mirror of
https://github.com/u-boot/u-boot.git
synced 2025-05-03 18:23:34 +00:00
133c000ca3
The patch implement new property 'fit,sign' that can be declared at the top-level 'fit' node. If that option is declared, fit tryies to detect private keys directory among binman include directories. That directory than passed to mkimage using '-k' flag and that enable signing of FIT. Signed-off-by: Alexander Kochetkov <al.kochet@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> Renumbered files, moved new tests to end: Signed-off-by: Simon Glass <sjg@chromium.org>
98 lines
1.6 KiB
Text
98 lines
1.6 KiB
Text
// SPDX-License-Identifier: GPL-2.0+
|
|
|
|
/dts-v1/;
|
|
|
|
/ {
|
|
#address-cells = <1>;
|
|
#size-cells = <1>;
|
|
|
|
binman {
|
|
fit {
|
|
description = "test desc";
|
|
#address-cells = <1>;
|
|
fit,fdt-list = "of-list";
|
|
fit,sign;
|
|
|
|
images {
|
|
u-boot {
|
|
description = "test u-boot";
|
|
type = "standalone";
|
|
arch = "arm64";
|
|
os = "u-boot";
|
|
compression = "none";
|
|
load = <0x00000000>;
|
|
entry = <0x00000000>;
|
|
|
|
u-boot-nodtb {
|
|
};
|
|
|
|
hash {
|
|
algo = "sha256";
|
|
};
|
|
|
|
signature {
|
|
algo = "sha256,rsa2048";
|
|
key-name-hint = "rsa2048";
|
|
};
|
|
};
|
|
@atf-SEQ {
|
|
fit,operation = "split-elf";
|
|
description = "test tf-a";
|
|
type = "firmware";
|
|
arch = "arm64";
|
|
os = "arm-trusted-firmware";
|
|
compression = "none";
|
|
fit,load;
|
|
fit,entry;
|
|
fit,data;
|
|
|
|
atf-bl31 {
|
|
};
|
|
|
|
hash {
|
|
algo = "sha256";
|
|
};
|
|
|
|
signature {
|
|
algo = "sha256,rsa2048";
|
|
key-name-hint = "rsa2048";
|
|
};
|
|
};
|
|
@fdt-SEQ {
|
|
description = "test fdt";
|
|
type = "flat_dt";
|
|
compression = "none";
|
|
|
|
hash {
|
|
algo = "sha256";
|
|
};
|
|
|
|
signature {
|
|
algo = "sha256,rsa2048";
|
|
key-name-hint = "rsa2048";
|
|
};
|
|
};
|
|
};
|
|
|
|
configurations {
|
|
default = "@conf-uboot-DEFAULT-SEQ";
|
|
@conf-uboot-SEQ {
|
|
description = "uboot config";
|
|
fdt = "fdt-SEQ";
|
|
fit,firmware = "u-boot";
|
|
fit,loadables;
|
|
|
|
hash {
|
|
algo = "sha256";
|
|
};
|
|
|
|
signature {
|
|
algo = "sha256,rsa2048";
|
|
key-name-hint = "conf-rsa2048";
|
|
sign-images = "firmware", "loadables", "fdt";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|