u-boot-toradex.git, branch master U-Boot bootloader for Apalis and Colibri modules Merge patch series "binman: Fix preload signing with encrypted FIT" 2026-05-05T16:37:16+00:00 Tom Rini trini@konsulko.com 2026-05-05T16:37:16+00:00 ae8987f4e690f397f507c4b1efabd68b3ed08db6 Yan WANG <yan.wang@softathome.com> says: This series improves the reliability and efficiency of binman preload header generation and test it against an encrypted FIT image signed with a preload header. When a preload header references other entries (e.g. an encrypted FIT) through the collection etype, the referenced entries may be rebuilt multiple times during binman processing. This becomes problematic when the referenced entry produces non-deterministic output, such as FIT encryption using random IVs or timestamps, since rebuilding the entry changes the data. This series ensures that referenced entries are built only once and that preload signing is performed after all data is collected. It also avoids unnecessary repacking or repeated signing operations by the preload. The changes include: * generate preload header placeholders in ObtainContents() and sign data only once in ProcessContentsUpdate() * mark referenced entries as build_done in the collection etype to avoid rebuilding data * add a functional test for signing an encrypted FIT with a preload header Link: https://lore.kernel.org/r/20260417083050.499955-1-yan.wang@softathome.com 
Yan WANG <yan.wang@softathome.com> says:

This series improves the reliability and efficiency of binman preload
header generation and test it against an encrypted FIT image signed with
a preload header.

When a preload header references other entries (e.g. an encrypted FIT)
through the collection etype, the referenced entries may be rebuilt
multiple times during binman processing. This becomes problematic when
the referenced entry produces non-deterministic output, such as FIT
encryption using random IVs or timestamps, since rebuilding the entry
changes the data.

This series ensures that referenced entries are built only once and that
preload signing is performed after all data is collected. It also avoids
unnecessary repacking or repeated signing operations by the preload.

The changes include:
  * generate preload header placeholders in ObtainContents() and sign
    data only once in ProcessContentsUpdate()
  * mark referenced entries as build_done in the collection etype to
    avoid rebuilding data
  * add a functional test for signing an encrypted FIT with a preload
    header

Link: https://lore.kernel.org/r/20260417083050.499955-1-yan.wang@softathome.com
tools: binman: Test signing an encrypted FIT with a preload header 2026-05-05T16:37:09+00:00 Paul HENRYS paul.henrys_ext@softathome.com 2026-04-17T08:30:50+00:00 b20d69e5f57bee299380bb30112856e51d8f26b0 Add a test to verify the preload header correctly signs an encrypted FIT. This test exercises the case where encryption uses random IVs that would change between mkimage calls. Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Add a test to verify the preload header correctly signs an encrypted
FIT. This test exercises the case where encryption uses random IVs that
would change between mkimage calls.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
binman: collection: Set build_done on referenced entries 2026-05-05T16:37:09+00:00 yan wang yan.wang@softathome.com 2026-04-17T08:30:49+00:00 9ff82a771c44a8cf38bd52b556f685ddbc6f1a55 The collection etype uses phandles in the 'content' property to reference other entries. Mark each referenced entry with build_done to avoid rebuilding the same entry data multiple times. This is important for cases where rebuilding may change the data content, e.g. due to timestamps or random IVs in encryption. Refactor GetContentsByPhandle() to return both the entry object and its data. Signed-off-by: yan wang <yan.wang@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
The collection etype uses phandles in the 'content' property to
reference other entries. Mark each referenced entry with build_done
to avoid rebuilding the same entry data multiple times.

This is important for cases where rebuilding may change the data
content, e.g. due to timestamps or random IVs in encryption.

Refactor GetContentsByPhandle() to return both the entry object and
its data.

Signed-off-by: yan wang <yan.wang@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
binman: Generate preload header and sign data only once 2026-05-05T16:37:09+00:00 Paul HENRYS paul.henrys_ext@softathome.com 2026-04-17T08:30:48+00:00 5006121b44a2d147e7e426c74537b3566407e853 To optimize preload generation, generate the header and signatures only after all data has been collected in ProcessContentsUpdate(). This avoids signing the data multiple times. Since header_size is known upfront (from __init__), create a placeholder in `ObtainContents()` to avoid an extra packing pass when ProcessContentsUpdate() detects a size change. This reduces unnecessary repacking and signing operations. Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
To optimize preload generation, generate the header and signatures only
after all data has been collected in ProcessContentsUpdate(). This
avoids signing the data multiple times.

Since header_size is known upfront (from __init__), create a placeholder
in `ObtainContents()` to avoid an extra packing pass when
ProcessContentsUpdate() detects a size change.

This reduces unnecessary repacking and signing operations.

Signed-off-by: Paul HENRYS <paul.henrys_ext@softathome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
configs: phycore_am62x_r5_ethboot: Drop duplicate CONFIG entries 2026-05-05T16:36:42+00:00 Aristo Chen aristo.chen@canonical.com 2026-04-21T07:44:40+00:00 e6112ab2d7261dc606f2d25599904f9d20b237ac CONFIG_SPL_MMC=n and CONFIG_SPL_DM_SPI=n are each listed twice in the defconfig. Remove the redundant occurrences so each option appears only once. Signed-off-by: Aristo Chen <aristo.chen@canonical.com> 
CONFIG_SPL_MMC=n and CONFIG_SPL_DM_SPI=n are each listed twice in the
defconfig. Remove the redundant occurrences so each option appears only
once.

Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
configs: phycore_am62ax_r5_ethboot: Drop duplicate CONFIG_SPL_MMC 2026-05-05T16:36:42+00:00 Aristo Chen aristo.chen@canonical.com 2026-04-21T07:44:39+00:00 f7f2864e19fd207f743bee104976e51cd3c3b1bc CONFIG_SPL_MMC=n is listed twice in the defconfig. Remove the redundant occurrence so each option appears only once. Signed-off-by: Aristo Chen <aristo.chen@canonical.com> 
CONFIG_SPL_MMC=n is listed twice in the defconfig. Remove the redundant
occurrence so each option appears only once.

Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
configs: r8a78000_ironhide: Drop duplicate CONFIG_SCMI_FIRMWARE 2026-05-05T16:36:42+00:00 Aristo Chen aristo.chen@canonical.com 2026-04-21T07:44:38+00:00 7c3945a231700e80612bed5bc42fcc8cf545aa57 CONFIG_SCMI_FIRMWARE=y is listed twice in the defconfig. Remove the redundant occurrence so each option appears only once. Signed-off-by: Aristo Chen <aristo.chen@canonical.com> 
CONFIG_SCMI_FIRMWARE=y is listed twice in the defconfig. Remove the
redundant occurrence so each option appears only once.

Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Merge patch series "configs: toradex: Enable EFI" 2026-05-05T16:36:08+00:00 Tom Rini trini@konsulko.com 2026-05-05T16:36:08+00:00 d5f178c9a0d162d7f47ed3c69f263966333a2b2b Francesco Dolcini <francesco.dolcini@toradex.com> says: Enable standard EFI support for all the arm64 Toradex boards, as required for booting standard aarch64 Linux distribution, following the ARM recommendations for SystemReady compliance. The RTC used on these boards is not currently supported by U-Boot, therefore it is not enabled at the moment. Link: https://developer.arm.com/documentation/DUI1101/4-5/Configure-U-Boot-for-SystemReady Link: https://lore.kernel.org/r/20260424104213.303752-1-francesco@dolcini.it 
Francesco Dolcini <francesco.dolcini@toradex.com> says:

Enable standard EFI support for all the arm64 Toradex boards, as
required for booting standard aarch64 Linux distribution, following the
ARM recommendations for SystemReady compliance.

The RTC used on these boards is not currently supported by U-Boot,
therefore it is not enabled at the moment.

Link: https://developer.arm.com/documentation/DUI1101/4-5/Configure-U-Boot-for-SystemReady
Link: https://lore.kernel.org/r/20260424104213.303752-1-francesco@dolcini.it
configs: verdin-imx95: Enable EFI related options 2026-05-05T16:35:36+00:00 Francesco Dolcini francesco.dolcini@toradex.com 2026-04-24T10:42:12+00:00 a97668cd8bb8394609765ab209da000f410a563d Enable EFI related options, as suggested for booting standard aarch64 Linux distribution, following the ARM recommendations for SystemReady compliance [1]. The RTC used on this board is not currently supported by U-Boot, therefore it is not enabled at the moment. Link: https://developer.arm.com/documentation/DUI1101/4-5/Configure-U-Boot-for-SystemReady [1] Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com> 
Enable EFI related options, as suggested for booting standard aarch64
Linux distribution, following the ARM recommendations for SystemReady
compliance [1].

The RTC used on this board is not currently supported by U-Boot,
therefore it is not enabled at the moment.

Link: https://developer.arm.com/documentation/DUI1101/4-5/Configure-U-Boot-for-SystemReady [1]
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>
configs: verdin-imx8mp: Enable EFI related options 2026-05-05T16:35:36+00:00 Francesco Dolcini francesco.dolcini@toradex.com 2026-04-24T10:42:11+00:00 d52f67197bb9e0fcda30f9309c9c873e21f7c643 Enable EFI related options, as suggested for booting standard aarch64 Linux distribution, following the ARM recommendations for SystemReady compliance [1]. The RTC used on this board is not currently supported by U-Boot, therefore it is not enabled at the moment. Link: https://developer.arm.com/documentation/DUI1101/4-5/Configure-U-Boot-for-SystemReady [1] Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com> 
Enable EFI related options, as suggested for booting standard aarch64
Linux distribution, following the ARM recommendations for SystemReady
compliance [1].

The RTC used on this board is not currently supported by U-Boot,
therefore it is not enabled at the moment.

Link: https://developer.arm.com/documentation/DUI1101/4-5/Configure-U-Boot-for-SystemReady [1]
Signed-off-by: Francesco Dolcini <francesco.dolcini@toradex.com>