Re: [PATCH v3 09/11] binman: btool: Add Xilinx Bootgen btool

Hi,

On Tue, 18 Jul 2023 at 05:53, lukas.funke-oss@weidmueller.com wrote:

From: Lukas Funke lukas.funke@weidmueller.com

Add the Xilinx Bootgen as bintool. Xilinx Bootgen is used to create bootable SPL (FSBL in Xilinx terms) images for Zynq/ZynqMP devices. The btool creates a signed version of the SPL. Additionally to signing the key source for the decryption engine can be passend to the boot image.

Signed-off-by: Lukas Funke lukas.funke@weidmueller.com

---

Changes in v3:

• Fixed an issue where the build result was not found
• Fixed an issue where the version string was not reported correctly

Changes in v2:

• Pass additional 'keysrc_enc' parameter to Bootgen
• Added more information and terms to documentation

tools/binman/bintools.rst | 2 +- tools/binman/btool/bootgen.py | 136 ++++++++++++++++++++++++++++++++++ 2 files changed, 137 insertions(+), 1 deletion(-) create mode 100644 tools/binman/btool/bootgen.py

diff --git a/tools/binman/bintools.rst b/tools/binman/bintools.rst index c6c9a88c21..8f58aaebf7 100644 --- a/tools/binman/bintools.rst +++ b/tools/binman/bintools.rst @@ -197,7 +197,7 @@ Using `fdt_add_pubkey` the key can be injected to the SPL independent of

Bintool: bootgen: Sign ZynqMP FSBL image

+----------------------------------------

This bintool supports running `bootgen` in order to sign a SPL for ZynqMP devices. diff --git a/tools/binman/btool/bootgen.py b/tools/binman/btool/bootgen.py new file mode 100644 index 0000000000..83bbe124dc --- /dev/null +++ b/tools/binman/btool/bootgen.py @@ -0,0 +1,136 @@ +# SPDX-License-Identifier: GPL-2.0+ +# Copyright (C) 2023 Weidmüller Interface GmbH & Co. KG +# Lukas Funke lukas.funke@weidmueller.com +# +"""Bintool implementation for bootgen

+bootgen allows creating bootable SPL for Zynq(MP)

+Documentation is available via:: +https://www.xilinx.com/support/documents/sw_manuals/xilinx2022_1/ug1283-boot...

+Source code is available at:

+https://github.com/Xilinx/bootgen

+""" +import tempfile

+from binman import bintool +from u_boot_pylib import tools

+# pylint: disable=C0103 +class Bintoolbootgen(bintool.Bintool):

• """Generate bootable fsbl image for zynq/zynqmp
• This bintools supports running Xilinx "bootgen" in order
• to generate a bootable, authenticated image form an SPL.
• """
• def __init__(self, name):

•    super().__init__(name, 'Xilinx Bootgen',
  

•                     version_regex=r'^\*\*\*\*\*\* *Xilinx Bootgen *(.*)',
  

•                     version_args='-help')
  

• # pylint: disable=R0913
• def sign(self, arch, spl_elf_fname, pmufw_elf_fname,

•         psk_fname, ssk_fname, fsbl_config, auth_params, keysrc_enc,
  

•         output_fname):
  

•    """ Sign SPL elf file and bundle it PMU firmware into an image
  

•    The method bundels the SPL together with a 'Platform Management Unit'
  

•    (PMU)[1] firmware into a single bootable image. The image in turn is
  

•    signed with the provided 'secondary secret key' (ssk), which in turn is
  

•    signed with the 'primary secret key' (ppk). In order to verify the
  

•    authenticity of the ppk, it's hash has to be fused into the device
  

•    itself.
  

Please regen the entry-docs in the same patch, so that entries.rst is updated. Also check your references like [1]. Looking at the docs output you should be able to click on the link, i.e. you should use rST style [..]

Regards, Simon