blob: c16977c477ebeb5033ba95c8e51d3b70d1f2a462 [file] [log] [blame]
Brad Bishop1a4b7ee2018-12-16 17:11:34 -08001inherit kernel-uboot kernel-artifact-names uboot-sign
Patrick Williamsc124f4f2015-09-15 14:41:29 -05002
Andrew Geisslerd1e89492021-02-12 15:35:20 -06003KERNEL_IMAGETYPE_REPLACEMENT = ""
4
Patrick Williamsc124f4f2015-09-15 14:41:29 -05005python __anonymous () {
Brad Bishop6e60e8b2018-02-01 10:27:11 -05006 kerneltypes = d.getVar('KERNEL_IMAGETYPES') or ""
He Zhefe76b1e2016-05-25 04:47:16 -04007 if 'fitImage' in kerneltypes.split():
Brad Bishop6e60e8b2018-02-01 10:27:11 -05008 depends = d.getVar("DEPENDS")
Brad Bishop19323692019-04-05 15:28:33 -04009 depends = "%s u-boot-tools-native dtc-native" % depends
Patrick Williamsc124f4f2015-09-15 14:41:29 -050010 d.setVar("DEPENDS", depends)
11
Brad Bishopd7bf8c12018-02-25 22:55:05 -050012 uarch = d.getVar("UBOOT_ARCH")
13 if uarch == "arm64":
14 replacementtype = "Image"
Brad Bishopc342db32019-05-15 21:57:59 -040015 elif uarch == "riscv":
16 replacementtype = "Image"
Brad Bishopd7bf8c12018-02-25 22:55:05 -050017 elif uarch == "mips":
Brad Bishop6e60e8b2018-02-01 10:27:11 -050018 replacementtype = "vmlinuz.bin"
Brad Bishopd7bf8c12018-02-25 22:55:05 -050019 elif uarch == "x86":
Patrick Williamsc0f7c042017-02-23 20:41:17 -060020 replacementtype = "bzImage"
Brad Bishop316dfdd2018-06-25 12:45:53 -040021 elif uarch == "microblaze":
22 replacementtype = "linux.bin"
Patrick Williamsc0f7c042017-02-23 20:41:17 -060023 else:
24 replacementtype = "zImage"
25
Andrew Geisslerd1e89492021-02-12 15:35:20 -060026 d.setVar("KERNEL_IMAGETYPE_REPLACEMENT", replacementtype)
27
Brad Bishop19323692019-04-05 15:28:33 -040028 # Override KERNEL_IMAGETYPE_FOR_MAKE variable, which is internal
29 # to kernel.bbclass . We have to override it, since we pack zImage
30 # (at least for now) into the fitImage .
Brad Bishop6e60e8b2018-02-01 10:27:11 -050031 typeformake = d.getVar("KERNEL_IMAGETYPE_FOR_MAKE") or ""
He Zhefe76b1e2016-05-25 04:47:16 -040032 if 'fitImage' in typeformake.split():
Patrick Williamsc0f7c042017-02-23 20:41:17 -060033 d.setVar('KERNEL_IMAGETYPE_FOR_MAKE', typeformake.replace('fitImage', replacementtype))
Patrick Williamsc124f4f2015-09-15 14:41:29 -050034
Brad Bishop6e60e8b2018-02-01 10:27:11 -050035 image = d.getVar('INITRAMFS_IMAGE')
Patrick Williamsc124f4f2015-09-15 14:41:29 -050036 if image:
George McCollister185c8ae2016-05-26 08:55:16 -050037 d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' ${INITRAMFS_IMAGE}:do_image_complete')
38
Andrew Geissler7e0e3c02022-02-25 20:34:39 +000039 ubootenv = d.getVar('UBOOT_ENV')
40 if ubootenv:
41 d.appendVarFlag('do_assemble_fitimage', 'depends', ' virtual/bootloader:do_populate_sysroot')
42
Brad Bishop19323692019-04-05 15:28:33 -040043 #check if there are any dtb providers
44 providerdtb = d.getVar("PREFERRED_PROVIDER_virtual/dtb")
45 if providerdtb:
46 d.appendVarFlag('do_assemble_fitimage', 'depends', ' virtual/dtb:do_populate_sysroot')
47 d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' virtual/dtb:do_populate_sysroot')
48 d.setVar('EXTERNAL_KERNEL_DEVICETREE', "${RECIPE_SYSROOT}/boot/devicetree")
49
Patrick Williamsc0f7c042017-02-23 20:41:17 -060050 # Verified boot will sign the fitImage and append the public key to
Brad Bishop6e60e8b2018-02-01 10:27:11 -050051 # U-Boot dtb. We ensure the U-Boot dtb is deployed before assembling
Patrick Williamsc0f7c042017-02-23 20:41:17 -060052 # the fitImage:
Brad Bishop15ae2502019-06-18 21:44:24 -040053 if d.getVar('UBOOT_SIGN_ENABLE') == "1" and d.getVar('UBOOT_DTB_BINARY'):
Brad Bishop6e60e8b2018-02-01 10:27:11 -050054 uboot_pn = d.getVar('PREFERRED_PROVIDER_u-boot') or 'u-boot'
Brad Bishop19323692019-04-05 15:28:33 -040055 d.appendVarFlag('do_assemble_fitimage', 'depends', ' %s:do_populate_sysroot' % uboot_pn)
Andrew Geisslerd1e89492021-02-12 15:35:20 -060056 if d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1":
57 d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' %s:do_populate_sysroot' % uboot_pn)
Patrick Williamsc124f4f2015-09-15 14:41:29 -050058}
59
Andrew Geisslerf0343792020-11-18 10:42:21 -060060
Andrew Geisslerd1e89492021-02-12 15:35:20 -060061# Description string
Andrew Geissler3b8a17c2021-04-15 15:55:55 -050062FIT_DESC ?= "Kernel fitImage for ${DISTRO_NAME}/${PV}/${MACHINE}"
Andrew Geisslerd1e89492021-02-12 15:35:20 -060063
64# Sign individual images as well
65FIT_SIGN_INDIVIDUAL ?= "0"
66
Patrick Williams0ca19cc2021-08-16 14:03:13 -050067# Keys used to sign individually image nodes.
68# The keys to sign image nodes must be different from those used to sign
69# configuration nodes, otherwise the "required" property, from
70# UBOOT_DTB_BINARY, will be set to "conf", because "conf" prevails on "image".
71# Then the images signature checking will not be mandatory and no error will be
72# raised in case of failure.
73# UBOOT_SIGN_IMG_KEYNAME = "dev2" # keys name in keydir (eg. "dev2.crt", "dev2.key")
74
Patrick Williamsc124f4f2015-09-15 14:41:29 -050075#
76# Emit the fitImage ITS header
77#
George McCollister185c8ae2016-05-26 08:55:16 -050078# $1 ... .its filename
Patrick Williamsc124f4f2015-09-15 14:41:29 -050079fitimage_emit_fit_header() {
Andrew Geisslereff27472021-10-29 15:35:00 -050080 cat << EOF >> $1
Patrick Williamsc124f4f2015-09-15 14:41:29 -050081/dts-v1/;
82
83/ {
Andrew Geisslerd1e89492021-02-12 15:35:20 -060084 description = "${FIT_DESC}";
Patrick Williamsc124f4f2015-09-15 14:41:29 -050085 #address-cells = <1>;
86EOF
87}
88
89#
90# Emit the fitImage section bits
91#
George McCollister185c8ae2016-05-26 08:55:16 -050092# $1 ... .its filename
93# $2 ... Section bit type: imagestart - image section start
Patrick Williamsc124f4f2015-09-15 14:41:29 -050094# confstart - configuration section start
95# sectend - section end
96# fitend - fitimage end
97#
98fitimage_emit_section_maint() {
George McCollister185c8ae2016-05-26 08:55:16 -050099 case $2 in
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500100 imagestart)
Andrew Geisslereff27472021-10-29 15:35:00 -0500101 cat << EOF >> $1
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500102
103 images {
104EOF
105 ;;
106 confstart)
Andrew Geisslereff27472021-10-29 15:35:00 -0500107 cat << EOF >> $1
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500108
109 configurations {
110EOF
111 ;;
112 sectend)
Andrew Geisslereff27472021-10-29 15:35:00 -0500113 cat << EOF >> $1
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500114 };
115EOF
116 ;;
117 fitend)
Andrew Geisslereff27472021-10-29 15:35:00 -0500118 cat << EOF >> $1
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500119};
120EOF
121 ;;
122 esac
123}
124
125#
126# Emit the fitImage ITS kernel section
127#
George McCollister185c8ae2016-05-26 08:55:16 -0500128# $1 ... .its filename
129# $2 ... Image counter
130# $3 ... Path to kernel image
131# $4 ... Compression type
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500132fitimage_emit_section_kernel() {
133
Brad Bishopf3fd2882019-06-21 08:06:37 -0400134 kernel_csum="${FIT_HASH_ALG}"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600135 kernel_sign_algo="${FIT_SIGN_ALG}"
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500136 kernel_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500137
Brad Bishop316dfdd2018-06-25 12:45:53 -0400138 ENTRYPOINT="${UBOOT_ENTRYPOINT}"
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500139 if [ -n "${UBOOT_ENTRYSYMBOL}" ]; then
140 ENTRYPOINT=`${HOST_PREFIX}nm vmlinux | \
141 awk '$3=="${UBOOT_ENTRYSYMBOL}" {print "0x"$1;exit}'`
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500142 fi
143
Andrew Geisslereff27472021-10-29 15:35:00 -0500144 cat << EOF >> $1
145 kernel-$2 {
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500146 description = "Linux kernel";
Andrew Geisslereff27472021-10-29 15:35:00 -0500147 data = /incbin/("$3");
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500148 type = "kernel";
149 arch = "${UBOOT_ARCH}";
150 os = "linux";
Andrew Geisslereff27472021-10-29 15:35:00 -0500151 compression = "$4";
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500152 load = <${UBOOT_LOADADDRESS}>;
Andrew Geisslereff27472021-10-29 15:35:00 -0500153 entry = <$ENTRYPOINT>;
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600154 hash-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500155 algo = "$kernel_csum";
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500156 };
157 };
158EOF
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600159
Andrew Geisslereff27472021-10-29 15:35:00 -0500160 if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$kernel_sign_keyname" ] ; then
161 sed -i '$ d' $1
162 cat << EOF >> $1
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600163 signature-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500164 algo = "$kernel_csum,$kernel_sign_algo";
165 key-name-hint = "$kernel_sign_keyname";
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600166 };
167 };
168EOF
169 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500170}
171
172#
173# Emit the fitImage ITS DTB section
174#
George McCollister185c8ae2016-05-26 08:55:16 -0500175# $1 ... .its filename
176# $2 ... Image counter
177# $3 ... Path to DTB image
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500178fitimage_emit_section_dtb() {
179
Brad Bishopf3fd2882019-06-21 08:06:37 -0400180 dtb_csum="${FIT_HASH_ALG}"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600181 dtb_sign_algo="${FIT_SIGN_ALG}"
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500182 dtb_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500183
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800184 dtb_loadline=""
185 dtb_ext=${DTB##*.}
186 if [ "${dtb_ext}" = "dtbo" ]; then
187 if [ -n "${UBOOT_DTBO_LOADADDRESS}" ]; then
188 dtb_loadline="load = <${UBOOT_DTBO_LOADADDRESS}>;"
189 fi
190 elif [ -n "${UBOOT_DTB_LOADADDRESS}" ]; then
191 dtb_loadline="load = <${UBOOT_DTB_LOADADDRESS}>;"
192 fi
Andrew Geisslereff27472021-10-29 15:35:00 -0500193 cat << EOF >> $1
194 fdt-$2 {
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500195 description = "Flattened Device Tree blob";
Andrew Geisslereff27472021-10-29 15:35:00 -0500196 data = /incbin/("$3");
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500197 type = "flat_dt";
198 arch = "${UBOOT_ARCH}";
199 compression = "none";
Andrew Geisslereff27472021-10-29 15:35:00 -0500200 $dtb_loadline
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600201 hash-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500202 algo = "$dtb_csum";
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500203 };
204 };
205EOF
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600206
Andrew Geisslereff27472021-10-29 15:35:00 -0500207 if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$dtb_sign_keyname" ] ; then
208 sed -i '$ d' $1
209 cat << EOF >> $1
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600210 signature-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500211 algo = "$dtb_csum,$dtb_sign_algo";
212 key-name-hint = "$dtb_sign_keyname";
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600213 };
214 };
215EOF
216 fi
217}
218
219#
220# Emit the fitImage ITS u-boot script section
221#
222# $1 ... .its filename
223# $2 ... Image counter
224# $3 ... Path to boot script image
225fitimage_emit_section_boot_script() {
226
Andrew Geisslereff27472021-10-29 15:35:00 -0500227 bootscr_csum="${FIT_HASH_ALG}"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600228 bootscr_sign_algo="${FIT_SIGN_ALG}"
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500229 bootscr_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600230
Andrew Geisslereff27472021-10-29 15:35:00 -0500231 cat << EOF >> $1
232 bootscr-$2 {
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600233 description = "U-boot script";
Andrew Geisslereff27472021-10-29 15:35:00 -0500234 data = /incbin/("$3");
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600235 type = "script";
236 arch = "${UBOOT_ARCH}";
237 compression = "none";
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700238 hash-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500239 algo = "$bootscr_csum";
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600240 };
241 };
242EOF
243
Andrew Geisslereff27472021-10-29 15:35:00 -0500244 if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$bootscr_sign_keyname" ] ; then
245 sed -i '$ d' $1
246 cat << EOF >> $1
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700247 signature-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500248 algo = "$bootscr_csum,$bootscr_sign_algo";
249 key-name-hint = "$bootscr_sign_keyname";
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600250 };
251 };
252EOF
253 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500254}
255
256#
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600257# Emit the fitImage ITS setup section
258#
259# $1 ... .its filename
260# $2 ... Image counter
261# $3 ... Path to setup image
262fitimage_emit_section_setup() {
263
Brad Bishopf3fd2882019-06-21 08:06:37 -0400264 setup_csum="${FIT_HASH_ALG}"
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600265
Andrew Geisslereff27472021-10-29 15:35:00 -0500266 cat << EOF >> $1
267 setup-$2 {
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600268 description = "Linux setup.bin";
Andrew Geisslereff27472021-10-29 15:35:00 -0500269 data = /incbin/("$3");
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600270 type = "x86_setup";
271 arch = "${UBOOT_ARCH}";
272 os = "linux";
273 compression = "none";
274 load = <0x00090000>;
275 entry = <0x00090000>;
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600276 hash-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500277 algo = "$setup_csum";
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600278 };
279 };
280EOF
281}
282
283#
George McCollister185c8ae2016-05-26 08:55:16 -0500284# Emit the fitImage ITS ramdisk section
285#
286# $1 ... .its filename
287# $2 ... Image counter
288# $3 ... Path to ramdisk image
289fitimage_emit_section_ramdisk() {
290
Brad Bishopf3fd2882019-06-21 08:06:37 -0400291 ramdisk_csum="${FIT_HASH_ALG}"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600292 ramdisk_sign_algo="${FIT_SIGN_ALG}"
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500293 ramdisk_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
Nathan Rossib4a4dc02016-10-21 22:07:27 +1000294 ramdisk_loadline=""
295 ramdisk_entryline=""
296
297 if [ -n "${UBOOT_RD_LOADADDRESS}" ]; then
298 ramdisk_loadline="load = <${UBOOT_RD_LOADADDRESS}>;"
299 fi
300 if [ -n "${UBOOT_RD_ENTRYPOINT}" ]; then
301 ramdisk_entryline="entry = <${UBOOT_RD_ENTRYPOINT}>;"
302 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500303
Andrew Geisslereff27472021-10-29 15:35:00 -0500304 cat << EOF >> $1
305 ramdisk-$2 {
Rick Altherrbc1b8802017-01-20 11:28:53 -0800306 description = "${INITRAMFS_IMAGE}";
Andrew Geisslereff27472021-10-29 15:35:00 -0500307 data = /incbin/("$3");
George McCollister185c8ae2016-05-26 08:55:16 -0500308 type = "ramdisk";
309 arch = "${UBOOT_ARCH}";
310 os = "linux";
Brad Bishop00e122a2019-10-05 11:10:57 -0400311 compression = "none";
Andrew Geisslereff27472021-10-29 15:35:00 -0500312 $ramdisk_loadline
313 $ramdisk_entryline
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600314 hash-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500315 algo = "$ramdisk_csum";
George McCollister185c8ae2016-05-26 08:55:16 -0500316 };
317 };
318EOF
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600319
Andrew Geisslereff27472021-10-29 15:35:00 -0500320 if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$ramdisk_sign_keyname" ] ; then
321 sed -i '$ d' $1
322 cat << EOF >> $1
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600323 signature-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500324 algo = "$ramdisk_csum,$ramdisk_sign_algo";
325 key-name-hint = "$ramdisk_sign_keyname";
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600326 };
327 };
328EOF
329 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500330}
331
332#
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500333# Emit the fitImage ITS configuration section
334#
George McCollister185c8ae2016-05-26 08:55:16 -0500335# $1 ... .its filename
336# $2 ... Linux kernel ID
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500337# $3 ... DTB image name
George McCollister185c8ae2016-05-26 08:55:16 -0500338# $4 ... ramdisk ID
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600339# $5 ... u-boot script ID
340# $6 ... config ID
341# $7 ... default flag
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500342fitimage_emit_section_config() {
343
Brad Bishopf3fd2882019-06-21 08:06:37 -0400344 conf_csum="${FIT_HASH_ALG}"
Brad Bishop64c979e2019-11-04 13:55:29 -0500345 conf_sign_algo="${FIT_SIGN_ALG}"
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700346 if [ "${UBOOT_SIGN_ENABLE}" = "1" ] ; then
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600347 conf_sign_keyname="${UBOOT_SIGN_KEYNAME}"
348 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500349
Andrew Geisslereff27472021-10-29 15:35:00 -0500350 its_file="$1"
351 kernel_id="$2"
352 dtb_image="$3"
353 ramdisk_id="$4"
354 bootscr_id="$5"
355 config_id="$6"
356 default_flag="$7"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600357
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500358 # Test if we have any DTBs at all
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800359 sep=""
360 conf_desc=""
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600361 conf_node="conf-"
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800362 kernel_line=""
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600363 fdt_line=""
364 ramdisk_line=""
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600365 bootscr_line=""
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500366 setup_line=""
367 default_line=""
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600368
Andrew Geissler635e0e42020-08-21 15:58:33 -0500369 # conf node name is selected based on dtb ID if it is present,
370 # otherwise its selected based on kernel ID
Andrew Geisslereff27472021-10-29 15:35:00 -0500371 if [ -n "$dtb_image" ]; then
372 conf_node=$conf_node$dtb_image
Andrew Geissler635e0e42020-08-21 15:58:33 -0500373 else
Andrew Geisslereff27472021-10-29 15:35:00 -0500374 conf_node=$conf_node$kernel_id
Andrew Geissler635e0e42020-08-21 15:58:33 -0500375 fi
376
Andrew Geisslereff27472021-10-29 15:35:00 -0500377 if [ -n "$kernel_id" ]; then
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800378 conf_desc="Linux kernel"
379 sep=", "
Andrew Geisslereff27472021-10-29 15:35:00 -0500380 kernel_line="kernel = \"kernel-$kernel_id\";"
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800381 fi
382
Andrew Geisslereff27472021-10-29 15:35:00 -0500383 if [ -n "$dtb_image" ]; then
384 conf_desc="$conf_desc${sep}FDT blob"
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800385 sep=", "
Andrew Geisslereff27472021-10-29 15:35:00 -0500386 fdt_line="fdt = \"fdt-$dtb_image\";"
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600387 fi
388
Andrew Geisslereff27472021-10-29 15:35:00 -0500389 if [ -n "$ramdisk_id" ]; then
390 conf_desc="$conf_desc${sep}ramdisk"
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800391 sep=", "
Andrew Geisslereff27472021-10-29 15:35:00 -0500392 ramdisk_line="ramdisk = \"ramdisk-$ramdisk_id\";"
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500393 fi
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600394
Andrew Geisslereff27472021-10-29 15:35:00 -0500395 if [ -n "$bootscr_id" ]; then
396 conf_desc="$conf_desc${sep}u-boot script"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600397 sep=", "
Andrew Geisslereff27472021-10-29 15:35:00 -0500398 bootscr_line="bootscr = \"bootscr-$bootscr_id\";"
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600399 fi
400
Andrew Geisslereff27472021-10-29 15:35:00 -0500401 if [ -n "$config_id" ]; then
402 conf_desc="$conf_desc${sep}setup"
403 setup_line="setup = \"setup-$config_id\";"
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600404 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500405
Andrew Geisslereff27472021-10-29 15:35:00 -0500406 if [ "$default_flag" = "1" ]; then
Andrew Geissler635e0e42020-08-21 15:58:33 -0500407 # default node is selected based on dtb ID if it is present,
408 # otherwise its selected based on kernel ID
Andrew Geisslereff27472021-10-29 15:35:00 -0500409 if [ -n "$dtb_image" ]; then
410 default_line="default = \"conf-$dtb_image\";"
Andrew Geissler635e0e42020-08-21 15:58:33 -0500411 else
Andrew Geisslereff27472021-10-29 15:35:00 -0500412 default_line="default = \"conf-$kernel_id\";"
Andrew Geissler635e0e42020-08-21 15:58:33 -0500413 fi
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500414 fi
415
Andrew Geisslereff27472021-10-29 15:35:00 -0500416 cat << EOF >> $its_file
417 $default_line
Andrew Geissler635e0e42020-08-21 15:58:33 -0500418 $conf_node {
Andrew Geisslereff27472021-10-29 15:35:00 -0500419 description = "$default_flag $conf_desc";
420 $kernel_line
421 $fdt_line
422 $ramdisk_line
423 $bootscr_line
424 $setup_line
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600425 hash-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500426 algo = "$conf_csum";
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500427 };
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600428EOF
429
Andrew Geisslereff27472021-10-29 15:35:00 -0500430 if [ -n "$conf_sign_keyname" ] ; then
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600431
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800432 sign_line="sign-images = "
433 sep=""
434
Andrew Geisslereff27472021-10-29 15:35:00 -0500435 if [ -n "$kernel_id" ]; then
436 sign_line="$sign_line${sep}\"kernel\""
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800437 sep=", "
438 fi
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600439
Andrew Geisslereff27472021-10-29 15:35:00 -0500440 if [ -n "$dtb_image" ]; then
441 sign_line="$sign_line${sep}\"fdt\""
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800442 sep=", "
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600443 fi
444
Andrew Geisslereff27472021-10-29 15:35:00 -0500445 if [ -n "$ramdisk_id" ]; then
446 sign_line="$sign_line${sep}\"ramdisk\""
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800447 sep=", "
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600448 fi
449
Andrew Geisslereff27472021-10-29 15:35:00 -0500450 if [ -n "$bootscr_id" ]; then
451 sign_line="$sign_line${sep}\"bootscr\""
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600452 sep=", "
453 fi
454
Andrew Geisslereff27472021-10-29 15:35:00 -0500455 if [ -n "$config_id" ]; then
456 sign_line="$sign_line${sep}\"setup\""
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600457 fi
458
Andrew Geisslereff27472021-10-29 15:35:00 -0500459 sign_line="$sign_line;"
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600460
Andrew Geisslereff27472021-10-29 15:35:00 -0500461 cat << EOF >> $its_file
Andrew Geissler90fd73c2021-03-05 15:25:55 -0600462 signature-1 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500463 algo = "$conf_csum,$conf_sign_algo";
464 key-name-hint = "$conf_sign_keyname";
465 $sign_line
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600466 };
467EOF
468 fi
469
Andrew Geisslereff27472021-10-29 15:35:00 -0500470 cat << EOF >> $its_file
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500471 };
472EOF
473}
474
George McCollister185c8ae2016-05-26 08:55:16 -0500475#
476# Assemble fitImage
477#
478# $1 ... .its filename
479# $2 ... fitImage name
480# $3 ... include ramdisk
481fitimage_assemble() {
482 kernelcount=1
483 dtbcount=""
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500484 DTBS=""
Andrew Geisslereff27472021-10-29 15:35:00 -0500485 ramdiskcount=$3
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600486 setupcount=""
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600487 bootscr_id=""
Andrew Geisslereff27472021-10-29 15:35:00 -0500488 rm -f $1 arch/${ARCH}/boot/$2
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500489
Andrew Geisslereff27472021-10-29 15:35:00 -0500490 if [ -n "${UBOOT_SIGN_IMG_KEYNAME}" -a "${UBOOT_SIGN_KEYNAME}" = "${UBOOT_SIGN_IMG_KEYNAME}" ]; then
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500491 bbfatal "Keys used to sign images and configuration nodes must be different."
492 fi
493
Andrew Geisslereff27472021-10-29 15:35:00 -0500494 fitimage_emit_fit_header $1
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500495
George McCollister185c8ae2016-05-26 08:55:16 -0500496 #
497 # Step 1: Prepare a kernel image section.
498 #
Andrew Geisslereff27472021-10-29 15:35:00 -0500499 fitimage_emit_section_maint $1 imagestart
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500500
George McCollister185c8ae2016-05-26 08:55:16 -0500501 uboot_prep_kimage
Andrew Geisslereff27472021-10-29 15:35:00 -0500502 fitimage_emit_section_kernel $1 $kernelcount linux.bin "$linux_comp"
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500503
George McCollister185c8ae2016-05-26 08:55:16 -0500504 #
505 # Step 2: Prepare a DTB image section
506 #
Brad Bishop19323692019-04-05 15:28:33 -0400507
Andrew Geissler95ac1b82021-03-31 14:34:31 -0500508 if [ -n "${KERNEL_DEVICETREE}" ]; then
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500509 dtbcount=1
George McCollister185c8ae2016-05-26 08:55:16 -0500510 for DTB in ${KERNEL_DEVICETREE}; do
Andrew Geisslereff27472021-10-29 15:35:00 -0500511 if echo $DTB | grep -q '/dts/'; then
512 bbwarn "$DTB contains the full path to the the dts file, but only the dtb name should be used."
513 DTB=`basename $DTB | sed 's,\.dts$,.dtb,g'`
George McCollister185c8ae2016-05-26 08:55:16 -0500514 fi
Andrew Geissler95ac1b82021-03-31 14:34:31 -0500515
516 # Skip ${DTB} if it's also provided in ${EXTERNAL_KERNEL_DEVICETREE}
517 if [ -n "${EXTERNAL_KERNEL_DEVICETREE}" ] && [ -s ${EXTERNAL_KERNEL_DEVICETREE}/${DTB} ]; then
518 continue
519 fi
520
Andrew Geisslereff27472021-10-29 15:35:00 -0500521 DTB_PATH="arch/${ARCH}/boot/dts/$DTB"
522 if [ ! -e "$DTB_PATH" ]; then
523 DTB_PATH="arch/${ARCH}/boot/$DTB"
George McCollister185c8ae2016-05-26 08:55:16 -0500524 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500525
Andrew Geisslereff27472021-10-29 15:35:00 -0500526 DTB=$(echo "$DTB" | tr '/' '_')
527 DTBS="$DTBS $DTB"
528 fitimage_emit_section_dtb $1 $DTB $DTB_PATH
George McCollister185c8ae2016-05-26 08:55:16 -0500529 done
530 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500531
Brad Bishop19323692019-04-05 15:28:33 -0400532 if [ -n "${EXTERNAL_KERNEL_DEVICETREE}" ]; then
533 dtbcount=1
Andrew Geissler82c905d2020-04-13 13:39:40 -0500534 for DTB in $(find "${EXTERNAL_KERNEL_DEVICETREE}" \( -name '*.dtb' -o -name '*.dtbo' \) -printf '%P\n' | sort); do
Andrew Geisslereff27472021-10-29 15:35:00 -0500535 DTB=$(echo "$DTB" | tr '/' '_')
536 DTBS="$DTBS $DTB"
537 fitimage_emit_section_dtb $1 $DTB "${EXTERNAL_KERNEL_DEVICETREE}/$DTB"
Brad Bishop19323692019-04-05 15:28:33 -0400538 done
539 fi
540
George McCollister185c8ae2016-05-26 08:55:16 -0500541 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600542 # Step 3: Prepare a u-boot script section
543 #
544
545 if [ -n "${UBOOT_ENV}" ] && [ -d "${STAGING_DIR_HOST}/boot" ]; then
546 if [ -e "${STAGING_DIR_HOST}/boot/${UBOOT_ENV_BINARY}" ]; then
547 cp ${STAGING_DIR_HOST}/boot/${UBOOT_ENV_BINARY} ${B}
548 bootscr_id="${UBOOT_ENV_BINARY}"
Andrew Geisslereff27472021-10-29 15:35:00 -0500549 fitimage_emit_section_boot_script $1 "$bootscr_id" ${UBOOT_ENV_BINARY}
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600550 else
551 bbwarn "${STAGING_DIR_HOST}/boot/${UBOOT_ENV_BINARY} not found."
552 fi
553 fi
554
555 #
556 # Step 4: Prepare a setup section. (For x86)
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600557 #
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500558 if [ -e arch/${ARCH}/boot/setup.bin ]; then
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600559 setupcount=1
Andrew Geisslereff27472021-10-29 15:35:00 -0500560 fitimage_emit_section_setup $1 $setupcount arch/${ARCH}/boot/setup.bin
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600561 fi
562
563 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600564 # Step 5: Prepare a ramdisk section.
George McCollister185c8ae2016-05-26 08:55:16 -0500565 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600566 if [ "x${ramdiskcount}" = "x1" ] && [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
Rick Altherrbc1b8802017-01-20 11:28:53 -0800567 # Find and use the first initramfs image archive type we find
Andrew Geisslerd159c7f2021-09-02 21:05:58 -0500568 for img in cpio.lz4 cpio.lzo cpio.lzma cpio.xz cpio.zst cpio.gz ext2.gz cpio; do
Andrew Geisslereff27472021-10-29 15:35:00 -0500569 initramfs_path="${DEPLOY_DIR_IMAGE}/${INITRAMFS_IMAGE_NAME}.$img"
570 echo -n "Searching for $initramfs_path..."
571 if [ -e "$initramfs_path" ]; then
572 echo "found"
573 fitimage_emit_section_ramdisk $1 "$ramdiskcount" "$initramfs_path"
Rick Altherrbc1b8802017-01-20 11:28:53 -0800574 break
Andrew Geisslereff27472021-10-29 15:35:00 -0500575 else
576 echo "not found"
Rick Altherrbc1b8802017-01-20 11:28:53 -0800577 fi
578 done
George McCollister185c8ae2016-05-26 08:55:16 -0500579 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500580
Andrew Geisslereff27472021-10-29 15:35:00 -0500581 fitimage_emit_section_maint $1 sectend
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500582
George McCollister185c8ae2016-05-26 08:55:16 -0500583 # Force the first Kernel and DTB in the default config
584 kernelcount=1
Andrew Geisslereff27472021-10-29 15:35:00 -0500585 if [ -n "$dtbcount" ]; then
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600586 dtbcount=1
587 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500588
George McCollister185c8ae2016-05-26 08:55:16 -0500589 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600590 # Step 6: Prepare a configurations section
George McCollister185c8ae2016-05-26 08:55:16 -0500591 #
Andrew Geisslereff27472021-10-29 15:35:00 -0500592 fitimage_emit_section_maint $1 confstart
George McCollister185c8ae2016-05-26 08:55:16 -0500593
Andrew Geissler635e0e42020-08-21 15:58:33 -0500594 # kernel-fitimage.bbclass currently only supports a single kernel (no less or
595 # more) to be added to the FIT image along with 0 or more device trees and
596 # 0 or 1 ramdisk.
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600597 # It is also possible to include an initramfs bundle (kernel and rootfs in one binary)
598 # When the initramfs bundle is used ramdisk is disabled.
Andrew Geissler635e0e42020-08-21 15:58:33 -0500599 # If a device tree is to be part of the FIT image, then select
600 # the default configuration to be used is based on the dtbcount. If there is
601 # no dtb present than select the default configuation to be based on
602 # the kernelcount.
Andrew Geisslereff27472021-10-29 15:35:00 -0500603 if [ -n "$DTBS" ]; then
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500604 i=1
605 for DTB in ${DTBS}; do
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800606 dtb_ext=${DTB##*.}
Andrew Geisslereff27472021-10-29 15:35:00 -0500607 if [ "$dtb_ext" = "dtbo" ]; then
608 fitimage_emit_section_config $1 "" "$DTB" "" "$bootscr_id" "" "`expr $i = $dtbcount`"
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800609 else
Andrew Geisslereff27472021-10-29 15:35:00 -0500610 fitimage_emit_section_config $1 $kernelcount "$DTB" "$ramdiskcount" "$bootscr_id" "$setupcount" "`expr $i = $dtbcount`"
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800611 fi
Andrew Geisslereff27472021-10-29 15:35:00 -0500612 i=`expr $i + 1`
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500613 done
Andrew Geissler635e0e42020-08-21 15:58:33 -0500614 else
615 defaultconfigcount=1
Andrew Geisslereff27472021-10-29 15:35:00 -0500616 fitimage_emit_section_config $1 $kernelcount "" "$ramdiskcount" "$bootscr_id" "$setupcount" $defaultconfigcount
Brad Bishop6e60e8b2018-02-01 10:27:11 -0500617 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500618
Andrew Geisslereff27472021-10-29 15:35:00 -0500619 fitimage_emit_section_maint $1 sectend
George McCollister185c8ae2016-05-26 08:55:16 -0500620
Andrew Geisslereff27472021-10-29 15:35:00 -0500621 fitimage_emit_section_maint $1 fitend
George McCollister185c8ae2016-05-26 08:55:16 -0500622
623 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600624 # Step 7: Assemble the image
George McCollister185c8ae2016-05-26 08:55:16 -0500625 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600626 ${UBOOT_MKIMAGE} \
George McCollister185c8ae2016-05-26 08:55:16 -0500627 ${@'-D "${UBOOT_MKIMAGE_DTCOPTS}"' if len('${UBOOT_MKIMAGE_DTCOPTS}') else ''} \
Andrew Geisslereff27472021-10-29 15:35:00 -0500628 -f $1 \
629 arch/${ARCH}/boot/$2
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600630
631 #
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600632 # Step 8: Sign the image and add public key to U-Boot dtb
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600633 #
634 if [ "x${UBOOT_SIGN_ENABLE}" = "x1" ] ; then
Brad Bishop19323692019-04-05 15:28:33 -0400635 add_key_to_u_boot=""
636 if [ -n "${UBOOT_DTB_BINARY}" ]; then
637 # The u-boot.dtb is a symlink to UBOOT_DTB_IMAGE, so we need copy
638 # both of them, and don't dereference the symlink.
639 cp -P ${STAGING_DATADIR}/u-boot*.dtb ${B}
640 add_key_to_u_boot="-K ${B}/${UBOOT_DTB_BINARY}"
641 fi
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600642 ${UBOOT_MKIMAGE_SIGN} \
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600643 ${@'-D "${UBOOT_MKIMAGE_DTCOPTS}"' if len('${UBOOT_MKIMAGE_DTCOPTS}') else ''} \
644 -F -k "${UBOOT_SIGN_KEYDIR}" \
Brad Bishop19323692019-04-05 15:28:33 -0400645 $add_key_to_u_boot \
Andrew Geisslereff27472021-10-29 15:35:00 -0500646 -r arch/${ARCH}/boot/$2 \
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600647 ${UBOOT_MKIMAGE_SIGN_ARGS}
Patrick Williamsc0f7c042017-02-23 20:41:17 -0600648 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500649}
650
651do_assemble_fitimage() {
652 if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage"; then
653 cd ${B}
Andrew Geisslereff27472021-10-29 15:35:00 -0500654 fitimage_assemble fit-image.its fitImage ""
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500655 fi
656}
657
658addtask assemble_fitimage before do_install after do_compile
659
George McCollister185c8ae2016-05-26 08:55:16 -0500660do_assemble_fitimage_initramfs() {
661 if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage" && \
662 test -n "${INITRAMFS_IMAGE}" ; then
663 cd ${B}
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600664 if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ]; then
665 fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage ""
666 else
667 fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage-${INITRAMFS_IMAGE} 1
668 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500669 fi
670}
671
Brad Bishop19323692019-04-05 15:28:33 -0400672addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs
George McCollister185c8ae2016-05-26 08:55:16 -0500673
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700674do_kernel_generate_rsa_keys() {
675 if [ "${UBOOT_SIGN_ENABLE}" = "0" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then
676 bbwarn "FIT_GENERATE_KEYS is set to 1 even though UBOOT_SIGN_ENABLE is set to 0. The keys will not be generated as they won't be used."
677 fi
678
679 if [ "${UBOOT_SIGN_ENABLE}" = "1" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then
680
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500681 # Generate keys to sign configuration nodes, only if they don't already exist
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700682 if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key ] || \
683 [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt ]; then
684
685 # make directory if it does not already exist
686 mkdir -p "${UBOOT_SIGN_KEYDIR}"
687
688 echo "Generating RSA private key for signing fitImage"
689 openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \
690 "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \
691 "${FIT_SIGN_NUMBITS}"
692
693 echo "Generating certificate for signing fitImage"
694 openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \
695 -key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \
696 -out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt
697 fi
Patrick Williams0ca19cc2021-08-16 14:03:13 -0500698
699 # Generate keys to sign image nodes, only if they don't already exist
700 if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".key ] || \
701 [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".crt ]; then
702
703 # make directory if it does not already exist
704 mkdir -p "${UBOOT_SIGN_KEYDIR}"
705
706 echo "Generating RSA private key for signing fitImage"
707 openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \
708 "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".key \
709 "${FIT_SIGN_NUMBITS}"
710
711 echo "Generating certificate for signing fitImage"
712 openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \
713 -key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".key \
714 -out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".crt
715 fi
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700716 fi
717}
718
719addtask kernel_generate_rsa_keys before do_assemble_fitimage after do_compile
George McCollister185c8ae2016-05-26 08:55:16 -0500720
Patrick Williamsd8c66bc2016-06-20 12:57:21 -0500721kernel_do_deploy[vardepsexclude] = "DATETIME"
Patrick Williams213cb262021-08-07 19:21:33 -0500722kernel_do_deploy:append() {
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500723 # Update deploy directory
He Zhefe76b1e2016-05-25 04:47:16 -0400724 if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage"; then
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800725
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600726 if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
727 echo "Copying fit-image.its source file..."
728 install -m 0644 ${B}/fit-image.its "$deployDir/fitImage-its-${KERNEL_FIT_NAME}.its"
Andrew Geissler595f6302022-01-24 19:11:47 +0000729 if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
730 ln -snf fitImage-its-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${KERNEL_FIT_LINK_NAME}"
731 fi
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600732
733 echo "Copying linux.bin file..."
Andrew Geissler595f6302022-01-24 19:11:47 +0000734 install -m 0644 ${B}/linux.bin $deployDir/fitImage-linux.bin-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT}
735 if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
736 ln -snf fitImage-linux.bin-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT} "$deployDir/fitImage-linux.bin-${KERNEL_FIT_LINK_NAME}"
737 fi
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600738 fi
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500739
George McCollister185c8ae2016-05-26 08:55:16 -0500740 if [ -n "${INITRAMFS_IMAGE}" ]; then
741 echo "Copying fit-image-${INITRAMFS_IMAGE}.its source file..."
Brad Bishop64c979e2019-11-04 13:55:29 -0500742 install -m 0644 ${B}/fit-image-${INITRAMFS_IMAGE}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its"
Andrew Geissler595f6302022-01-24 19:11:47 +0000743 if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
744 ln -snf fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}"
745 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500746
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600747 if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
748 echo "Copying fitImage-${INITRAMFS_IMAGE} file..."
Andrew Geissler595f6302022-01-24 19:11:47 +0000749 install -m 0644 ${B}/arch/${ARCH}/boot/fitImage-${INITRAMFS_IMAGE} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT}"
750 if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
751 ln -snf fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}"
752 fi
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600753 fi
George McCollister185c8ae2016-05-26 08:55:16 -0500754 fi
Andrew Geissler3b8a17c2021-04-15 15:55:55 -0500755 fi
756 if [ "${UBOOT_SIGN_ENABLE}" = "1" -o "${UBOOT_FITIMAGE_ENABLE}" = "1" ] && \
757 [ -n "${UBOOT_DTB_BINARY}" ] ; then
758 # UBOOT_DTB_IMAGE is a realfile, but we can't use
759 # ${UBOOT_DTB_IMAGE} since it contains ${PV} which is aimed
760 # for u-boot, but we are in kernel env now.
761 install -m 0644 ${B}/u-boot-${MACHINE}*.dtb "$deployDir/"
762 fi
763 if [ "${UBOOT_FITIMAGE_ENABLE}" = "1" -a -n "${UBOOT_BINARY}" -a -n "${SPL_DTB_BINARY}" ] ; then
764 # If we're also creating and/or signing the uboot fit, now we need to
765 # deploy it, it's its file, as well as u-boot-spl.dtb
766 install -m 0644 ${B}/u-boot-spl-${MACHINE}*.dtb "$deployDir/"
767 echo "Copying u-boot-fitImage file..."
768 install -m 0644 ${B}/u-boot-fitImage-* "$deployDir/"
769 echo "Copying u-boot-its file..."
770 install -m 0644 ${B}/u-boot-its-* "$deployDir/"
Patrick Williamsc124f4f2015-09-15 14:41:29 -0500771 fi
772}
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600773
774# The function below performs the following in case of initramfs bundles:
775# - Removes do_assemble_fitimage. FIT generation is done through
776# do_assemble_fitimage_initramfs. do_assemble_fitimage is not needed
777# and should not be part of the tasks to be executed.
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700778# - Since do_kernel_generate_rsa_keys is inserted by default
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600779# between do_compile and do_assemble_fitimage, this is
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700780# not suitable in case of initramfs bundles. do_kernel_generate_rsa_keys
Andrew Geisslerd1e89492021-02-12 15:35:20 -0600781# should be between do_bundle_initramfs and do_assemble_fitimage_initramfs.
782python () {
783 if d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1":
784 bb.build.deltask('do_assemble_fitimage', d)
William A. Kennington IIIac69b482021-06-02 12:28:27 -0700785 bb.build.deltask('kernel_generate_rsa_keys', d)
786 bb.build.addtask('kernel_generate_rsa_keys', 'do_assemble_fitimage_initramfs', 'do_bundle_initramfs', d)
Andrew Geissler95ac1b82021-03-31 14:34:31 -0500787}