Git Browser for ODROID
Code Review Sign In
git.odroid.com / yocto / amlogic / tools / fip / 47c673423f27b0c207afef5c9ab6af9ae752e905 / . / c1 / build.sh
blob: b29153c73011b67d1a68195a6092f8bdd5e8f71d [file] [log] [blame]
xiaobo gu47c67342019-06-28 18:29:51 +0800[diff] [blame^]1#!/bin/bash
2
3# include uboot pre-build macros
4#declare CONFIG_FILE=("${buildtree}/.config")
5#declare AUTOCFG_FILE=("${buildtree}/include/autoconf.mk")
6
7function init_vari() {
8 #source ${CONFIG_FILE} &> /dev/null # ignore warning/error
9 #source ${AUTOCFG_FILE} &> /dev/null # ignore warning/error
10
11 AML_BL2_NAME="bl2.bin"
12 AML_KEY_BLOB_NANE="aml-user-key.sig"
13
14 if [ "y" == "${CONFIG_AML_SECURE_BOOT_V3}" ]; then
15 V3_PROCESS_FLAG="--level v3"
16 fi
17
18 if [ "y" == "${CONFIG_AML_CRYPTO_AES}" ]; then
19 BOOT_SIG_FLAG="--aeskey enable"
20 fi
21
22 if [ "y" == "${CONFIG_AML_BL33_COMPRESS_ENABLE}" ]; then
23 BL33_COMPRESS_FLAG="--compress lz4"
24 fi
25
26 if [ "y" == "${CONFIG_FIP_IMG_SUPPORT}" ]; then
27 BL3X_SUFFIX="img"
28 fi
29}
30
31function fix_blx() {
32 #bl2 file size 41K, bl21 file size 3K (file size not equal runtime size)
33 #total 44K
34 #after encrypt process, bl2 add 4K header, cut off 4K tail
35
36 #bl2 file size 56K, acs file size 4K
37 #total 60K
38 #after encrypt process, bl2 add 4K header, cut off 4K tail
39
40 #bl2 limit 56K
41 #acs limit 4K, but encrypt tool need 64K bl2.bin, so fix to 8192byte.
42
43 declare blx_bin_limit=0
44 declare blx01_bin_limit=0
45 declare -i blx_size=0
46 declare -i zero_size=0
47
48 #$7:name flag
49 if [ "$7" = "bl2" ]; then
50 blx_bin_limit=57344
51 blx01_bin_limit=4096
52 else
53 echo "blx_fix name flag not supported!"
54 exit 1
55 fi
56
57 # blx_size: blx.bin size, zero_size: fill with zeros
58 blx_size=`du -b $1 | awk '{print int($1)}'`
59 if [ $blx_size -gt $blx_bin_limit ]; then
60 echo "Error: $7 ($1) too big. $blx_size > $blx_bin_limit"
61 exit 1
62 fi
63
64 zero_size=$blx_bin_limit-$blx_size
65 dd if=/dev/zero of=$2 bs=1 count=$zero_size
66 cat $1 $2 > $3
67 rm $2
68
69 blx_size=`du -b $4 | awk '{print int($1)}'`
70 zero_size=$blx01_bin_limit-$blx_size
71 dd if=/dev/zero of=$2 bs=1 count=$zero_size
72 cat $4 $2 > $5
73
74 cat $3 $5 > $6
75
76 rm $2
77}
78
79function cleanup() {
80 rm -f ${BUILD_PATH}/bl*.enc ${BUILD_PATH}/bl2*.sig
81 rm -f ${BUILD_PATH}/boot_new.bin
82}
83
84function encrypt_step() {
85 dbg "encrypt: $@"
86 local ret=0
87 ./${FIP_FOLDER}${CUR_SOC}/aml_encrypt_${CUR_SOC} $@
88 ret=$?
89 if [ 0 != $ret ]; then
90 echo "Err! aml_encrypt_${CUR_SOC} return $ret"
91 exit $ret
92 fi
93}
94
95function encrypt() {
96 #u-boot.bin generate
97 if [ "y" == "${CONFIG_AML_SECURE_BOOT_V3}" ]; then
98 encrypt_step --bl3sig --input ${BUILD_PATH}/bl31.${BL3X_SUFFIX} --output ${BUILD_PATH}/bl31.${BL3X_SUFFIX}.enc ${V3_PROCESS_FLAG} --type bl31
99 if [ "${FIP_BL32}" == "${BUILD_PATH}/bl32.${BL3X_SUFFIX}" ]; then
100 encrypt_step --bl3sig --input ${BUILD_PATH}/bl32.${BL3X_SUFFIX} --output ${BUILD_PATH}/bl32.${BL3X_SUFFIX}.enc ${V3_PROCESS_FLAG} --type bl32
101 fi
102 #encrypt_step --bl3sig --input ${BUILD_PATH}/bl33.bin ${BL33_COMPRESS_FLAG} --output ${BUILD_PATH}/bl33.bin.enc ${V3_PROCESS_FLAG} --type bl33
103 encrypt_step --bl3sig --input ${BUILD_PATH}/bl33.bin --output ${BUILD_PATH}/bl33.bin.enc ${V3_PROCESS_FLAG} --type bl33
104 fi
105
106 encrypt_step --bl2sig --input ${BUILD_PATH}/bl2_new.bin --output ${BUILD_PATH}/bl2.n.bin.sig
107
108 encrypt_step --bootmk --output ${BUILD_PATH}/u-boot.bin \
109 --bl2 ${BUILD_PATH}/bl2.n.bin.sig \
110 --bl31 ${BUILD_PATH}/bl31.${BL3X_SUFFIX}.enc ${FIP_BL32_PROCESS} --bl33 ${BUILD_PATH}/bl33.bin.enc ${V3_PROCESS_FLAG} \
111 --ddrfw1 ./${FIP_FOLDER}${CUR_SOC}/ddr4_1d.fw --ddrfw2 ./${FIP_FOLDER}${CUR_SOC}/ddr4_2d.fw \
112 --ddrfw3 ./${FIP_FOLDER}${CUR_SOC}/ddr3_1d.fw --ddrfw4 ./${FIP_FOLDER}${CUR_SOC}/piei.fw \
113 --ddrfw5 ./${FIP_FOLDER}${CUR_SOC}/diag_lpddr4.fw --ddrfw6 ./${FIP_FOLDER}${CUR_SOC}/${DDR_FW_NAME}
114
115 if [ "y" == "${CONFIG_AML_CRYPTO_UBOOT}" ]; then
116 encrypt_step --bootsig --input ${BUILD_PATH}/u-boot.bin --amluserkey ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/${AML_KEY_BLOB_NANE} \
117 ${BOOT_SIG_FLAG} --output ${BUILD_PATH}/u-boot.bin.encrypt ${V3_PROCESS_FLAG}
118 fi
119
120 if [ "y" == "${CONFIG_AML_CRYPTO_IMG}" ]; then
121 encrypt_step --imgsig --input ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/boot.img --amluserkey ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/${AML_KEY_BLOB_NANE} --output ${BUILD_PATH}/boot.img.encrypt
122 fi
123
124 return
125}
126
127function build_fip() {
128
129 # acs_tool process ddr timing and configurable parameters
130 #python ${FIP_FOLDER}/acs_tool.pyc ${BUILD_PATH}/${AML_BL2_NAME} ${BUILD_PATH}/bl2_acs.bin ${BUILD_PATH}/acs.bin 0
131
132 # fix bl2/bl21
133 fix_blx \
134 ${BUILD_PATH}/bl2.bin \
135 ${BUILD_PATH}/zero_tmp \
136 ${BUILD_PATH}/bl2_zero.bin \
137 ${BUILD_PATH}/acs.bin \
138 ${BUILD_PATH}/bl21_zero.bin \
139 ${BUILD_PATH}/bl2_new.bin \
140 bl2
141
142 FIP_ARGS=" --bl31 ${BUILD_PATH}/bl31.${BL3X_SUFFIX}"
143
144 if [ "y" == "${CONFIG_NEED_BL32}" ]; then
145 FIP_BL32="`find ${BUILD_PATH} -name "bl32.${BL3X_SUFFIX}"`"
146 if [ "${FIP_BL32}" == "${BUILD_PATH}/bl32.${BL3X_SUFFIX}" ]; then
147 FIP_ARGS="${FIP_ARGS}"" --bl32 ${BUILD_PATH}/bl32.${BL3X_SUFFIX}"
148 FIP_BL32_PROCESS=" --bl32 ${BUILD_PATH}/bl32.${BL3X_SUFFIX}.enc"
149 fi
150 fi
151 FIP_ARGS="${FIP_ARGS}"" --bl33 ${BUILD_PATH}/bl33.bin"
152
153 # create fip.bin
154 ./${FIP_FOLDER}/fip_create ${FIP_ARGS} ${BUILD_PATH}/fip.bin
155 ./${FIP_FOLDER}/fip_create --dump ${BUILD_PATH}/fip.bin
156
157 # build final bootloader
158 cat ${BUILD_PATH}/bl2_new.bin ${BUILD_PATH}/fip.bin > ${BUILD_PATH}/boot_new.bin
159
160 return
161}
162
163function copy_other_soc() {
164 cp ${BL33_BUILD_FOLDER}${BOARD_DIR}/firmware/acs.bin ${BUILD_PATH} -f
165}
166
167function package() {
168 # BUILD_PATH without "/"
169 x=$((${#BUILD_PATH}-1))
170 if [ "\\" == "${BUILD_PATH:$x:1}" ] || [ "/" == "${BUILD_PATH:$x:1}" ]; then
171 BUILD_PATH=${BUILD_PATH:0:$x}
172 fi
173
174 init_vari $@
175 build_fip $@
176 if [ 1 -eq ${CONFIG_DDR_FW} ]; then
177 echo -n "Copy ddr fw..."
178 cp ${BLX_SRC_FOLDER}/${DDR_FW_NAME} ${FIP_FOLDER}/${CUR_SOC} -f
179 if [ 0 != $? ]; then
180 echo " failed!"
181 else
182 echo " ok!"
183 fi
184 fi
185
186 if [ "y" == "${CONFIG_AML_SIGNED_UBOOT}" ]; then
187
188 mv -f ${BUILD_PATH}/bl33.bin ${BUILD_PATH}/bl33.bin.org
189 encrypt_step --bl3sig --input ${BUILD_PATH}/bl33.bin.org --output ${BUILD_PATH}/bl33.bin.org.lz4 --compress lz4 --level v3 --type bl33
190 #get LZ4 format bl33 image from bl33.bin.enc with offset 0x720
191 dd if=${BUILD_PATH}/bl33.bin.org.lz4 of=${BUILD_PATH}/bl33.bin bs=1 skip=1824 >& /dev/null
192
193 list_pack="${BUILD_PATH}/bl2_new.bin ${BUILD_PATH}/bl31.img ${BUILD_PATH}/bl32.img ${BUILD_PATH}/bl33.bin"
194 list_pack="$list_pack ${FIP_FOLDER}/${CUR_SOC}/*.fw"
195 u_pack=${BUILD_FOLDER}/"$(basename ${BOARD_DIR})"-u-boot.aml.zip
196 zip -j $u_pack ${list_pack} >& /dev/null
197
198 ${FIP_FOLDER}/stool/sign.sh -s ${CUR_SOC} -z $u_pack -o ${BUILD_FOLDER} -r ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/aml-key -a ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/aml-key
199
200 if [ "y" == "${CONFIG_AML_CRYPTO_IMG}" ]; then
201 ${FIP_FOLDER}/stool/sign.sh -s ${CUR_SOC} -p ${UBOOT_SRC_FOLDER}/${BOARD_DIR} -o ${BUILD_FOLDER} -r ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/aml-key -a ${UBOOT_SRC_FOLDER}/${BOARD_DIR}/aml-key
202 fi
203 else
204 encrypt $@
205 fi
206 #copy_file
207 #cleanup
208 echo "Bootloader build done!"
209}