binman: A data-controlled firmware packer for U-Boot

Binman is a firmware packaging tool.

Modern firmware images can be complex, with dozens of pieces and various alignment and positional requirements. It can be challenging to build these images using a set of ad-hoc scripts and tools which must be maintained.

Binman collects together the files, processes them as needed, handles any other required operations (such as signing entries) and writes out the images. It permits existing images to be inspected.

By placing the image descriptions in a single configuration file, it is easier to inspect and adjust the format and layout. It also improves performance, since images are create in a single pass. Binman supports adding various U-Boot components, lists of files, microcode, binary components, Coreboot Filesystem (CBFS), text and device trees. Binman provides run-time access to the configuration via device tree and linker symbols.

Binman is used in U-Boot to produced binaries for several SoCs, notably Tegra and x86. It has comprehensive tests with 100% code coverage.

This talk describes binman, including a demo of its capabilities.