Allow for single (external-data) FIT image to hold kernel, dtb and
squashfs. In that way, the bootloader verifies the system integrity
including the rootfs, because what's the point of checking that the
hash of the kernel is correct if it won't boot in case of squashfs
being corrupted? Better allow bootloader to check everything needed
to make it at least up to failsafe mode. As a positive side effect
this change also makes the sysupgrade process on nand potentially
much easier as it is now.
In short: mkimage has a parameter '-E' which allows generating FIT
images with 'external' data rather than embedding the data into the
device-tree blob itself. In this way, the FIT structure itself remains
small and can be parsed easily (rather than having to page around
megabytes of image content). This patch makes use of that and adds
support for adding sub-images of type 'filesystem' which are used to
store the squashfs. Now U-Boot can verify the whole OS and the new
partition parsers added in the Linux kernel can detect the filesystem
sub-images, create partitions for them, and select the active rootfs
volume based on the configuration in FIT (passing configuration via
device tree could be implemented easily at a later stage).
This new FIT partition parser works for NOR flash (on top of mtdblock),
NAND flash (on top of ubiblock) as well as classic block devices
(ie. eMMC, SDcard, SATA, NVME, ...).
It could even be used to mount such FIT images via `losetup -P` on a
user PC if this patch gets included in Linux upstream one day ;)
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add symbol to generic config (this was added between 5.4 and 5.10),
and remove it from the targets where it was added by kernel_oldconfig
in the meantime.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This will make the specific kconfig smaller.
Reviewed-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Tested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[improved commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Broadcom CFE bootloader relies on a tag for identifying the current firmware,
such as version, image start address, kernel address and size, rootfs size,
board id, signatures, etc.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This was done by executing this script:
find . -name "config-*" > ../configs.txt
for config in $(cat ../configs.txt); do
./scripts/kconfig.pl '+' $config /dev/null > $config-new
mv $config-new $config
done
rm ../configs.txt
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
