Blame - t3/bin/gen-bl3x-blobs.sh - yocto/amlogic/tools/fip

blob: ebb5ad65788d6d661eb453aed3ca947086072950 [file] [log] [blame]

Jianxiong Pan	845428a	2021-01-20 18:40:33 +0800	[diff] [blame]	1	#!/bin/bash
				2
				3	set -e
				4	# set -x
				5
				6	#
				7	# Variables
				8	#
				9
				10	EXEC_BASEDIR=$(dirname $(readlink -f $0))
				11	ACPU_IMAGETOOL=${EXEC_BASEDIR}/../binary-tool/acpu-imagetool
				12
				13	BASEDIR_TOP=$(readlink -f ${EXEC_BASEDIR}/..)
				14
				15	#
				16	# Settings
				17	#
				18
				19	BASEDIR_TEMPLATE="${BASEDIR_TOP}/templates"
				20
				21	BASEDIR_PAYLOAD=$2
				22
				23	BASEDIR_NONCE="./nonce"
				24
				25	CHIPSET_NAME=$4
				26	KEY_TYPE=$5
				27	SOC=$6
				28
				29	BASEDIR_AESKEY_PROT_BL2="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl2/aes/${CHIPSET_NAME}"
				30	BASEDIR_RSAKEY_LVLX_BL2="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl2/rsa/${CHIPSET_NAME}"
				31
				32	BASEDIR_AESKEY_PROT_BL31="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl31/aes/${CHIPSET_NAME}"
				33	BASEDIR_RSAKEY_LVLX_BL31="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl31/rsa/${CHIPSET_NAME}"
				34
				35	BASEDIR_AESKEY_PROT_BL32="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl32/aes/${CHIPSET_NAME}"
				36	BASEDIR_RSAKEY_LVLX_BL32="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl32/rsa/${CHIPSET_NAME}"
				37
				38	BASEDIR_AESKEY_PROT_BL40="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl40/aes/${CHIPSET_NAME}"
				39	BASEDIR_RSAKEY_LVLX_BL40="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl40/rsa/${CHIPSET_NAME}"
				40
				41	BASEDIR_OUTPUT_BLOB=$3
				42	postfix=.signed
				43	#
				44	# Arguments
				45	#
				46
				47	BLOB_NAME=$1
				48	_BASEDIR_AESKEY_PROT_DIR="BASEDIR_AESKEY_PROT_BL${BLOB_NAME}"
				49	BASEDIR_AESKEY_PROT_DIR=${!_BASEDIR_AESKEY_PROT_DIR}
				50	_BASEDIR_RSAKEY_LVLX_DIR="BASEDIR_RSAKEY_LVLX_BL${BLOB_NAME}"
				51	BASEDIR_RSAKEY_LVLX_DIR=${!_BASEDIR_RSAKEY_LVLX_DIR}
				52
				53	EXEC_ARGS="${EXEC_ARGS}"
				54
				55	### Input: payload ###
				56	EXEC_ARGS="${EXEC_ARGS} --infile-bl${BLOB_NAME}-payload=${BASEDIR_PAYLOAD}/bl${BLOB_NAME}-payload.bin"
				57
				58	### Input: Chipset Level-1/2 Private RSA keys
				59
				60	EXEC_ARGS="${EXEC_ARGS} --infile-signkey-bl${BLOB_NAME}-chipset-lvl3=${BASEDIR_RSAKEY_LVLX_DIR}/bl${BLOB_NAME}-level-3-rsa-priv.pem"
				61
				62	### Input: nonce for binary protection ###
				63	#EXEC_ARGS="${EXEC_ARGS} --infile-nonce-blob-bl${BLOB_NAME}=${BASEDIR_NONCE}/chipset/blob/blob-bl${BLOB_NAME}-nonce.bin"
				64
				65	### Input: pre-generated ProtKey for payload
				66	EXEC_ARGS="${EXEC_ARGS} --infile-aes256-bl${BLOB_NAME}-payload=${BASEDIR_AESKEY_PROT_DIR}/genkey-prot-bl${BLOB_NAME}.bin"
				67
				68	### Features, flags and switches ###
				69
				70	### Output: blobs ###
				71	EXEC_ARGS="${EXEC_ARGS} --outfile-blob-bl${BLOB_NAME}=${BASEDIR_OUTPUT_BLOB}/blob-bl${BLOB_NAME}.bin${postfix}"
				72
				73	#echo ${EXEC_ARGS}
				74
				75	#
				76	# Main
				77	#
				78
				79	set -x
				80
				81	${ACPU_IMAGETOOL} \
				82	create-device-fip \
				83	${EXEC_ARGS}
				84
				85	# vim: set tabstop=2 expandtab shiftwidth=2: