Binman v6 #363
Open
Binman v6 #363
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The ti-board-config entry loads and validates a given YAML config file against a given schema, and generates the board config binary. K3 devices require these binaries to be packed into the final system firmware images. Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org>
The ti-secure entry contains certificate for binaries that will be loaded or booted by system firmware whereas the ti-secure-rom entry contains certificate for binaries that will be booted by ROM. Support for both these types of certificates is necessary for booting of K3 devices. Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org> [vigneshr@ti.com: fixed inconsist cert generation by multiple packing] Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Board config binary artifacts must be generated to be used by binman to package sysfw.itb and tiboot3.bin for all K3 devices. For devices that follow combined flow, these board configuration binaries must again be packaged into a combined board configuration blobs to be used by binman to package tiboot3.bin. Add common k3-binman.dtsi to generate all the board configuration binaries needed. Also add custMpk.pem and ti-degenerate-key.pem needed for signing GP and HS bootloader images common to all K3 devices. Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Schema file in YAML must be provided in board/ti/common for validating input config files and packaging system firmware. The schema includes entries for rm-cfg, board-cfg, pm-cfg and sec-cfg. Board config files must be provided in board/ti/<devicename> in YAML. These can then be consumed for generation of binaries to package system firmware. Added YAML configs for J721E in particular. Signed-off-by: Tarun Sahu <t-sahu@ti.com> [n-francis@ti.com: prepared patch for upstreaming] Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
….img By providing entries in the binman node of the device tree, binman will be able to find and package board config artifacts generated by TIBoardConfig with sysfw.bin and generate the final image sysfw.itb. It will also pick out the R5 SPL and sign it with the help of TI signing entry and generate the final tiboot3.bin. Entries for A72 build have been added to k3-j721e-binman.dtsi to generate tispl.bin and u-boot.img. Support has been added for both HS-SE(SR 1.1), HS-FS(SR 2.0) and GP images In HS-SE, the encrypted system firmware binary must be signed along with the signed certificate binary. HS-SE: * tiboot3-j721e_sr1_1-hs-evm.bin * sysfw-j721e_sr1_1-hs-evm.itb * tispl.bin * u-boot.img HS-FS: * tiboot3-j721e_sr2-hs-fs-evm.bin * sysfw-j721e_sr2-hs-fs-evm.itb * tispl.bin * u-boot.img GP: * tiboot3.bin -->tiboot3-j721e-gp-evm.bin * sysfw.itb --> sysfw-j721e-gp-evm.itb * tispl.bin_unsigned * u-boot.img_unsigned It is to be noted that the bootflow followed by J721E requires: tiboot3.bin: * R5 SPL * R5 SPL dtbs sysfw.itb: * TIFS * board-cfg * pm-cfg * sec-cfg * rm-cfg tispl.bin: * DM * ATF * OPTEE * A72 SPL * A72 SPL dtbs u-boot.img: * A72 U-Boot * A72 U-Boot dtbs Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org> [afd@ti.com: changed output binary names appropriately] Signed-off-by: Andrew Davis <afd@ti.com>
Added YAML configs for J7200 Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Support has been added for both HS-SE(SR 2.0), HS-FS(SR 2.0) and GP images. HS-SE: * tiboot3-j7200_sr2-hs-evm.bin * tispl.bin * u-boot.img HS-FS: * tiboot3-j7200_sr2-hs-fs-evm.bin * tispl.bin * u-boot.img GP: * tiboot3.bin --> tiboot3-j7200-gp-evm.bin * tispl.bin_unsigned * u-boot.img_unsigned It is to be noted that the bootflow followed by J7200 requires: tiboot3.bin: * R5 SPL * R5 SPL dtbs * TIFS * board-cfg * pm-cfg * sec-cfg * rm-cfg tispl.bin: * DM * ATF * OPTEE * A72 SPL * A72 SPL dtbs u-boot.img: * A72 U-Boot * A72 U-Boot dtbs Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org> [afd@ti.com: changed output binary names appropriately] Signed-off-by: Andrew Davis <afd@ti.com>
Added YAML configs for AM65x Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Support has been added for both HS-SE(SR 2.0) and GP(SR 2.0) images. HS-SE: * tiboot3-am65x_sr2-hs-evm.bin * sysfw-am65x_sr2-hs-evm.itb * tispl.bin * u-boot.img GP: * tiboot3.bin --> tiboot3-am65x_sr2-gp-evm.bin * sysfw.itb --> sysfw-am65x_sr2-gp-evm.itb * tispl.bin_unsigned * u-boot.img_unsigned Note that the bootflow followed by AM65x requires: tiboot3.bin: * R5 SPL * R5 SPL dtbs sysfw.itb: * sysfw * board-cfg * pm-cfg * sec-cfg * rm-cfg tispl.bin: * ATF * OPTEE * A53 SPL * A53 SPL dtbs u-boot.img: * A53 U-Boot * A53 U-Boot dtbs Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org> [afd@ti.com: changed output binary names appropriately] Signed-off-by: Andrew Davis <afd@ti.com>
Added YAML configs for AM64xx Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Support added for HS and GP boot binaries for AM64x.
HS-SE:
* tiboot3-am64x_sr2-hs-evm.bin
* tispl.bin
* u-boot.img
HS-FS:
* tiboot3-am64x_sr2-hs-fs-evm.bin
* tispl.bin
* u-boot.img
GP:
* tiboot3.bin --> tiboot3-am64x-gp-evm.bin
* tispl.bin_unsigned
* u-boot.img_unsigned
Note that the bootflow followed by AM64x requires:
tiboot3.bin:
* R5 SPL
* R5 SPL dtbs
* sysfw
* board-cfg
* pm-cfg
* sec-cfg
* rm-cfg
tispl.bin:
* ATF
* OPTEE
* A53 SPL
* A53 SPL dtbs
u-boot.img:
* A53 U-Boot
* A53 U-Boot dtbs
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[afd@ti.com: changed output binary names appropriately]
Signed-off-by: Andrew Davis <afd@ti.com>
Added YAML configs for J721S2 Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Support has been added for both HS-SE, HS-FS and GP images.
HS-SE:
* tiboot3-j721s2-hs-evm.bin
* tispl.bin
* u-boot.img
HS-FS:
* tiboot3-j721s2-hs-fs-evm.bin
* tispl.bin
* u-boot.img
GP:
* tiboot3.bin --> tiboot3-j721s2-gp-evm.bin
* tispl.bin_unsigned
* u-boot.img_unsigned
It is to be noted that the bootflow followed by J721S2 requires:
tiboot3.bin:
* R5 SPL
* R5 SPL dtbs
* TIFS
* board-cfg
* pm-cfg
* sec-cfg
* rm-cfg
tispl.bin:
* DM
* ATF
* OPTEE
* A72 SPL
* A72 SPL dtbs
u-boot.img:
* A72 U-Boot
* A72 U-Boot dtbs
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[afd@ti.com: changed output binary names appropriately]
Signed-off-by: Andrew Davis <afd@ti.com>
Added YAML configs for AM62 Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Support added for HS-SE, HS-FS and GP boot binaries for AM62.
HS-SE:
* tiboot3-am62x-hs-evm.bin
* tispl.bin
* u-boot.img
HS-FS:
* tiboot3-am62x-hs-fs-evm.bin
* tispl.bin
* u-boot.img
GP:
* tiboot3.bin --> tiboot3-am62x-gp-evm.bin
* tispl.bin_unsigned
* u-boot.img_unsigned
It is to be noted that the bootflow followed by AM62 requires:
tiboot3.bin:
* R5 SPL
* R5 SPL dtbs
* TIFS
* board-cfg
* pm-cfg
* sec-cfg
* rm-cfg
tispl.bin:
* DM
* ATF
* OPTEE
* A72 SPL
* A72 SPL dtbs
u-boot.img:
* A72 U-Boot
* A72 U-Boot dtbs
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[afd@ti.com: changed output binary names appropriately]
Signed-off-by: Andrew Davis <afd@ti.com>
Added YAML configs for AM62ax Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Support added for HS-SE, HS-FS and GP boot binaries for AM62ax.
HS-SE:
* tiboot3-am62ax-hs-evm.bin
* tispl.bin
* u-boot.img
HS-FS:
* tiboot3-am62ax-hs-fs-evm.bin
* tispl.bin
* u-boot.img
GP:
* tiboot3.bin --> tiboot3-am62ax-gp-evm.bin
* tispl.bin_unsigned
* u-boot.img_unsigned
It is to be noted that the bootflow followed by AM62ax requires:
tiboot3.bin:
* R5 SPL
* R5 SPL dtbs
* TIFS
* board-cfg
* pm-cfg
* sec-cfg
* rm-cfg
tispl.bin:
* DM
* ATF
* OPTEE
* A72 SPL
* A72 SPL dtbs
u-boot.img:
* A72 U-Boot
* A72 U-Boot dtbs
Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[afd@ti.com: changed output binary names appropriately]
Signed-off-by: Andrew Davis <afd@ti.com>
Move to using binman to generate tispl.bin which is used to generate the final flash.bin bootloader for iot2050 boards. Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Cc: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Since binman is used to package bootloader images for all K3 devices, we do not have to rely on the earlier methods to package them. Scripts that were used to generate x509 certificate for tiboot3.bin and generate tispl.bin, u-boot.img have been removed. Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Earlier documentation specified builds for generating bootloader images using an external TI repository k3-image-gen and core-secdev-k3. Modify this to using the binman flow so that user understands how to build the final boot images. Signed-off-by: Neha Malcom Francis <n-francis@ti.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Without this re-building will fail with an error when trying to create the symlink for the second time with an already exists error. Signed-off-by: Andrew Davis <afd@ti.com> [n-francis@ti.com: Added support for test output dir and testcase] Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
At this point, buildman requires a few different modules and so we need a requirements.txt to track what modules are needed. Cc: Simon Glass <sjg@chromium.org> Cc: Neha Malcom Francis <n-francis@ti.com> Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Now that buildman has a requirements.txt file we need to make use of it. Signed-off-by: Tom Rini <trini@konsulko.com> Reviewed-by: Simon Glass <sjg@chromium.org> [n-francis@ti.com: Adding missing command from .azure-pipelines.yml] Signed-off-by: Neha Malcom Francis <n-francis@ti.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To trigger a CI loop on Azure prior to posting of patches.