[PATCH] bootm: fit: add option to add DT snipped that contains fit public key
Sascha Hauer
s.hauer at pengutronix.de
Fri Feb 9 02:01:24 PST 2018
From: Marc Kleine-Budde <mkl at pengutronix.de>
This makes it easier for build systems to include a configurable dts
snippet which holds the public keys for FIT images.
Usage:
Add to your dts:
#ifdef CONFIG_BOOTM_FITIMAGE_PUBKEY
#include CONFIG_BOOTM_FITIMAGE_PUBKEY
#endif
Signed-off-by: Marc Kleine-Budde <mkl at pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
common/Kconfig | 7 +++++++
scripts/Makefile.lib | 6 ++++++
2 files changed, 13 insertions(+)
diff --git a/common/Kconfig b/common/Kconfig
index 93b1d89274..33e15490e9 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -632,6 +632,13 @@ config BOOTM_FITIMAGE_SIGNATURE
Additionally the barebox device tree needs a /signature node with the
public key with which the image has been signed.
+config BOOTM_FITIMAGE_PUBKEY
+ string "Path to dtsi containing pubkey"
+ default "../fit/pubkey.dtsi"
+ depends on BOOTM_FITIMAGE_SIGNATURE
+ help
+ FIXME
+
config BOOTM_FORCE_SIGNED_IMAGES
bool
prompt "Force booting of signed images"
diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
index 932a779d6c..7a1bf07e66 100644
--- a/scripts/Makefile.lib
+++ b/scripts/Makefile.lib
@@ -157,6 +157,12 @@ dtc_cpp_flags = -Wp,-MD,$(depfile).pre -nostdinc \
-I$(srctree)/dts/src/ \
-undef -D__DTS__
+ifdef CONFIG_BOOTM_FITIMAGE_PUBKEY
+ifneq ($(CONFIG_BOOTM_FITIMAGE_PUBKEY),"")
+dtc_cpp_flags += -DCONFIG_BOOTM_FITIMAGE_PUBKEY=\"$(CONFIG_BOOTM_FITIMAGE_PUBKEY)\"
+endif
+endif
+
# Finds the multi-part object the current object will be linked into
modname-multi = $(sort $(foreach m,$(multi-used),\
$(if $(filter $(subst $(obj)/,,$*.o), $($(m:.o=-objs)) $($(m:.o=-y))),$(m:.o=))))
--
2.15.1
More information about the barebox
mailing list