mirror of
https://git.yoctoproject.org/poky
synced 2026-04-17 18:32:12 +02:00
uboot-sign: add support for different u-boot configurations
This is done by concatenating the DTB with the kernels public key to all built u-boot binaries. Furthermore the installation of all the binaries is required. (From OE-Core rev: bacb59079eb6ba7e43507a6d3a357341fb367f83) Signed-off-by: Andreas Obergschwandtner <andreas.obergschwandtner@skidata.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Andreas Obergschwandtner
committed by
Richard Purdie
Richard Purdie
parent
98143681ef
commit
de0019cf6c
@@ -45,49 +45,72 @@ UBOOT_NODTB_SYMLINK ?= "u-boot-nodtb-${MACHINE}.${UBOOT_SUFFIX}"
|
||||
# Functions in this bbclass is for u-boot only
|
||||
UBOOT_PN = "${@d.getVar('PREFERRED_PROVIDER_u-boot') or 'u-boot'}"
|
||||
|
||||
concat_dtb_helper() {
|
||||
if [ -e ${UBOOT_DTB_BINARY} ]; then
|
||||
ln -sf ${UBOOT_DTB_IMAGE} ${DEPLOYDIR}/${UBOOT_DTB_BINARY}
|
||||
ln -sf ${UBOOT_DTB_IMAGE} ${DEPLOYDIR}/${UBOOT_DTB_SYMLINK}
|
||||
fi
|
||||
|
||||
if [ -f ${UBOOT_NODTB_BINARY} ]; then
|
||||
install ${UBOOT_NODTB_BINARY} ${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}
|
||||
ln -sf ${UBOOT_NODTB_IMAGE} ${UBOOT_NODTB_SYMLINK}
|
||||
ln -sf ${UBOOT_NODTB_IMAGE} ${UBOOT_NODTB_BINARY}
|
||||
fi
|
||||
|
||||
# Concatenate U-Boot w/o DTB & DTB with public key
|
||||
# (cf. kernel-fitimage.bbclass for more details)
|
||||
deployed_uboot_dtb_binary='${DEPLOY_DIR_IMAGE}/${UBOOT_DTB_IMAGE}'
|
||||
if [ "x${UBOOT_SUFFIX}" = "ximg" -o "x${UBOOT_SUFFIX}" = "xrom" ] && \
|
||||
[ -e "$deployed_uboot_dtb_binary" ]; then
|
||||
oe_runmake EXT_DTB=$deployed_uboot_dtb_binary
|
||||
install ${UBOOT_BINARY} ${DEPLOYDIR}/${UBOOT_IMAGE}
|
||||
elif [ -e "${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}" -a -e "$deployed_uboot_dtb_binary" ]; then
|
||||
cd ${DEPLOYDIR}
|
||||
cat ${UBOOT_NODTB_IMAGE} $deployed_uboot_dtb_binary | tee ${UBOOT_BINARY} > ${UBOOT_IMAGE}
|
||||
elif [ -n "${UBOOT_DTB_BINARY}" ]; then
|
||||
bbwarn "Failure while adding public key to u-boot binary. Verified boot won't be available."
|
||||
fi
|
||||
}
|
||||
|
||||
concat_dtb() {
|
||||
if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${PN}" = "${UBOOT_PN}" ]; then
|
||||
mkdir -p ${DEPLOYDIR}
|
||||
if [ -e ${B}/${UBOOT_DTB_BINARY} ]; then
|
||||
ln -sf ${UBOOT_DTB_IMAGE} ${DEPLOYDIR}/${UBOOT_DTB_BINARY}
|
||||
ln -sf ${UBOOT_DTB_IMAGE} ${DEPLOYDIR}/${UBOOT_DTB_SYMLINK}
|
||||
fi
|
||||
|
||||
if [ -f ${B}/${UBOOT_NODTB_BINARY} ]; then
|
||||
install ${B}/${UBOOT_NODTB_BINARY} ${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}
|
||||
ln -sf ${UBOOT_NODTB_IMAGE} ${UBOOT_NODTB_SYMLINK}
|
||||
ln -sf ${UBOOT_NODTB_IMAGE} ${UBOOT_NODTB_BINARY}
|
||||
fi
|
||||
|
||||
# Concatenate U-Boot w/o DTB & DTB with public key
|
||||
# (cf. kernel-fitimage.bbclass for more details)
|
||||
deployed_uboot_dtb_binary='${DEPLOY_DIR_IMAGE}/${UBOOT_DTB_IMAGE}'
|
||||
if [ "x${UBOOT_SUFFIX}" = "ximg" -o "x${UBOOT_SUFFIX}" = "xrom" ] && \
|
||||
[ -e "$deployed_uboot_dtb_binary" ]; then
|
||||
if [ -n "${UBOOT_CONFIG}" ]; then
|
||||
for config in ${UBOOT_MACHINE}; do
|
||||
cd ${B}/${config}
|
||||
concat_dtb_helper
|
||||
done
|
||||
else
|
||||
cd ${B}
|
||||
oe_runmake EXT_DTB=$deployed_uboot_dtb_binary
|
||||
install ${B}/${UBOOT_BINARY} ${DEPLOYDIR}/${UBOOT_IMAGE}
|
||||
elif [ -e "${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}" -a -e "$deployed_uboot_dtb_binary" ]; then
|
||||
cd ${DEPLOYDIR}
|
||||
cat ${UBOOT_NODTB_IMAGE} $deployed_uboot_dtb_binary | tee ${B}/${UBOOT_BINARY} > ${UBOOT_IMAGE}
|
||||
elif [ -n "${UBOOT_DTB_BINARY}" ]; then
|
||||
bbwarn "Failure while adding public key to u-boot binary. Verified boot won't be available."
|
||||
concat_dtb_helper
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Install UBOOT_DTB_BINARY to datadir, so that kernel can use it for
|
||||
# signing, and kernel will deploy UBOOT_DTB_BINARY after signs it.
|
||||
install_helper() {
|
||||
if [ -f ${UBOOT_DTB_BINARY} ]; then
|
||||
install -d ${D}${datadir}
|
||||
# UBOOT_DTB_BINARY is a symlink to UBOOT_DTB_IMAGE, so we
|
||||
# need both of them.
|
||||
install ${UBOOT_DTB_BINARY} ${D}${datadir}/${UBOOT_DTB_IMAGE}
|
||||
ln -sf ${UBOOT_DTB_IMAGE} ${D}${datadir}/${UBOOT_DTB_BINARY}
|
||||
elif [ -n "${UBOOT_DTB_BINARY}" ]; then
|
||||
bbwarn "${UBOOT_DTB_BINARY} not found"
|
||||
fi
|
||||
}
|
||||
|
||||
do_install_append() {
|
||||
if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${PN}" = "${UBOOT_PN}" ]; then
|
||||
if [ -f ${B}/${UBOOT_DTB_BINARY} ]; then
|
||||
install -d ${D}${datadir}
|
||||
# UBOOT_DTB_BINARY is a symlink to UBOOT_DTB_IMAGE, so we
|
||||
# need both of them.
|
||||
install ${B}/${UBOOT_DTB_BINARY} ${D}${datadir}/${UBOOT_DTB_IMAGE}
|
||||
ln -sf ${UBOOT_DTB_IMAGE} ${D}${datadir}/${UBOOT_DTB_BINARY}
|
||||
elif [ -n "${UBOOT_DTB_BINARY}" ]; then
|
||||
bbwarn "${B}/${UBOOT_DTB_BINARY} not found"
|
||||
if [ -n "${UBOOT_CONFIG}" ]; then
|
||||
for config in ${UBOOT_MACHINE}; do
|
||||
cd ${B}/${config}
|
||||
install_helper
|
||||
done
|
||||
else
|
||||
cd ${B}
|
||||
install_helper
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user