aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDave Gerlach2020-12-15 19:31:33 -0600
committerDave Gerlach2021-01-05 16:14:18 -0600
commitc0f5f4ae1587f6b227c7e581236181083b1402b0 (patch)
tree06594c8203ecde3231e03ae900ce5003e80bb92d
parent6d023674b0655f1a7bba192d2600c08be314e9ef (diff)
downloadk3-image-gen-c0f5f4ae1587f6b227c7e581236181083b1402b0.tar.gz
k3-image-gen-c0f5f4ae1587f6b227c7e581236181083b1402b0.tar.xz
k3-image-gen-c0f5f4ae1587f6b227c7e581236181083b1402b0.zip
scripts: gen_x509_combined_cert: Make DM boardcfg optional
Upon introduction of support for using DM firmware and providing DM boardcfg through tiboot3.bin, support for providing ALL boardcfg as part of one common boardcfg binary was lost. Modify the gen_x509_combined_cert script so that the DM boardcfg can provided optionally. This allows all boardcfgs to be provided as part of a single binary to look more like the traditional combined boot flow on platforms that do not support a separate DM firmware. Signed-off-by: Dave Gerlach <d-gerlach@ti.com>
-rwxr-xr-xscripts/gen_x509_combined_cert.sh56
1 files changed, 34 insertions, 22 deletions
diff --git a/scripts/gen_x509_combined_cert.sh b/scripts/gen_x509_combined_cert.sh
index c6c596f..f7b141c 100755
--- a/scripts/gen_x509_combined_cert.sh
+++ b/scripts/gen_x509_combined_cert.sh
@@ -43,7 +43,6 @@ VALID_ROM_CORES="r5 m3"
43VALID_DMSC_CORES="r5-00 r5-01 a53-00 a53-01 a53-10 a53-11" 43VALID_DMSC_CORES="r5-00 r5-01 a53-00 a53-01 a53-10 a53-11"
44SHA=sha512 44SHA=sha512
45CORE=m3 45CORE=m3
46LOADADDR=0x00040000
47VALID_MASTERS="rom dmsc" 46VALID_MASTERS="rom dmsc"
48 47
49declare -A sha_oids 48declare -A sha_oids
@@ -91,6 +90,9 @@ usage() {
91 echo "Examples of usage:-" 90 echo "Examples of usage:-"
92 echo "# Example of generation a combined boot image" 91 echo "# Example of generation a combined boot image"
93 echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-sci-firmware-j7200-gp-vlab.bin -m 0x40000 -d combined-cfg.bin -n 0x7f000 -o tiboot3.bin" 92 echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-sci-firmware-j7200-gp-vlab.bin -m 0x40000 -d combined-cfg.bin -n 0x7f000 -o tiboot3.bin"
93 echo
94 echo "# Example of generation of a split boardcfg image for use with DM firmware"
95 echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-fs-firmware-j7200-gp.bin -m 0x40000 -d combined-tifs-cfg.bin -n 0x7f000 -t out/soc/j7200/evm/combined-dm-cfg.bin -y 0x41c80000 -k ti-degenerate-key.pem -o tiboot3.bin"
94} 96}
95 97
96options_help[b]="Boot Loader:Bin file corresponding to boot loader on R5" 98options_help[b]="Boot Loader:Bin file corresponding to boot loader on R5"
@@ -99,8 +101,8 @@ options_help[s]="SYSFW: Bin file corresponding to sysfw image"
99options_help[m]="SYSFW loadaddress: SYSFW image load address" 101options_help[m]="SYSFW loadaddress: SYSFW image load address"
100options_help[d]="SYSFW_DATA: Bin file corresponding to combined board configurations" 102options_help[d]="SYSFW_DATA: Bin file corresponding to combined board configurations"
101options_help[n]="SYSFW_DATA loadaddr: Combine board configuration load address" 103options_help[n]="SYSFW_DATA loadaddr: Combine board configuration load address"
102options_help[t]="DM_DATA: Bin file corresponding to combined board configurations for RM and PM. If this is used, RM and PM do not need to be provided as part of SYSFW_DATA." 104options_help[t]="DM_DATA: Bin file corresponding to combined board configurations for RM and PM. If this is used, RM and PM do not need to be provided as part of SYSFW_DATA. (OPTIONAL)"
103options_help[y]="DM_DATA loadaddr: Combine RM and PM blob board configuration load address" 105options_help[y]="DM_DATA loadaddr: Combine RM and PM blob board configuration load address (OPTIONAL)"
104options_help[k]="key_file:file with key inside it. If not provided script generates a random key." 106options_help[k]="key_file:file with key inside it. If not provided script generates a random key."
105 107
106while getopts "b:l:s:m:d:n:k:o:h:t:y:" opt 108while getopts "b:l:s:m:d:n:k:o:h:t:y:" opt
@@ -191,9 +193,29 @@ SYSFW_DATA_SHA_VAL=`openssl dgst -$SHA -hex $SYSFW_DATA | sed -e "s/^.*= //g"`
191SYSFW_DATA_SIZE=`cat $SYSFW_DATA | wc -c` 193SYSFW_DATA_SIZE=`cat $SYSFW_DATA | wc -c`
192SYSFW_DATA_ADDR=`printf "%08x" $SYSFW_DATA_LOADADDR` 194SYSFW_DATA_ADDR=`printf "%08x" $SYSFW_DATA_LOADADDR`
193 195
194DM_DATA_SHA_VAL=`openssl dgst -$SHA -hex $DM_DATA | sed -e "s/^.*= //g"` 196# Only process DM_DATA is variable is provided, or set size to 0 and num_comps to 3 for cert
195DM_DATA_SIZE=`cat $DM_DATA | wc -c` 197if [ -n "$DM_DATA" ]; then
196DM_DATA_ADDR=`printf "%08x" $DM_DATA_LOADADDR` 198 DM_DATA_SHA_VAL=`openssl dgst -$SHA -hex $DM_DATA | sed -e "s/^.*= //g"`
199 DM_DATA_SIZE=`cat $DM_DATA | wc -c`
200 DM_DATA_ADDR=`printf "%08x" $DM_DATA_LOADADDR`
201 NUM_COMPS_COUNT=4
202 DM_DATA_EXT_BOOT_SEQUENCE_STRING="dm_data=SEQUENCE:dm_data"
203read -r -d '' DM_DATA_EXT_BOOT_BLOCK << EOM
204 [dm_data]\\
205 compType = INTEGER:17\\
206 bootCore = INTEGER:16\\
207 compOpts = INTEGER:0\\
208 destAddr = FORMAT:HEX,OCT:DM_DATA_DEST_ADDR\\
209 compSize = INTEGER:DM_DATA_IMAGE_SIZE\\
210 shaType = OID:DM_DATA_IMAGE_SHA_OID\\
211 shaValue = FORMAT:HEX,OCT:DM_DATA_IMAGE_SHA_VAL
212EOM
213else
214 DM_DATA_SIZE=`printf "%08x" 0`
215 NUM_COMPS_COUNT=3
216 DM_DATA_EXT_BOOT_SEQUENCE_STRING=""
217 DM_DATA_EXT_BOOT_BLOCK=""
218fi
197 219
198TOTAL_SIZE=$(expr $SBL_SIZE + $SYSFW_SIZE + $SYSFW_DATA_SIZE + $DM_DATA_SIZE) 220TOTAL_SIZE=$(expr $SBL_SIZE + $SYSFW_SIZE + $SYSFW_DATA_SIZE + $DM_DATA_SIZE)
199 221
@@ -226,11 +248,11 @@ cat << 'EOF' > $TEMP_X509
226 248
227 [ext_boot_info] 249 [ext_boot_info]
228 extImgSize=INTEGER:TOTAL_IMAGE_LENGTH 250 extImgSize=INTEGER:TOTAL_IMAGE_LENGTH
229 numComp=INTEGER:4 251 numComp=INTEGER:NUM_COMPS_COUNT
230 sbl=SEQUENCE:sbl 252 sbl=SEQUENCE:sbl
231 sysfw=SEQUENCE:sysfw 253 sysfw=SEQUENCE:sysfw
232 sysfw_data=SEQUENCE:sysfw_data 254 sysfw_data=SEQUENCE:sysfw_data
233 dm_data=SEQUENCE:dm_data 255 DM_DATA_EXT_BOOT_SEQUENCE_STRING
234 256
235 [sbl] 257 [sbl]
236 compType = INTEGER:1 258 compType = INTEGER:1
@@ -258,21 +280,14 @@ cat << 'EOF' > $TEMP_X509
258 compSize = INTEGER:SYSFW_DATA_IMAGE_SIZE 280 compSize = INTEGER:SYSFW_DATA_IMAGE_SIZE
259 shaType = OID:SYSFW_DATA_IMAGE_SHA_OID 281 shaType = OID:SYSFW_DATA_IMAGE_SHA_OID
260 shaValue = FORMAT:HEX,OCT:SYSFW_DATA_IMAGE_SHA_VAL 282 shaValue = FORMAT:HEX,OCT:SYSFW_DATA_IMAGE_SHA_VAL
261 283 DM_DATA_EXT_BOOT_BLOCK
262 [dm_data]
263 compType = INTEGER:17
264 bootCore = INTEGER:16
265 compOpts = INTEGER:0
266 destAddr = FORMAT:HEX,OCT:DM_DATA_DEST_ADDR
267 compSize = INTEGER:DM_DATA_IMAGE_SIZE
268 shaType = OID:DM_DATA_IMAGE_SHA_OID
269 shaValue = FORMAT:HEX,OCT:DM_DATA_IMAGE_SHA_VAL
270EOF 284EOF
271} 285}
272 286
273gen_cert() { 287gen_cert() {
274 echo "Certificate being generated :" 288 echo "Certificate being generated :"
275 #echo $SBL_ADDR $SBL_SIZE $SBL_SHA_VAL 289 #echo $SBL_ADDR $SBL_SIZE $SBL_SHA_VAL
290 sed -i "s/NUM_COMPS_COUNT/$NUM_COMPS_COUNT/" $TEMP_X509
276 sed -i "s/SBL_DEST_ADDR/$SBL_ADDR/" $TEMP_X509 291 sed -i "s/SBL_DEST_ADDR/$SBL_ADDR/" $TEMP_X509
277 sed -i "s/SBL_IMAGE_SIZE/$SBL_SIZE/" $TEMP_X509 292 sed -i "s/SBL_IMAGE_SIZE/$SBL_SIZE/" $TEMP_X509
278 sed -i "s/SBL_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 293 sed -i "s/SBL_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509
@@ -288,6 +303,8 @@ gen_cert() {
288 sed -i "s/SYSFW_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 303 sed -i "s/SYSFW_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509
289 sed -i "s/SYSFW_DATA_IMAGE_SHA_VAL/$SYSFW_DATA_SHA_VAL/" $TEMP_X509 304 sed -i "s/SYSFW_DATA_IMAGE_SHA_VAL/$SYSFW_DATA_SHA_VAL/" $TEMP_X509
290 #echo $DM_DATA_ADDR $DM_DATA_SIZE $DM_DATA_SHA_VAL 305 #echo $DM_DATA_ADDR $DM_DATA_SIZE $DM_DATA_SHA_VAL
306 sed -i "s/DM_DATA_EXT_BOOT_BLOCK/$DM_DATA_EXT_BOOT_BLOCK/" $TEMP_X509
307 sed -i "s/DM_DATA_EXT_BOOT_SEQUENCE_STRING/$DM_DATA_EXT_BOOT_SEQUENCE_STRING/" $TEMP_X509
291 sed -i "s/DM_DATA_DEST_ADDR/$DM_DATA_ADDR/" $TEMP_X509 308 sed -i "s/DM_DATA_DEST_ADDR/$DM_DATA_ADDR/" $TEMP_X509
292 sed -i "s/DM_DATA_IMAGE_SIZE/$DM_DATA_SIZE/" $TEMP_X509 309 sed -i "s/DM_DATA_IMAGE_SIZE/$DM_DATA_SIZE/" $TEMP_X509
293 sed -i "s/DM_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 310 sed -i "s/DM_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509
@@ -303,8 +320,3 @@ cat $CERT $SBL $SYSFW $SYSFW_DATA $DM_DATA > $OUTPUT
303 320
304echo "SUCCESS: Image $OUTPUT generated." 321echo "SUCCESS: Image $OUTPUT generated."
305 322
306# Remove all intermediate files
307rm $TEMP_X509 $CERT
308if [ "$KEY" == "$RAND_KEY" ]; then
309 rm $RAND_KEY
310fi