[PATCH v3 3/6] binman: Add special subnodes to the nodes generated by split-elf
Jonas Karlman
jonas at kwiboo.se
Sat Jan 21 20:01:48 CET 2023
Special nodes, hash and signature, is not being added to the nodes
generated for each segment in split-elf operation.
Copy the subnode logic used in _gen_fdt_nodes to _gen_split_elf to
ensure special nodes are added to the generated nodes.
Signed-off-by: Jonas Karlman <jonas at kwiboo.se>
Reviewed-by: Simon Glass <sjg at chromium.org>
---
v3:
- Collect r-b tag
v2:
- Add test
- Update commit message and documentation
- Update entries.rst
tools/binman/entries.rst | 14 ++++++++++++++
tools/binman/etype/fit.py | 23 +++++++++++++++++++++--
tools/binman/ftest.py | 12 ++++++++++++
tools/binman/test/226_fit_split_elf.dts | 6 ++++++
4 files changed, 53 insertions(+), 2 deletions(-)
diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst
index 8f11189b7bf0..78f95dae1a4e 100644
--- a/tools/binman/entries.rst
+++ b/tools/binman/entries.rst
@@ -762,6 +762,9 @@ Here is an example showing ATF, TEE and a device tree all combined::
atf-bl31 {
};
+ hash {
+ algo = "sha256";
+ };
};
@tee-SEQ {
@@ -777,6 +780,9 @@ Here is an example showing ATF, TEE and a device tree all combined::
tee-os {
};
+ hash {
+ algo = "sha256";
+ };
};
};
@@ -805,6 +811,10 @@ ELF file, for example::
arch = "arm64";
type = "firmware";
description = "ARM Trusted Firmware";
+ hash {
+ algo = "sha256";
+ value = <...hash of first segment...>;
+ };
};
atf-2 {
data = <...contents of second segment...>;
@@ -814,6 +824,10 @@ ELF file, for example::
arch = "arm64";
type = "firmware";
description = "ARM Trusted Firmware";
+ hash {
+ algo = "sha256";
+ value = <...hash of second segment...>;
+ };
};
};
diff --git a/tools/binman/etype/fit.py b/tools/binman/etype/fit.py
index df1ce81f9c07..bcb606f3f94c 100644
--- a/tools/binman/etype/fit.py
+++ b/tools/binman/etype/fit.py
@@ -228,6 +228,9 @@ class Entry_fit(Entry_section):
atf-bl31 {
};
+ hash {
+ algo = "sha256";
+ };
};
@tee-SEQ {
@@ -243,6 +246,9 @@ class Entry_fit(Entry_section):
tee-os {
};
+ hash {
+ algo = "sha256";
+ };
};
};
@@ -271,6 +277,10 @@ class Entry_fit(Entry_section):
arch = "arm64";
type = "firmware";
description = "ARM Trusted Firmware";
+ hash {
+ algo = "sha256";
+ value = <...hash of first segment...>;
+ };
};
atf-2 {
data = <...contents of second segment...>;
@@ -280,6 +290,10 @@ class Entry_fit(Entry_section):
arch = "arm64";
type = "firmware";
description = "ARM Trusted Firmware";
+ hash {
+ algo = "sha256";
+ value = <...hash of second segment...>;
+ };
};
};
@@ -548,12 +562,13 @@ class Entry_fit(Entry_section):
else:
self.Raise("Generator node requires 'fit,fdt-list' property")
- def _gen_split_elf(base_node, node, segments, entry_addr):
+ def _gen_split_elf(base_node, node, depth, segments, entry_addr):
"""Add nodes for the ELF file, one per group of contiguous segments
Args:
base_node (Node): Template node from the binman definition
node (Node): Node to replace (in the FIT being built)
+ depth: Current node depth (0 is the base 'fit' node)
segments (list): list of segments, each:
int: Segment number (0 = first)
int: Start address of segment in memory
@@ -578,6 +593,10 @@ class Entry_fit(Entry_section):
self._raise_subnode(
node, f"Unknown directive '{pname}'")
+ for subnode in node.subnodes:
+ with fsw.add_node(subnode.name):
+ _add_node(node, depth + 1, subnode)
+
def _gen_node(base_node, node, depth, in_images, entry):
"""Generate nodes from a template
@@ -631,7 +650,7 @@ class Entry_fit(Entry_section):
self._raise_subnode(
node, f'Failed to read ELF file: {str(exc)}')
- _gen_split_elf(base_node, node, segments, entry_addr)
+ _gen_split_elf(base_node, node, depth, segments, entry_addr)
def _add_node(base_node, depth, node):
"""Add nodes to the output FIT
diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py
index f0d0afd5b808..cd2757257178 100644
--- a/tools/binman/ftest.py
+++ b/tools/binman/ftest.py
@@ -5439,6 +5439,10 @@ fdt fdtmap Extract the devicetree blob from the fdtmap
fdt_util.fdt32_to_cpu(atf1.props['load'].value))
self.assertEqual(data, atf1.props['data'].bytes)
+ hash_node = atf1.FindNode('hash')
+ self.assertIsNotNone(hash_node)
+ self.assertEqual({'algo', 'value'}, hash_node.props.keys())
+
atf2 = dtb.GetNode('/images/atf-2')
self.assertEqual(base_keys, atf2.props.keys())
_, start, data = segments[1]
@@ -5446,6 +5450,14 @@ fdt fdtmap Extract the devicetree blob from the fdtmap
fdt_util.fdt32_to_cpu(atf2.props['load'].value))
self.assertEqual(data, atf2.props['data'].bytes)
+ hash_node = atf2.FindNode('hash')
+ self.assertIsNotNone(hash_node)
+ self.assertEqual({'algo', 'value'}, hash_node.props.keys())
+
+ hash_node = dtb.GetNode('/images/tee-1/hash-1')
+ self.assertIsNotNone(hash_node)
+ self.assertEqual({'algo', 'value'}, hash_node.props.keys())
+
conf = dtb.GetNode('/configurations')
self.assertEqual({'default'}, conf.props.keys())
diff --git a/tools/binman/test/226_fit_split_elf.dts b/tools/binman/test/226_fit_split_elf.dts
index fab15338b204..22c453e6037b 100644
--- a/tools/binman/test/226_fit_split_elf.dts
+++ b/tools/binman/test/226_fit_split_elf.dts
@@ -33,6 +33,9 @@
atf-bl31 {
};
+ hash {
+ algo = "sha256";
+ };
};
@tee-SEQ {
@@ -48,6 +51,9 @@
tee-os {
};
+ hash-1 {
+ algo = "sha256";
+ };
};
};
--
2.39.1
More information about the U-Boot
mailing list