[PATCH v1 0/2] Add support for setting firmware property in FIT configuration

[PATCH v1 0/2] Add support for setting firmware property in FIT configuration

[Jamin Lin]

v1:
 1. Fix unintended "-e" written into ITS
 2. Add support for setting firmware property in FIT
    configuration

Jamin Lin (2):
  uboot-sign: Fix unintended "-e" written into ITS
  uboot-sign: Add support for setting firmware property in FIT
    configuration

 meta/classes-recipe/uboot-sign.bbclass | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

-- 
2.43.0

[PATCH v1 1/2] uboot-sign: Fix unintended "-e" written into ITS

[Jamin Lin]

An unintended "-e" string may be written into the generated ITS file when users
set the UBOOT_FIT_USER_SETTINGS variable to include custom binaries in the U-Boot
image.

This issue is caused by the use of 'echo -e', which behaves inconsistently across
different shells. While bash interprets '-e' as enabling escape sequences
(e.g., \n, \t), dash—the default /bin/sh on many systems—does not recognize
'-e' and treats it as a literal string. As a result, "-e" can be mistakenly
injected into the ITS file under certain build environments.

To ensure consistent and shell-agnostic behavior, replace 'echo -e' with
'printf', which is well-defined by POSIX and behaves reliably across all common
shells.

This change improves portability and prevents malformed ITS files caused by unintended
string injection.

Fixes: c12e013 ("uboot-sign: support to add users specific image tree source")
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
---
 meta/classes-recipe/uboot-sign.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
index e0771b5429..dcf94b7179 100644
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -425,7 +425,7 @@ EOF
 	fi
 
 	if [ -n "${UBOOT_FIT_USER_SETTINGS}" ] ; then
-		echo -e "${UBOOT_FIT_USER_SETTINGS}" >> ${UBOOT_ITS}
+		printf "%b" "${UBOOT_FIT_USER_SETTINGS}" >> ${UBOOT_ITS}
 	fi
 
 	if [ -n "${UBOOT_FIT_CONF_USER_LOADABLES}" ] ; then
-- 
2.43.0

[PATCH v1 2/2] uboot-sign: Add support for setting firmware property in FIT configuration

[Jamin Lin]

Add the ability to set the "firmware" property in the FIT configuration node
by introducing the UBOOT_FIT_CONF_FIRMWARE variable.

This property defines the primary image to be executed during boot. If it is
set, its value will be written into the FIT configuration under the "firmware"
field. If not set, the bootloader will fall back to using the first entry in
the "loadables" list.

Using this property improves control over the boot sequence, especially in
multi-binary boot scenarios.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
---
 meta/classes-recipe/uboot-sign.bbclass | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
index dcf94b7179..92bd620f8e 100644
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -101,6 +101,10 @@ UBOOT_FIT_TEE_IMAGE ?= "tee-raw.bin"
 # User specific settings
 UBOOT_FIT_USER_SETTINGS ?= ""
 
+# Sets the firmware property to select the image to boot first.
+# If not set, the first entry in "loadables" is used instead.
+UBOOT_FIT_CONF_FIRMWARE ?= ""
+
 # Unit name containing a list of users additional binaries to be loaded.
 # It is a comma-separated list of strings.
 UBOOT_FIT_CONF_USER_LOADABLES ?= ''
@@ -439,6 +443,13 @@ EOF
         default = "conf";
         conf {
             description = "Boot with signed U-Boot FIT";
+EOF
+	if [ -n "${UBOOT_FIT_CONF_FIRMWARE}" ] ; then
+		cat << EOF >> ${UBOOT_ITS}
+            firmware = "${UBOOT_FIT_CONF_FIRMWARE}";
+EOF
+	fi
+	cat << EOF >> ${UBOOT_ITS}
             loadables = ${conf_loadables};
             fdt = "fdt";
         };
-- 
2.43.0

Re: [OE-core] [PATCH v1 2/2] uboot-sign: Add support for setting firmware property in FIT configuration

[Quentin Schulz]

Hi Jamin,

On 5/19/25 5:17 AM, Jamin Lin via lists.openembedded.org wrote:
> Add the ability to set the "firmware" property in the FIT configuration node
> by introducing the UBOOT_FIT_CONF_FIRMWARE variable.
> 
> This property defines the primary image to be executed during boot. If it is
> set, its value will be written into the FIT configuration under the "firmware"
> field. If not set, the bootloader will fall back to using the first entry in
> the "loadables" list.
> 
> Using this property improves control over the boot sequence, especially in
> multi-binary boot scenarios.
> 
> Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
> ---
>   meta/classes-recipe/uboot-sign.bbclass | 11 +++++++++++
>   1 file changed, 11 insertions(+)
> 
> diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
> index dcf94b7179..92bd620f8e 100644
> --- a/meta/classes-recipe/uboot-sign.bbclass
> +++ b/meta/classes-recipe/uboot-sign.bbclass
> @@ -101,6 +101,10 @@ UBOOT_FIT_TEE_IMAGE ?= "tee-raw.bin"
>   # User specific settings
>   UBOOT_FIT_USER_SETTINGS ?= ""
>   
> +# Sets the firmware property to select the image to boot first.
> +# If not set, the first entry in "loadables" is used instead.
> +UBOOT_FIT_CONF_FIRMWARE ?= ""
> +
>   # Unit name containing a list of users additional binaries to be loaded.
>   # It is a comma-separated list of strings.
>   UBOOT_FIT_CONF_USER_LOADABLES ?= ''
> @@ -439,6 +443,13 @@ EOF
>           default = "conf";
>           conf {
>               description = "Boot with signed U-Boot FIT";
> +EOF
> +	if [ -n "${UBOOT_FIT_CONF_FIRMWARE}" ] ; then
> +		cat << EOF >> ${UBOOT_ITS}
> +            firmware = "${UBOOT_FIT_CONF_FIRMWARE}";
> +EOF
> +	fi
> +	cat << EOF >> ${UBOOT_ITS}

Maybe we should rather follow the same way loadables is set?

e.g.

         if [ -n "${UBOOT_FIT_CONF_FIRMWARE}" ] ; then
             firmware="firmware = \"${UBOOT_FIT_CONF_FIRMWARE}\";"
         fi

         cat << EOF >> ${UBOOT_ITS}
     };

     configurations {
         default = "conf";
         conf {
             description = "Boot with signed U-Boot FIT";
             loadables = ${conf_loadables};
             ${firmware}
             fdt = "fdt";
         };
     };
};
EOF

for example?

That should make the configurations node either to read in-code?

Please also consider sending a patch to the yocto-docs project for this 
new variable.

Cheers,
Quentin

RE: [OE-core] [PATCH v1 2/2] uboot-sign: Add support for setting firmware property in FIT configuration

[Jamin Lin]

Hi Quentin

> Subject: Re: [OE-core] [PATCH v1 2/2] uboot-sign: Add support for setting
> firmware property in FIT configuration
> 
> Hi Jamin,
> 
> On 5/19/25 5:17 AM, Jamin Lin via lists.openembedded.org wrote:
> > Add the ability to set the "firmware" property in the FIT
> > configuration node by introducing the UBOOT_FIT_CONF_FIRMWARE
> variable.
> >
> > This property defines the primary image to be executed during boot. If
> > it is set, its value will be written into the FIT configuration under the
> "firmware"
> > field. If not set, the bootloader will fall back to using the first
> > entry in the "loadables" list.
> >
> > Using this property improves control over the boot sequence,
> > especially in multi-binary boot scenarios.
> >
> > Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
> > ---
> >   meta/classes-recipe/uboot-sign.bbclass | 11 +++++++++++
> >   1 file changed, 11 insertions(+)
> >
> > diff --git a/meta/classes-recipe/uboot-sign.bbclass
> > b/meta/classes-recipe/uboot-sign.bbclass
> > index dcf94b7179..92bd620f8e 100644
> > --- a/meta/classes-recipe/uboot-sign.bbclass
> > +++ b/meta/classes-recipe/uboot-sign.bbclass
> > @@ -101,6 +101,10 @@ UBOOT_FIT_TEE_IMAGE ?= "tee-raw.bin"
> >   # User specific settings
> >   UBOOT_FIT_USER_SETTINGS ?= ""
> >
> > +# Sets the firmware property to select the image to boot first.
> > +# If not set, the first entry in "loadables" is used instead.
> > +UBOOT_FIT_CONF_FIRMWARE ?= ""
> > +
> >   # Unit name containing a list of users additional binaries to be loaded.
> >   # It is a comma-separated list of strings.
> >   UBOOT_FIT_CONF_USER_LOADABLES ?= ''
> > @@ -439,6 +443,13 @@ EOF
> >           default = "conf";
> >           conf {
> >               description = "Boot with signed U-Boot FIT";
> > +EOF
> > +	if [ -n "${UBOOT_FIT_CONF_FIRMWARE}" ] ; then
> > +		cat << EOF >> ${UBOOT_ITS}
> > +            firmware = "${UBOOT_FIT_CONF_FIRMWARE}"; EOF
> > +	fi
> > +	cat << EOF >> ${UBOOT_ITS}
> 
> Maybe we should rather follow the same way loadables is set?
> 
> e.g.
> 
>          if [ -n "${UBOOT_FIT_CONF_FIRMWARE}" ] ; then
>              firmware="firmware = \"${UBOOT_FIT_CONF_FIRMWARE}\";"
>          fi
> 
>          cat << EOF >> ${UBOOT_ITS}
>      };
> 
>      configurations {
>          default = "conf";
>          conf {
>              description = "Boot with signed U-Boot FIT";
>              loadables = ${conf_loadables};
>              ${firmware}
>              fdt = "fdt";
>          };
>      };
> };
> EOF
> 
> for example?
> 
> That should make the configurations node either to read in-code?
> 
Thanks for the review and suggestion.
I resend v2 patch here,  https://patchwork.yoctoproject.org/project/oe-core/list/?series=34666

> Please also consider sending a patch to the yocto-docs project for this new
> variable.

I sent the v1 patch here, https://patchwork.yoctoproject.org/project/docs/patch/20250520095457.3642012-1-jamin_lin@aspeedtech.com/ 

Thanks-Jamin
> 
> Cheers,
> Quentin