mirror of
git://git.yoctoproject.org/poky.git
synced 2025-08-22 00:42:05 +02:00
68bbc11f8f
Introduce a new variable FIT_UBOOT_ENV, which allows to add a u-boot script as a text file to the fitImage. Such a script can be sourced from the u-boot shell, as documented here: https://docs.u-boot.org/en/latest/usage/cmd/source.html#fit-image The kernel-fitimage.bbclass also evaluates the existing UBOOT_ENV variable and adds the corresponding script to the fitImage. However, the UBOOT_ENV variable is also used to install the script as an old u-boot image, usually named boot.scr into the /boot directory of the target device. These are different use cases which should be handled independently. Appending the script to the u-boot recipe and then hand it over to the kernel recipe via the staged /boot directory leads to complicated task dependencies. Decoupling the two use cases will also allow to simplify the implementation by dropping the evaluation of the UBOOT_ENV variable in the kernel-fitimage.bbclass. But this commit is supposed to be backward compatible. (From OE-Core rev: 269605ed053fd8dc7bcbcc04a46c308188115f66) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
61 lines
2.1 KiB
Plaintext
61 lines
2.1 KiB
Plaintext
# Possible options for fitImage generation, mainly
|
|
# related to signing of the fitImage content.
|
|
|
|
# Description string
|
|
FIT_DESC ?= "Kernel fitImage for ${DISTRO_NAME}/${PV}/${MACHINE}"
|
|
|
|
# Kernel fitImage Hash Algo
|
|
FIT_HASH_ALG ?= "sha256"
|
|
|
|
# Kernel fitImage Signature Algo
|
|
FIT_SIGN_ALG ?= "rsa2048"
|
|
|
|
# Kernel / U-Boot fitImage Padding Algo
|
|
FIT_PAD_ALG ?= "pkcs-1.5"
|
|
|
|
# Generate keys for signing Kernel fitImage
|
|
FIT_GENERATE_KEYS ?= "0"
|
|
|
|
# Size of private keys in number of bits
|
|
FIT_SIGN_NUMBITS ?= "2048"
|
|
|
|
# args to openssl genrsa (Default is just the public exponent)
|
|
FIT_KEY_GENRSA_ARGS ?= "-F4"
|
|
|
|
# args to openssl req (Default is -batch for non interactive mode and
|
|
# -new for new certificate)
|
|
FIT_KEY_REQ_ARGS ?= "-batch -new"
|
|
|
|
# Standard format for public key certificate
|
|
FIT_KEY_SIGN_PKCS ?= "-x509"
|
|
|
|
# Sign individual images as well
|
|
FIT_SIGN_INDIVIDUAL ?= "0"
|
|
|
|
FIT_CONF_PREFIX ?= "conf-"
|
|
FIT_CONF_PREFIX[doc] = "Prefix to use for FIT configuration node name"
|
|
|
|
FIT_SUPPORTED_INITRAMFS_FSTYPES ?= "cpio.lz4 cpio.lzo cpio.lzma cpio.xz cpio.zst cpio.gz ext2.gz cpio"
|
|
|
|
# Allow user to select the default DTB for FIT image when multiple dtb's exists.
|
|
FIT_CONF_DEFAULT_DTB ?= ""
|
|
|
|
# length of address in number of <u32> cells
|
|
# ex: 1 32bits address, 2 64bits address
|
|
FIT_ADDRESS_CELLS ?= "1"
|
|
|
|
# Keys used to sign individually image nodes.
|
|
# The keys to sign image nodes must be different from those used to sign
|
|
# configuration nodes, otherwise the "required" property, from
|
|
# UBOOT_DTB_BINARY, will be set to "conf", because "conf" prevails on "image".
|
|
# Then the images signature checking will not be mandatory and no error will be
|
|
# raised in case of failure.
|
|
# UBOOT_SIGN_IMG_KEYNAME = "dev2" # keys name in keydir (eg. "dev2.crt", "dev2.key")
|
|
|
|
# Additional environment variables or a script which can be sourced by u-boot
|
|
# can be packaged into the fitImage. An example is documented here:
|
|
# https://docs.u-boot.org/en/latest/usage/cmd/source.html#fit-image
|
|
# Machine configurations needing such a script file should include it in the
|
|
# SRC_URI of the kernel recipe and set the FIT_UBOOT_ENV parameter.
|
|
FIT_UBOOT_ENV ?= ""
|