pieeprom-2026-01-16: 2712: Assume eMMC for CM4/CM5 (latest)

* Assume eMMC for CM4/CM5 non-lite
  Attempt the fast path by skipping the SD interface condition command timeout on CM4/CM5 (non-lite) modules and enable eMMC mode directly. This saves ~250ms of the boot time.
* Don't stomp on RTC alarm state
  Preserve the RTC's alarm state so that it can be queried by the rpi-rtc
  driver.
  See: https://github.com/raspberrypi/firmware/issues/2011
* arm_loader: Apply rpifwcrypto lock permissions GET/SET USER OTP
  Previously, the GET/SET user OTP mailboxes would provide access to the
  device unique private key. Update the mailbox API to fail if the
  key has been locked via lock_device_private_key=1 in config.txt or
  the associated mailbox call.
  GET/SET user OTP fails by setting the result tag to the standard
  error code (0x80000000). The dedicate GET/SET private key continue
  to fail the entire mailbox operation to force vcmailbox to exit
  with a non-zero error code.
* cm5: Add support for 8-bit bus width eMMC

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,50 +0,0 @@
----
-name: Bug report
-about: Create a bug report for the bootloader EEPROM or rpi-eeprom-update scripts. Please use the Raspberry Pi General Discussion forum for general questions about the bootloader.
-
----
-
-This repository tracks bugs for the Raspberry Pi 4 bootloader EEPROM and Linux update scripts.
-
-* If you suspect a hardware problem then please read the [Boot Problems](https://www.raspberrypi.org/forums/viewtopic.php?p=437084) post first before contacting the reseller.
-* Support questions or should be posted on the Raspberry Pi [General Discussion](https://www.raspberrypi.org/forums/viewforum.php?f=63)**
-
-
-**Mandatory information**
-* Raspberry Pi model
-* Board revision (cat /proc/cpuinfo | grep Revision)
-* Operating system version .
-* Details of any hardware attached e.g. links to USB 
-* Photo of the HDMI diagnostics screen, UART trace.
-
-**Describe the bug**
-A clear and concise description of what the bug is.
-
-**To Reproduce**
-Steps to reproduce the behavior:
-
-**Expected behaviour**
-A clear and concise description of what you expected to happen.
-
-**Bootloader version and configuration**
-If you have modified the default bootloader release or configuration then please attach the bootloader configuration vcgencmd bootloader_config and version (vcgencmd bootloader_version)
-
-**SD card boot (please complete the following information):**
- - SD card type
- - Partition information (sudo fdisk -l) if you are able to obtain this from another computer.
-
-**Network boot (please complete the following information):**
-Network boot bug normally require one or more of the following log types. [PiServer](https://github.com/raspberrypi/piserver) is the officially supported network boot server.
-
- - DHCP server configuration files e.g. dnsmasq.conf
- - Wireshark binary packet capture
- - UART logs
-
-**USB boot (please complete the following information):**
-Verify that the the USB device works correctly when hot-plugged under Linux and attache the output of 'lsusb -vvv'
-
-**Additional context**
-Add any other context about the problem here. 
-
-The [Bootloader configuration](https://www.raspberrypi.org/documentation/hardware/raspberrypi/bcm2711_bootloader_config.md) page describes how to enable UART or NETCONSOLE logs. For complex USB boot issues NETCONSOLE logs are recommended.
-

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,128 @@
+name: "Bug report"
+description: Create a report to help us fix your issue
+body:
+- type: markdown
+  attributes:
+    value: |
+      **Is this the right place for my bug report?**
+      
+      * This repository contains the Raspberry Pi 5, Raspberry Pi 4, Pi400, CM4 and CM4-S bootloader EEPROM images and installation scripts.      
+      * Please report boot issues for the earlier models at the GPU firmware repo [github.com/raspberrypi/firmware](https://github.com/raspberrypi/firmware).
+      * Please report USB issues which occur after the OS has started at the Linux repo [github.com/raspberrypi/linux/](https://github.com/raspberrypi/linux/).
+      * If you simply have a question, then [the Raspberry Pi forums](https://www.raspberrypi.org/forums) are the best place to ask it. 
+         * The ["Is your Pi not booting?"](https://forums.raspberrypi.com/viewtopic.php?f=28&t=58151) post has lots of useful advice.
+
+- type: textarea
+  id: description
+  attributes:
+    label: Describe the bug
+    description: |
+      Add a clear and concise description of what you think the bug is. 
+      
+      * Attach a photo of the bootloader [diagnostics](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#boot-diagnostics-on-the-raspberry-pi-4).
+      * If the system is failing to boot then please check if the green activity LED is displaying an [error pattern](https://www.raspberrypi.com/documentation/computers/configuration.html#led-warning-flash-codes).
+  validations:
+    required: true
+
+- type: textarea
+  id: reproduce
+  attributes:
+    label: Steps to reproduce the behaviour
+    description: |
+      List the steps required to reproduce the issue.
+  validations:
+    required: true
+- type: dropdown
+  id: model
+  attributes:
+    label: Device (s)
+    description: On which device you are facing the bug?
+    multiple: true
+    options:
+      - Raspberry Pi 5
+      - Raspberry Pi 500
+      - Raspberry Pi 4 Mod. B
+      - Raspberry Pi 400
+      - Raspberry Pi CM5
+      - Raspberry Pi CM5 Lite
+      - Raspberry Pi CM4
+      - Raspberry Pi CM4 Lite
+      - Raspberry Pi CM4-S
+      - Other
+  validations:
+    required: true
+    
+- type: textarea
+  id: config
+  attributes:
+    label: Bootloader configuration.
+    description: |      
+      Copy and paste the results of `rpi-eeprom-config` or describe the failing configuration.
+      
+      * `rpi-eeprom-update` saves a backup of the previous bootloader configuration to `/var/lib/raspberrypi/bootloader/backup` before it schedules the update.
+      * `rpi-eeprom-config pieeprom.upd` can be used to read the contents of an EEPROM image.
+  validations:
+    required: true
+
+- type: textarea
+  id: system
+  attributes:
+    label: System
+    description: |
+      Copy and paste the results of the `raspinfo` command in to this section.
+      Alternatively, copy and paste a pastebin link, or add answers to the following questions:
+      * Which OS and version (`cat /etc/rpi-issue`)?
+      * Which bootloader version (`vcgencmd bootloader_version`)?
+      * Which firmware version (`vcgencmd version`)?
+      * Which kernel version (`uname -a`)?
+  validations:
+    required: false
+    
+- type: textarea
+  id: Logs
+  attributes:
+    label: Bootloader logs
+    description: |
+       If the problem can't be diagnosed from the bootloader HDMI diagnostics screen then we'll normally need to see more detailed logs to diagnose the problem. The bootloader and GPU firmware can be configured to enable log output to the UART (GPIOs `14` and `15`, pins `8` and `10` on the [40-pin GPIO header](https://www.raspberrypi.com/documentation/computers/os.html#gpio-and-the-40-pin-header, or on the Debug header on a Pi 5)
+         * To enable UART logging from the bootloader specify [BOOT_UART=1](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#BOOT_UART) in the EEPROM config
+         * To enable UART logging from the `start.elf` GPU firmware stage add [uart_2ndstage=1](https://www.raspberrypi.com/documentation/computers/config_txt.html#uart_2ndstage) to `config.txt`.
+         * If you are familiar with using Wireshark then it's also possible to use [NETCONSOLE](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#NETCONSOLE) write logs to UDP packets.
+       Please paste the bootloader logs here.          
+  validations:
+    required: false
+    
+- type: textarea
+  id: USB
+  attributes:
+    label: USB boot
+    description: |
+       Before using USB as the boot device it's advisble to verify that the USB device is [compatible](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#hardware-compatibility) and works reliably from Linux. 
+       Please specify the make and model of the USB device plus any HUBs or USB/SATA adapters. Please also capture the output of the following command from Linux `lsusb -vvv` and paste the results here.
+  validations:
+    required: false    
+
+- type: textarea
+  id: NVMe
+  attributes:
+    label: NVMe boot
+    description: |
+       Before using NVMe as the boot device it's advisble to verify that the NVMe storage is working reliably when mounted from Linux. Please specify the make and model and also  capture the following information from a working system when reporting NVMe issues.
+       * `sudo apt-get install nvme-cli`
+       * `sudo nvme list`
+       * `sudo nvme id-ctrl -H /dev/nvme0`
+       * `sudo nvme list-ns /dev/nvme0`
+       * `sudo nvme id-ns -H /dev/nvme0 --namespace-id=1`   
+  validations:
+    required: false
+    
+- type: textarea
+  id: tftp
+  attributes:
+    label: Network (TFTP boot)
+    description: |      
+      Please provide the following information if possible:- 
+      * DHCP server configuration files e.g. `dnsmasq.conf`
+      * Wireshark binary packet capture      
+  validations:
+    required: false
+    

.github/ISSUE_TEMPLATE/config.yml

@@ -1,2 +1,9 @@
 blank_issues_enabled: false
 
+contact_links:
+  - name: "⛔ Question"
+    url: https://www.raspberrypi.org/forums
+    about: "Please do not use GitHub for asking questions. If you simply have a question, then the Raspberry Pi forums are the best place to ask it. Thanks in advance for helping us keep the issue tracker clean!"
+  - name: "⛔ Problems with Raspberry Pi Imager / network-install"
+    url: https://github.com/raspberrypi/rpi-imager
+    about: "If the problem with network install occurs after the Raspberry Pi Imager UI has started then please report it at https://github.com/raspberrypi/rpi-imager/issues. Otherwise, raise the bug report here."

.github/workflows/test.yml

@@ -0,0 +1,31 @@
+name: Test EEPROM Config
+
+on:
+  pull_request:
+    branches: [ 'master' ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.x'
+          
+      - name: Create and activate virtual environment
+        run: |
+          python -m venv venv
+          source venv/bin/activate
+          
+      - name: Install dependencies
+        run: |
+          pip install pycryptodomex
+      
+      - name: Run EEPROM Config Tests
+        run: |
+          cd test
+          chmod +x test-rpi-eeprom-config
+          ./test-rpi-eeprom-config 

.gitignore

@@ -1 +1,3 @@
 *.swp
+images-2711/
+images-2712/

LICENSE

@@ -6,10 +6,14 @@ Files: *
 Copyright: 2019, Raspberry Pi (Trading) Ltd.
 License: BSD-3
 
-Files: firmware/*
+Files: firmware-2711/*
 Copyright: 2019, Raspberry Pi (Trading) Ltd.
 License: custom
 
+Files: firmware-2712/*
+Copyright: 2024, Raspberry Pi (Trading) Ltd.
+License: custom
+
 License: BSD-3
  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions
@@ -64,4 +68,54 @@ License: custom
  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
  TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
- DAMAGE. 
+ DAMAGE.
+
+License: uIP
+ Copyright (c) 2006, Swedish Institute of Computer Science.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in the
+    documentation and/or other materials provided with the distribution.
+ 3. Neither the name of the Institute nor the names of its contributors
+    may be used to endorse or promote products derived from this software
+    without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+ 
+License: MIT
+ QR Code generator library (C)
+ 
+ Copyright (c) Project Nayuki. (MIT License)
+ https://www.nayuki.io/page/qr-code-generator-library
+ 
+ Permission is hereby granted, free of charge, to any person obtaining a copy of
+ this software and associated documentation files (the "Software"), to deal in
+ the Software without restriction, including without limitation the rights to
+ use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+ the Software, and to permit persons to whom the Software is furnished to do so,
+ subject to the following conditions:
+ - The above copyright notice and this permission notice shall be included in
+   all copies or substantial portions of the Software.
+ - The Software is provided "as is", without warranty of any kind, express or
+   implied, including but not limited to the warranties of merchantability,
+   fitness for a particular purpose and noninfringement. In no event shall the
+   authors or copyright holders be liable for any claim, damages or other
+   liability, whether in an action of contract, tort or otherwise, arising from,
+   out of or in connection with the Software or the use or other dealings in the
+   Software.

README.md

@@ -1,16 +1,15 @@
 # rpi-eeprom
-This repository contains the scripts and pre-compiled binaries used to create the `rpi-eeprom` package which is used to update the Raspberry Pi 4 bootloader and VLI USB xHCI controller EEPROMs.
+This repository contains the scripts and pre-compiled binaries used to create the `rpi-eeprom` package which is used to update the Raspberry Pi 4 and Raspberry Pi 5 bootloaders EEPROM images.
 
 # Support
-Please check the Raspberry Pi [general discussion forum](https://www.raspberrypi.org/forums/viewforum.php?f=63) if you have a support question. 
+Please check the Raspberry Pi [general discussion forum](https://forums.raspberrypi.com/viewforum.php?f=63) if you have a support question.
 
 # Reset to factory defaults
-The [Raspberry Pi Imager](https://www.raspberrypi.org/downloads/) provides an EEPROM recovery image which may be used to reset the bootloader and USB xHCI EEPROMs to factory defaults.
+To reset the bootloader back to factory defaults use [Raspberry Pi Imager](https://www.raspberrypi.com/software/) to write an EEPROM update image to a spare SD card. Select `Misc utility images` under the `Operating System` tab.
 
 # Bootloader documentation
-* [The boot folder](https://www.raspberrypi.org/documentation/configuration/boot_folder.md)
-* [Config.txt boot options](https://www.raspberrypi.org/documentation/configuration/config-txt/boot.md)
-* [Bootloader EEPROM](https://www.raspberrypi.org/documentation/hardware/raspberrypi/booteeprom.md)
-* [Bootloader configuration](https://www.raspberrypi.org/documentation/hardware/raspberrypi/bcm2711_bootloader_config.md)
-* [Release notes](firmware/release-notes.md)
-* [Releases](releases.md)
+* [Config.txt boot options](https://www.raspberrypi.com/documentation/computers/config_txt.html#boot-options)
+* [Bootloader EEPROM](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#raspberry-pi-boot-eeprom)
+* [Bootloader configuration](https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#raspberry-pi-bootloader-configuration)
+* [Updating the Compute Module 4 bootloader](https://www.raspberrypi.com/documentation/computers/compute-module.html#update-the-compute-module-bootloader)
+* [Releases and release notes](releases.md)

firmware-2711/beta

@@ -0,0 +1 @@
+latest/

firmware-2711/critical

@@ -0,0 +1 @@
+default/