- 2024-07-30 is marked `default` here, but the image is actually in `latest`
- 2024-07-25 doesn't specify default or latest - fix that
(Aside: neither seem to have found their way to apt yet).
* Optimize all-banks/per-bank refresh timings for Pi5 8GB
* Improve compatibility for booting from some USB SD card readers
https://github.com/raspberrypi/rpi-eeprom/issues/527
* Add enable_rp1_uart=1 to config.txt to initialise RP1 UART0 immediately
prior to starting the ARMs get earlycon on 40-pin header (pins 14,15)
Also requires pciex4_reset=0 in config.txt
earlycon=pl011,0x1f00030000,115200n8
* Enable the usage of program_rpiboot_gpio in config.txt for recovery.bin
without requiring secure-boot to be enabled.
This may be useful CI systems provisioning images on Pi4B / Pi400 via RPIBOOT.
This is an OTP setting and cannot be reverted after programming.
See https://www.raspberrypi.com/documentation/computers/config_txt.html#program_rpiboot_gpio
* The [pi5] conditional statement should apply to the entire pi5
family i.e. include cm5 as well.
* Bump SDIO bus priorities to that a GPU/RAM intensive processes
can't unnecessarily stall an I/O processes.
* Assorted log message tidyups.
* Add timestamps to UART log messages.
* Add support for [tryboot] conditional the bootloader EEPROM
config file.
See: https://github.com/raspberrypi/rpi-eeprom/issues/454
* Fix MAX_RESTARTS parameter
See: https://github.com/raspberrypi/rpi-eeprom/issues/576
* Add recovery_reboot option to config.txt for rpiboot which causes
the system to reboot after updating the bootloader.
* Improve secure-boot OTP provisioning logging.
* Fix setting to enable secure-boot mode on Pi4B
Interesting changes since the last automatic update:
* Enable network install
* Enable over-clocking frequencies > 3GHz
See: ttps://github.com/raspberrypi/firmware/issues/1876
* Adjust SDRAM refresh rate according to temperature and address a performance
gap between 4GB and 8GB parts in benchmarks.
See: https://github.com/raspberrypi/firmware/issues/1854
* Support custom CA certs with HTTPS boot
* Move non Kernel ARM stages back to 512KB
https://github.com/raspberrypi/firmware/issues/1868
* Assorted HAT+ and NVMe interop improvements.
* Fix TRYBOOT if secure-boot is enabled.
* Preliminary support for D0 and CM5.
* Switch to building the Pi4 firmware from the common Pi4/Pi5
mainline release. This doesn't change the Pi4 features
but should make it quicker to release bug fixes in common code.
* Fix issue that caused the TRYBOOT flag to be lost in secure-boot mode.
* dtoverlay: Use %u when converting u32s to strings
See: https://github.com/raspberrypi/linux/issues/6039
* Improved debug messages for secure-boot.
* Generate the bootloader diagnostics qrcode at run time.
* bootloader: clock_2712: Remove restriction on arm_freq <= 3000
See: https://github.com/raspberrypi/firmware/issues/1876
* arm_dt: Update max_current to match HAT value
* arm_dt: Remove unused legacy parameters (core_freq, arm_freq, uart0_clkrate and cache_line_size)
* Add support for custom CA cert for network install
You need to specify
HTTP_HOST=myhost.com
HTTP_PATH=/path/to/files
HTTP_CACERT_HASH=<hash>
where <hash> is a sha256 hash of the der encoded ca certificate.
CA cert is added using rpi-eeprom-config.
* Optimise Vbat current draw with charging disabled
* Display OTP boot status in UART log messages.
* Preliminary support for secure-boot OTP provisioning.
* Update PCIE DET_WAKE pinmux for D0 products
Make it clearer that rpi-eeprom-digest is used create optionally
signed hashes for binary files.
For secure-boot the update-pieeprom.sh wrapper must be used
because only the boot configuration is signed by the customer
key rather than the entire SPI flash image.
Update rpi-eeprom-config to support replacement of bootcode.bin
with a customer counter-signed version.
Add a new rpi-sign-bootcode script which enables bootcode.bin
to be counter-signed with the customer key.
N.B. Signed boot on 2712 requires newer firmware which is currently
under development and has not been released.
Allows you to add a custom ca cert to an image.
Note: This option is only relevant for newer (as yet unreleased)
bootloader images that support custom CA certs and reserve a space for
this in the flash image.
* Adjust the SDRAM refresh interval based on the temperature. This
addresses the gap in performance between the 8GB and 4GB variants.
See https://github.com/raspberrypi/firmware/issues/1864
* Preliminary support for signed boot.
* Adjust the SDRAM refresh interval based on the temperature. This
addresses the gap in performance between the 8GB and 4GB variants.
See https://github.com/raspberrypi/firmware/issues/1854
* Preliminary support for signed boot
