hi Tom, On Wed, 16 Aug 2023 at 01:54, Tom Rini <[email protected]> wrote: > > On Tue, Aug 15, 2023 at 09:56:20PM +0530, Sughosh Ganu wrote: > > > The EFI capsule authentication logic in u-boot expects the public key > > in the form of an EFI Signature List(ESL) to be provided as part of > > the platform's dtb. Currently, the embedding of the ESL file into the > > dtb needs to be done manually. > > > > Add a target for generating a dtsi file which contains the signature > > node with the ESL file included as a property under the signature > > node. Include the dtsi file in the dtb. This brings the embedding of > > the ESL in the dtb into the U-Boot build flow. > > > > The path to the ESL file is specified through the > > CONFIG_EFI_CAPSULE_ESL_FILE symbol. > > > > Signed-off-by: Sughosh Ganu <[email protected]> > [snip] > > diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib > > index 368b5a3e28..2e71f190bc 100644 > > --- a/scripts/Makefile.lib > > +++ b/scripts/Makefile.lib > > @@ -334,7 +334,23 @@ cmd_dtc = mkdir -p $(dir ${dtc-tmp}) ; \ > > ; \ > > sed "s:$(pre-tmp):$(<):" $(depfile).pre.tmp $(depfile).dtc.tmp > > > $(depfile) > > > > -$(obj)/%.dtb: $(src)/%.dts $(DTC) FORCE > > +ifdef CONFIG_EFI_CAPSULE_AUTHENTICATE > > +quiet_cmd_capsule_esl_gen = CAPSULE_ESL_GEN $@ > > +cmd_capsule_esl_gen = \ > > + $(shell sed "s:ESL_BIN_FILE:$(capsule_esl_path):" > > $(capsule_esl_input_file) > $@) > > + > > +$(obj)/.capsule_esl.dtsi: > > + $(call cmd_capsule_esl_gen) > > + > > +capsule_esl_input_file=$(srctree)/lib/efi_loader/capsule_esl.dtsi.in > > +capsule_esl_dtsi = .capsule_esl.dtsi > > +capsule_esl_path=$(abspath $(srctree)/$(subst > > $(quote),,$(CONFIG_EFI_CAPSULE_ESL_FILE))) > > +dtsi_include_list += $(capsule_esl_dtsi) > > +endif > > We should only need to ifdef around appending to dtsi_include_list. The > rest we can / should just leave always there, that's cleaner reading.
Okay > > > + > > +dtsi_include_list_deps = $(addprefix $(obj)/,$(subst > > $(quote),,$(dtsi_include_list))) > > + > > +$(obj)/%.dtb: $(src)/%.dts $(DTC) $(dtsi_include_list_deps) FORCE > > This part here is a separate bugfix and we should do that as patch 2, > and the rest of the changes here as patch 3. Will put this in a separate patch. Thanks. -sughosh
