U-Boot v2018.11 released

Tom Rini of Konsulko announced the latest release of U-Boot, including a bit of info about the two recent CVEs:

[…]I’m going to mention here as well that both CVE-2018-18439 and CVE-2018-18440 exist and are issues. As a community we’re still working on more robust fixes to them, but I want to thank Simon Goldschmidt for taking the lead on coming up with code changes for them. In the immediate term (and for older releases) note that the filesystem-based attack can be mitigated by passing a maximum size to the load command.[…]


Wolfgang Denk of DENX has some stats about the release at:


U-Boot v2018.11-rc1 released

The RC of the November release of U-Boot is out. Usually, you basically haev to follow the U-Boot mailing list to track changes, but this announcement was more verbose than normal:

List of changes between -rc1 and -rc2:

– The SPI-NAND changes have fully been integrated now.
– ARM Versatile Express updates
– QEMU support in RiscV
– Rockchip updates
– fixes to rkimage for SPL boot via USB
– fixes to make_fit_atf.py, incl. entry-point calculation and python3 compatibility
– OP-TEE support for ARMv7-based SoCs
– fixes to RGMII/GMII selection on the RK3328
– ARC updates
– CPU and board info prints
– Synopsys IoT development kit support
– Take care of global uninitialized variables.
– Add support for SD-card detection on all ARC boards
– R-Mobile, SoCFPGA updates
– Sandbox SPL/TPL support
– Various DM, Test updates.
– Various general ARM, Meson, TI K2/K3 updates
– OP-TEE AVB support

We’re looking at release on November 12th, 2018.


U-Boot v2017.09 released

Tom Rini has announced the v2017.09 release of U-Boot. And it clarifies status of VU166743/CVE-2017-3225/CVE-2017-3226, excerpt below:

I’ve released v2017.09 and it’s now live on git and FTP and ACD (along with PGP sig file). There’s a few things I need to headline in this release. First and foremost is https://www.kb.cert.org/vuls/id/166743 (aka CVE-2017-3225 and CVE-2017-3226). If you’re using CONFIG_ENV_AES in your project, you have security implications to worry about and decide the correct path forward in. With respect to the community, I marked it as deprecated for this release, and I plan to remove it for the next release unless someone with relevant background steps up and wants to rewrite the code in question (and make sure the rest of the environment code isn’t going to lead to other issues similar to CVE-2017-3226). Both of the issues in question here could be fixed but the worry is about it being the “tip of the iceberg” in the area. […]

Full announcement:



more on U-Boot encryption vulnerabilties

Re: https://firmwaresecurity.com/2017/09/08/u-boot-aes-cbc-encryption-multiple-vulnerabilities/

I asked on the U-Boot mailing list for more information on this issue. The response from Tom Rini of Konsulko:

So, I mentioned this in the patch that migrated the option to Kconfig and marked it deprecated, and I plan to mention it in the release notes on Monday. But, this option has no in-tree users and I plan to remove the code in the near term, if no one with the relevant background steps up to re-implement it. Thanks!

Full post:


U-Boot gets improved testing

Tom Rini of Konsulko posted an 8-part patch to the U-Boot list, improving their CI infrastrucute. It is nice to see firmware projects with improved testing!

[PATCH 0/8] Various travis-ci improvements

The following series does a few things with our existing travis-ci infrastructure.  We update to the latest Ubuntu release that is supported (there are only 2 Linux host choices) and make use of toolchains that are available that way when possible and fix building of x86.  I added in microblaze and sh4 and xtensa to the build loop (I left out blackfin and openrisc as they have compile problems currently in general). The biggest change here is that I’ve added support for test.py running on qemu-x86, qemu-ppce500, qemu-mips*, vexpress_ca15_tc2, vexpress_ca9x4, and integratorcp_cm926ejs along with sandbox.

This final part is I think the most important.  With this change all it now takes to have some build coverage and some test.py coverage is a github account.  You can then login to travis-ci.org that, click a few things and get build and test coverage with minimal effort now.  It takes about 2 hours in its current configuration but could easily be cut down in ones personal repository for quicker test cycles.  And for the record, in addition to email notifications by default one will have https://api.travis-ci.org/repos/USERNAME/u-boot/builds.atom available as an atom feed, in addition to the numerous other notification methods available.


U-Boot v2016.09 released

Tom Rini of Konsulko announced the latest release of U-Boot on the u-boot list @lists.denx.de.

– More DM work (MMC, of-platdata for size constrained instances, etc)
– Lots and lots of architecture / SoC / Platform updates: x86, rockchip,
  sunxi, TI, NXP/FSL, Tegra, Zynq, uniphier
– mkimage cleanups
– More test.py updates, vboot now a testcase
– Secure boot work on both ARM and PowerPC.
– PSCI updates
– MAKEALL is gone, buildman is for use by all
– We now have xtensa support
– DT overlays
– More Kconfig migration
– Some NFS fixes

Read the full announcement if you’re able to help U-Boot with testing, they’re looking for some help with their new automated test framework.

U-Boot v2016.09-rc2 released

Tom Rini of Konsulko announced the v2016.09-rc2 release of U-Boot. Excerpting most of his announcement:

It’s release day and v2016.09-rc2 is out now.  […]

A short list of changes to come in now are:
– More and various SoC and architecture updates
– Various DM updates and conversions
– PSCI updates
– MAKEALL is gone, buildman is for use by all
– We now have xtensa support
– DT overlays

A non-code change is that now I have Jenkins setup to automatically poll my WIP branches and run test/py/test.py on a few real boards along with sandbox.  I still have some more configuring and cabling to do, and a few more boards I can get setup.

For more info, see the announcement on the u-boot mailing list.

U-Boot v2016.09-rc1 released

Tom Rini of Konsulko announced the v2016.09-rc1 release of U-Boot, his announcement to the U-Boot list is excerpted below:

It’s release day and v2016.09-rc1 is out and the merge window is closed. I’ve updated git and the tarballs are also up now.  I’ve made an attempt at keeping track of what updated as things went along this time:
– DM / MMC block device clean up, patman improvements
– DM now supports of-platdata for cases where we are very much size constrained.
– Various SPI fixes / improvements
– Arch / SoC / Platform updates: x86, rockchip, sunxi, TI, NXP/FSL, Tegra, Zynq, uniphier
– First round of updates to the PSCI code to make it easier to use.
– mkimage cleanups
– More test.py updates, vboot now a testcase
– Secure boot on MPC85xx.

And of course, other things as well.  Please feel free to chime in if there’s something important I forgot to call out. If you notice any problems with the release, please speak out and thanks all!

U-Boot v2016.07 released

Tom Rini of Konsulko announced U-Boot v2016.07. Excerpting his announcement:

[…] I’ve released v2016.07 and it’s now live on git and FTP and ACD.  As a possible bonus, the tarball is now signed with my PGP key. Looking over the changes in this release, I would say it’s another good, solid, iterative improvement over the last.  MMC has moved to DM, we have more tests for DM now too.  ARM (32 and 64bit), MIPS, x86 have all seen improvements.  We’ve also switched to mirroring what the Linux Kernel does for “libgcc” type functionality now which should help with supporting the compilers that most distributions ship while still catching the types of errors we want caught.  We’ve moved a few more options over to Kconfig (caught some problems in our tools too) and are once again ready for more.  I think we have enough tests available now (thanks to tbot) that really even the complicated things can be moved over now and verified as correct, it’s just a matter of doing it.  We also have the ability for SPL to load FIT images and thus pick the right DT to pass along to the main U-Boot binary. […]

Full announcement:
More info:

U-Boot v2016.07-rc1 released

Tom Rini announced the latest release of U-Boot.

(Usually U-Boot releases are pretty terse, presuming you’re a U-Boot developer and already understand what is in each release. This announcement has more info!)

Excerpting announcement:

Some highlights include more DM support (both in general such as block) and specific (FSL I2C).  Freescale ARMv8 platform support has been updated with new platforms and MIPS has seen a number of new / updated platforms as well.  And on that note, x86, Zynq, sunxi, TI, rockchip and socfpga also saw big updates.  Finally, we’ve pulled in patches that bring in “lib1funcs” from the Linux kernel rather than rely on gcc’s libgcc.  This will make building on a number of distributions much easier.

Full announcement:

U-Boot: EFI patches applied, and new bootefi command

Alexander Graf of SuSE has been adding EFI support to U-Boot.  He also just added a new boot loader command, ‘bootefi’, as well:

[PATCH v6 19/30] efi_loader: Add “bootefi” command

In order to execute an EFI application, we need to bridge the gap between U-Boot’s notion of executing images and EFI’s notion of doing the same. The best path forward IMHO here is to stick completely to the way U-Boot deals with payloads. You manually load them using whatever method to RAM and then have a simple boot command to execute them. So in our case, you would do

  # load mmc 0:1 $loadaddr grub.efi
  # bootefi $loadaddr

which then gets you into a grub shell. Fdt information known to U-boot via the fdt addr command is also passed to the EFI payload.

Tom Rini of the U-Boot project also just posted a message saying that the EFI patches have been mostly applied:

EFI loader support largely enabled

What I mean by the subject is that with the EFI loader patches enabled U-Boot itself (not SPL) now includes the EFI loader and required bits on ARM/aarch64.  This is in general I think a good thing.  I’ve however disabled it on a few boards due to size constraints.  This is an average gain of ~12KiB in U-Boot proper.  I fully expect a number of platform patches opting out of this support due to it just not being a real usecase and I am agreeable to talking about making it not enabled by default.  So, lets kick things off.

For more information, see the U-Boot sources or mailing list archives: