diff options
Diffstat (limited to 'meta/classes/kernel-fitimage.bbclass')
-rw-r--r-- | meta/classes/kernel-fitimage.bbclass | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass index 67cbda4d93..e363eeb64c 100644 --- a/meta/classes/kernel-fitimage.bbclass +++ b/meta/classes/kernel-fitimage.bbclass | |||
@@ -667,7 +667,34 @@ do_assemble_fitimage_initramfs() { | |||
667 | 667 | ||
668 | addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs | 668 | addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs |
669 | 669 | ||
670 | addtask generate_rsa_keys before do_assemble_fitimage after do_compile | 670 | do_kernel_generate_rsa_keys() { |
671 | if [ "${UBOOT_SIGN_ENABLE}" = "0" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then | ||
672 | bbwarn "FIT_GENERATE_KEYS is set to 1 even though UBOOT_SIGN_ENABLE is set to 0. The keys will not be generated as they won't be used." | ||
673 | fi | ||
674 | |||
675 | if [ "${UBOOT_SIGN_ENABLE}" = "1" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then | ||
676 | |||
677 | # Generate keys only if they don't already exist | ||
678 | if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key ] || \ | ||
679 | [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt ]; then | ||
680 | |||
681 | # make directory if it does not already exist | ||
682 | mkdir -p "${UBOOT_SIGN_KEYDIR}" | ||
683 | |||
684 | echo "Generating RSA private key for signing fitImage" | ||
685 | openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \ | ||
686 | "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \ | ||
687 | "${FIT_SIGN_NUMBITS}" | ||
688 | |||
689 | echo "Generating certificate for signing fitImage" | ||
690 | openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \ | ||
691 | -key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \ | ||
692 | -out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt | ||
693 | fi | ||
694 | fi | ||
695 | } | ||
696 | |||
697 | addtask kernel_generate_rsa_keys before do_assemble_fitimage after do_compile | ||
671 | 698 | ||
672 | kernel_do_deploy[vardepsexclude] = "DATETIME" | 699 | kernel_do_deploy[vardepsexclude] = "DATETIME" |
673 | kernel_do_deploy_append() { | 700 | kernel_do_deploy_append() { |
@@ -718,13 +745,13 @@ kernel_do_deploy_append() { | |||
718 | # - Removes do_assemble_fitimage. FIT generation is done through | 745 | # - Removes do_assemble_fitimage. FIT generation is done through |
719 | # do_assemble_fitimage_initramfs. do_assemble_fitimage is not needed | 746 | # do_assemble_fitimage_initramfs. do_assemble_fitimage is not needed |
720 | # and should not be part of the tasks to be executed. | 747 | # and should not be part of the tasks to be executed. |
721 | # - Since do_generate_rsa_keys is inserted by default | 748 | # - Since do_kernel_generate_rsa_keys is inserted by default |
722 | # between do_compile and do_assemble_fitimage, this is | 749 | # between do_compile and do_assemble_fitimage, this is |
723 | # not suitable in case of initramfs bundles. do_generate_rsa_keys | 750 | # not suitable in case of initramfs bundles. do_kernel_generate_rsa_keys |
724 | # should be between do_bundle_initramfs and do_assemble_fitimage_initramfs. | 751 | # should be between do_bundle_initramfs and do_assemble_fitimage_initramfs. |
725 | python () { | 752 | python () { |
726 | if d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1": | 753 | if d.getVar('INITRAMFS_IMAGE_BUNDLE') == "1": |
727 | bb.build.deltask('do_assemble_fitimage', d) | 754 | bb.build.deltask('do_assemble_fitimage', d) |
728 | bb.build.deltask('generate_rsa_keys', d) | 755 | bb.build.deltask('kernel_generate_rsa_keys', d) |
729 | bb.build.addtask('generate_rsa_keys', 'do_assemble_fitimage_initramfs', 'do_bundle_initramfs', d) | 756 | bb.build.addtask('kernel_generate_rsa_keys', 'do_assemble_fitimage_initramfs', 'do_bundle_initramfs', d) |
730 | } | 757 | } |