Hi Simon,
On Sat, Feb 19, 2022 at 04:11:08PM -0700, Simon Glass wrote:
Hi,
On Sun, 13 Feb 2022 at 17:54, AKASHI Takahiro takahiro.akashi@linaro.org wrote:
Heinrich,
On Fri, Feb 11, 2022 at 08:16:34PM +0100, Heinrich Schuchardt wrote:
On 2/9/22 11:10, AKASHI Takahiro wrote:
With this enhancement, mkeficapsule will be able to sign a capsule file when it is created. A signature added will be used later in the verification at FMP's SetImage() call.
To do that, we need specify additional command parameters: -monotonic-cout <count> : monotonic count -private-key <private key file> : private key file -certificate <certificate file> : certificate file Only when all of those parameters are given, a signature will be added to a capsule file.
Users are expected to maintain and increment the monotonic count at every time of the update for each firmware image.
Signed-off-by: AKASHI Takahiro takahiro.akashi@linaro.org Reviewed-by: Simon Glass sjg@chromium.org Acked-by: Ilias Apalodimas ilias.apalodimas@linaro.org
.azure-pipelines.yml | 2 +- tools/Makefile | 1 + tools/eficapsule.h | 115 +++++++++++++ tools/mkeficapsule.c | 380 +++++++++++++++++++++++++++++++++++++++---- 4 files changed, 463 insertions(+), 35 deletions(-) create mode 100644 tools/eficapsule.h
I'm not sure if it is this patch or something else, but building is broken as it needs
gnutls/gnutls.h
Please update the docs in doc/build/gcc.rst to fix this.
I have not noticed that there is *another* list of package dependency. It is easy to fix against gnutls.h, but gnutls.h (or libgnutls-dev) is NOT the only component missing in the list.
Comparing gcc.rst with gitlab-ci.yml, there already exist a lot of such packages:
gcc.rst | gitlab-ci.yml ====== ====== > automake > autopoint bc bc > binutils-dev bison bison build-essential build-essential coccinelle | clang-10 > coreutils > cpio > cppcheck > curl device-tree-compiler device-tree-compiler dfu-util | dosfstools > e2fsprogs efitools efitools > fakeroot flex flex gdisk gdisk > git > gnu-efi graphviz graphviz > grub-efi-amd64-bin > grub-efi-ia32-bin > help2man > iasl imagemagick imagemagick liblz4-tool | iputils-ping libguestfs-tools libguestfs-tools libncurses-dev | libgnutls28-dev libpython3-dev | libgnutls30 > libisl15 > liblz4-tool > libpixman-1-dev > libpython-dev > libsdl1.2-dev libsdl2-dev libsdl2-dev libssl-dev libssl-dev lz4 | libudev-dev lzma | libusb-1.0-0-dev lzma-alone lzma-alone > lzop > mount > mtd-utils > mtools openssl openssl > picocom > parted pkg-config pkg-config python3 | python python3-coverage | python-dev python3-pkg-resources | python-pip python3-pycryptodome | python-virtualenv python3-pyelftools | python3-pip python3-pytest | python3-sphinx python3-sphinxcontrib.apidoc | rpm2cpio python3-sphinx-rtd-theme | sbsigntool python3-virtualenv | sloccount > sparse > srecord > sudo swig swig > util-linux > uuid-dev > virtualenv > zip
-Takahiro Akashi