diff options
| author | Clayton Casciato <majortomtosourcecontrol@gmail.com> | 2024-11-22 08:00:00 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-11-23 14:44:54 +0000 |
| commit | 2986626843658bffc5ca1a0cbe5d8c9fbac7a260 (patch) | |
| tree | 1433e8982eb2160674340e322e9bb8b414ef7b93 /meta/classes-recipe | |
| parent | 509316876fa0934239e74b36c0ba3ff94b4ecc7b (diff) | |
| download | poky-2986626843658bffc5ca1a0cbe5d8c9fbac7a260.tar.gz | |
uboot-sign: fix U-Boot binary with public key
Fixes [YOCTO #15649]
The U-Boot binary in the "deploy" directory is missing the public key
when the removed logic branch is used.
The simple concatenation of the binary and DTB with public key works as
expected on a BeagleBone Black.
Given:
MACHINE = beaglebone-yocto
UBOOT_SIGN_KEYNAME = "dev"
Post-patch (poky/build/tmp/deploy/images/beaglebone-yocto):
$ hexdump -e "16 \"%_p\" \"\\n\"" u-boot-beaglebone-yocto.dtb \
| tr -d '\n' | grep -o 'key-dev'
key-dev
$ hexdump -e "16 \"%_p\" \"\\n\"" u-boot.img \
| tr -d '\n' | grep -o 'key-dev'
key-dev
Non-Poky BeagleBone Black testing (Scarthgap):
U-Boot 2024.01 [...]
[...]
Using 'conf-ti_omap_am335x-boneblack.dtb' configuration
Verifying Hash Integrity ... sha256,rsa4096:dev+ OK
Trying 'kernel-1' kernel subimage
[...]
(From OE-Core rev: 0d14e99aa18ee38293df63d585fafc270a4538be)
Signed-off-by: Clayton Casciato <majortomtosourcecontrol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes-recipe')
| -rw-r--r-- | meta/classes-recipe/uboot-sign.bbclass | 8 |
1 files changed, 1 insertions, 7 deletions
diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass index a17be745ce..7ee73b872a 100644 --- a/meta/classes-recipe/uboot-sign.bbclass +++ b/meta/classes-recipe/uboot-sign.bbclass | |||
| @@ -122,13 +122,7 @@ concat_dtb() { | |||
| 122 | # If we're not using a signed u-boot fit, concatenate SPL w/o DTB & U-Boot DTB | 122 | # If we're not using a signed u-boot fit, concatenate SPL w/o DTB & U-Boot DTB |
| 123 | # with public key (otherwise U-Boot will be packaged by uboot_fitimage_assemble) | 123 | # with public key (otherwise U-Boot will be packaged by uboot_fitimage_assemble) |
| 124 | if [ "${SPL_SIGN_ENABLE}" != "1" ] ; then | 124 | if [ "${SPL_SIGN_ENABLE}" != "1" ] ; then |
| 125 | if [ "x${UBOOT_SUFFIX}" = "ximg" -o "x${UBOOT_SUFFIX}" = "xrom" ] && \ | 125 | if [ -e "${UBOOT_NODTB_BINARY}" -a -e "${UBOOT_DTB_BINARY}" ]; then |
| 126 | [ -e "${UBOOT_DTB_BINARY}" ]; then | ||
| 127 | oe_runmake EXT_DTB="${UBOOT_DTB_SIGNED}" ${UBOOT_MAKE_TARGET} | ||
| 128 | if [ -n "${binary}" ]; then | ||
| 129 | cp ${binary} ${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} | ||
| 130 | fi | ||
| 131 | elif [ -e "${UBOOT_NODTB_BINARY}" -a -e "${UBOOT_DTB_BINARY}" ]; then | ||
| 132 | if [ -n "${binary}" ]; then | 126 | if [ -n "${binary}" ]; then |
| 133 | cat ${UBOOT_NODTB_BINARY} ${UBOOT_DTB_SIGNED} | tee ${binary} > \ | 127 | cat ${UBOOT_NODTB_BINARY} ${UBOOT_DTB_SIGNED} | tee ${binary} > \ |
| 134 | ${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} | 128 | ${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} |