Hi Marek, On Sat, 8 Feb 2025 at 14:27, Marek Vasut <[email protected]> wrote: > > On 2/7/25 1:49 AM, Simon Glass wrote: > > Hi Marek, > > > > On Thu, 6 Feb 2025 at 13:52, Marek Vasut <[email protected]> wrote: > >> > >> On 2/6/25 1:42 PM, Simon Glass wrote: > >> > >> Hi, > >> > >>>>> FAILED (errors=1) > >>>>> > >>>>> So where is the SRK_1_2_3_4_table.bin file? > >>>> See the tool documentation: > >>>> > >>>> https://gitlab.apertis.org/pkg/imx-code-signing-tool/-/blob/debian/3.4.0+dfsg-2/docs/CST_UG.pdf?ref_type=tags > >>>> > >>>> 3.1.2 Running the hab4_pki_tree script Example > >>>> 3.1.2.1 Running the hab4_pki_tree script in interactive mode > >>>> > >>>> The hab4_pki_tree.sh script should generate all those files. > >>> > >>> But with binman we want to avoid vendor scripts, etc. > >> > >> I believe the script internally runs openssl to generate that file. > >> > >>> Could someone take a look at updating tools/binman/btool/cst.py or > >>> similar to build the tool from source? There are examples of others > >>> that do this, e.g. bootgen.py > >> Is this relevant to finalizing this patch ? > > > > Well, I don't see how the tests can pass if we can't build/run the tools > > needed. > Maybe you can try to use the shell scripts to generate the missing bin > file ? I suspect the script does some openssl invocation, which can be > reproduced in binman ?
But 'binman tool -f <toolname>' is supposed to build/fetch the tool. So any such building should happen in that bintool. One of the main goals of binman is to reduce the work needed to create a working image. If people have to go spelunking around the Internet, build it themselves, etc. that is not good. Regards, Simon
