From patchwork Mon May 19 03:17:31 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jamin Lin <jamin_lin@aspeedtech.com>
X-Patchwork-Id: 63190
Return-Path: <jamin_lin@aspeedtech.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 936F1C3ABD8
	for <webhook@archiver.kernel.org>; Mon, 19 May 2025 03:17:40 +0000 (UTC)
Received: from TWMBX01.aspeed.com (TWMBX01.aspeed.com [211.20.114.72])
 by mx.groups.io with SMTP id smtpd.web10.43039.1747624655804508484
 for <openembedded-core@lists.openembedded.org>;
 Sun, 18 May 2025 20:17:37 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: aspeedtech.com, ip: 211.20.114.72,
 mailfrom: jamin_lin@aspeedtech.com)
Received: from TWMBX01.aspeed.com (192.168.0.62) by TWMBX01.aspeed.com
 (192.168.0.62) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1748.10; Mon, 19 May
 2025 11:17:32 +0800
Received: from mail.aspeedtech.com (192.168.10.10) by TWMBX01.aspeed.com
 (192.168.0.62) with Microsoft SMTP Server id 15.2.1748.10 via Frontend
 Transport; Mon, 19 May 2025 11:17:32 +0800
From: Jamin Lin <jamin_lin@aspeedtech.com>
To: <openembedded-core@lists.openembedded.org>
CC: <troy_lee@aspeedtech.com>, <jamin_lin@aspeedtech.com>,
	<vince_chang@aspeedtech.com>
Subject: [PATCH v1 1/2] uboot-sign: Fix unintended "-e" written into ITS
Date: Mon, 19 May 2025 11:17:31 +0800
Message-ID: <20250519031732.1338100-2-jamin_lin@aspeedtech.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250519031732.1338100-1-jamin_lin@aspeedtech.com>
References: <20250519031732.1338100-1-jamin_lin@aspeedtech.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Mon, 19 May 2025 03:17:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/216809

An unintended "-e" string may be written into the generated ITS file when users
set the UBOOT_FIT_USER_SETTINGS variable to include custom binaries in the U-Boot
image.

This issue is caused by the use of 'echo -e', which behaves inconsistently across
different shells. While bash interprets '-e' as enabling escape sequences
(e.g., \n, \t), dash—the default /bin/sh on many systems—does not recognize
'-e' and treats it as a literal string. As a result, "-e" can be mistakenly
injected into the ITS file under certain build environments.

To ensure consistent and shell-agnostic behavior, replace 'echo -e' with
'printf', which is well-defined by POSIX and behaves reliably across all common
shells.

This change improves portability and prevents malformed ITS files caused by unintended
string injection.

Fixes: c12e013 ("uboot-sign: support to add users specific image tree source")
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
---
 meta/classes-recipe/uboot-sign.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
index e0771b5429..dcf94b7179 100644
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -425,7 +425,7 @@ EOF
 	fi
 
 	if [ -n "${UBOOT_FIT_USER_SETTINGS}" ] ; then
-		echo -e "${UBOOT_FIT_USER_SETTINGS}" >> ${UBOOT_ITS}
+		printf "%b" "${UBOOT_FIT_USER_SETTINGS}" >> ${UBOOT_ITS}
 	fi
 
 	if [ -n "${UBOOT_FIT_CONF_USER_LOADABLES}" ] ; then

From patchwork Mon May 19 03:17:32 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jamin Lin <jamin_lin@aspeedtech.com>
X-Patchwork-Id: 63189
Return-Path: <jamin_lin@aspeedtech.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 81EDBC3ABC9
	for <webhook@archiver.kernel.org>; Mon, 19 May 2025 03:17:40 +0000 (UTC)
Received: from TWMBX01.aspeed.com (TWMBX01.aspeed.com [211.20.114.72])
 by mx.groups.io with SMTP id smtpd.web10.43039.1747624655804508484
 for <openembedded-core@lists.openembedded.org>;
 Sun, 18 May 2025 20:17:37 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=pass (domain: aspeedtech.com, ip: 211.20.114.72,
 mailfrom: jamin_lin@aspeedtech.com)
Received: from TWMBX01.aspeed.com (192.168.0.62) by TWMBX01.aspeed.com
 (192.168.0.62) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1748.10; Mon, 19 May
 2025 11:17:32 +0800
Received: from mail.aspeedtech.com (192.168.10.10) by TWMBX01.aspeed.com
 (192.168.0.62) with Microsoft SMTP Server id 15.2.1748.10 via Frontend
 Transport; Mon, 19 May 2025 11:17:32 +0800
From: Jamin Lin <jamin_lin@aspeedtech.com>
To: <openembedded-core@lists.openembedded.org>
CC: <troy_lee@aspeedtech.com>, <jamin_lin@aspeedtech.com>,
	<vince_chang@aspeedtech.com>
Subject: [PATCH v1 2/2] uboot-sign: Add support for setting firmware property
 in FIT configuration
Date: Mon, 19 May 2025 11:17:32 +0800
Message-ID: <20250519031732.1338100-3-jamin_lin@aspeedtech.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250519031732.1338100-1-jamin_lin@aspeedtech.com>
References: <20250519031732.1338100-1-jamin_lin@aspeedtech.com>
MIME-Version: 1.0
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Mon, 19 May 2025 03:17:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/216810

Add the ability to set the "firmware" property in the FIT configuration node
by introducing the UBOOT_FIT_CONF_FIRMWARE variable.

This property defines the primary image to be executed during boot. If it is
set, its value will be written into the FIT configuration under the "firmware"
field. If not set, the bootloader will fall back to using the first entry in
the "loadables" list.

Using this property improves control over the boot sequence, especially in
multi-binary boot scenarios.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
---
 meta/classes-recipe/uboot-sign.bbclass | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
index dcf94b7179..92bd620f8e 100644
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -101,6 +101,10 @@ UBOOT_FIT_TEE_IMAGE ?= "tee-raw.bin"
 # User specific settings
 UBOOT_FIT_USER_SETTINGS ?= ""
 
+# Sets the firmware property to select the image to boot first.
+# If not set, the first entry in "loadables" is used instead.
+UBOOT_FIT_CONF_FIRMWARE ?= ""
+
 # Unit name containing a list of users additional binaries to be loaded.
 # It is a comma-separated list of strings.
 UBOOT_FIT_CONF_USER_LOADABLES ?= ''
@@ -439,6 +443,13 @@ EOF
         default = "conf";
         conf {
             description = "Boot with signed U-Boot FIT";
+EOF
+	if [ -n "${UBOOT_FIT_CONF_FIRMWARE}" ] ; then
+		cat << EOF >> ${UBOOT_ITS}
+            firmware = "${UBOOT_FIT_CONF_FIRMWARE}";
+EOF
+	fi
+	cat << EOF >> ${UBOOT_ITS}
             loadables = ${conf_loadables};
             fdt = "fdt";
         };