diff --git a/Makefile b/Makefile
index 49e6b6b225ffb45361d219f1474990dba399ca76..405c8a370cbad85779ca32ea6210b0c7794a06a6 100644 (file)
--- a/Makefile
+++ b/Makefile
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
+SOC ?= am65x
+CONFIG ?= evm
+
+BUILD_SRC ?= .
+O ?= out
+BIN_DIR ?= .
+
+srcroot = $(BUILD_SRC)
+soc_srcroot = $(srcroot)/soc/${SOC}/${CONFIG}
+objroot = $(O)
+soc_objroot = $(objroot)/soc/${SOC}/${CONFIG}
+
+binroot = $(BIN_DIR)
+
+# The HS SYSFW will only work on HS hardware when signed with valid
+# keys, warn HS users if the SECDEV environment variable is not set
+ifdef HS
+ifeq ($(TI_SECURE_DEV_PKG),)
+$(warning TI_SECURE_DEV_PKG should be set for HS, defaults may not work)
+endif
+endif
+
# If using the default SYSFW make sure to manually copy/populate the unsigned
# image into the root folder of this repository.
-SYSFW_PATH ?= ti-sci-firmware-am65x-gp.bin
+SYSFW_PATH ?= ti-sci-firmware-${SOC}-gp.bin
+SYSFW_HS_PATH ?= ti-sci-firmware-${SOC}-hs-enc.bin
+SYSFW_HS_INNER_CERT_PATH ?= ti-sci-firmware-${SOC}-hs-cert.bin
+SYSFW_HS_CERTS_PATH ?= ti-sci-firmware-${SOC}-hs-certs.bin
# Must use FULL Git hash below, as it is used as part of an URL for direct DL
-SYSFW_GIT_HASH ?= 77bd5534eb33c2f9654ab1b56fcdff4e8b7143e0
+SYSFW_GIT_HASH ?= b41c4f097ab6f341462645f76059f48f78bbd17e
# URL to download SYSFW release binary from if not provided otherwise
SYSFW_DL_URL ?= https://git.ti.com/processor-firmware/ti-linux-firmware/blobs/raw/$(SYSFW_GIT_HASH)/ti-sysfw/$(SYSFW_PATH)
+SYSFW_HS_DL_URL ?= https://git.ti.com/processor-firmware/ti-linux-firmware/blobs/raw/$(SYSFW_GIT_HASH)/ti-sysfw/$(SYSFW_HS_PATH)
+SYSFW_HS_INNER_CERT_DL_URL ?= https://git.ti.com/processor-firmware/ti-linux-firmware/blobs/raw/$(SYSFW_GIT_HASH)/ti-sysfw/$(SYSFW_HS_INNER_CERT_PATH)
+
+# Set HS SYSFW image signing key
+ifdef HS
+KEY ?= $(TI_SECURE_DEV_PKG)/keys/custMpk.pem
+else
+KEY ?= ti-degenerate-key.pem
+endif
CROSS_COMPILE ?= arm-linux-gnueabihf-
CFLAGS ?= \
-fno-builtin \
- -Wall
+ -Wall \
+ -Iinclude/soc/${SOC} \
+ -Isoc/${SOC}/${CONFIG} \
+ -Iinclude
-BINS ?= \
- sysfw.bin \
- board-cfg.bin \
- pm-cfg.bin \
- rm-cfg.bin \
- sec-cfg.bin
-ITB ?= sysfw.itb
-ITS ?= $(basename $(ITB)).its
+SOURCES ?= \
+ board-cfg.c \
+ pm-cfg.c \
+ rm-cfg.c \
+ sec-cfg.c
-MKIMAGE ?= mkimage
+SOC_SOURCES=$(SOURCES:%.c=$(soc_srcroot)/%.c)
+SOC_OBJS=$(SOURCES:%.c=$(soc_objroot)/%.o)
-.PHONY: all
-all: $(ITB)
+SOC_BINS=$(soc_objroot)/sysfw.bin
+SOC_BIN_NAMES=sysfw.bin
-%.o: %.S
- $(CROSS_COMPILE)as -o $@ $<
+SOC_BINS += $(SOURCES:%.c=$(soc_objroot)/%.bin)
+SOC_BIN_NAMES += $(SOURCES:%.c=%.bin)
-%.o: %.c
- $(CROSS_COMPILE)gcc $(CFLAGS) -c -o $@ $<
+ITB ?= $(binroot)/sysfw-$(SOC)-$(CONFIG).itb
+ITS ?= $(soc_objroot)/$(basename $(notdir $(ITB))).its
-%.bin: %.o
- $(CROSS_COMPILE)objcopy -S -O binary $< $@
+vpath %.itb $(soc_objroot)
+vpath %.bin $(soc_objroot)
+vpath %.o $(soc_objroot)
+vpath %.c $(soc_srcroot)
+
+MKIMAGE ?= mkimage
+
+.PHONY: all _objtree_build
+
+all: _objtree_build $(ITB)
+
+_objtree_build:
+ @mkdir -p $(objroot) $(soc_objroot) $(binroot)
$(SYSFW_PATH):
@echo "Downloading SYSFW release image..."
wget $(SYSFW_DL_URL)
@echo "Download SUCCESS!"
-sysfw.bin: $(SYSFW_PATH) sysfw_version
- @echo "Signing the SYSFW release image with random key..."
- ./gen_x509_cert.sh -c m3 -b $< -o $@ -l 0x40000
+$(SYSFW_HS_PATH):
+ @echo "Downloading HS SYSFW release image..."
+ wget $(SYSFW_HS_DL_URL)
+ @echo "Download SUCCESS!"
-$(ITS): $(BINS)
- ./gen_its.sh $(BINS) > $@
+$(SYSFW_HS_INNER_CERT_PATH):
+ @echo "Downloading HS SYSFW release certificate..."
+ wget $(SYSFW_HS_INNER_CERT_DL_URL)
+ @echo "Download SUCCESS!"
-$(ITB): $(ITS) $(BINS)
+ifdef HS
+$(SYSFW_HS_CERTS_PATH): $(SYSFW_HS_INNER_CERT_PATH)
+ @echo "Signing the SYSFW inner certificate with $(KEY) key...";
+ ./gen_x509_cert.sh -d -c m3 -b $< -o $@ -l 0x40000 -k $(KEY);
+
+$(soc_objroot)/sysfw.bin: $(SYSFW_HS_CERTS_PATH) $(SYSFW_HS_PATH) sysfw_version
+ cat $^ > $@
+else
+$(soc_objroot)/sysfw.bin: $(SYSFW_PATH) sysfw_version
+ @if [ -n "$(KEY)" ]; then \
+ echo "Signing the SYSFW release image with $(KEY) key..."; \
+ ./gen_x509_cert.sh -c m3 -b $< -o $@ -l 0x40000 -k $(KEY); \
+ else \
+ echo "Signing the SYSFW release image with random key..."; \
+ ./gen_x509_cert.sh -c m3 -b $< -o $@ -l 0x40000; \
+ fi
+endif
+
+$(ITS): soc_objs $(SOC_BINS)
+ ./gen_its.sh $(SOC) $(CONFIG) $(SOC_BIN_NAMES) > $@
+
+$(ITB): $(ITS)
$(MKIMAGE) -f $< -r $@
+soc_objs: $(SOC_OBJS)
+
+
+$(soc_objroot)/%.o: %.c
+ $(CROSS_COMPILE)gcc $(CFLAGS) -c -o $@ $<
+
+%.bin: %.o
+ $(CROSS_COMPILE)objcopy -S -O binary $< $@
+
+
.PHONY: sysfw_version
sysfw_version: $(SYSFW_PATH)
@echo "SYSFW Version:" `strings $(SYSFW_PATH) | grep -o 'v20[0-9][0-9]\.[0-9][0-9].*(.*'`
.PHONY: clean
clean:
- -rm $(BINS)
- -rm $(ITB)
- -rm $(ITS)
+ -rm -f $(SOC_BINS) $(SOC_OBJS)
+ -rm -f $(ITB)
+ -rm -f $(ITS)
+ -rm -f $(SYSFW_HS_CERTS_PATH)
+ -rm -rf $(objroot)
.PHONY: mrproper
mrproper: clean
- -rm $(SYSFW_PATH)
+ -rm -f $(SYSFW_PATH)
+ -rm -f $(SYSFW_HS_PATH)
+ -rm -f $(SYSFW_HS_INNER_CERT_PATH)