From patchwork Thu Oct 28 06:23:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 516364 Delivered-To: patch@linaro.org Received: by 2002:ac0:c404:0:0:0:0:0 with SMTP id t4csp1371579imj; Wed, 27 Oct 2021 23:26:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy0zDJOrg1KEPHiecYHpHqtuKuyzVmZKz5Czcpy8Qj7drO1XsGStxzQWYq5hN8zrxPBdu9C X-Received: by 2002:a17:907:7212:: with SMTP id dr18mr3003972ejc.298.1635402408692; Wed, 27 Oct 2021 23:26:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635402408; cv=none; d=google.com; s=arc-20160816; b=lhfKQv33VfQvms7UGlPxczykS2uhiJhAYWjLXwkm757chdGtXgB3TOSGMNALqH6H/O OY+3DedqaPlCXAZTdqpfFi6KJ9vIa4OnX9ZKa533ITlk2LXxLqj9kNsbx0Yq/JFh83ia Dhndn9MFo6hZLZjBjUdVLtCNBjB4oZsirFIVSxT4FxJ2liasc+QhqlRyOblFoWVkwvks zozq8krVW5zhk53CjRlfW9Z2MfyQtDwR6lxd5S0ek2eyUJzt+80ph92pUFzeShB9z6cY hGmGcb2A5CKmxulLlP54A+dqKxQmzlMIO+qw4tq10ff0IckVbeYc4aOzBWGbVDfKbg7h 56lg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=X7RqyvKXuCExKI+23guwQfpfslE2fPjzJdid5QWaDtk=; b=yAJrAgeAPVFNrEf8GU0WN6fPUfyFJsXiwP3U7d+zaUEJqkYjVPs5fAX2KFR62tt2vM b6lSohPqCbmuxtUPIcD87olV270sGSNxMXpCayfDizWmU3yQ1Wl+u38d8Oa3T9YG7n9I foohLtT1ZxLRSs4sYT/v6+IBoCMmplCfDlLpMAun9e/33qUScKZKkt9ySjX53gDHHezO pYtwLmz76bXRnfyFcwZhamNwxjCEH2qkvxRxK+cuOhfTVfsDoPuUEXFDfn2ewlRdJtP+ w0dvadmWlf3HGBvzH8DhRvUlc1eW24VJSpOKlV86emxXLUngsM7ZXnYoJRssxvql0DiY DPKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ktl9ApFH; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id m14si2915182edb.327.2021.10.27.23.26.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Oct 2021 23:26:48 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ktl9ApFH; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 5785983556; Thu, 28 Oct 2021 08:26:17 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="ktl9ApFH"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 29696831D3; Thu, 28 Oct 2021 08:25:36 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8EAE683542 for ; Thu, 28 Oct 2021 08:25:25 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pj1-x1034.google.com with SMTP id n11-20020a17090a2bcb00b001a1e7a0a6a6so7182613pje.0 for ; Wed, 27 Oct 2021 23:25:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=X7RqyvKXuCExKI+23guwQfpfslE2fPjzJdid5QWaDtk=; b=ktl9ApFHC6sXYSrtQBgCCu2kwwhcShP5k0EEpQ54PsHm4KFdOHoETXb6pTfu0ddl3R TWZe+75TwXa6xB8HovEtz3YQEa+1HA1MaufTZVEr9bXekeM6wvbz6LAW6RCJHOwTjYFu xlPYdZi5haqFxig+uAux1SnrJQy8hrYjCvDVDUSZd2/A95wSxBplaN9kJUgLg9/OoHQw kQU5ZlIIJtnyicHMku+lfOu4cf4zZF0F6f7yaZsEN1Z5S23l/CWTGyDi4RPyV+guIHBl XG4R1d1yym4Z17FS69ipLwEkTFyq+m1WPAzpp/2cqvbdeKE+rVDDO6RNzQ7IBsUH9o9E 9ZEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=X7RqyvKXuCExKI+23guwQfpfslE2fPjzJdid5QWaDtk=; b=uT3QIpWSzKqDyOceQXcZnxSbOfv1I91FkvI3bIMKEY4IgwhFfM5xJSEkAZ7EOUTOna oVEfMU6FFX6EFGx3E0gJVToG1ZucjJh9fhMFrRmaudqaeG5QeHdbebCPnRfTKuy/HKAI RAWTsrRcBpRCOVkNxlUzwnO6FNQ9WHX9GkODdzjUHVp33vWFrl09Re1FTOqKOJM+iGLb X6AKtaj/Dfw+mfvS13cmY25T97bYpg1RbeYQXhYALt0n6MwBt1B5GA7V4DDsOmflOxxW w6O4T6kiIZRA9V40sExO2w2zCPKm9F/r8Lve1g1A22A79iNg8Aw3SzJQ2Li03qYu7X7G rl7Q== X-Gm-Message-State: AOAM530AnbwO12BEoHcXJp1r/zi/RLXtTKm/U2ON0y9c0jzn4cXblQG9 ic31UQPrbPdhjMDSveugreEW5A== X-Received: by 2002:a17:903:22c5:b0:140:298b:9e27 with SMTP id y5-20020a17090322c500b00140298b9e27mr2203343plg.23.1635402323967; Wed, 27 Oct 2021 23:25:23 -0700 (PDT) Received: from localhost.localdomain ([2400:4050:c3e1:100:394a:97ee:bbbb:462e]) by smtp.gmail.com with ESMTPSA id p16sm1582018pgd.78.2021.10.27.23.25.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Oct 2021 23:25:23 -0700 (PDT) From: AKASHI Takahiro To: xypron.glpk@gmx.de, agraf@csgraf.de, sjg@chromium.org Cc: ilias.apalodimas@linaro.org, sughosh.ganu@linaro.org, masami.hiramatsu@linaro.org, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH v5 10/11] (RFC) tools: add fdtsig.sh Date: Thu, 28 Oct 2021 15:23:55 +0900 Message-Id: <20211028062356.98224-11-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211028062356.98224-1-takahiro.akashi@linaro.org> References: <20211028062356.98224-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean With this script, a public key is added to a device tree blob as the default efi_get_public_key_data() expects. Signed-off-by: AKASHI Takahiro --- MAINTAINERS | 1 + tools/fdtsig.sh | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100755 tools/fdtsig.sh -- 2.33.0 diff --git a/MAINTAINERS b/MAINTAINERS index 96233f0aad51..2d83d60619c9 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -727,6 +727,7 @@ F: cmd/bootefi.c F: cmd/efidebug.c F: cmd/nvedit_efi.c F: tools/efivar.py +F: tools/fdtsig.sh F: tools/file2include.c F: tools/mkeficapsule.c diff --git a/tools/fdtsig.sh b/tools/fdtsig.sh new file mode 100755 index 000000000000..c2b2a6dc5ec8 --- /dev/null +++ b/tools/fdtsig.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0+ +# +# script to add a certificate (efi-signature-list) to dtb blob + +usage() { + if [ -n "$*" ]; then + echo "ERROR: $*" + fi + echo "Usage: "$(basename $0) " " +} + +if [ "$#" -ne 2 ]; then + usage "Arguments missing" + exit 1 +fi + +ESL=$1 +DTB=$2 +NEW_DTB=$(basename $DTB)_tmp +SIG=signature + +cat << 'EOF' > $SIG.dts +/dts-v1/; +/plugin/; + +&{/} { + signature { +EOF +echo "capsule-key = /incbin/(\"$ESL\");" >> $SIG.dts +cat << 'EOF' >> $SIG.dts + }; +}; +EOF + +dtc -@ -I dts -O dtb -o $SIG.dtbo $SIG.dts +fdtoverlay -i $DTB -o $NEW_DTB $SIG.dtbo +mv $NEW_DTB $DTB + +rm $SIG.dts $SIG.dtsn $SIG.dtbo