Control: tags 931397 +patch
On 2019-07-04, Ying-Chun Liu wrote:
> These 2 tools are very important for using arm-trusted-firmware I think.
> By using fiptool we can alter the images (BL31/32/33) in FIP. For example,
> if we want to manually upgrade OPTEE or U-Boot, then we need to run
> "fiptool update"
...
> To make these two binaries, we can do these steps in arm-trusted-firmware
> source directory:
>
> * fiptool: make fiptool
> * cert_create: make -C tools/cert_create
The attached patch does create these binaries in an
"arm-trusted-firmware-tools" package; can you build and test that the
resulting binaries work correctly?
live well,
vagrant
From 5322ec5d0cb65fe203bac0e6206885b5d0e92f28 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian
Date: Fri, 29 May 2020 15:35:53 -0700
Subject: [PATCH] Add arm-trusted-firmware-tools (Closes: #931397). Thanks to
Ying-Chun Liu (PaulLiu).
---
debian/arm-trusted-firmware-tools.install | 2 ++
debian/control| 18 +-
debian/rules | 2 ++
3 files changed, 21 insertions(+), 1 deletion(-)
create mode 100644 debian/arm-trusted-firmware-tools.install
diff --git a/debian/arm-trusted-firmware-tools.install b/debian/arm-trusted-firmware-tools.install
new file mode 100644
index 0..1e1bda5f7
--- /dev/null
+++ b/debian/arm-trusted-firmware-tools.install
@@ -0,0 +1,2 @@
+tools/fiptool/fiptool /usr/bin/
+tools/cert_create/cert_create /usr/bin/
diff --git a/debian/control b/debian/control
index f0dc455b7..ab374e84f 100644
--- a/debian/control
+++ b/debian/control
@@ -6,6 +6,7 @@ Standards-Version: 4.5.0
Build-Depends: debhelper-compat (= 12),
gcc-arm-none-eabi,
binutils-arm-none-eabi,
+ libssl-dev,
Rules-Requires-Root: no
Homepage: https://www.trustedfirmware.org/
Vcs-Browser: https://salsa.debian.org/debian/arm-trusted-firmware
@@ -15,10 +16,25 @@ Package: arm-trusted-firmware
Architecture: arm64
Depends: ${shlibs:Depends}, ${misc:Depends}
Breaks: u-boot-rockchip (<< 2020.01~rc5)
-Description: "secure world" software for ARM SoCs
+Description: "secure world" software for ARM SoCs - firmware
The "secure world" on arm64 machines is a special level of CPU
privilege that is hidden from the normal OS, and has complete
control over the system. It provides both initialization during
early boot stages (before u-boot or EFI) and system monitor
functionality once the machine is booted up. This is an equivalent
of Intel ME on x86.
+ .
+ This package includes the firmware binaries.
+
+Package: arm-trusted-firmware-tools
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: "secure world" software for ARM SoCs - tools
+ The "secure world" on arm64 machines is a special level of CPU
+ privilege that is hidden from the normal OS, and has complete
+ control over the system. It provides both initialization during
+ early boot stages (before u-boot or EFI) and system monitor
+ functionality once the machine is booted up. This is an equivalent
+ of Intel ME on x86.
+ .
+ This package includes helper tools.
diff --git a/debian/rules b/debian/rules
index 07e0f19b2..a777df263 100755
--- a/debian/rules
+++ b/debian/rules
@@ -9,6 +9,8 @@ export TF_CFLAGS += -fno-pie
dh $@
override_dh_auto_build:
+ make fiptool
+ make -C tools/cert_create
# Always set CROSS_COMPILE, which also works for native builds.
grep -v '^#' debian/targets | while read plat targets ; do \
CROSS_COMPILE=aarch64-linux-gnu- make --debug=v DEBUG=1 PLAT=$$plat bl31 ; \
--
2.20.1
signature.asc
Description: PGP signature