mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-11-10 23:24:38 +00:00
tools: k3_gen_x509_cert: Allow selecting early JTAG debug value
When authenticating the initial boot binary the ROM will check a debug type value in the certificate and based on that open JTAG access to that core. Make this selectable in the signing tool to allow it to be enabled or disabled based on user command line input. This does not change the default behavior. Signed-off-by: Andrew F. Davis <afd@ti.com>
This commit is contained in:
Andrew F. Davis
Lokesh Vutla
parent
c78ae11e07
commit
0428a0b88f
1 changed files with 11 additions and 3 deletions
|
|
@ -12,6 +12,7 @@ RAND_KEY=eckey.pem
|
|||
LOADADDR=0x41c00000
|
||||
BOOTCORE_OPTS=0
|
||||
BOOTCORE=16
|
||||
DEBUG_TYPE=4
|
||||
|
||||
gen_degen_template() {
|
||||
cat << 'EOF' > degen-template.txt
|
||||
|
|
@ -79,7 +80,7 @@ cat << 'EOF' > x509-template.txt
|
|||
|
||||
[ debug ]
|
||||
debugUID = FORMAT:HEX,OCT:0000000000000000000000000000000000000000000000000000000000000000
|
||||
debugType = INTEGER:4
|
||||
debugType = INTEGER:TEST_DEBUG_TYPE
|
||||
coreDbgEn = INTEGER:0
|
||||
coreDbgSecEn = INTEGER:0
|
||||
EOF
|
||||
|
|
@ -151,8 +152,9 @@ options_help[k]="key_file:file with key inside it. If not provided script genera
|
|||
options_help[o]="output_file:Name of the final output file. default to $OUTPUT"
|
||||
options_help[c]="core_id:target core id on which the image would be running. Default to $BOOTCORE"
|
||||
options_help[l]="loadaddr: Target load address of the binary in hex. Default to $LOADADDR"
|
||||
options_help[d]="debug_type: Debug type, set to 0 to disable early JTAG. Default to $DEBUG_TYPE"
|
||||
|
||||
while getopts "b:k:o:c:l:h" opt
|
||||
while getopts "b:k:o:c:l:d:h" opt
|
||||
do
|
||||
case $opt in
|
||||
b)
|
||||
|
|
@ -170,6 +172,9 @@ do
|
|||
c)
|
||||
BOOTCORE=$OPTARG
|
||||
;;
|
||||
d)
|
||||
DEBUG_TYPE=$OPTARG
|
||||
;;
|
||||
h)
|
||||
usage
|
||||
exit 0
|
||||
|
|
@ -224,12 +229,15 @@ gen_cert() {
|
|||
#echo " LOADADDR = 0x$ADDR"
|
||||
#echo " IMAGE_SIZE = $BIN_SIZE"
|
||||
#echo " CERT_TYPE = $CERTTYPE"
|
||||
#echo " DEBUG_TYPE = $DEBUG_TYPE"
|
||||
sed -e "s/TEST_IMAGE_LENGTH/$BIN_SIZE/" \
|
||||
-e "s/TEST_IMAGE_SHA_VAL/$SHA_VAL/" \
|
||||
-e "s/TEST_CERT_TYPE/$CERTTYPE/" \
|
||||
-e "s/TEST_BOOT_CORE_OPTS/$BOOTCORE_OPTS/" \
|
||||
-e "s/TEST_BOOT_CORE/$BOOTCORE/" \
|
||||
-e "s/TEST_BOOT_ADDR/$ADDR/" x509-template.txt > $TEMP_X509
|
||||
-e "s/TEST_BOOT_ADDR/$ADDR/" \
|
||||
-e "s/TEST_DEBUG_TYPE/$DEBUG_TYPE/" \
|
||||
x509-template.txt > $TEMP_X509
|
||||
openssl req -new -x509 -key $KEY -nodes -outform DER -out $CERT -config $TEMP_X509 -sha512
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue