]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7394c00)
uboot-sign: fix U-Boot binary with public key
authorClayton Casciato <majortomtosourcecontrol@gmail.com>
Fri, 22 Nov 2024 15:00:00 +0000 (08:00 -0700)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 23 Nov 2024 14:28:29 +0000 (14:28 +0000)
Fixes [YOCTO #15649]

The U-Boot binary in the "deploy" directory is missing the public key
when the removed logic branch is used.

The simple concatenation of the binary and DTB with public key works as
expected on a BeagleBone Black.

Given:
MACHINE = beaglebone-yocto
UBOOT_SIGN_KEYNAME = "dev"

Post-patch (poky/build/tmp/deploy/images/beaglebone-yocto):
$ hexdump -e "16 \"%_p\" \"\\n\"" u-boot-beaglebone-yocto.dtb \
| tr -d '\n' | grep -o 'key-dev'
key-dev

$ hexdump -e "16 \"%_p\" \"\\n\"" u-boot.img \
| tr -d '\n' | grep -o 'key-dev'
key-dev

Non-Poky BeagleBone Black testing (Scarthgap):
U-Boot 2024.01 [...]
[...]
Using 'conf-ti_omap_am335x-boneblack.dtb' configuration
Verifying Hash Integrity ... sha256,rsa4096:dev+ OK
Trying 'kernel-1' kernel subimage
[...]

Signed-off-by: Clayton Casciato <majortomtosourcecontrol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/classes-recipe/uboot-sign.bbclass patch | blob | blame | history

diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
index a17be745cec953ee1532a929210b7fc88b71a490..7ee73b872abf0b69ac72d71fd6f3316b821b0346 100644 (file)
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -122,13 +122,7 @@ concat_dtb() {
        # If we're not using a signed u-boot fit, concatenate SPL w/o DTB & U-Boot DTB
        # with public key (otherwise U-Boot will be packaged by uboot_fitimage_assemble)
        if [ "${SPL_SIGN_ENABLE}" != "1" ] ; then
-               if [ "x${UBOOT_SUFFIX}" = "ximg" -o "x${UBOOT_SUFFIX}" = "xrom" ] && \
-                       [ -e "${UBOOT_DTB_BINARY}" ]; then
-                       oe_runmake EXT_DTB="${UBOOT_DTB_SIGNED}" ${UBOOT_MAKE_TARGET}
-                       if [ -n "${binary}" ]; then
-                               cp ${binary} ${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX}
-                       fi
-               elif [ -e "${UBOOT_NODTB_BINARY}" -a -e "${UBOOT_DTB_BINARY}" ]; then
+               if [ -e "${UBOOT_NODTB_BINARY}" -a -e "${UBOOT_DTB_BINARY}" ]; then
                        if [ -n "${binary}" ]; then
                                cat ${UBOOT_NODTB_BINARY} ${UBOOT_DTB_SIGNED} | tee ${binary} > \
                                        ${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX}
Mirror of git://git.openembedded.org/openembedded-core-contrib