From patchwork Fri Apr 8 20:08:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Anderson X-Patchwork-Id: 1615064 X-Patchwork-Delegate: xypron.glpk@gmx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=seco.com header.i=@seco.com header.a=rsa-sha256 header.s=selector1 header.b=nj/prjoH; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4KZq8P0hsMz9sFy for ; Sat, 9 Apr 2022 06:09:09 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6549583934; Fri, 8 Apr 2022 22:08:58 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=reject dis=none) header.from=seco.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=seco.com header.i=@seco.com header.b="nj/prjoH"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E41DC83919; Fri, 8 Apr 2022 22:08:56 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2062a.outbound.protection.outlook.com [IPv6:2a01:111:f400:7d00::62a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 1B9CC83994 for ; Fri, 8 Apr 2022 22:08:53 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=reject dis=none) header.from=seco.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=sean.anderson@seco.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lG+h1FgwBeCR1oisIl6TfdPd6tTa+Nkc/93Jg4KLdmteqrNC19gMZOPFCi3zdqBky7ysoF1wAOMRtssTjFgpjy+5CjJQ4vImaWSF4Uz3+aA1kVlvhabeHiU/zUQoY0V6qNccfavu4tHT58akTCY5LTsg2y0ZzbwAIyCb2rFNnHRQ/NT00FELfU4afwEYUP226uQXgx5iWX04smQYvSoy7A0EzdJfWuxwHAJYmElfqwalHrDOk6LGR4QI4GuvxRMXmxRkoPN5vt7zUpZ1rcwmvFaDi3eS2PQ6XJoN9t9sn369Sf94FVxRu++XV/+gCKn/G0hcGXFqH2QRvCA9hyuaMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eSCg/B3i1rEoe5fXxms57O/08iYcrj9yFnKooXTlka8=; b=jWqExdaTriPK7MEz1x33u7f+iqUlHnfD0XtBB8bUs4GHM/M6mWfFQJJb+f/SLE1jEW+RM8HEBH0vBfd40GPxoUODKNtzF7u8VvH0M3Zsf2i5q01HXUFIQtRlt/e7TRBDR17Mrr/6MPSWyR5kWADY6WLTB5g3oB1VljIsdPJ/ThgTUf6X5CX4K0joGmrt5HedD2KBf5c74FheRdm1pJHBM+T0/a6CRGTq5SIQX3GpLgIL6SxopvI/vLm2HOQpTHPfQ++J8OGzpUvqJa971WAf5KmKQu7uB6celtw7tpZUtPFPki26FNyyZ5GaHDaH9ZQfuXiBXfltRyQjqUQsG98pcw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=seco.com; dmarc=pass action=none header.from=seco.com; dkim=pass header.d=seco.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eSCg/B3i1rEoe5fXxms57O/08iYcrj9yFnKooXTlka8=; b=nj/prjoHjLKkxidBgim2B5LuCwTDBSzldjGH/OkFPLBivvZfMX+eal/njdYd/O00ldrC+tLgxZVFbuc6KnuNcO+16STcugHh5FBq46SWJNqb474j07jo3Eme58Ki4z2WUKwHSC+8MRTS5HziQQAkTjuclqWESF32L6+PR6cf497cuPTBs3qF8R8zVL4NC9Rze/nobgceFmt3PzGmD5Ers5x7L9QNp1g6aiXF7QwuuhqQkJF3glBozw6/ZcMFFDhwXDtPtRUGYERRObdA3ekrM3zhMv8UIevSu3ZvhaKsIg4oRaVDWeUVj/V7x9ZXvEgt3E6iR/yuqxUpfaC2zARRMQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=seco.com; Received: from DB7PR03MB4972.eurprd03.prod.outlook.com (2603:10a6:10:7d::22) by AS4PR03MB8577.eurprd03.prod.outlook.com (2603:10a6:20b:584::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.31; Fri, 8 Apr 2022 20:08:50 +0000 Received: from DB7PR03MB4972.eurprd03.prod.outlook.com ([fe80::fd2d:a04b:de07:33f8]) by DB7PR03MB4972.eurprd03.prod.outlook.com ([fe80::fd2d:a04b:de07:33f8%6]) with mapi id 15.20.5144.023; Fri, 8 Apr 2022 20:08:50 +0000 From: Sean Anderson To: Simon Glass , u-boot@lists.denx.de Cc: Heinrich Schuchardt , Sean Anderson Subject: [PATCH 1/2] mkimage: Document misc options Date: Fri, 8 Apr 2022 16:08:39 -0400 Message-Id: <20220408200841.2281918-1-sean.anderson@seco.com> X-Mailer: git-send-email 2.35.1.1320.gc452695387.dirty X-ClientProxiedBy: MN2PR19CA0027.namprd19.prod.outlook.com (2603:10b6:208:178::40) To DB7PR03MB4972.eurprd03.prod.outlook.com (2603:10a6:10:7d::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 538e0436-a77b-4ea9-bfd7-08da199b9900 X-MS-TrafficTypeDiagnostic: AS4PR03MB8577:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: WvzxpgY7cF+zbHPO0ub/2IxbbzAEI/+z7WwwmFXXouTW1f54osYNYrcn3iUFCdfkQ3ZVeYuIfSxbzzfFMkMRUHXJ0K2Ip/dPqYblsWAdAPbRSZXZbDYap9+54IjH0Lbqdi71jsv5lkw6RBM4+JJxmMwU5B28iAoqo7RjVHvfp0/WJNZwJDAxSlcNCWPuh5rAVPX++AwzAYYo4fPGJa4NNOHsvOwXDLiLcZTgb/DMoXoGP6ThlA6tVGLRetTujaOc93/xETfG7zV9UAYlglXBchc2sqtXJ+D13tPeyRtGKOp4J0SJtS/ibWUzJKLgdgAfADtJZKMU1HX80R4pRnQ1YvVZTJ82aO4+77OWZwfbJbKSw/+9C0NiKeHgGFMr1Yfh1Fl9sjRaQgSvCUB+n+MWcjCNC88PBTtQDjEH3AerjTPz+7e8osQd/B3OU8kbhm3xEXCJnXqnF/+gNdYlXh47EANP72BLfY7fzdzPqufS7QHkyR/b3nl9ZpHnaSkd2K0fy5fWHW/DoFXAbKNVEqmBWuyXE1bwy7iOt5Y1KRVbqVSLekJ7dA1+r0G9hd0dJblPgkzTXAiKHbkpmFutVeY7NEeupLIWtlvu6KwRIuWCuyADK6QQhteyVPTHZTUiR8nr+FG8DtmzKvUYGfLNb7NAXMrinkGW814Uqx2QhdVAwpzAA/H/h+rFcI6JKn/j6ygp8RQdauZn4YynOSUcbTc5+g== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR03MB4972.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(38350700002)(8936002)(52116002)(5660300002)(6512007)(66556008)(6486002)(2906002)(6506007)(186003)(508600001)(44832011)(83380400001)(36756003)(38100700002)(4326008)(1076003)(107886003)(66476007)(2616005)(54906003)(316002)(26005)(86362001)(8676002)(6666004)(66946007); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 9jSc000Xg/4K081pFFSeMgKjx+4EfN6oKzFRYqpmXMeSkqEErnXpLFgpoFNyk+ECES+ThTnQknRCKcu1nGpIRer5O7FGUnFLk/woUe4H4880dec13l0bDWUZbXKTGSK/DebcCEccKMV0KPN4SE0vmvPdcEbUsB9C5QnmNkEOiOqGOIGYP4ikKVGbcHZJXR1tt/qG4zJiZ4ckZRstJLEi0TSGOar9MIWeth+96u8yNZk1hkLzmqeRLdLjcBH9waqDPgHN03Tnq0zXDUpx8JbVZIBai5SLEaE9ZZfivt6lgZmLIF1Qse1dY96hwImYUCfOwujWDMs8v/V9WvFAoszzTa5FUd+QMsnlQsBj3wPtAjHEL67JA6hzfjGzIMNjiXib3mDPLOo5Vl84tudbv0Yx3745mdm0u+1QBxl/pD4dQ1rpFN49jv4MhX1l3LVEb3lnH4fsBlYYA7iVRxPXOPbqS25dpne1aC7NzMvAhg70q/rVcHPQLZqBrhuKfDUQClcXb0k9zmWCE0BWDhw8GD9FydDwoAULVdr393n0Q1MkJon1TR0nFrCSbFiHTZlXTrXuEp0HnSUPhdsOehNQ04fnUUqGYHGodMRefvil74G0PunYpXBujr5SuvQEVFcV6WVlgbHi0eS8kQhNKkmaakSP476cA2MVdxCwVo76DCXNF9ehgCstKFNUhmYleEIDQ9blFkmEctamAkt9VSV+6CuSM/NeXI+xya/UZ25pzC6Mo07OjBv5psk1OGWqp/8bPEwokaqykoUXnEZwEiUhX8h4Nm442yvsUxf7k576fxIqbqwdteopXJyZvn0ezlBpyEUJ3vAhO43uQm0hB6muC6zbgIu0dkiU1xxskCJewe6UBaOD90oCnEmIHud6az+SCyGdZabJpTVp3qJ/ALaADYPQBqIrbQIDYhqGnixgAK2trSKefqUtAFf7/pK4vsTNX77k0Gxln2su0BVF3Djrqa295gDCGC5ISk2K14AOf00wxMA+YPJf3QGLgdD2HHxoSdc1RO5r2paZ/MyJGW1QU/y04QZ1dezKK2K3xQRmiZ42/6ptlj0Ls5EeiFGtAXzhDwwxZJw7S6rQswBukITVKBy7Fy/ME9pl4mOzwcw0BIpypYBPlKOBlgAxc6VTjz12/vc5Y2w93kbmGAci7uK/k/Fa4liasqCHlZH1yfbAmXO1fLwmGuiXV48WXoLyxIeFepC9mfB7iSF7ijAgJ0PSHjdDX8ysIec+yL+NLOZt+4kl6Wa3RCy7zGOx+nC2QZPzdFFO6kCV+5FEvYvI/oFp4wygeQyeI4jbh+7zDXwH2O5+OIfrW5XrHJm7566aZ3NCjwcEAkkjxS/+1WV+OllP6Z2hU386ghVWLTEUyJ3qiRDVYZlCT+Zate1EPOnmLJ5qwXfN8qKu5ekWy1XN9iFT8rFULDM9mgEJW2plQthvLd6Q24srbUIBGGXvF2gR0g3IdzV65DuHTWahyHqWv1dZ1KV7REVaqnJyFo+kd8i6yi9zCu9IgtcUZC7NNwCSW1m4NiAgvkmWEJgGHDvO2ywRtiu5AXOhq++tFf5OV2+tkyRUubAPq6s4Hb84CqVRG3FsnlcDxKtFlZNoT5GWj50GSO5RkyWvSddtMJ7T4VNVHlkGIWhMTc/cn6gMsbQLVh4evKHOi1KaMg5IIJHD4GzO4V8b+DHTh7oreODar3wJZzRUocsnkmt/ZqxugbbjLVIE6aWH7OZm9OsDpJHhAQU2HPNCSurKYKyFV6RPqBlCZZshx+w= X-OriginatorOrg: seco.com X-MS-Exchange-CrossTenant-Network-Message-Id: 538e0436-a77b-4ea9-bfd7-08da199b9900 X-MS-Exchange-CrossTenant-AuthSource: DB7PR03MB4972.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Apr 2022 20:08:50.5184 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bebe97c3-6438-442e-ade3-ff17aa50e733 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: eCwS7nUZ0+/QJ9OXfgvu4kOO4o2Edt4/+agS4pyVVr+P2v346UfJQGClsU4b1+5f/wgBwkO5pK3FlqZjJUiVyA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR03MB8577 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean Over the years, several options have not made it into the help message. Document them. Do the same for the man page. Signed-off-by: Sean Anderson --- doc/mkimage.1 | 36 +++++++++++++++++++++++++++++++++++- tools/mkimage.c | 15 +++++++++++---- 2 files changed, 46 insertions(+), 5 deletions(-) diff --git a/doc/mkimage.1 b/doc/mkimage.1 index 287006279f..c92e133732 100644 --- a/doc/mkimage.1 +++ b/doc/mkimage.1 @@ -53,6 +53,10 @@ Parse image file as type. Pass \-h as the image to see the list of supported image type. Without this option image type is autodetected. +.TP +.BI "\-q" +Quiet. Don't print the image header on successful verification. + .P .B Create old legacy image: @@ -91,6 +95,11 @@ List the contents of an image. .BI "\-n [" "image name" "]" Set image name to 'image name'. +.TP +.BI "\-R [" "secondary image name" "]" +Some image types support a second image for additional data. For these types, +use \-R to specify this second image. + .TP .BI "\-d [" "image data file" "]" Use image data from 'image data file'. @@ -99,6 +108,15 @@ Use image data from 'image data file'. .BI "\-x" Set XIP (execute in place) flag. +.TP +.BI "\-s" +Create an image with no data. The header will be created, but the image itself +will not contain data (such as U-Boot or any specified kernel). + +.TP +.BI "\-v" +Verbose. Print file names as they are added to the image. + .P .B Create FIT image: @@ -126,6 +144,11 @@ in each image will be replaced with 'data-offset' and 'data-size' properties. A 'data-offset' of 0 indicates that it starts in the first (4-byte aligned) byte after the FIT. +.TP +.BI "\-B [" "alignment" "]" +The alignment, in hexadecimal, that external data will be aligned to. This +option only has an effect when \-E is specified. + .TP .BI "\-f [" "image tree source file" " | " "auto" "]" Image tree source file that describes the structure and contents of the @@ -161,6 +184,11 @@ the corresponding public key is written into this file for for run-time verification. Typically the file here is the device tree binary used by CONFIG_OF_CONTROL in U-Boot. +.TP +.BI "\-G [" "key_file" "]" +Specifies the private key file to use when signing. This option may be used +instead of \-k. + .TP .BI "\-o [" "signing algorithm" "]" Specifies the algorithm to be used for signing a FIT image. The default is @@ -173,11 +201,17 @@ a 'data-offset' property defining the offset from the end of the FIT, \-p will use 'data-position' as the absolute position from the base of the FIT. .TP -.BI "\-r +.BI "\-r" Specifies that keys used to sign the FIT are required. This means that they must be verified for the image to boot. Without this option, the verification will be optional (useful for testing but not for release). +.TP +.BI "\-N [" "engine" "]" +The openssl engine to use when signing and verifying the image. For a complete list of +available engines, refer to +.BR engine (1). + .TP .BI "\-t Update the timestamp in the FIT. diff --git a/tools/mkimage.c b/tools/mkimage.c index 74bd072832..c12d5932fc 100644 --- a/tools/mkimage.c +++ b/tools/mkimage.c @@ -84,7 +84,8 @@ static void usage(const char *msg) fprintf(stderr, "Error: %s\n", msg); fprintf(stderr, "Usage: %s [-T type] -l image\n" " -l ==> list image header information\n" - " -T ==> parse image file as 'type'\n", + " -T ==> parse image file as 'type'\n" + " -q ==> quiet\n", params.cmdname); fprintf(stderr, " %s [-x] -A arch -O os -T type -C comp -a addr -e ep -n name -d data_file[:data_file...] image\n" @@ -95,8 +96,11 @@ static void usage(const char *msg) " -a ==> set load address to 'addr' (hex)\n" " -e ==> set entry point to 'ep' (hex)\n" " -n ==> set image name to 'name'\n" + " -R ==> set second image name to 'name'\n" " -d ==> use image data from 'datafile'\n" - " -x ==> set XIP (execute in place)\n", + " -x ==> set XIP (execute in place)\n" + " -s ==> create an image with no data\n" + " -v ==> verbose\n", params.cmdname); fprintf(stderr, " %s [-D dtc_options] [-f fit-image.its|-f auto|-F] [-b [-b ]] [-E] [-B size] [-i ] fit-image\n" @@ -107,7 +111,9 @@ static void usage(const char *msg) " -f => input filename for FIT source\n" " -i => input filename for ramdisk file\n" " -E => place data outside of the FIT structure\n" - " -B => align size in hex for FIT structure and header\n"); + " -B => align size in hex for FIT structure and header\n" + " -b => append the device tree binary to the FIT\n" + " -t => update the timestamp in the FIT\n"); #ifdef CONFIG_FIT_SIGNATURE fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c ] [-p addr] [-r] [-N engine]\n" @@ -118,7 +124,8 @@ static void usage(const char *msg) " -F => re-sign existing FIT image\n" " -p => place external data at a static position\n" " -r => mark keys used as 'required' in dtb\n" - " -N => openssl engine to use for signing\n"); + " -N => openssl engine to use for signing\n" + " -o => algorithm to use for signing\n"); #else fprintf(stderr, "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n");