From patchwork Mon Apr 12 15:05:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 419563 Delivered-To: patch@linaro.org Received: by 2002:a17:906:6d12:0:0:0:0 with SMTP id m18csp1703409ejr; Mon, 12 Apr 2021 08:07:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx7aWohvPnFt9ED66X4YsK9/QW5U+RSfn2YUqae2nIEBgCQtFgmvRutRFC1gDJIQtNvMQH3 X-Received: by 2002:a17:906:349b:: with SMTP id g27mr5484366ejb.306.1618240040375; Mon, 12 Apr 2021 08:07:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618240040; cv=none; d=google.com; s=arc-20160816; b=M63Mp5vLPIIKXSVIJdpn18iBKXa9jairDmrYv1kVlechxZsZYSGwcb3GElzTyc3enA hWrND6ANxsLU0Str6ed4kyDaPMj4SP3u9XvArmWkgAmJAeFMrS+4hR7WNSUKnbi8GjHX o2Q+B6mzo8UJEEb76WteZlk9hG2RYP/wwW+6Rjm0arfiXC9KNc2YsT6pDFn4hSDgxCrg 3iu2XbZGtLeVMUd+KbK8d9qU141TFXdHvw9uJ3EnMQ0IcXpSRL9iAWyO/ZDdf7DegROp OzWq57wzh/9xC5xO7v/q8luK+K2K2B3U6Wxhzdw5sNgXr8o782HTiQuXGrITNy5D/sf1 DRLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from; bh=ApsSmZrHrb+4CCsUB2VkBJNE+AcHkrYYCmlUYyLNo4Q=; b=YgygX2k2gAR4AqCY1tAo8uBwNeD6qmdBszMMBrlNGl0WrJ1Sxi1WLLEGZAJcggkPCa UEKiLDZPNvh6Tbf9IqP0AWuhhjSzpuUCrcVUwDmfL+YYlgEcKpBV115LEGYQqfYj7y8N CoZM7/6B9wlYUU76wLUAbuBBMDJB2+jHM9hC6sijS+I9utuU4maD+sCS65csUyfNdYPH x+MCdIdCIr0/N/QcOtgaT/qvBD5OWabKVR8OMli+VDJvxBqUBlFWm07nzuGr7DX7PxVL qN2HRn0dI4ChnflQyZiuU4chLgWSWYYn6eJH9qzKq8TsB5CLnYRX5RvcejJ6RXv8vKzC oTLQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id y15si8440990edv.49.2021.04.12.08.07.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Apr 2021 08:07:20 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2ABD681A04; Mon, 12 Apr 2021 17:06:29 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 7E69E816AF; Mon, 12 Apr 2021 17:06:12 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 7476C817A5 for ; Mon, 12 Apr 2021 17:06:02 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 313E111FB; Mon, 12 Apr 2021 08:06:00 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 1A0003F694; Mon, 12 Apr 2021 08:05:57 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Alexander Graf , Simon Glass , Bin Meng , Pali Rohar , Sughosh Ganu Subject: [PATCH v2 4/4] Makefile: Add provision for embedding public key in platform's dtb Date: Mon, 12 Apr 2021 20:35:26 +0530 Message-Id: <20210412150526.29822-5-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210412150526.29822-1-sughosh.ganu@linaro.org> References: <20210412150526.29822-1-sughosh.ganu@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean Add provision for embedding the public key used for capsule authentication in the platform's dtb. This is done by invoking the mkeficapsule utility which puts the public key in the efi signature list(esl) format into the dtb. Signed-off-by: Sughosh Ganu --- Changes since V1: None Makefile | 10 ++++++++++ 1 file changed, 10 insertions(+) -- 2.17.1 diff --git a/Makefile b/Makefile index b72d8d20c0..ebd4a6477c 100644 --- a/Makefile +++ b/Makefile @@ -1011,6 +1011,10 @@ cmd_pad_cat = $(cmd_objcopy) && $(append) || { rm -f $@; false; } quiet_cmd_lzma = LZMA $@ cmd_lzma = lzma -c -z -k -9 $< > $@ +quiet_cmd_mkeficapsule = MKEFICAPSULE $@ +cmd_mkeficapsule = $(objtree)/tools/mkeficapsule -K $(CONFIG_EFI_PKEY_FILE) \ + -D $@ + cfg: u-boot.cfg quiet_cmd_cfgcheck = CFGCHK $2 @@ -1161,8 +1165,14 @@ endif PHONY += dtbs dtbs: dts/dt.dtb @: +ifeq ($(CONFIG_EFI_CAPSULE_AUTHENTICATE)$(CONFIG_EFI_PKEY_DTB_EMBED),yy) +dts/dt.dtb: u-boot tools + $(Q)$(MAKE) $(build)=dts dtbs + $(call cmd,mkeficapsule) +else dts/dt.dtb: u-boot $(Q)$(MAKE) $(build)=dts dtbs +endif quiet_cmd_copy = COPY $@ cmd_copy = cp $< $@