Git Browser for ODROID
Code Review Sign In
git.odroid.com / yocto / amlogic / tools / fip / refs/heads/odroidc5-v2023.01 / . / t3 / bin / gen-boot-blobs.sh
blob: 368b9811ae96b078cdf5d2ccec7d53804d59a966 [file] [log] [blame]
Jianxiong Pan845428a2021-01-20 18:40:33 +0800[diff] [blame]1#!/bin/bash
2
3set -e
4# set -x
5
6#
7# Variables
8#
9
10EXEC_BASEDIR=$(dirname $(readlink -f $0))
11ACPU_IMAGETOOL=${EXEC_BASEDIR}/../binary-tool/acpu-imagetool
12
13BASEDIR_TOP=$(readlink -f ${EXEC_BASEDIR}/..)
14
15#
16# Settings
17#
18
19BASEDIR_PAYLOAD=$1
20
21BASEDIR_NONCE="./nonce"
22
23CHIPSET_NAME=$3
24KEY_TYPE=$4
25SOC=$5
26CHIPSET_VARIANT_SUFFIX=$6
27
28BASEDIR_AESKEY_PROT_BL2="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl2/aes/${CHIPSET_NAME}"
29BASEDIR_RSAKEY_LVLX_BL2="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl2/rsa/${CHIPSET_NAME}"
30
31BASEDIR_AESKEY_PROT_BL31="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl31/aes/${CHIPSET_NAME}"
32BASEDIR_RSAKEY_LVLX_BL31="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl31/rsa/${CHIPSET_NAME}"
33
34BASEDIR_AESKEY_PROT_BL32="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl32/aes/${CHIPSET_NAME}"
35BASEDIR_RSAKEY_LVLX_BL32="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl32/rsa/${CHIPSET_NAME}"
36
37BASEDIR_AESKEY_PROT_BL40="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl40/aes/${CHIPSET_NAME}"
38BASEDIR_RSAKEY_LVLX_BL40="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/bl40/rsa/${CHIPSET_NAME}"
39
40BASEDIR_TEMPLATE="${BASEDIR_TOP}/keys/${KEY_TYPE}/${SOC}/chipset/cert-template/${CHIPSET_NAME}"
41
42BASEDIR_OUTPUT_BLOB=$2
43postfix=.signed
44#
45# Arguments
46#
47
48BB1ST_ARGS="${BB1ST_ARGS}"
49
50### Input: template ###
51
52BB1ST_ARGS="${BB1ST_ARGS} --infile-template-bb1st=${BASEDIR_TEMPLATE}/bb1st${FEAT_BL2_TEMPLATE_TYPE}${CHIPSET_VARIANT_SUFFIX}.bin"
53
54### Input: payloads ###
55BB1ST_ARGS="${BB1ST_ARGS} --infile-bl2-payload=${BASEDIR_PAYLOAD}/bl2-payload.bin"
56BB1ST_ARGS="${BB1ST_ARGS} --infile-bl2e-payload=${BASEDIR_PAYLOAD}/bl2e-payload.bin"
57BB1ST_ARGS="${BB1ST_ARGS} --infile-bl2x-payload=${BASEDIR_PAYLOAD}/bl2x-payload.bin"
58#BB1ST_ARGS="${BB1ST_ARGS} --infile-dvinit-params=${BASEDIR_PAYLOAD}/dvinit-params.bin"
59BB1ST_ARGS="${BB1ST_ARGS} --infile-csinit-params=${BASEDIR_PAYLOAD}/csinit-params.bin"
Zhongfu Luoc8e53682021-04-13 15:57:59 +0800[diff] [blame]60#BB1ST_ARGS="${BB1ST_ARGS} --infile-ddr-fwdata=${BASEDIR_PAYLOAD}/ddr-fwdata.bin"
Jianxiong Pan845428a2021-01-20 18:40:33 +0800[diff] [blame]61
62### Input: Chipset Level-1/2 Private RSA keys
63
64BB1ST_ARGS="${BB1ST_ARGS} --infile-signkey-chipset-lvl1=${BASEDIR_RSAKEY_LVLX_BL2}/level-1-rsa-priv.pem"
65BB1ST_ARGS="${BB1ST_ARGS} --infile-signkey-chipset-lvl2=${BASEDIR_RSAKEY_LVLX_BL2}/level-2-rsa-priv.pem"
66
67### Input: nonce for binary protection ###
68#BB1ST_ARGS="${BB1ST_ARGS} --infile-nonce-csinit-params=${BASEDIR_NONCE}/chipset/blob/csinit-params-nonce.bin"
69#BB1ST_ARGS="${BB1ST_ARGS} --infile-nonce-ddr-fwdata=${BASEDIR_NONCE}/chipset/blob/ddr-fwdata-nonce.bin"
70#BB1ST_ARGS="${BB1ST_ARGS} --infile-nonce-blob-bl2=${BASEDIR_NONCE}/chipset/blob/blob-bl2-nonce.bin"
71#BB1ST_ARGS="${BB1ST_ARGS} --infile-nonce-blob-bl2e=${BASEDIR_NONCE}/chipset/blob/blob-bl2e-nonce.bin"
72#BB1ST_ARGS="${BB1ST_ARGS} --infile-nonce-blob-bl2x=${BASEDIR_NONCE}/chipset/blob/blob-bl2x-nonce.bin"
73
74
75### Input: pre-generated ProtKey for payloads
76BB1ST_ARGS="${BB1ST_ARGS} --infile-aes256-csinit-params=${BASEDIR_AESKEY_PROT_BL2}/genkey-prot-csinit-params.bin"
77BB1ST_ARGS="${BB1ST_ARGS} --infile-aes256-ddr-fwdata=${BASEDIR_AESKEY_PROT_BL2}/genkey-prot-ddr-fwdata.bin"
78BB1ST_ARGS="${BB1ST_ARGS} --infile-aes256-bl2-payload=${BASEDIR_AESKEY_PROT_BL2}/genkey-prot-bl2.bin"
79if [ "x${FEAT_BL2E_SIGPROT_MODE}" == "x0" ]; then
80 BB1ST_ARGS="${BB1ST_ARGS} --infile-aes256-bl2e-payload=${BASEDIR_AESKEY_PROT_BL2}/genkey-prot-bl2e.bin"
81fi
82BB1ST_ARGS="${BB1ST_ARGS} --infile-aes256-bl2x-payload=${BASEDIR_AESKEY_PROT_BL2}/genkey-prot-bl2x.bin"
83
84### Features, flags and switches ###
85
86if [ "x${FEAT_BL2E_SIGPROT_MODE}" != "x0" ]; then
87 BB1ST_ARGS="${BB1ST_ARGS} --feature-bl2e-sigprot-mode"
88fi
89
Zhongfu Luoc8e53682021-04-13 15:57:59 +0800[diff] [blame]90#BB1ST_ARGS="${BB1ST_ARGS} --scs-family=${SOC}"
91
Jianxiong Pan845428a2021-01-20 18:40:33 +0800[diff] [blame]92### Output: blobs ###
93BB1ST_ARGS="${BB1ST_ARGS} --outfile-bb1st=${BASEDIR_OUTPUT_BLOB}/bb1st${FEAT_BL2_TEMPLATE_TYPE}${CHIPSET_VARIANT_SUFFIX}.bin${postfix}"
94BB1ST_ARGS="${BB1ST_ARGS} --outfile-blob-bl2e=${BASEDIR_OUTPUT_BLOB}/blob-bl2e.bin${postfix}"
95BB1ST_ARGS="${BB1ST_ARGS} --outfile-blob-bl2x=${BASEDIR_OUTPUT_BLOB}/blob-bl2x.bin${postfix}"
96
97echo ${TOOLS_ARGS}
98
99#
100# Main
101#
102
103set -x
104
105${ACPU_IMAGETOOL} \
106 create-boot-blobs \
107 ${BB1ST_ARGS}
108
109# vim: set tabstop=2 expandtab shiftwidth=2: