[][SBC][Refactor mkits.sh related patches]
[Description]
Refactor mkits.sh related patches
- patch 'mtk-openwrt-feed/openwrt_patches-21.02/9990-fit-replace-@-with--.patch' first
- split mkits.sh related in
'mtk-openwrt-feed/openwrt_patches-21.02/9989-sbc-secure-boot-and-anti-rollback-support.patch'
to 'mtk-openwrt-feed/openwrt_patches-21.02/9991-fit-secure-boot-and-anti-rollback-support.patch',
and move it to 'autobuild/openwrt_patches-21.02/0902-sbc-secure-boot-and-anti-rollback-support.patch'
[Release-log]
N/A
Change-Id: Id97d51c885d0e8f82de09f7380097f30261fcb52
Reviewed-on: https://gerrit.mediatek.inc/c/openwrt/feeds/mtk_openwrt_feeds/+/5806065
diff --git a/openwrt_patches-21.02/9991-fit-secure-boot-and-anti-rollback-support.patch b/openwrt_patches-21.02/9991-fit-secure-boot-and-anti-rollback-support.patch
new file mode 100644
index 0000000..905e51d
--- /dev/null
+++ b/openwrt_patches-21.02/9991-fit-secure-boot-and-anti-rollback-support.patch
@@ -0,0 +1,117 @@
+diff --git a/scripts/mkits.sh b/scripts/mkits.sh
+index 547a4eb..1075367 100755
+--- a/scripts/mkits.sh
++++ b/scripts/mkits.sh
+@@ -17,6 +17,7 @@
+ usage() {
+ printf "Usage: %s -A arch -C comp -a addr -e entry" "$(basename "$0")"
+ printf " -v version -k kernel [-D name -n address -d dtb] -o its_file"
++ printf " [-s script] [-S key_name_hint] [-r ar_ver]"
+
+ printf "\n\t-A ==> set architecture to 'arch'"
+ printf "\n\t-C ==> set compression type 'comp'"
+@@ -28,13 +29,16 @@ usage() {
+ printf "\n\t-D ==> human friendly Device Tree Blob 'name'"
+ printf "\n\t-n ==> fdt unit-address 'address'"
+ printf "\n\t-d ==> include Device Tree Blob 'dtb'"
+- printf "\n\t-o ==> create output file 'its_file'\n"
++ printf "\n\t-o ==> create output file 'its_file'"
++ printf "\n\t-s ==> include u-boot script 'script'"
++ printf "\n\t-S ==> add signature at configurations and assign its key_name_hint by 'key_name_hint'"
++ printf "\n\t-r ==> set anti-rollback version to 'fw_ar_ver' (dec)\n"
+ exit 1
+ }
+
+ FDTNUM=1
+
+-while getopts ":A:a:c:C:D:d:e:k:n:o:v:" OPTION
++while getopts ":A:a:c:C:D:d:e:k:n:o:v:s:S:r:" OPTION
+ do
+ case $OPTION in
+ A ) ARCH=$OPTARG;;
+@@ -48,6 +52,9 @@ do
+ n ) FDTNUM=$OPTARG;;
+ o ) OUTPUT=$OPTARG;;
+ v ) VERSION=$OPTARG;;
++ s ) UBOOT_SCRIPT=$OPTARG;;
++ S ) KEY_NAME_HINT=$OPTARG;;
++ r ) AR_VER=$OPTARG;;
+ * ) echo "Invalid option passed to '$0' (options:$*)"
+ usage;;
+ esac
+@@ -82,6 +89,56 @@ if [ -n "${DTB}" ]; then
+ FDT_PROP="fdt = \"fdt-$FDTNUM\";"
+ fi
+
++# Conditionally create script information
++if [ -n "${UBOOT_SCRIPT}" ]; then
++ SCRIPT="\
++ script-1 {
++ description = \"U-Boot Script\";
++ data = /incbin/(\"${UBOOT_SCRIPT}\");
++ type = \"script\";
++ arch = \"${ARCH}\";
++ os = \"linux\";
++ load = <0>;
++ entry = <0>;
++ compression = \"none\";
++ hash-1 {
++ algo = \"crc32\";
++ };
++ hash-2 {
++ algo = \"sha1\";
++ };
++ };\
++"
++ LOADABLES="\
++ loadables = \"script-1\";\
++"
++ SIGN_IMAGES="\
++ sign-images = \"fdt\", \"kernel\", \"loadables\";\
++"
++else
++ SIGN_IMAGES="\
++ sign-images = \"fdt\", \"kernel\";\
++"
++fi
++
++# Conditionally create signature information
++if [ -n "${KEY_NAME_HINT}" ]; then
++ SIGNATURE="\
++ signature {
++ algo = \"sha1,rsa2048\";
++ key-name-hint = \"${KEY_NAME_HINT}\";
++${SIGN_IMAGES}
++ };\
++"
++fi
++
++# Conditionally create anti-rollback version information
++if [ -n "${AR_VER}" ]; then
++ FW_AR_VER="\
++ fw_ar_ver = <${AR_VER}>;\
++"
++fi
++
+ # Create a default, fully populated DTS file
+ DATA="/dts-v1/;
+
+@@ -107,14 +164,18 @@ DATA="/dts-v1/;
+ };
+ };
+ ${FDT_NODE}
++${SCRIPT}
+ };
+
+ configurations {
+ default = \"${CONFIG}\";
+ ${CONFIG} {
+ description = \"OpenWrt\";
++${FW_AR_VER}
++${LOADABLES}
+ kernel = \"kernel-1\";
+ ${FDT_PROP}
++${SIGNATURE}
+ };
+ };
+ };"