* [Buildroot] [PATCH v3 2/2] package/imx-cst: new package
@ 2022-04-22 10:09 Thomas Perrot via buildroot
2022-04-30 12:26 ` Heiko Thiery
2022-08-22 20:06 ` Yann E. MORIN
0 siblings, 2 replies; 3+ messages in thread
From: Thomas Perrot via buildroot @ 2022-04-22 10:09 UTC (permalink / raw)
To: buildroot; +Cc: Thomas Perrot, thomas.petazzoni
This package provides i.MX Code Signing Tools uses to sign i.MX bootloader
to enable secure boot (HABv4 and AHAB).
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
---
Changes v2:
- Add a trailing slash
- Preserve CFLAGS and LDFLAGS
Changes v3:
- Hard code the OSTYPE variable to linux64
DEVELOPERS | 1 +
package/Config.in.host | 1 +
package/imx-cst/Config.in.host | 8 +++++++
package/imx-cst/imx-cst.hash | 3 +++
package/imx-cst/imx-cst.mk | 43 ++++++++++++++++++++++++++++++++++
5 files changed, 56 insertions(+)
create mode 100644 package/imx-cst/Config.in.host
create mode 100644 package/imx-cst/imx-cst.hash
create mode 100644 package/imx-cst/imx-cst.mk
diff --git a/DEVELOPERS b/DEVELOPERS
index 6e49334dcc42..86cb04e54e5d 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -2767,6 +2767,7 @@ F: package/xorcurses/
N: Thomas Perrot <thomas.perrot@bootlin.com>
F: package/byacc/
+F: package/imx-cst/
N: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
F: arch/Config.in.arm
diff --git a/package/Config.in.host b/package/Config.in.host
index cd1c34b5a3d9..282594b40b8d 100644
--- a/package/Config.in.host
+++ b/package/Config.in.host
@@ -40,6 +40,7 @@ menu "Host utilities"
source "package/google-breakpad/Config.in.host"
source "package/gptfdisk/Config.in.host"
source "package/imagemagick/Config.in.host"
+ source "package/imx-cst/Config.in.host"
source "package/imx-mkimage/Config.in.host"
source "package/imx-usb-loader/Config.in.host"
source "package/jh71xx-tools/Config.in.host"
diff --git a/package/imx-cst/Config.in.host b/package/imx-cst/Config.in.host
new file mode 100644
index 000000000000..84cb825e59cf
--- /dev/null
+++ b/package/imx-cst/Config.in.host
@@ -0,0 +1,8 @@
+config BR2_PACKAGE_HOST_IMX_CST
+ bool "host imx-cst"
+ help
+ I.MX code signing tool provides software code signing
+ support designed that integrate the HABv4 and AHAB
+ library.
+
+ https://www.nxp.com/webapp/sps/download/license.jsp?colCode=IMX_CST_TOOL
diff --git a/package/imx-cst/imx-cst.hash b/package/imx-cst/imx-cst.hash
new file mode 100644
index 000000000000..9c27bfe82038
--- /dev/null
+++ b/package/imx-cst/imx-cst.hash
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256 2bcc03c7cedba58f7207a72a28e75cfe78007988d68c1095c793cce991c2936e imx-cst-e2c687a856e6670e753147aacef42d0a3c07891a-br1.tar.gz
+sha256 5dee6f54c636a97b15d7e9dfc8075248c36764b3819828cbc94cbd17c1755fb9 LICENSE.bsd3
diff --git a/package/imx-cst/imx-cst.mk b/package/imx-cst/imx-cst.mk
new file mode 100644
index 000000000000..120f9c5575e1
--- /dev/null
+++ b/package/imx-cst/imx-cst.mk
@@ -0,0 +1,43 @@
+################################################################################
+#
+# imx-cst
+#
+################################################################################
+
+# debian/3.3.1+dfsg-2
+IMX_CST_SITE = https://gitlab.apertis.org/pkg/imx-code-signing-tool.git
+IMX_CST_SITE_METHOD = git
+IMX_CST_VERSION = e2c687a856e6670e753147aacef42d0a3c07891a
+IMX_CST_LICENSE = BSD-3-Clause
+IMX_CST_LICENSE_FILES = LICENSE.bsd3
+
+HOST_IMX_CST_DEPENDENCIES = host-byacc host-flex host-openssl
+
+# We don't use HOST_CONFIGURE_OPTS when building cst, because we need
+# to preserve the CFLAGS/LDFLAGS used by their Makefile.
+define HOST_IMX_CST_BUILD_CMDS
+ $(HOST_MAKE_ENV) $(MAKE) \
+ OSTYPE=linux64 \
+ ENCRYPTION=yes \
+ AR="$(HOSTAR)" \
+ CC="$(HOSTCC)" \
+ LD="$(HOSTCC)" \
+ OBJCOPY="$(HOSTOBJCOPY)" \
+ RANLIB="$(HOSTRANLIB)" \
+ EXTRACFLAGS="$(HOST_CFLAGS) $(HOST_CPPFLAGS)" \
+ EXTRALDFLAGS="$(HOST_LDFLAGS)" \
+ PWD=$(@D)/code/cst \
+ -C $(@D)/code/cst \
+ build
+ $(HOST_MAKE_ENV) $(MAKE) $(HOST_CONFIGURE_OPTS) \
+ COPTS="$(HOST_CFLAGS) $(HOST_CPPFLAGS) $(HOST_LDFLAGS)" \
+ -C $(@D)/code/hab_csf_parser
+endef
+
+define HOST_IMX_CST_INSTALL_CMDS
+ $(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/cst $(HOST_DIR)/bin/cst
+ $(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/srktool $(HOST_DIR)/bin/srktool
+ $(INSTALL) -D -m 755 $(@D)/code/hab_csf_parser/csf_parser $(HOST_DIR)/bin/csf_parser
+endef
+
+$(eval $(host-generic-package))
--
2.35.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v3 2/2] package/imx-cst: new package
2022-04-22 10:09 [Buildroot] [PATCH v3 2/2] package/imx-cst: new package Thomas Perrot via buildroot
@ 2022-04-30 12:26 ` Heiko Thiery
2022-08-22 20:06 ` Yann E. MORIN
1 sibling, 0 replies; 3+ messages in thread
From: Heiko Thiery @ 2022-04-30 12:26 UTC (permalink / raw)
To: Thomas Perrot; +Cc: Thomas Petazzoni, buildroot
Hi Thomas,
Am Fr., 22. Apr. 2022 um 12:16 Uhr schrieb Thomas Perrot via buildroot
<buildroot@buildroot.org>:
>
> This package provides i.MX Code Signing Tools uses to sign i.MX bootloader
> to enable secure boot (HABv4 and AHAB).
>
> Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
> ---
>
> Changes v2:
> - Add a trailing slash
> - Preserve CFLAGS and LDFLAGS
>
> Changes v3:
> - Hard code the OSTYPE variable to linux64
>
> DEVELOPERS | 1 +
> package/Config.in.host | 1 +
> package/imx-cst/Config.in.host | 8 +++++++
> package/imx-cst/imx-cst.hash | 3 +++
> package/imx-cst/imx-cst.mk | 43 ++++++++++++++++++++++++++++++++++
> 5 files changed, 56 insertions(+)
> create mode 100644 package/imx-cst/Config.in.host
> create mode 100644 package/imx-cst/imx-cst.hash
> create mode 100644 package/imx-cst/imx-cst.mk
>
What about having the package located in package/freescale-imx/ like
the most other packages for the imx family?
> diff --git a/DEVELOPERS b/DEVELOPERS
> index 6e49334dcc42..86cb04e54e5d 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -2767,6 +2767,7 @@ F: package/xorcurses/
>
> N: Thomas Perrot <thomas.perrot@bootlin.com>
> F: package/byacc/
> +F: package/imx-cst/
>
> N: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> F: arch/Config.in.arm
> diff --git a/package/Config.in.host b/package/Config.in.host
> index cd1c34b5a3d9..282594b40b8d 100644
> --- a/package/Config.in.host
> +++ b/package/Config.in.host
> @@ -40,6 +40,7 @@ menu "Host utilities"
> source "package/google-breakpad/Config.in.host"
> source "package/gptfdisk/Config.in.host"
> source "package/imagemagick/Config.in.host"
> + source "package/imx-cst/Config.in.host"
> source "package/imx-mkimage/Config.in.host"
> source "package/imx-usb-loader/Config.in.host"
> source "package/jh71xx-tools/Config.in.host"
> diff --git a/package/imx-cst/Config.in.host b/package/imx-cst/Config.in.host
> new file mode 100644
> index 000000000000..84cb825e59cf
> --- /dev/null
> +++ b/package/imx-cst/Config.in.host
> @@ -0,0 +1,8 @@
> +config BR2_PACKAGE_HOST_IMX_CST
> + bool "host imx-cst"
> + help
> + I.MX code signing tool provides software code signing
> + support designed that integrate the HABv4 and AHAB
> + library.
> +
> + https://www.nxp.com/webapp/sps/download/license.jsp?colCode=IMX_CST_TOOL
> diff --git a/package/imx-cst/imx-cst.hash b/package/imx-cst/imx-cst.hash
> new file mode 100644
> index 000000000000..9c27bfe82038
> --- /dev/null
> +++ b/package/imx-cst/imx-cst.hash
> @@ -0,0 +1,3 @@
> +# Locally calculated
> +sha256 2bcc03c7cedba58f7207a72a28e75cfe78007988d68c1095c793cce991c2936e imx-cst-e2c687a856e6670e753147aacef42d0a3c07891a-br1.tar.gz
> +sha256 5dee6f54c636a97b15d7e9dfc8075248c36764b3819828cbc94cbd17c1755fb9 LICENSE.bsd3
> diff --git a/package/imx-cst/imx-cst.mk b/package/imx-cst/imx-cst.mk
> new file mode 100644
> index 000000000000..120f9c5575e1
> --- /dev/null
> +++ b/package/imx-cst/imx-cst.mk
> @@ -0,0 +1,43 @@
> +################################################################################
> +#
> +# imx-cst
> +#
> +################################################################################
> +
> +# debian/3.3.1+dfsg-2
> +IMX_CST_SITE = https://gitlab.apertis.org/pkg/imx-code-signing-tool.git
> +IMX_CST_SITE_METHOD = git
> +IMX_CST_VERSION = e2c687a856e6670e753147aacef42d0a3c07891a
> +IMX_CST_LICENSE = BSD-3-Clause
> +IMX_CST_LICENSE_FILES = LICENSE.bsd3
> +
> +HOST_IMX_CST_DEPENDENCIES = host-byacc host-flex host-openssl
> +
> +# We don't use HOST_CONFIGURE_OPTS when building cst, because we need
> +# to preserve the CFLAGS/LDFLAGS used by their Makefile.
> +define HOST_IMX_CST_BUILD_CMDS
> + $(HOST_MAKE_ENV) $(MAKE) \
> + OSTYPE=linux64 \
> + ENCRYPTION=yes \
> + AR="$(HOSTAR)" \
> + CC="$(HOSTCC)" \
> + LD="$(HOSTCC)" \
> + OBJCOPY="$(HOSTOBJCOPY)" \
> + RANLIB="$(HOSTRANLIB)" \
> + EXTRACFLAGS="$(HOST_CFLAGS) $(HOST_CPPFLAGS)" \
> + EXTRALDFLAGS="$(HOST_LDFLAGS)" \
> + PWD=$(@D)/code/cst \
> + -C $(@D)/code/cst \
> + build
> + $(HOST_MAKE_ENV) $(MAKE) $(HOST_CONFIGURE_OPTS) \
> + COPTS="$(HOST_CFLAGS) $(HOST_CPPFLAGS) $(HOST_LDFLAGS)" \
> + -C $(@D)/code/hab_csf_parser
> +endef
> +
> +define HOST_IMX_CST_INSTALL_CMDS
> + $(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/cst $(HOST_DIR)/bin/cst
> + $(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/srktool $(HOST_DIR)/bin/srktool
> + $(INSTALL) -D -m 755 $(@D)/code/hab_csf_parser/csf_parser $(HOST_DIR)/bin/csf_parser
> +endef
> +
> +$(eval $(host-generic-package))
> --
> 2.35.1
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v3 2/2] package/imx-cst: new package
2022-04-22 10:09 [Buildroot] [PATCH v3 2/2] package/imx-cst: new package Thomas Perrot via buildroot
2022-04-30 12:26 ` Heiko Thiery
@ 2022-08-22 20:06 ` Yann E. MORIN
1 sibling, 0 replies; 3+ messages in thread
From: Yann E. MORIN @ 2022-08-22 20:06 UTC (permalink / raw)
To: Thomas Perrot; +Cc: thomas.petazzoni, buildroot
Thomas, All,
On 2022-04-22 12:09 +0200, Thomas Perrot via buildroot spake thusly:
> This package provides i.MX Code Signing Tools uses to sign i.MX bootloader
> to enable secure boot (HABv4 and AHAB).
>
> Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
[--SNIP--]
> diff --git a/package/imx-cst/Config.in.host b/package/imx-cst/Config.in.host
> new file mode 100644
> index 000000000000..84cb825e59cf
> --- /dev/null
> +++ b/package/imx-cst/Config.in.host
Unlike Heiko, I think this is the proper location. We already have
package/imx-mkimage/
package/imx-usb-loader/
> @@ -0,0 +1,8 @@
> +config BR2_PACKAGE_HOST_IMX_CST
> + bool "host imx-cst"
> + help
> + I.MX code signing tool provides software code signing
> + support designed that integrate the HABv4 and AHAB
> + library.
> +
> + https://www.nxp.com/webapp/sps/download/license.jsp?colCode=IMX_CST_TOOL
So, the homepage is on the official NXP site, but...
[--SNIP--]
> diff --git a/package/imx-cst/imx-cst.mk b/package/imx-cst/imx-cst.mk
> new file mode 100644
> index 000000000000..120f9c5575e1
> --- /dev/null
> +++ b/package/imx-cst/imx-cst.mk
> @@ -0,0 +1,43 @@
> +################################################################################
> +#
> +# imx-cst
> +#
> +################################################################################
> +
> +# debian/3.3.1+dfsg-2
> +IMX_CST_SITE = https://gitlab.apertis.org/pkg/imx-code-signing-tool.git
You are using the debian git tree. You need to explain that.
> +IMX_CST_SITE_METHOD = git
> +IMX_CST_VERSION = e2c687a856e6670e753147aacef42d0a3c07891a
> +IMX_CST_LICENSE = BSD-3-Clause
> +IMX_CST_LICENSE_FILES = LICENSE.bsd3
> +
> +HOST_IMX_CST_DEPENDENCIES = host-byacc host-flex host-openssl
> +
> +# We don't use HOST_CONFIGURE_OPTS when building cst, because we need
> +# to preserve the CFLAGS/LDFLAGS used by their Makefile.
> +define HOST_IMX_CST_BUILD_CMDS
> + $(HOST_MAKE_ENV) $(MAKE) \
> + OSTYPE=linux64 \
It was my understanding from the previous review, that hard-coding
linux64 was not the proper solution.
Regards,
Yann E. MORIN.
> + ENCRYPTION=yes \
> + AR="$(HOSTAR)" \
> + CC="$(HOSTCC)" \
> + LD="$(HOSTCC)" \
> + OBJCOPY="$(HOSTOBJCOPY)" \
> + RANLIB="$(HOSTRANLIB)" \
> + EXTRACFLAGS="$(HOST_CFLAGS) $(HOST_CPPFLAGS)" \
> + EXTRALDFLAGS="$(HOST_LDFLAGS)" \
> + PWD=$(@D)/code/cst \
> + -C $(@D)/code/cst \
> + build
> + $(HOST_MAKE_ENV) $(MAKE) $(HOST_CONFIGURE_OPTS) \
> + COPTS="$(HOST_CFLAGS) $(HOST_CPPFLAGS) $(HOST_LDFLAGS)" \
> + -C $(@D)/code/hab_csf_parser
> +endef
> +
> +define HOST_IMX_CST_INSTALL_CMDS
> + $(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/cst $(HOST_DIR)/bin/cst
> + $(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/srktool $(HOST_DIR)/bin/srktool
> + $(INSTALL) -D -m 755 $(@D)/code/hab_csf_parser/csf_parser $(HOST_DIR)/bin/csf_parser
> +endef
> +
> +$(eval $(host-generic-package))
> --
> 2.35.1
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-08-22 20:06 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-04-22 10:09 [Buildroot] [PATCH v3 2/2] package/imx-cst: new package Thomas Perrot via buildroot
2022-04-30 12:26 ` Heiko Thiery
2022-08-22 20:06 ` Yann E. MORIN
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.