d8cd58cc7a
Previously, the signing flow in "uboot-sign.bbclass" assumed that SPL was always present and that the FIT signing process must inject the public key into the SPL DTB. This made it inflexible for use cases where only the U-Boot proper FIT image is built and signed, with no SPL binary at all. This change introduces the following adjustments: - The `SPL_DTB_BINARY` variable can be explicitly set to an empty string to indicate that no SPL is present. - The signing logic checks `SPL_DTB_BINARY` and skips injecting the key or verifying the SPL DTB if it is empty. - The FIT image generation and deployment are always performed if `UBOOT_FITIMAGE_ENABLE` is enabled, regardless of the SPL settings. - The deploy helper now uses a single check on `SPL_DTB_BINARY` to decide whether to deploy the signed SPL DTB. Now the sign step checks if SPL_DTB_BINARY is empty: If present, it signs the FIT image and injects the public key into the SPL DTB, then verifies both. If empty, it only signs the FIT image and generates the ITS with the signature node, but does not attempt to verify or add the key to a non-existent SPL DTB. Key Behavior Explained If SPL_DTB_BINARY is empty, we assume there is no SPL. If UBOOT_FITIMAGE_ENABLE=1, we always create the FIT image and ITS. If SPL_SIGN_ENABLE=1, we always sign the FIT image, but only inject the key into the SPL DTB if it exists. Example usage: UBOOT_FITIMAGE_ENABLE = "1" SPL_SIGN_ENABLE = "1" SPL_DTB_BINARY = "" This means: - Generate and sign the FIT image. - Do not attempt to sign or deploy an SPL DTB. This aligns the implementation with real scenarios where some boards do not require an SPL. (From OE-Core rev: 7ad6acd8841752a5b75b8e2666bca5b609347cc1) Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Poky
Poky is an integration of various components to form a pre-packaged build system and development environment which is used as a development and validation tool by the Yocto Project. It features support for building customised embedded style device images and custom containers. There are reference demo images ranging from X11/GTK+ to Weston, commandline and more. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK suitable for IDE integration.
Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of BSP layers which extend the systems capabilities in a modular way. Many layers are available and can be found through the layer index.
As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation, the 'meta-yocto' layer which has configuration and hardware support components. These components are all part of the Yocto Project and OpenEmbedded ecosystems.
The Yocto Project has extensive documentation about the system including a reference manual which can be found at https://docs.yoctoproject.org/
OpenEmbedded is the build architecture used by Poky and the Yocto project. For information about OpenEmbedded, see the OpenEmbedded website.
Contribution Guidelines
Please refer to our contributor guide here: https://docs.yoctoproject.org/dev/contributor-guide/ for full details on how to submit changes.
Where to Send Patches
As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams:
OpenEmbedded-Core (files in meta/, meta-selftest/, meta-skeleton/, scripts/):
- Git repository: https://git.openembedded.org/openembedded-core/
- Mailing list: openembedded-core@lists.openembedded.org
BitBake (files in bitbake/):
- Git repository: https://git.openembedded.org/bitbake/
- Mailing list: bitbake-devel@lists.openembedded.org
Documentation (files in documentation/):
- Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/
- Mailing list: docs@lists.yoctoproject.org
meta-yocto (files in meta-poky/, meta-yocto-bsp/):
- Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-yocto
- Mailing list: poky@lists.yoctoproject.org
If in doubt, check the openembedded-core git repository for the content you intend to modify as most files are from there unless clearly one of the above categories. Before sending, be sure the patches apply cleanly to the current git repository branch in question.