meta-phosphor: npcm8xx.bbclass: support sign images feature
Add sign images feature according customer's requirement.
Set "SECURED_IMAGE" to "True" and enable sign images feature.
When sign images feature be enabled. Use default keys to sign
images if customer didn't point their own local keys path.
Note: "SECURED_IMAGE" default is "True".
Tested:
Use default keys sign:
That will use default path and keys from igps to sign.
Use local keys sign:
That will use local path and keys to sign.
When KEY_FOLDER and KEY definition both are valid.
However, when KEY_FOLDER and KEY definition are invalid either,
that will output sign images failed then stop build full images.
Tested: build pass and boot up successfully with signed
Signed-off-by: Tim Lee <timlee660101@gmail.com>
Change-Id: If2b793906ab338aec391062d9bfeae2b1e790078
diff --git a/meta-nuvoton/conf/machine/include/npcm8xx.inc b/meta-nuvoton/conf/machine/include/npcm8xx.inc
index 349d53b..0a753a1 100644
--- a/meta-nuvoton/conf/machine/include/npcm8xx.inc
+++ b/meta-nuvoton/conf/machine/include/npcm8xx.inc
@@ -3,6 +3,7 @@
#@DESCRIPTION: Common machine configuration for Nuvoton NPCM8XX Chip
require conf/machine/include/nuvoton.inc
+require conf/machine/include/igps-keys.inc
KERNEL_IMAGETYPE ?= "Image"
KERNEL_EXTRA_ARGS ?= "UIMAGE_LOADADDR=0x00008000"
@@ -59,4 +60,6 @@
OPTEEMACHINE ?= "nuvoton"
+SECURED_IMAGE ?= "True"
+
TIP_IMAGE ?= "True"