Gitiles
Code Review Sign In
gerrit.openbmc.org / mdmillerii / openbmc / 7237a3e5481f5e8b11f5367b7b81b4e734c28640 / . / meta-hpe / meta-common / recipes-phosphor / image / obmc-phosphor-image.bbappend
blob: 0eb006948b47f5b5c374b51cb64d9fd46b1659f1 [file] [log] [blame]
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]1inherit image_version
2unset do_get_version[noexec]
3do_get_version[depends] = "os-release"
4
5# do_get_version() is copied from meta-phosphor/classes/image_version.bbclass and
6# modified to append the date and time to the version if a file named "developer"
7# exists in the openbmc/build directory
8def do_get_version(d):
9 import configparser
10 import io
11 path = d.getVar('STAGING_DIR_TARGET', True) + d.getVar('sysconfdir', True)
12 path = os.path.join(path, 'os-release')
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]13 parser = configparser.SafeConfigParser(strict=False)
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]14 parser.optionxform = str
15 version = ''
16 try:
17 with open(path, 'r') as fd:
18 buf = '[root]\n' + fd.read()
19 fd = io.StringIO(buf)
20 parser.readfp(fd)
21 version = parser['root']['VERSION_ID']
22 dev_path = d.getVar('PWD', True)
23 dev_path = os.path.join(dev_path, 'developer')
24 if os.path.isfile(dev_path):
25 version = version[:-1] + str(d.getVar('IMAGE_VERSION_SUFFIX', True)).strip()
26 except:
27 pass
28 return version
29
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]30CUSTOMER_KEY_BLOCK ?= "customer-key-block"
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]31HPE_GXP_BOOTBLOCK_IMAGE ?= "gxp-bootblock.bin"
32HPE_UBOOT_SIGNING_HEADER ?= "hpe-uboot-header.section"
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]33HPE_UBOOT_SIGNING_HEADER_512 ?= "hpe-uboot-header-512.section"
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]34HPE_UBOOT_SIGNING_KEY ?= "hpe-uboot-signing-key.pem"
35
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]36# Offsets that are the same for the standard image and secure boot image
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]37FLASH_SIZE = "31552"
38FLASH_UBOOT_OFFSET = "0"
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]39UBOOT_IMG_SIZE = "393216"
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]40FLASH_KERNEL_OFFSET = "512"
41FLASH_ROFS_OFFSET = "5376"
42FLASH_RWFS_OFFSET = "29184"
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]43
44# Standard image offsets
45FLASH_STANDARD_SECTION_OFFSET = "31552"
46FLASH_STANDARD_SECTION_END = "32768"
47
48# Secure boot offsets
49# offset at 0x01f7_0000 / 1024 = 32192
50FLASH_SECTION_OFFSET = "32192"
51# end is offset + 576
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]52FLASH_SECTION_END = "32768"
53
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]54# offset at 0x01ee_0000 / 1024 = 31616
55FLASH_SECTION2_OFFSET = "31616"
56FLASH_SECTION2_END = "32192"
57
58# offset at 0x01c0_0000 / 1024 = 28672
59FLASH_UBOOT2_OFFSET = "28672"
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]60
61do_generate_static[depends] += " \
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]62 gxp-bootblock:do_deploy \
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]63 gxp-bootblock:do_populate_sysroot \
64 "
Mike Garrettab6de742021-08-24 17:56:32 -0500[diff] [blame]65make_image_links:append() {
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]66 ln -sf ${DEPLOY_DIR_IMAGE}/hpe-section image-section
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]67
68 if [ -f ${DEPLOY_DIR_IMAGE}/hpe-section2 ]
69 then
70 ln -sf ${DEPLOY_DIR_IMAGE}/hpe-section2 image-section2
71 fi
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]72}
73
Mike Garrettab6de742021-08-24 17:56:32 -0500[diff] [blame]74do_mk_static_symlinks:append() {
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]75 ln -sf hpe-section image-section
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]76
77 if [ -f ${DEPLOY_DIR_IMAGE}/hpe-section2 ]
78 then
79 ln -sf hpe-section2 image-section2
80 fi
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]81}
82
Mike Garrettab6de742021-08-24 17:56:32 -0500[diff] [blame]83do_generate_static:prepend() {
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]84 bb.build.exec_func("do_generate_hpe_image", d)
85}
86
Mike Garrettab6de742021-08-24 17:56:32 -0500[diff] [blame]87do_generate_static:append() {
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]88 # hpe-section2 and u-boot2 only exist in the secure boot image.
89 # If hpe-section2 exists, then this is secure boot.
90 if os.path.exists(os.path.join(d.getVar('DEPLOY_DIR_IMAGE', True), 'hpe-section2')):
91 _append_image(os.path.join(d.getVar('DEPLOY_DIR_IMAGE', True), 'hpe-section'),
92 int(d.getVar('FLASH_SECTION_OFFSET', True)),
93 int(d.getVar('FLASH_SECTION_END', True)))
94
95 _append_image(os.path.join(d.getVar('DEPLOY_DIR_IMAGE', True), 'hpe-section2'),
96 int(d.getVar('FLASH_SECTION2_OFFSET', True)),
97 int(d.getVar('FLASH_SECTION2_END', True)))
98
99 _append_image(os.path.join(d.getVar('DEPLOY_DIR_IMAGE', True), 'u-boot.%s' % d.getVar('UBOOT_SUFFIX',True)),
100 int(d.getVar('FLASH_UBOOT2_OFFSET', True)),
101 int(d.getVar('FLASH_RWFS_OFFSET', True)))
102 else:
103 _append_image(os.path.join(d.getVar('DEPLOY_DIR_IMAGE', True), 'hpe-section'),
104 int(d.getVar('FLASH_STANDARD_SECTION_OFFSET', True)),
105 int(d.getVar('FLASH_STANDARD_SECTION_END', True)))
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]106}
107
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]108# Generate the secure boot image by default
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]109do_generate_hpe_image() {
110 # Extract uboot 256K
111 dd if=/dev/zero bs=1k count=256 > ${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
112 dd bs=1k conv=notrunc seek=0 count=256\
113 if=${DEPLOY_DIR_IMAGE}/u-boot.${UBOOT_SUFFIX} \
114 of=${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
115
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]116 keyblockver="$(expr `grep -c -i 'CustomerKeyBlockVersion\$2.0' "${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK}"` + 1)"
117
118 # TODO - replace this openssl signing command line with whatever command you need to create a
119 # digital signature of ${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
120 if [ ${keyblockver} -eq 1 ]
121 then
122 openssl sha256 -sign ${DEPLOY_DIR_IMAGE}/${HPE_UBOOT_SIGNING_KEY} -out ${DEPLOY_DIR_IMAGE}/gxp_tmp.sig \
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]123 ${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
124
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]125 # Cat U-Boot header+signature
126 cat ${DEPLOY_DIR_IMAGE}/${HPE_UBOOT_SIGNING_HEADER} ${DEPLOY_DIR_IMAGE}/gxp_tmp.sig \
127 > ${DEPLOY_DIR_IMAGE}/gxp-uboot.sig
128 elif [ ${keyblockver} -eq 2 ]
129 then
130 openssl sha384 -sign ${DEPLOY_DIR_IMAGE}/${HPE_UBOOT_SIGNING_KEY} -out ${DEPLOY_DIR_IMAGE}/gxp_tmp.sig \
131 ${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]132
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]133 # Cat U-Boot header+signature
134 cat ${DEPLOY_DIR_IMAGE}/${HPE_UBOOT_SIGNING_HEADER_512} ${DEPLOY_DIR_IMAGE}/gxp_tmp.sig \
135 > ${DEPLOY_DIR_IMAGE}/gxp-uboot.sig
136 fi
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]137
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]138 # Create hpe-section
139 dd if=/dev/zero bs=1k count=576 > ${DEPLOY_DIR_IMAGE}/hpe-section
140
141 # Add U-Boot Header and Signature to hpe-section
142 dd bs=1k conv=notrunc seek=0 \
143 if=${DEPLOY_DIR_IMAGE}/gxp-uboot.sig \
144 of=${DEPLOY_DIR_IMAGE}/hpe-section
145
146 # Add gxp-bootblock to hpe-section
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]147 dd bs=1k conv=notrunc seek=64 \
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]148 if=${DEPLOY_DIR_IMAGE}/${HPE_GXP_BOOTBLOCK_IMAGE} \
149 of=${DEPLOY_DIR_IMAGE}/hpe-section
150
151 # hpe-section2 is the same as hpe-section up to this point
152 cp ${DEPLOY_DIR_IMAGE}/hpe-section ${DEPLOY_DIR_IMAGE}/hpe-section2
153
154 # Expand the customer-key-block to 64 KB
155 dd if=/dev/zero bs=1k count=64 > ${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK}.tmp
156 dd bs=1k conv=notrunc seek=0 count=64 \
157 if=${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK} \
158 of=${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK}.tmp
159
160 # Add the customer-key-block to hpe-section
161 dd bs=1k conv=notrunc seek=320 count=64 \
162 if=${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK}.tmp \
163 of=${DEPLOY_DIR_IMAGE}/hpe-section
164
165 # Add a second copy of the customer-key-block to hpe-section
166 dd bs=1k conv=notrunc seek=384 count=64 \
167 if=${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK}.tmp \
168 of=${DEPLOY_DIR_IMAGE}/hpe-section
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]169
170 # Expand uboot to 384K
171 dd if=/dev/zero bs=1k count=384 > ${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]172 dd bs=1k conv=notrunc seek=0 count=384 \
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]173 if=${DEPLOY_DIR_IMAGE}/u-boot.${UBOOT_SUFFIX} \
174 of=${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX}
175
176 # Remove unnecessary files
177 rm ${DEPLOY_DIR_IMAGE}/u-boot.${UBOOT_SUFFIX} \
178 ${DEPLOY_DIR_IMAGE}/gxp_tmp.sig \
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]179 ${DEPLOY_DIR_IMAGE}/gxp-uboot.sig \
180 ${DEPLOY_DIR_IMAGE}/${CUSTOMER_KEY_BLOCK}.tmp
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]181
182 mv ${DEPLOY_DIR_IMAGE}/u-boot-tmp.${UBOOT_SUFFIX} ${DEPLOY_DIR_IMAGE}/u-boot.${UBOOT_SUFFIX}
183
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]184 # Check uboot image size equals to 384K
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]185 size="$(wc -c < "${DEPLOY_DIR_IMAGE}/u-boot.${UBOOT_SUFFIX}")"
186 if [ ${size} -ne ${UBOOT_IMG_SIZE} ]
187 then
188 echo "ERROR: STATIC - uBoot image size ${size} incorrect. Please try it again."
189 exit 1
190 fi
191}
192
193make_tar_of_images() {
194 type=$1
195 shift
196 extra_files="$@"
197
198 # Create the tar archive
199 tar -h -cvf ${IMGDEPLOYDIR}/${IMAGE_NAME}.$type.mtd.tar \
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]200 image-u-boot image-kernel image-rofs image-rwfs image-section* $extra_files
201
202 # Create the min tar archive
203 tar -h -cvf ${IMGDEPLOYDIR}/${IMAGE_NAME}.$type.mtd.min.tar \
204 image-kernel image-rofs image-rwfs MANIFEST \
205 image-kernel.sig image-rofs.sig image-rwfs.sig MANIFEST.sig publickey
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]206
207 cd ${IMGDEPLOYDIR}
208 ln -sf ${IMAGE_NAME}.$type.mtd.tar ${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.$type.mtd.tar
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]209 ln -sf ${IMAGE_NAME}.$type.mtd.min.tar ${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.$type.mtd.min.tar
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]210}
211
212do_generate_static_tar[depends] += " obmc-phosphor-image:do_generate_static"
213
214do_generate_static_tar() {
215
216 ln -sf ${S}/MANIFEST MANIFEST
217 ln -sf ${S}/publickey publickey
218 make_image_links ${OVERLAY_BASETYPE} ${IMAGE_BASETYPE}
219
220 # Check uboot image size equals to 384K
221 size="$(wc -c < "image-u-boot")"
222 if [ ${size} != ${UBOOT_IMG_SIZE} ]
223 then
224 echo "ERROR: TAR - uBoot image size ${size} incorrect. Please try it again."
225 exit 1
226 fi
227
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]228 if [ -f image-section2 ]
229 then
230 make_signatures image-u-boot image-kernel image-rofs image-rwfs image-section image-section2 MANIFEST publickey
231 else
232 make_signatures image-u-boot image-kernel image-rofs image-rwfs image-section MANIFEST publickey
233 fi
234
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]235 make_tar_of_images static MANIFEST publickey ${signature_files}
236
237 # Maintain non-standard legacy link.
238 cd ${IMGDEPLOYDIR}
239 ln -sf ${IMAGE_NAME}.static.mtd.tar ${IMGDEPLOYDIR}/${MACHINE}-${DATETIME}.tar
Charles Kearney7237a3e2023-04-07 21:15:03 +0000[diff] [blame^]240 ln -sf ${IMAGE_NAME}.static.mtd.min.tar ${IMGDEPLOYDIR}/${MACHINE}-${DATETIME}.min.tar
Jorge Cisneros8a445a02020-09-03 21:09:03 +0000[diff] [blame]241}