};
};
Note that binman places the contents (here SPL and TPL) into a single file
and passes that to mkimage using the -d option.
To pass all datafiles untouched to mkimage::
mkimage {
args = "-n rk3399 -T rkspi";
multiple-data-files;
u-boot-tpl {
};
u-boot-spl {
};
};
This calls mkimage to create a Rockchip RK3399-specific first stage
bootloader, made of TPL+SPL. Since this first stage bootloader requires to
align the TPL and SPL but also some weird hacks that is handled by mkimage
directly, binman is told to not perform the concatenation of datafiles prior
to passing the data to mkimage.
To use CONFIG options in the arguments, use a string list instead, as in
this example which also produces four arguments::
mkimage {
args = "-n", CONFIG_SYS_SOC, "-T imximage";
u-boot-spl {
};
};
If you need to pass the input data in with the -n argument as well, then use
the 'data-to-imagename' property::
mkimage {
args = "-T imximage";
data-to-imagename;
u-boot-spl {
};
};
That will pass the data to mkimage both as the data file (with -d) and as
the image name (with -n). In both cases, a filename is passed as the
argument, with the actual data being in that file.
If need to pass different data in with -n, then use an `imagename` subnode::
mkimage {
args = "-T imximage";
imagename {
blob {
filename = "spl/u-boot-spl.cfgout"
};
};
u-boot-spl {
};
};
This will pass in u-boot-spl as the input data and the .cfgout file as the
-n data.
.. _etype_null:
Entry: null: An entry which has no contents of its own
------------------------------------------------------
Note that the size property must be set since otherwise this entry does not
know how large it should be.
The contents are set by the containing section, e.g. the section's pad
byte.
.. _etype_opensbi:
Entry: opensbi: RISC-V OpenSBI fw_dynamic blob
----------------------------------------------
Properties / Entry arguments:
- opensbi-path: Filename of file to read into entry. This is typically
called fw_dynamic.bin
This entry holds the run-time firmware, typically started by U-Boot SPL.
See the U-Boot README for your architecture or board for how to use it. See
https://github.com/riscv/opensbi for more information about OpenSBI.
.. _etype_powerpc_mpc85xx_bootpg_resetvec:
Entry: powerpc-mpc85xx-bootpg-resetvec: PowerPC mpc85xx bootpg + resetvec code for U-Boot
-----------------------------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-br.bin (default 'u-boot-br.bin')
This entry is valid for PowerPC mpc85xx cpus. This entry holds
'bootpg + resetvec' code for PowerPC mpc85xx CPUs which needs to be
placed at offset 'RESET_VECTOR_ADDRESS - 0xffc'.
.. _etype_pre_load:
Entry: pre-load: Pre load image header
--------------------------------------
Properties / Entry arguments:
- pre-load-key-path: Path of the directory that store key (provided by
the environment variable PRE_LOAD_KEY_PATH)
- content: List of phandles to entries to sign
- algo-name: Hash and signature algo to use for the signature
- padding-name: Name of the padding (pkcs-1.5 or pss)
- key-name: Filename of the private key to sign
- header-size: Total size of the header
- version: Version of the header
This entry creates a pre-load header that contains a global
image signature.
For example, this creates an image with a pre-load header and a binary::
binman {
image2 {
filename = "sandbox.bin";
pre-load {
content = <&image>;
algo-name = "sha256,rsa2048";
padding-name = "pss";
key-name = "private.pem";
header-size = <4096>;
version = <1>;
};
image: blob-ext {
filename = "sandbox.itb";
};
};
};
.. _etype_rockchip_tpl:
Entry: rockchip-tpl: Rockchip TPL binary
----------------------------------------
Properties / Entry arguments:
- rockchip-tpl-path: Filename of file to read into the entry,
typically <soc>_ddr_<version>.bin
This entry holds an external TPL binary used by some Rockchip SoCs
instead of normal U-Boot TPL, typically to initialize DRAM.
.. _etype_scp:
Entry: scp: System Control Processor (SCP) firmware blob
--------------------------------------------------------
Properties / Entry arguments:
- scp-path: Filename of file to read into the entry, typically scp.bin
This entry holds firmware for an external platform-specific coprocessor.
.. _etype_section:
Entry: section: Entry that contains other entries
-------------------------------------------------
A section is an entry which can contain other entries, thus allowing
hierarchical images to be created. See 'Sections and hierarchical images'
in the binman README for more information.
The base implementation simply joins the various entries together, using
various rules about alignment, etc.
Subclassing
~~~~~~~~~~~
This class can be subclassed to support other file formats which hold
multiple entries, such as CBFS. To do this, override the following
functions. The documentation here describes what your function should do.
For example code, see etypes which subclass `Entry_section`, or `cbfs.py`
for a more involved example::
$ grep -l \(Entry_section tools/binman/etype/*.py
ReadNode()
Call `super().ReadNode()`, then read any special properties for the
section. Then call `self.ReadEntries()` to read the entries.
Binman calls this at the start when reading the image description.
ReadEntries()
Read in the subnodes of the section. This may involve creating entries
of a particular etype automatically, as well as reading any special
properties in the entries. For each entry, entry.ReadNode() should be
called, to read the basic entry properties. The properties should be
added to `self._entries[]`, in the correct order, with a suitable name.
Binman calls this at the start when reading the image description.
BuildSectionData(required)
Create the custom file format that you want and return it as bytes.
This likely sets up a file header, then loops through the entries,
adding them to the file. For each entry, call `entry.GetData()` to
obtain the data. If that returns None, and `required` is False, then
this method must give up and return None. But if `required` is True then
it should assume that all data is valid.
Binman calls this when packing the image, to find out the size of
everything. It is called again at the end when building the final image.
SetImagePos(image_pos):
Call `super().SetImagePos(image_pos)`, then set the `image_pos` values
for each of the entries. This should use the custom file format to find
the `start offset` (and `image_pos`) of each entry. If the file format
uses compression in such a way that there is no offset available (other
than reading the whole file and decompressing it), then the offsets for
affected entries can remain unset (`None`). The size should also be set
if possible.
Binman calls this after the image has been packed, to update the
location that all the entries ended up at.
ReadChildData(child, decomp, alt_format):
The default version of this may be good enough, if you are able to
implement SetImagePos() correctly. But that is a bit of a bypass, so
you can override this method to read from your custom file format. It
should read the entire entry containing the custom file using
`super().ReadData(True)`, then parse the file to get the data for the
given child, then return that data.
If your file format supports compression, the `decomp` argument tells
you whether to return the compressed data (`decomp` is False) or to
uncompress it first, then return the uncompressed data (`decomp` is
True). This is used by the `binman extract -U` option.
If your entry supports alternative formats, the alt_format provides the
alternative format that the user has selected. Your function should
return data in that format. This is used by the 'binman extract -l'
option.
Binman calls this when reading in an image, in order to populate all the
entries with the data from that image (`binman ls`).
WriteChildData(child):
Binman calls this after `child.data` is updated, to inform the custom
file format about this, in case it needs to do updates.
The default version of this does nothing and probably needs to be
overridden for the 'binman replace' command to work. Your version should
use `child.data` to update the data for that child in the custom file
format.
Binman calls this when updating an image that has been read in and in
particular to update the data for a particular entry (`binman replace`)
Properties / Entry arguments
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
See :ref:`develop/package/binman:Image description format` for more
information.
align-default
Default alignment for this section, if no alignment is given in the
entry
pad-byte
Pad byte to use when padding
sort-by-offset
True if entries should be sorted by offset, False if they must be
in-order in the device tree description
end-at-4gb
Used to build an x86 ROM which ends at 4GB (2^32)
name-prefix
Adds a prefix to the name of every entry in the section when writing out
the map
skip-at-start
Number of bytes before the first entry starts. These effectively adjust
the starting offset of entries. For example, if this is 16, then the
first entry would start at 16. An entry with offset = 20 would in fact
be written at offset 4 in the image file, since the first 16 bytes are
skipped when writing.
filename
filename to write the unpadded section contents to within the output
directory (None to skip this).
Since a section is also an entry, it inherits all the properies of entries
too.
Note that the `allow_missing` member controls whether this section permits
external blobs to be missing their contents. The option will produce an
image but of course it will not work. It is useful to make sure that
Continuous Integration systems can build without the binaries being
available. This is set by the `SetAllowMissing()` method, if
`--allow-missing` is passed to binman.
.. _etype_tee_os:
Entry: tee-os: Entry containing an OP-TEE Trusted OS (TEE) blob
---------------------------------------------------------------
Properties / Entry arguments:
- tee-os-path: Filename of file to read into entry. This is typically
called tee.bin or tee.elf
This entry holds the run-time firmware, typically started by U-Boot SPL.
See the U-Boot README for your architecture or board for how to use it. See
https://github.com/OP-TEE/optee_os for more information about OP-TEE.
Note that if the file is in ELF format, it must go in a FIT. In that case,
this entry will mark itself as absent, providing the data only through the
read_elf_segments() method.
Marking this entry as absent means that it if is used in the wrong context
it can be automatically dropped. Thus it is possible to add an OP-TEE entry
like this::
binman {
tee-os {
};
};
and pass either an ELF or plain binary in with -a tee-os-path <filename>
and have binman do the right thing:
- include the entry if tee.bin is provided and it does NOT have the v1
header
- drop it otherwise
When used within a FIT, we can do::
binman {
fit {
tee-os {
};
};
};
which will split the ELF into separate nodes for each segment, if an ELF
file is provided (see :ref:`etype_fit`), or produce a single node if the
OP-TEE binary v1 format is provided (see optee_doc_) .
.. _optee_doc: https://optee.readthedocs.io/en/latest/architecture/core.html#partitioning-of-the-binary
.. _etype_text:
Entry: text: An entry which contains text
-----------------------------------------
The text can be provided either in the node itself or by a command-line
argument. There is a level of indirection to allow multiple text strings
and sharing of text.
Properties / Entry arguments:
text-label: The value of this string indicates the property / entry-arg
that contains the string to place in the entry
<xxx> (actual name is the value of text-label): contains the string to
place in the entry.
<text>: The text to place in the entry (overrides the above mechanism).
This is useful when the text is constant.
Example node::
text {
size = <50>;
text-label = "message";
};
You can then use:
binman -amessage="this is my message"
and binman will insert that string into the entry.
It is also possible to put the string directly in the node::
text {
size = <8>;
text-label = "message";
message = "a message directly in the node"
};
or just::
text {
size = <8>;
text = "some text directly in the node"
};
The text is not itself nul-terminated. This can be achieved, if required,
by setting the size of the entry to something larger than the text.
.. _etype_ti_board_config:
Entry: ti-board-config: An entry containing a TI schema validated board config binary
-------------------------------------------------------------------------------------
This etype supports generation of two kinds of board configuration
binaries: singular board config binary as well as combined board config
binary.
Properties / Entry arguments:
- config-file: File containing board configuration data in YAML
- schema-file: File containing board configuration YAML schema against
which the config file is validated
Output files:
- board config binary: File containing board configuration binary
These above parameters are used only when the generated binary is
intended to be a single board configuration binary. Example::
my-ti-board-config {
ti-board-config {
config = "board-config.yaml";
schema = "schema.yaml";
};
};
To generate a combined board configuration binary, we pack the
needed individual binaries into a ti-board-config binary. In this case,
the available supported subnode names are board-cfg, pm-cfg, sec-cfg and
rm-cfg. The final binary is prepended with a header containing details about
the included board config binaries. Example::
my-combined-ti-board-config {
ti-board-config {
board-cfg {
config = "board-cfg.yaml";
schema = "schema.yaml";
};
sec-cfg {
config = "sec-cfg.yaml";
schema = "schema.yaml";
};
}
}
.. _etype_ti_dm:
Entry: ti-dm: TI Device Manager (DM) blob
-----------------------------------------
Properties / Entry arguments:
- ti-dm-path: Filename of file to read into the entry, typically ti-dm.bin
This entry holds the device manager responsible for resource and power management
in K3 devices. See https://software-dl.ti.com/tisci/esd/latest/ for more information
about TI DM.
.. _etype_ti_secure:
Entry: ti-secure: Entry containing a TI x509 certificate binary
---------------------------------------------------------------
Properties / Entry arguments:
- content: List of phandles to entries to sign
- keyfile: Filename of file containing key to sign binary with
- sha: Hash function to be used for signing
Output files:
- input.<unique_name> - input file passed to openssl
- config.<unique_name> - input file generated for openssl (which is
used as the config file)
- cert.<unique_name> - output file generated by openssl (which is
used as the entry contents)
openssl signs the provided data, using the TI templated config file and
writes the signature in this entry. This allows verification that the
data is genuine.
.. _etype_ti_secure_rom:
Entry: ti-secure-rom: Entry containing a TI x509 certificate binary for images booted by ROM
--------------------------------------------------------------------------------------------
Properties / Entry arguments:
- keyfile: Filename of file containing key to sign binary with
- combined: boolean if device follows combined boot flow
- countersign: boolean if device contains countersigned system firmware
- load: load address of SPL
- sw-rev: software revision
- sha: Hash function to be used for signing
- core: core on which bootloader runs, valid cores are 'secure' and 'public'
- content: phandle of SPL in case of legacy bootflow or phandles of component binaries
in case of combined bootflow
- core-opts (optional): lockstep (0) or split (2) mode set to 0 by default
The following properties are only for generating a combined bootflow binary:
- sysfw-inner-cert: boolean if binary contains sysfw inner certificate
- dm-data: boolean if binary contains dm-data binary
- content-sbl: phandle of SPL binary
- content-sysfw: phandle of sysfw binary
- content-sysfw-data: phandle of sysfw-data or tifs-data binary
- content-sysfw-inner-cert (optional): phandle of sysfw inner certificate binary
- content-dm-data (optional): phandle of dm-data binary
- load-sysfw: load address of sysfw binary
- load-sysfw-data: load address of sysfw-data or tifs-data binary
- load-sysfw-inner-cert (optional): load address of sysfw inner certificate binary
- load-dm-data (optional): load address of dm-data binary
Output files:
- input.<unique_name> - input file passed to openssl
- config.<unique_name> - input file generated for openssl (which is
used as the config file)
- cert.<unique_name> - output file generated by openssl (which is
used as the entry contents)
openssl signs the provided data, using the TI templated config file and
writes the signature in this entry. This allows verification that the
data is genuine.
.. _etype_u_boot:
Entry: u-boot: U-Boot flat binary
---------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.bin (default 'u-boot.bin')
This is the U-Boot binary, containing relocation information to allow it
to relocate itself at runtime. The binary typically includes a device tree
blob at the end of it.
U-Boot can access binman symbols at runtime. See :ref:`binman_fdt`.
Note that this entry is automatically replaced with u-boot-expanded unless
--no-expanded is used or the node has a 'no-expanded' property.
.. _etype_u_boot_dtb:
Entry: u-boot-dtb: U-Boot device tree
-------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.dtb (default 'u-boot.dtb')
This is the U-Boot device tree, containing configuration information for
U-Boot. U-Boot needs this to know what devices are present and which drivers
to activate.
Note: This is mostly an internal entry type, used by others. This allows
binman to know which entries contain a device tree.
.. _etype_u_boot_dtb_with_ucode:
Entry: u-boot-dtb-with-ucode: A U-Boot device tree file, with the microcode removed
-----------------------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.dtb (default 'u-boot.dtb')
See Entry_u_boot_ucode for full details of the three entries involved in
this process. This entry provides the U-Boot device-tree file, which
contains the microcode. If the microcode is not being collated into one
place then the offset and size of the microcode is recorded by this entry,
for use by u-boot-with-ucode_ptr. If it is being collated, then this
entry deletes the microcode from the device tree (to save space) and makes
it available to u-boot-ucode.
.. _etype_u_boot_elf:
Entry: u-boot-elf: U-Boot ELF image
-----------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot (default 'u-boot')
This is the U-Boot ELF image. It does not include a device tree but can be
relocated to any address for execution.
.. _etype_u_boot_env:
Entry: u-boot-env: An entry which contains a U-Boot environment
---------------------------------------------------------------
Properties / Entry arguments:
- filename: File containing the environment text, with each line in the
form var=value
.. _etype_u_boot_expanded:
Entry: u-boot-expanded: U-Boot flat binary broken out into its component parts
------------------------------------------------------------------------------
This is a section containing the U-Boot binary and a devicetree. Using this
entry type automatically creates this section, with the following entries
in it:
u-boot-nodtb
u-boot-dtb
Having the devicetree separate allows binman to update it in the final
image, so that the entries positions are provided to the running U-Boot.
.. _etype_u_boot_img:
Entry: u-boot-img: U-Boot legacy image
--------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.img (default 'u-boot.img')
This is the U-Boot binary as a packaged image, in legacy format. It has a
header which allows it to be loaded at the correct address for execution.
You should use FIT (Flat Image Tree) instead of the legacy image for new
applications.
.. _etype_u_boot_nodtb:
Entry: u-boot-nodtb: U-Boot flat binary without device tree appended
--------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename to include (default 'u-boot-nodtb.bin')
This is the U-Boot binary, containing relocation information to allow it
to relocate itself at runtime. It does not include a device tree blob at
the end of it so normally cannot work without it. You can add a u-boot-dtb
entry after this one, or use a u-boot entry instead, normally expands to a
section containing u-boot and u-boot-dtb
.. _etype_u_boot_spl:
Entry: u-boot-spl: U-Boot SPL binary
------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-spl.bin (default 'spl/u-boot-spl.bin')
This is the U-Boot SPL (Secondary Program Loader) binary. This is a small
binary which loads before U-Boot proper, typically into on-chip SRAM. It is
responsible for locating, loading and jumping to U-Boot. Note that SPL is
not relocatable so must be loaded to the correct address in SRAM, or written
to run from the correct address if direct flash execution is possible (e.g.
on x86 devices).
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
in the binman README for more information.
The ELF file 'spl/u-boot-spl' must also be available for this to work, since
binman uses that to look up symbols to write into the SPL binary.
Note that this entry is automatically replaced with u-boot-spl-expanded
unless --no-expanded is used or the node has a 'no-expanded' property.
.. _etype_u_boot_spl_bss_pad:
Entry: u-boot-spl-bss-pad: U-Boot SPL binary padded with a BSS region
---------------------------------------------------------------------
Properties / Entry arguments:
None
This holds the padding added after the SPL binary to cover the BSS (Block
Started by Symbol) region. This region holds the various variables used by
SPL. It is set to 0 by SPL when it starts up. If you want to append data to
the SPL image (such as a device tree file), you must pad out the BSS region
to avoid the data overlapping with U-Boot variables. This entry is useful in
that case. It automatically pads out the entry size to cover both the code,
data and BSS.
The contents of this entry will a certain number of zero bytes, determined
by __bss_size
The ELF file 'spl/u-boot-spl' must also be available for this to work, since
binman uses that to look up the BSS address.
.. _etype_u_boot_spl_dtb:
Entry: u-boot-spl-dtb: U-Boot SPL device tree
---------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.dtb (default 'spl/u-boot-spl.dtb')
This is the SPL device tree, containing configuration information for
SPL. SPL needs this to know what devices are present and which drivers
to activate.
.. _etype_u_boot_spl_elf:
Entry: u-boot-spl-elf: U-Boot SPL ELF image
-------------------------------------------
Properties / Entry arguments:
- filename: Filename of SPL u-boot (default 'spl/u-boot-spl')
This is the U-Boot SPL ELF image. It does not include a device tree but can
be relocated to any address for execution.
.. _etype_u_boot_spl_expanded:
Entry: u-boot-spl-expanded: U-Boot SPL flat binary broken out into its component parts
--------------------------------------------------------------------------------------
Properties / Entry arguments:
- spl-dtb: Controls whether this entry is selected (set to 'y' or '1' to
select)
This is a section containing the U-Boot binary, BSS padding if needed and a
devicetree. Using this entry type automatically creates this section, with
the following entries in it:
u-boot-spl-nodtb
u-boot-spl-bss-pad
u-boot-dtb
Having the devicetree separate allows binman to update it in the final
image, so that the entries positions are provided to the running U-Boot.
This entry is selected based on the value of the 'spl-dtb' entryarg. If
this is non-empty (and not 'n' or '0') then this expanded entry is selected.
.. _etype_u_boot_spl_nodtb:
Entry: u-boot-spl-nodtb: SPL binary without device tree appended
----------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename to include (default 'spl/u-boot-spl-nodtb.bin')
This is the U-Boot SPL binary, It does not include a device tree blob at
the end of it so may not be able to work without it, assuming SPL needs
a device tree to operate on your platform. You can add a u-boot-spl-dtb
entry after this one, or use a u-boot-spl entry instead' which normally
expands to a section containing u-boot-spl-dtb, u-boot-spl-bss-pad and
u-boot-spl-dtb
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
in the binman README for more information.
The ELF file 'spl/u-boot-spl' must also be available for this to work, since
binman uses that to look up symbols to write into the SPL binary.
.. _etype_u_boot_spl_pubkey_dtb:
Entry: u-boot-spl-pubkey-dtb: U-Boot SPL device tree including public key
-------------------------------------------------------------------------
Properties / Entry arguments:
- key-name-hint: Public key name without extension (.crt).
Default is determined by underlying
bintool (fdt_add_pubkey), usually 'key'.
- algo: (Optional) Algorithm used for signing. Default is determined by
underlying bintool (fdt_add_pubkey), usually 'sha1,rsa2048'
- required: (Optional) If present this indicates that the key must be
verified for the image / configuration to be
considered valid
The following example shows an image containing an SPL which
is packed together with the dtb. Binman will add a signature
node to the dtb.
Example node::
image {
...
spl {
filename = "spl.bin"
u-boot-spl-nodtb {
};
u-boot-spl-pubkey-dtb {
algo = "sha384,rsa4096";
required = "conf";
key-name-hint = "dev";
};
};
...
}
.. _etype_u_boot_spl_with_ucode_ptr:
Entry: u-boot-spl-with-ucode-ptr: U-Boot SPL with embedded microcode pointer
----------------------------------------------------------------------------
This is used when SPL must set up the microcode for U-Boot.
See Entry_u_boot_ucode for full details of the entries involved in this
process.
.. _etype_u_boot_tpl:
Entry: u-boot-tpl: U-Boot TPL binary
------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-tpl.bin (default 'tpl/u-boot-tpl.bin')
This is the U-Boot TPL (Tertiary Program Loader) binary. This is a small
binary which loads before SPL, typically into on-chip SRAM. It is
responsible for locating, loading and jumping to SPL, the next-stage
loader. Note that SPL is not relocatable so must be loaded to the correct
address in SRAM, or written to run from the correct address if direct
flash execution is possible (e.g. on x86 devices).
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
in the binman README for more information.
The ELF file 'tpl/u-boot-tpl' must also be available for this to work, since
binman uses that to look up symbols to write into the TPL binary.
Note that this entry is automatically replaced with u-boot-tpl-expanded
unless --no-expanded is used or the node has a 'no-expanded' property.
.. _etype_u_boot_tpl_bss_pad:
Entry: u-boot-tpl-bss-pad: U-Boot TPL binary padded with a BSS region
---------------------------------------------------------------------
Properties / Entry arguments:
None
This holds the padding added after the TPL binary to cover the BSS (Block
Started by Symbol) region. This region holds the various variables used by
TPL. It is set to 0 by TPL when it starts up. If you want to append data to
the TPL image (such as a device tree file), you must pad out the BSS region
to avoid the data overlapping with U-Boot variables. This entry is useful in
that case. It automatically pads out the entry size to cover both the code,
data and BSS.
The contents of this entry will a certain number of zero bytes, determined
by __bss_size
The ELF file 'tpl/u-boot-tpl' must also be available for this to work, since
binman uses that to look up the BSS address.
.. _etype_u_boot_tpl_dtb:
Entry: u-boot-tpl-dtb: U-Boot TPL device tree
---------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.dtb (default 'tpl/u-boot-tpl.dtb')
This is the TPL device tree, containing configuration information for
TPL. TPL needs this to know what devices are present and which drivers
to activate.
.. _etype_u_boot_tpl_dtb_with_ucode:
Entry: u-boot-tpl-dtb-with-ucode: U-Boot TPL with embedded microcode pointer
----------------------------------------------------------------------------
This is used when TPL must set up the microcode for U-Boot.
See Entry_u_boot_ucode for full details of the entries involved in this
process.
.. _etype_u_boot_tpl_elf:
Entry: u-boot-tpl-elf: U-Boot TPL ELF image
-------------------------------------------
Properties / Entry arguments:
- filename: Filename of TPL u-boot (default 'tpl/u-boot-tpl')
This is the U-Boot TPL ELF image. It does not include a device tree but can
be relocated to any address for execution.
.. _etype_u_boot_tpl_expanded:
Entry: u-boot-tpl-expanded: U-Boot TPL flat binary broken out into its component parts
--------------------------------------------------------------------------------------
Properties / Entry arguments:
- tpl-dtb: Controls whether this entry is selected (set to 'y' or '1' to
select)
This is a section containing the U-Boot binary, BSS padding if needed and a
devicetree. Using this entry type automatically creates this section, with
the following entries in it:
u-boot-tpl-nodtb
u-boot-tpl-bss-pad
u-boot-dtb
Having the devicetree separate allows binman to update it in the final
image, so that the entries positions are provided to the running U-Boot.
This entry is selected based on the value of the 'tpl-dtb' entryarg. If
this is non-empty (and not 'n' or '0') then this expanded entry is selected.
.. _etype_u_boot_tpl_nodtb:
Entry: u-boot-tpl-nodtb: TPL binary without device tree appended
----------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename to include (default 'tpl/u-boot-tpl-nodtb.bin')
This is the U-Boot TPL binary, It does not include a device tree blob at
the end of it so may not be able to work without it, assuming TPL needs
a device tree to operate on your platform. You can add a u-boot-tpl-dtb
entry after this one, or use a u-boot-tpl entry instead, which normally
expands to a section containing u-boot-tpl-dtb, u-boot-tpl-bss-pad and
u-boot-tpl-dtb
TPL can access binman symbols at runtime. See :ref:`binman_fdt`.
in the binman README for more information.
The ELF file 'tpl/u-boot-tpl' must also be available for this to work, since
binman uses that to look up symbols to write into the TPL binary.
.. _etype_u_boot_tpl_with_ucode_ptr:
Entry: u-boot-tpl-with-ucode-ptr: U-Boot TPL with embedded microcode pointer
----------------------------------------------------------------------------
See Entry_u_boot_ucode for full details of the entries involved in this
process.
.. _etype_u_boot_ucode:
Entry: u-boot-ucode: U-Boot microcode block
-------------------------------------------
Properties / Entry arguments:
None
The contents of this entry are filled in automatically by other entries
which must also be in the image.
U-Boot on x86 needs a single block of microcode. This is collected from
the various microcode update nodes in the device tree. It is also unable
to read the microcode from the device tree on platforms that use FSP
(Firmware Support Package) binaries, because the API requires that the
microcode is supplied before there is any SRAM available to use (i.e.
the FSP sets up the SRAM / cache-as-RAM but does so in the call that
requires the microcode!). To keep things simple, all x86 platforms handle
microcode the same way in U-Boot (even non-FSP platforms). This is that
a table is placed at _dt_ucode_base_size containing the base address and
size of the microcode. This is either passed to the FSP (for FSP
platforms), or used to set up the microcode (for non-FSP platforms).
This all happens in the build system since it is the only way to get
the microcode into a single blob and accessible without SRAM.
There are two cases to handle. If there is only one microcode blob in
the device tree, then the ucode pointer it set to point to that. This
entry (u-boot-ucode) is empty. If there is more than one update, then
this entry holds the concatenation of all updates, and the device tree
entry (u-boot-dtb-with-ucode) is updated to remove the microcode. This
last step ensures that that the microcode appears in one contiguous
block in the image and is not unnecessarily duplicated in the device
tree. It is referred to as 'collation' here.
Entry types that have a part to play in handling microcode:
Entry_u_boot_with_ucode_ptr:
Contains u-boot-nodtb.bin (i.e. U-Boot without the device tree).
It updates it with the address and size of the microcode so that
U-Boot can find it early on start-up.
Entry_u_boot_dtb_with_ucode:
Contains u-boot.dtb. It stores the microcode in a
'self.ucode_data' property, which is then read by this class to
obtain the microcode if needed. If collation is performed, it
removes the microcode from the device tree.
Entry_u_boot_ucode:
This class. If collation is enabled it reads the microcode from
the Entry_u_boot_dtb_with_ucode entry, and uses it as the
contents of this entry.
.. _etype_u_boot_vpl:
Entry: u-boot-vpl: U-Boot VPL binary
------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-vpl.bin (default 'vpl/u-boot-vpl.bin')
This is the U-Boot VPL (Verifying Program Loader) binary. This is a small
binary which loads before SPL, typically into on-chip SRAM. It is
responsible for locating, loading and jumping to SPL, the next-stage
loader. Note that VPL is not relocatable so must be loaded to the correct
address in SRAM, or written to run from the correct address if direct
flash execution is possible (e.g. on x86 devices).
SPL can access binman symbols at runtime. See :ref:`binman_fdt`.
in the binman README for more information.
The ELF file 'vpl/u-boot-vpl' must also be available for this to work, since
binman uses that to look up symbols to write into the VPL binary.
.. _etype_u_boot_vpl_bss_pad:
Entry: u-boot-vpl-bss-pad: U-Boot VPL binary padded with a BSS region
---------------------------------------------------------------------
Properties / Entry arguments:
None
This holds the padding added after the VPL binary to cover the BSS (Block
Started by Symbol) region. This region holds the various variables used by
VPL. It is set to 0 by VPL when it starts up. If you want to append data to
the VPL image (such as a device tree file), you must pad out the BSS region
to avoid the data overlapping with U-Boot variables. This entry is useful in
that case. It automatically pads out the entry size to cover both the code,
data and BSS.
The contents of this entry will a certain number of zero bytes, determined
by __bss_size
The ELF file 'vpl/u-boot-vpl' must also be available for this to work, since
binman uses that to look up the BSS address.
.. _etype_u_boot_vpl_dtb:
Entry: u-boot-vpl-dtb: U-Boot VPL device tree
---------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot.dtb (default 'vpl/u-boot-vpl.dtb')
This is the VPL device tree, containing configuration information for
VPL. VPL needs this to know what devices are present and which drivers
to activate.
.. _etype_u_boot_vpl_elf:
Entry: u-boot-vpl-elf: U-Boot VPL ELF image
-------------------------------------------
Properties / Entry arguments:
- filename: Filename of VPL u-boot (default 'vpl/u-boot-vpl')
This is the U-Boot VPL ELF image. It does not include a device tree but can
be relocated to any address for execution.
.. _etype_u_boot_vpl_expanded:
Entry: u-boot-vpl-expanded: U-Boot VPL flat binary broken out into its component parts
--------------------------------------------------------------------------------------
Properties / Entry arguments:
- vpl-dtb: Controls whether this entry is selected (set to 'y' or '1' to
select)
This is a section containing the U-Boot binary, BSS padding if needed and a
devicetree. Using this entry type automatically creates this section, with
the following entries in it:
u-boot-vpl-nodtb
u-boot-vpl-bss-pad
u-boot-dtb
Having the devicetree separate allows binman to update it in the final
image, so that the entries positions are provided to the running U-Boot.
This entry is selected based on the value of the 'vpl-dtb' entryarg. If
this is non-empty (and not 'n' or '0') then this expanded entry is selected.
.. _etype_u_boot_vpl_nodtb:
Entry: u-boot-vpl-nodtb: VPL binary without device tree appended
----------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename to include (default 'vpl/u-boot-vpl-nodtb.bin')
This is the U-Boot VPL binary, It does not include a device tree blob at
the end of it so may not be able to work without it, assuming VPL needs
a device tree to operate on your platform. You can add a u_boot_vpl_dtb
entry after this one, or use a u_boot_vpl entry instead, which normally
expands to a section containing u-boot-vpl-dtb, u-boot-vpl-bss-pad and
u-boot-vpl-dtb
VPL can access binman symbols at runtime. See :ref:`binman_fdt`.
The ELF file 'vpl/u-boot-vpl' must also be available for this to work, since
binman uses that to look up symbols to write into the VPL binary.
.. _etype_u_boot_with_ucode_ptr:
Entry: u-boot-with-ucode-ptr: U-Boot with embedded microcode pointer
--------------------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-nodtb.bin (default 'u-boot-nodtb.bin')
- optional-ucode: boolean property to make microcode optional. If the
u-boot.bin image does not include microcode, no error will
be generated.
See Entry_u_boot_ucode for full details of the three entries involved in
this process. This entry updates U-Boot with the offset and size of the
microcode, to allow early x86 boot code to find it without doing anything
complicated. Otherwise it is the same as the u-boot entry.
.. _etype_vblock:
Entry: vblock: An entry which contains a Chromium OS verified boot block
------------------------------------------------------------------------
Properties / Entry arguments:
- content: List of phandles to entries to sign
- keydir: Directory containing the public keys to use
- keyblock: Name of the key file to use (inside keydir)
- signprivate: Name of provide key file to use (inside keydir)
- version: Version number of the vblock (typically 1)
- kernelkey: Name of the kernel key to use (inside keydir)
- preamble-flags: Value of the vboot preamble flags (typically 0)
Output files:
- input.<unique_name> - input file passed to futility
- vblock.<unique_name> - output file generated by futility (which is
used as the entry contents)
Chromium OS signs the read-write firmware and kernel, writing the signature
in this block. This allows U-Boot to verify that the next firmware stage
and kernel are genuine.
.. _etype_x509_cert:
Entry: x509-cert: An entry which contains an X509 certificate
-------------------------------------------------------------
Properties / Entry arguments:
- content: List of phandles to entries to sign
Output files:
- input.<unique_name> - input file passed to openssl
- cert.<unique_name> - output file generated by openssl (which is
used as the entry contents)
openssl signs the provided data, writing the signature in this entry. This
allows verification that the data is genuine
.. _etype_x86_reset16:
Entry: x86-reset16: x86 16-bit reset code for U-Boot
----------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-x86-reset16.bin (default
'u-boot-x86-reset16.bin')
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
must be placed at a particular address. This entry holds that code. It is
typically placed at offset CONFIG_RESET_VEC_LOC. The code is responsible
for jumping to the x86-start16 code, which continues execution.
For 64-bit U-Boot, the 'x86_reset16_spl' entry type is used instead.
.. _etype_x86_reset16_spl:
Entry: x86-reset16-spl: x86 16-bit reset code for U-Boot
--------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-x86-reset16.bin (default
'u-boot-x86-reset16.bin')
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
must be placed at a particular address. This entry holds that code. It is
typically placed at offset CONFIG_RESET_VEC_LOC. The code is responsible
for jumping to the x86-start16 code, which continues execution.
For 32-bit U-Boot, the 'x86_reset_spl' entry type is used instead.
.. _etype_x86_reset16_tpl:
Entry: x86-reset16-tpl: x86 16-bit reset code for U-Boot
--------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-x86-reset16.bin (default
'u-boot-x86-reset16.bin')
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
must be placed at a particular address. This entry holds that code. It is
typically placed at offset CONFIG_RESET_VEC_LOC. The code is responsible
for jumping to the x86-start16 code, which continues execution.
For 32-bit U-Boot, the 'x86_reset_tpl' entry type is used instead.
.. _etype_x86_start16:
Entry: x86-start16: x86 16-bit start-up code for U-Boot
-------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of u-boot-x86-start16.bin (default
'u-boot-x86-start16.bin')
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
must be placed in the top 64KB of the ROM. The reset code jumps to it. This
entry holds that code. It is typically placed at offset
CONFIG_SYS_X86_START16. The code is responsible for changing to 32-bit mode
and jumping to U-Boot's entry point, which requires 32-bit mode (for 32-bit
U-Boot).
For 64-bit U-Boot, the 'x86_start16_spl' entry type is used instead.
.. _etype_x86_start16_spl:
Entry: x86-start16-spl: x86 16-bit start-up code for SPL
--------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of spl/u-boot-x86-start16-spl.bin (default
'spl/u-boot-x86-start16-spl.bin')
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
must be placed in the top 64KB of the ROM. The reset code jumps to it. This
entry holds that code. It is typically placed at offset
CONFIG_SYS_X86_START16. The code is responsible for changing to 32-bit mode
and jumping to U-Boot's entry point, which requires 32-bit mode (for 32-bit
U-Boot).
For 32-bit U-Boot, the 'x86-start16' entry type is used instead.
.. _etype_x86_start16_tpl:
Entry: x86-start16-tpl: x86 16-bit start-up code for TPL
--------------------------------------------------------
Properties / Entry arguments:
- filename: Filename of tpl/u-boot-x86-start16-tpl.bin (default
'tpl/u-boot-x86-start16-tpl.bin')
x86 CPUs start up in 16-bit mode, even if they are 32-bit CPUs. This code
must be placed in the top 64KB of the ROM. The reset code jumps to it. This
entry holds that code. It is typically placed at offset
CONFIG_SYS_X86_START16. The code is responsible for changing to 32-bit mode
and jumping to U-Boot's entry point, which requires 32-bit mode (for 32-bit
U-Boot).
If TPL is not being used, the 'x86-start16-spl or 'x86-start16' entry types
may be used instead.
.. _etype_xilinx_bootgen:
Entry: xilinx-bootgen: Signed SPL boot image for Xilinx ZynqMP devices
----------------------------------------------------------------------
Properties / Entry arguments:
- auth-params: (Optional) Authentication parameters passed to bootgen
- fsbl-config: (Optional) FSBL parameters passed to bootgen
- keysrc-enc: (Optional) Key source when using decryption engine
- pmufw-filename: Filename of PMU firmware. Default: pmu-firmware.elf
- psk-key-name-hint: Name of primary secret key to use for signing the
secondardy public key. Format: .pem file
- ssk-key-name-hint: Name of secondardy secret key to use for signing
the boot image. Format: .pem file
The etype is used to create a boot image for Xilinx ZynqMP
devices.
Information for signed images:
In AMD/Xilinx SoCs, two pairs of public and secret keys are used
- primary and secondary. The function of the primary public/secret key pair
is to authenticate the secondary public/secret key pair.
The function of the secondary key is to sign/verify the boot image. [1]
AMD/Xilinx uses the following terms for private/public keys [1]:
PSK = Primary Secret Key (Used to sign Secondary Public Key)
PPK = Primary Public Key (Used to verify Secondary Public Key)
SSK = Secondary Secret Key (Used to sign the boot image/partitions)
SPK = Used to verify the actual boot image
The following example builds a signed boot image. The fuses of
the primary public key (ppk) should be fused together with the RSA_EN flag.
Example node::
spl {
filename = "boot.signed.bin";
xilinx-bootgen {
psk-key-name-hint = "psk0";
ssk-key-name-hint = "ssk0";
auth-params = "ppk_select=0", "spk_id=0x00000000";
u-boot-spl-nodtb {
};
u-boot-spl-pubkey-dtb {
algo = "sha384,rsa4096";
required = "conf";
key-name-hint = "dev";
};
};
};
For testing purposes, e.g. if no RSA_EN should be fused, one could add
the "bh_auth_enable" flag in the fsbl-config field. This will skip the
verification of the ppk fuses and boot the image, even if ppk hash is
invalid.
Example node::
xilinx-bootgen {
psk-key-name-hint = "psk0";
psk-key-name-hint = "ssk0";
...
fsbl-config = "bh_auth_enable";
...
};
[1] https://docs.xilinx.com/r/en-US/ug1283-bootgen-user-guide/Using-Authentication