xref: /openbmc/openbmc/poky/meta/classes-recipe/kernel-fitimage.bbclass (revision c9537f57ab488bf5d90132917b0184e2527970a5) 
1#
2# Copyright OpenEmbedded Contributors
3#
4# SPDX-License-Identifier: MIT
5#
6
7inherit kernel-uboot kernel-artifact-names uboot-config
8require conf/image-fitimage.conf
9
10def get_fit_replacement_type(d):
11    kerneltypes = d.getVar('KERNEL_IMAGETYPES') or ""
12    replacementtype = ""
13    if 'fitImage' in kerneltypes.split():
14        uarch = d.getVar("UBOOT_ARCH")
15        if uarch == "arm64":
16            replacementtype = "Image"
17        elif uarch == "riscv":
18            replacementtype = "Image"
19        elif uarch == "mips":
20            replacementtype = "vmlinuz.bin"
21        elif uarch == "x86":
22            replacementtype = "bzImage"
23        elif uarch == "microblaze":
24            replacementtype = "linux.bin"
25        else:
26            replacementtype = "zImage"
27    return replacementtype
28
29KERNEL_IMAGETYPE_REPLACEMENT ?= "${@get_fit_replacement_type(d)}"
30DEPENDS:append = " ${@'u-boot-tools-native dtc-native' if 'fitImage' in (d.getVar('KERNEL_IMAGETYPES') or '').split() else ''}"
31
32python __anonymous () {
33    # Override KERNEL_IMAGETYPE_FOR_MAKE variable, which is internal
34    # to kernel.bbclass . We have to override it, since we pack zImage
35    # (at least for now) into the fitImage .
36    typeformake = d.getVar("KERNEL_IMAGETYPE_FOR_MAKE") or ""
37    if 'fitImage' in typeformake.split():
38        d.setVar('KERNEL_IMAGETYPE_FOR_MAKE', typeformake.replace('fitImage', d.getVar('KERNEL_IMAGETYPE_REPLACEMENT')))
39
40    image = d.getVar('INITRAMFS_IMAGE')
41    if image and not bb.utils.to_boolean(d.getVar('INITRAMFS_IMAGE_BUNDLE')):
42        if d.getVar('INITRAMFS_MULTICONFIG'):
43            mc = d.getVar('BB_CURRENT_MC')
44            d.appendVarFlag('do_assemble_fitimage_initramfs', 'mcdepends', ' mc:' + mc + ':${INITRAMFS_MULTICONFIG}:${INITRAMFS_IMAGE}:do_image_complete')
45        else:
46            d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' ${INITRAMFS_IMAGE}:do_image_complete')
47
48    #check if there are any dtb providers
49    providerdtb = d.getVar("PREFERRED_PROVIDER_virtual/dtb")
50    if providerdtb:
51        d.appendVarFlag('do_assemble_fitimage', 'depends', ' virtual/dtb:do_populate_sysroot')
52        d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' virtual/dtb:do_populate_sysroot')
53        d.setVar('EXTERNAL_KERNEL_DEVICETREE', "${RECIPE_SYSROOT}/boot/devicetree")
54}
55
56#
57# Emit the fitImage ITS header
58#
59# $1 ... .its filename
60fitimage_emit_fit_header() {
61	cat << EOF >> $1
62/dts-v1/;
63
64/ {
65        description = "${FIT_DESC}";
66        #address-cells = <${FIT_ADDRESS_CELLS}>;
67EOF
68}
69
70#
71# Emit the fitImage section bits
72#
73# $1 ... .its filename
74# $2 ... Section bit type: imagestart - image section start
75#                          confstart  - configuration section start
76#                          sectend    - section end
77#                          fitend     - fitimage end
78#
79fitimage_emit_section_maint() {
80	case $2 in
81	imagestart)
82		cat << EOF >> $1
83
84        images {
85EOF
86	;;
87	confstart)
88		cat << EOF >> $1
89
90        configurations {
91EOF
92	;;
93	sectend)
94		cat << EOF >> $1
95	};
96EOF
97	;;
98	fitend)
99		cat << EOF >> $1
100};
101EOF
102	;;
103	esac
104}
105
106#
107# Emit the fitImage ITS kernel section
108#
109# $1 ... .its filename
110# $2 ... Image counter
111# $3 ... Path to kernel image
112# $4 ... Compression type
113fitimage_emit_section_kernel() {
114
115	kernel_csum="${FIT_HASH_ALG}"
116	kernel_sign_algo="${FIT_SIGN_ALG}"
117	kernel_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
118
119	ENTRYPOINT="${UBOOT_ENTRYPOINT}"
120	if [ -n "${UBOOT_ENTRYSYMBOL}" ]; then
121		ENTRYPOINT=`${HOST_PREFIX}nm vmlinux | \
122			awk '$3=="${UBOOT_ENTRYSYMBOL}" {print "0x"$1;exit}'`
123	fi
124
125	cat << EOF >> $1
126                kernel-$2 {
127                        description = "Linux kernel";
128                        data = /incbin/("$3");
129                        type = "${UBOOT_MKIMAGE_KERNEL_TYPE}";
130                        arch = "${UBOOT_ARCH}";
131                        os = "linux";
132                        compression = "$4";
133                        load = <${UBOOT_LOADADDRESS}>;
134                        entry = <$ENTRYPOINT>;
135                        hash-1 {
136                                algo = "$kernel_csum";
137                        };
138                };
139EOF
140
141	if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$kernel_sign_keyname" ] ; then
142		sed -i '$ d' $1
143		cat << EOF >> $1
144                        signature-1 {
145                                algo = "$kernel_csum,$kernel_sign_algo";
146                                key-name-hint = "$kernel_sign_keyname";
147                        };
148                };
149EOF
150	fi
151}
152
153#
154# Emit the fitImage ITS DTB section
155#
156# $1 ... .its filename
157# $2 ... Image counter
158# $3 ... Path to DTB image
159fitimage_emit_section_dtb() {
160
161	dtb_csum="${FIT_HASH_ALG}"
162	dtb_sign_algo="${FIT_SIGN_ALG}"
163	dtb_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
164
165	dtb_loadline=""
166	dtb_ext=${DTB##*.}
167	if [ "${dtb_ext}" = "dtbo" ]; then
168		if [ -n "${UBOOT_DTBO_LOADADDRESS}" ]; then
169			dtb_loadline="load = <${UBOOT_DTBO_LOADADDRESS}>;"
170		fi
171	elif [ -n "${UBOOT_DTB_LOADADDRESS}" ]; then
172		dtb_loadline="load = <${UBOOT_DTB_LOADADDRESS}>;"
173	fi
174	cat << EOF >> $1
175                fdt-$2 {
176                        description = "Flattened Device Tree blob";
177                        data = /incbin/("$3");
178                        type = "flat_dt";
179                        arch = "${UBOOT_ARCH}";
180                        compression = "none";
181                        $dtb_loadline
182                        hash-1 {
183                                algo = "$dtb_csum";
184                        };
185                };
186EOF
187
188	if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$dtb_sign_keyname" ] ; then
189		sed -i '$ d' $1
190		cat << EOF >> $1
191                        signature-1 {
192                                algo = "$dtb_csum,$dtb_sign_algo";
193                                key-name-hint = "$dtb_sign_keyname";
194                        };
195                };
196EOF
197	fi
198}
199
200#
201# Emit the fitImage ITS u-boot script section
202#
203# $1 ... .its filename
204# $2 ... Image counter
205# $3 ... Path to boot script image
206fitimage_emit_section_boot_script() {
207
208	bootscr_csum="${FIT_HASH_ALG}"
209	bootscr_sign_algo="${FIT_SIGN_ALG}"
210	bootscr_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
211
212        cat << EOF >> $1
213                bootscr-$2 {
214                        description = "U-boot script";
215                        data = /incbin/("$3");
216                        type = "script";
217                        arch = "${UBOOT_ARCH}";
218                        compression = "none";
219                        hash-1 {
220                                algo = "$bootscr_csum";
221                        };
222                };
223EOF
224
225	if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$bootscr_sign_keyname" ] ; then
226		sed -i '$ d' $1
227		cat << EOF >> $1
228                        signature-1 {
229                                algo = "$bootscr_csum,$bootscr_sign_algo";
230                                key-name-hint = "$bootscr_sign_keyname";
231                        };
232                };
233EOF
234	fi
235}
236
237#
238# Emit the fitImage ITS setup section
239#
240# $1 ... .its filename
241# $2 ... Image counter
242# $3 ... Path to setup image
243fitimage_emit_section_setup() {
244
245	setup_csum="${FIT_HASH_ALG}"
246	setup_sign_algo="${FIT_SIGN_ALG}"
247	setup_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
248
249	cat << EOF >> $1
250                setup-$2 {
251                        description = "Linux setup.bin";
252                        data = /incbin/("$3");
253                        type = "x86_setup";
254                        arch = "${UBOOT_ARCH}";
255                        os = "linux";
256                        compression = "none";
257                        load = <0x00090000>;
258                        entry = <0x00090000>;
259                        hash-1 {
260                                algo = "$setup_csum";
261                        };
262                };
263EOF
264
265	if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$setup_sign_keyname" ] ; then
266		sed -i '$ d' $1
267		cat << EOF >> $1
268                        signature-1 {
269                                algo = "$setup_csum,$setup_sign_algo";
270                                key-name-hint = "$setup_sign_keyname";
271                        };
272                };
273EOF
274	fi
275}
276
277#
278# Emit the fitImage ITS ramdisk section
279#
280# $1 ... .its filename
281# $2 ... Image counter
282# $3 ... Path to ramdisk image
283fitimage_emit_section_ramdisk() {
284
285	ramdisk_csum="${FIT_HASH_ALG}"
286	ramdisk_sign_algo="${FIT_SIGN_ALG}"
287	ramdisk_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
288	ramdisk_loadline=""
289	ramdisk_entryline=""
290
291	if [ -n "${UBOOT_RD_LOADADDRESS}" ]; then
292		ramdisk_loadline="load = <${UBOOT_RD_LOADADDRESS}>;"
293	fi
294	if [ -n "${UBOOT_RD_ENTRYPOINT}" ]; then
295		ramdisk_entryline="entry = <${UBOOT_RD_ENTRYPOINT}>;"
296	fi
297
298	cat << EOF >> $1
299                ramdisk-$2 {
300                        description = "${INITRAMFS_IMAGE}";
301                        data = /incbin/("$3");
302                        type = "ramdisk";
303                        arch = "${UBOOT_ARCH}";
304                        os = "linux";
305                        compression = "none";
306                        $ramdisk_loadline
307                        $ramdisk_entryline
308                        hash-1 {
309                                algo = "$ramdisk_csum";
310                        };
311                };
312EOF
313
314	if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$ramdisk_sign_keyname" ] ; then
315		sed -i '$ d' $1
316		cat << EOF >> $1
317                        signature-1 {
318                                algo = "$ramdisk_csum,$ramdisk_sign_algo";
319                                key-name-hint = "$ramdisk_sign_keyname";
320                        };
321                };
322EOF
323	fi
324}
325
326#
327# echoes symlink destination if it points below directory
328#
329# $1 ... file that's a potential symlink
330# $2 ... expected parent directory
331symlink_points_below() {
332	file="$2/$1"
333	dir=$2
334
335	if ! [ -L "$file" ]; then
336		return
337	fi
338
339	realpath="$(realpath --relative-to=$dir $file)"
340	if [ -z "${realpath%%../*}" ]; then
341		return
342	fi
343
344	echo "$realpath"
345}
346
347#
348# Emit the fitImage ITS configuration section
349#
350# $1 ... .its filename
351# $2 ... Linux kernel ID
352# $3 ... DTB image name
353# $4 ... ramdisk ID
354# $5 ... u-boot script ID
355# $6 ... config ID
356# $7 ... default flag
357# $8 ... default DTB image name
358fitimage_emit_section_config() {
359
360	conf_csum="${FIT_HASH_ALG}"
361	conf_sign_algo="${FIT_SIGN_ALG}"
362	conf_padding_algo="${FIT_PAD_ALG}"
363	if [ "${UBOOT_SIGN_ENABLE}" = "1" ] ; then
364		conf_sign_keyname="${UBOOT_SIGN_KEYNAME}"
365	fi
366
367	its_file="$1"
368	kernel_id="$2"
369	dtb_image="$3"
370	ramdisk_id="$4"
371	bootscr_id="$5"
372	config_id="$6"
373	default_flag="$7"
374	default_dtb_image="$8"
375
376	# Test if we have any DTBs at all
377	sep=""
378	conf_desc=""
379	conf_node="${FIT_CONF_PREFIX}"
380	kernel_line=""
381	fdt_line=""
382	ramdisk_line=""
383	bootscr_line=""
384	setup_line=""
385	default_line=""
386	compatible_line=""
387
388	dtb_image_sect=$(symlink_points_below $dtb_image "${EXTERNAL_KERNEL_DEVICETREE}")
389	if [ -z "$dtb_image_sect" ]; then
390		dtb_image_sect=$dtb_image
391	fi
392
393	dtb_path="${EXTERNAL_KERNEL_DEVICETREE}/${dtb_image_sect}"
394	if [ -f "$dtb_path" ] || [ -L "$dtb_path" ]; then
395		compat=$(fdtget -t s "$dtb_path" / compatible | sed 's/ /", "/g')
396		if [ -n "$compat" ]; then
397			compatible_line="compatible = \"$compat\";"
398		fi
399	fi
400
401	dtb_image=$(echo $dtb_image | tr '/' '_')
402	dtb_image_sect=$(echo "${dtb_image_sect}" | tr '/' '_')
403
404	# conf node name is selected based on dtb ID if it is present,
405	# otherwise its selected based on kernel ID
406	if [ -n "$dtb_image" ]; then
407		conf_node=$conf_node$dtb_image
408	else
409		conf_node=$conf_node$kernel_id
410	fi
411
412	if [ -n "$kernel_id" ]; then
413		conf_desc="Linux kernel"
414		sep=", "
415		kernel_line="kernel = \"kernel-$kernel_id\";"
416	fi
417
418	if [ -n "$dtb_image" ]; then
419		conf_desc="$conf_desc${sep}FDT blob"
420		sep=", "
421		fdt_line="fdt = \"fdt-$dtb_image_sect\";"
422	fi
423
424	if [ -n "$ramdisk_id" ]; then
425		conf_desc="$conf_desc${sep}ramdisk"
426		sep=", "
427		ramdisk_line="ramdisk = \"ramdisk-$ramdisk_id\";"
428	fi
429
430	if [ -n "$bootscr_id" ]; then
431		conf_desc="$conf_desc${sep}u-boot script"
432		sep=", "
433		bootscr_line="bootscr = \"bootscr-$bootscr_id\";"
434	fi
435
436	if [ -n "$config_id" ]; then
437		conf_desc="$conf_desc${sep}setup"
438		setup_line="setup = \"setup-$config_id\";"
439	fi
440
441	if [ "$default_flag" = "1" ]; then
442		# default node is selected based on dtb ID if it is present,
443		# otherwise its selected based on kernel ID
444		if [ -n "$dtb_image" ]; then
445			# Select default node as user specified dtb when
446			# multiple dtb exists.
447			if [ -n "$default_dtb_image" ]; then
448				default_line="default = \"${FIT_CONF_PREFIX}$default_dtb_image\";"
449			else
450				default_line="default = \"${FIT_CONF_PREFIX}$dtb_image\";"
451			fi
452		else
453			default_line="default = \"${FIT_CONF_PREFIX}$kernel_id\";"
454		fi
455	fi
456
457	cat << EOF >> $its_file
458                $default_line
459                $conf_node {
460                        description = "$default_flag $conf_desc";
461                        $compatible_line
462                        $kernel_line
463                        $fdt_line
464                        $ramdisk_line
465                        $bootscr_line
466                        $setup_line
467                        hash-1 {
468                                algo = "$conf_csum";
469                        };
470EOF
471
472	if [ -n "$conf_sign_keyname" ] ; then
473
474		sign_line="sign-images = "
475		sep=""
476
477		if [ -n "$kernel_id" ]; then
478			sign_line="$sign_line${sep}\"kernel\""
479			sep=", "
480		fi
481
482		if [ -n "$dtb_image" ]; then
483			sign_line="$sign_line${sep}\"fdt\""
484			sep=", "
485		fi
486
487		if [ -n "$ramdisk_id" ]; then
488			sign_line="$sign_line${sep}\"ramdisk\""
489			sep=", "
490		fi
491
492		if [ -n "$bootscr_id" ]; then
493			sign_line="$sign_line${sep}\"bootscr\""
494			sep=", "
495		fi
496
497		if [ -n "$config_id" ]; then
498			sign_line="$sign_line${sep}\"setup\""
499		fi
500
501		sign_line="$sign_line;"
502
503		cat << EOF >> $its_file
504                        signature-1 {
505                                algo = "$conf_csum,$conf_sign_algo";
506                                key-name-hint = "$conf_sign_keyname";
507                                padding = "$conf_padding_algo";
508                                $sign_line
509                        };
510EOF
511	fi
512
513	cat << EOF >> $its_file
514                };
515EOF
516}
517
518#
519# Assemble fitImage
520#
521# $1 ... .its filename
522# $2 ... fitImage name
523# $3 ... include ramdisk
524fitimage_assemble() {
525	kernelcount=1
526	dtbcount=""
527	DTBS=""
528	ramdiskcount=$3
529	setupcount=""
530	bootscr_id=""
531	default_dtb_image=""
532	rm -f $1 arch/${ARCH}/boot/$2
533
534	if [ -n "${UBOOT_SIGN_IMG_KEYNAME}" -a "${UBOOT_SIGN_KEYNAME}" = "${UBOOT_SIGN_IMG_KEYNAME}" ]; then
535		bbfatal "Keys used to sign images and configuration nodes must be different."
536	fi
537
538	fitimage_emit_fit_header $1
539
540	#
541	# Step 1: Prepare a kernel image section.
542	#
543	fitimage_emit_section_maint $1 imagestart
544
545	uboot_prep_kimage
546	fitimage_emit_section_kernel $1 $kernelcount linux.bin "$linux_comp"
547
548	#
549	# Step 2: Prepare a DTB image section
550	#
551
552	if [ -n "${KERNEL_DEVICETREE}" ]; then
553		dtbcount=1
554		for DTB in ${KERNEL_DEVICETREE}; do
555			if echo $DTB | grep -q '/dts/'; then
556				bbwarn "$DTB contains the full path to the the dts file, but only the dtb name should be used."
557				DTB=`basename $DTB | sed 's,\.dts$,.dtb,g'`
558			fi
559
560			# Skip ${DTB} if it's also provided in ${EXTERNAL_KERNEL_DEVICETREE}
561			if [ -n "${EXTERNAL_KERNEL_DEVICETREE}" ] && [ -s ${EXTERNAL_KERNEL_DEVICETREE}/${DTB} ]; then
562				continue
563			fi
564
565			DTB_PATH="${KERNEL_OUTPUT_DIR}/dts/$DTB"
566			if [ ! -e "$DTB_PATH" ]; then
567				DTB_PATH="${KERNEL_OUTPUT_DIR}/$DTB"
568			fi
569
570			# Strip off the path component from the filename
571			if "${@'false' if oe.types.boolean(d.getVar('KERNEL_DTBVENDORED')) else 'true'}"; then
572				DTB=`basename $DTB`
573			fi
574
575			# Set the default dtb image if it exists in the devicetree.
576			if [ "${FIT_CONF_DEFAULT_DTB}" = "$DTB" ];then
577				default_dtb_image=$(echo "$DTB" | tr '/' '_')
578			fi
579
580			DTB=$(echo "$DTB" | tr '/' '_')
581
582			# Skip DTB if we've picked it up previously
583			echo "$DTBS" | tr ' ' '\n' | grep -xq "$DTB" && continue
584
585			DTBS="$DTBS $DTB"
586			DTB=$(echo $DTB | tr '/' '_')
587			fitimage_emit_section_dtb $1 $DTB $DTB_PATH
588		done
589	fi
590
591	if [ -n "${EXTERNAL_KERNEL_DEVICETREE}" ]; then
592		dtbcount=1
593		for DTB in $(find "${EXTERNAL_KERNEL_DEVICETREE}" -name '*.dtb' -printf '%P\n' | sort) \
594		$(find "${EXTERNAL_KERNEL_DEVICETREE}" -name '*.dtbo' -printf '%P\n' | sort); do
595			# Set the default dtb image if it exists in the devicetree.
596			if [ ${FIT_CONF_DEFAULT_DTB} = $DTB ];then
597				default_dtb_image=$(echo "$DTB" | tr '/' '_')
598			fi
599
600			DTB=$(echo "$DTB" | tr '/' '_')
601
602			# Skip DTB/DTBO if we've picked it up previously
603			echo "$DTBS" | tr ' ' '\n' | grep -xq "$DTB" && continue
604
605			DTBS="$DTBS $DTB"
606
607			# Also skip if a symlink. We'll later have each config section point at it
608			[ $(symlink_points_below $DTB "${EXTERNAL_KERNEL_DEVICETREE}") ] && continue
609
610			DTB=$(echo $DTB | tr '/' '_')
611			fitimage_emit_section_dtb $1 $DTB "${EXTERNAL_KERNEL_DEVICETREE}/$DTB"
612		done
613	fi
614
615	if [ -n "${FIT_CONF_DEFAULT_DTB}" ] && [ -z $default_dtb_image ]; then
616		bbwarn "${FIT_CONF_DEFAULT_DTB} is not available in the list of device trees."
617	fi
618
619	#
620	# Step 3: Prepare a u-boot script section
621	#
622
623	if [ -n "${FIT_UBOOT_ENV}" ]; then
624		cp ${UNPACKDIR}/${FIT_UBOOT_ENV} ${B}
625		bootscr_id="${FIT_UBOOT_ENV}"
626		fitimage_emit_section_boot_script $1 "$bootscr_id" ${FIT_UBOOT_ENV}
627	fi
628
629	#
630	# Step 4: Prepare a setup section. (For x86)
631	#
632	if [ -e ${KERNEL_OUTPUT_DIR}/setup.bin ]; then
633		setupcount=1
634		fitimage_emit_section_setup $1 $setupcount ${KERNEL_OUTPUT_DIR}/setup.bin
635	fi
636
637	#
638	# Step 5: Prepare a ramdisk section.
639	#
640	if [ "x${ramdiskcount}" = "x1" ] && [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
641		# Find and use the first initramfs image archive type we find
642		found=
643		for img in ${FIT_SUPPORTED_INITRAMFS_FSTYPES}; do
644			initramfs_path="${INITRAMFS_DEPLOY_DIR_IMAGE}/${INITRAMFS_IMAGE_NAME}.$img"
645			if [ -e "$initramfs_path" ]; then
646				bbnote "Found initramfs image: $initramfs_path"
647				found=true
648				fitimage_emit_section_ramdisk $1 "$ramdiskcount" "$initramfs_path"
649				break
650			else
651				bbnote "Did not find initramfs image: $initramfs_path"
652			fi
653		done
654
655		if [ -z "$found" ]; then
656			bbfatal "Could not find a valid initramfs type for ${INITRAMFS_IMAGE_NAME}, the supported types are: ${FIT_SUPPORTED_INITRAMFS_FSTYPES}"
657		fi
658	fi
659
660	fitimage_emit_section_maint $1 sectend
661
662	# Force the first Kernel and DTB in the default config
663	kernelcount=1
664	if [ -n "$dtbcount" ]; then
665		dtbcount=1
666	fi
667
668	#
669	# Step 6: Prepare a configurations section
670	#
671	fitimage_emit_section_maint $1 confstart
672
673	# kernel-fitimage.bbclass currently only supports a single kernel (no less or
674	# more) to be added to the FIT image along with 0 or more device trees and
675	# 0 or 1 ramdisk.
676	# It is also possible to include an initramfs bundle (kernel and rootfs in one binary)
677	# When the initramfs bundle is used ramdisk is disabled.
678	# If a device tree is to be part of the FIT image, then select
679	# the default configuration to be used is based on the dtbcount. If there is
680	# no dtb present than select the default configuation to be based on
681	# the kernelcount.
682	if [ -n "$DTBS" ]; then
683		i=1
684		for DTB in ${DTBS}; do
685			dtb_ext=${DTB##*.}
686			if [ "$dtb_ext" = "dtbo" ]; then
687				fitimage_emit_section_config $1 "" "$DTB" "" "$bootscr_id" "" "`expr $i = $dtbcount`" "$default_dtb_image"
688			else
689				fitimage_emit_section_config $1 $kernelcount "$DTB" "$ramdiskcount" "$bootscr_id" "$setupcount" "`expr $i = $dtbcount`" "$default_dtb_image"
690			fi
691			i=`expr $i + 1`
692		done
693	else
694		defaultconfigcount=1
695		fitimage_emit_section_config $1 $kernelcount "" "$ramdiskcount" "$bootscr_id"  "$setupcount" $defaultconfigcount "$default_dtb_image"
696	fi
697
698	fitimage_emit_section_maint $1 sectend
699
700	fitimage_emit_section_maint $1 fitend
701
702	#
703	# Step 7: Assemble the image
704	#
705	${UBOOT_MKIMAGE} \
706		${@'-D "${UBOOT_MKIMAGE_DTCOPTS}"' if len('${UBOOT_MKIMAGE_DTCOPTS}') else ''} \
707		-f $1 \
708		${KERNEL_OUTPUT_DIR}/$2
709
710	#
711	# Step 8: Sign the image
712	#
713	if [ "x${UBOOT_SIGN_ENABLE}" = "x1" ] ; then
714		${UBOOT_MKIMAGE_SIGN} \
715			${@'-D "${UBOOT_MKIMAGE_DTCOPTS}"' if len('${UBOOT_MKIMAGE_DTCOPTS}') else ''} \
716			-F -k "${UBOOT_SIGN_KEYDIR}" \
717			-r ${KERNEL_OUTPUT_DIR}/$2 \
718			${UBOOT_MKIMAGE_SIGN_ARGS}
719	fi
720}
721
722do_assemble_fitimage() {
723	if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage"; then
724		cd ${B}
725		fitimage_assemble fit-image.its fitImage-none ""
726		if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
727			ln -sf fitImage-none ${B}/${KERNEL_OUTPUT_DIR}/fitImage
728		fi
729	fi
730}
731
732addtask assemble_fitimage before do_install after do_compile
733
734SYSROOT_DIRS:append = " /sysroot-only"
735do_install:append() {
736	if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage" && \
737		[ "${UBOOT_SIGN_ENABLE}" = "1" ]; then
738		install -D ${B}/${KERNEL_OUTPUT_DIR}/fitImage-none ${D}/sysroot-only/fitImage
739	fi
740}
741
742do_assemble_fitimage_initramfs() {
743	if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage" && \
744		test -n "${INITRAMFS_IMAGE}" ; then
745		cd ${B}
746		if [ "${INITRAMFS_IMAGE_BUNDLE}" = "1" ]; then
747			fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage-bundle ""
748			ln -sf fitImage-bundle ${B}/${KERNEL_OUTPUT_DIR}/fitImage
749		else
750			fitimage_assemble fit-image-${INITRAMFS_IMAGE}.its fitImage-${INITRAMFS_IMAGE} 1
751		fi
752	fi
753}
754
755addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs
756
757do_kernel_generate_rsa_keys() {
758	if [ "${UBOOT_SIGN_ENABLE}" = "0" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then
759		bbwarn "FIT_GENERATE_KEYS is set to 1 even though UBOOT_SIGN_ENABLE is set to 0. The keys will not be generated as they won't be used."
760	fi
761
762	if [ "${UBOOT_SIGN_ENABLE}" = "1" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then
763
764		# Generate keys to sign configuration nodes, only if they don't already exist
765		if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key ] || \
766			[ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt ]; then
767
768			# make directory if it does not already exist
769			mkdir -p "${UBOOT_SIGN_KEYDIR}"
770
771			bbnote "Generating RSA private key for signing fitImage"
772			openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \
773				"${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \
774			"${FIT_SIGN_NUMBITS}"
775
776			bbnote "Generating certificate for signing fitImage"
777			openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \
778				-key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \
779				-out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt
780		fi
781
782		# Generate keys to sign image nodes, only if they don't already exist
783		if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".key ] || \
784			[ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".crt ]; then
785
786			# make directory if it does not already exist
787			mkdir -p "${UBOOT_SIGN_KEYDIR}"
788
789			bbnote "Generating RSA private key for signing fitImage"
790			openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \
791				"${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".key \
792			"${FIT_SIGN_NUMBITS}"
793
794			bbnote "Generating certificate for signing fitImage"
795			openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \
796				-key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".key \
797				-out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_IMG_KEYNAME}".crt
798		fi
799	fi
800}
801
802addtask kernel_generate_rsa_keys before do_assemble_fitimage after do_compile
803
804kernel_do_deploy[vardepsexclude] = "DATETIME"
805kernel_do_deploy:append() {
806	# Update deploy directory
807	if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage"; then
808
809		if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
810			bbnote "Copying fit-image.its source file..."
811			install -m 0644 ${B}/fit-image.its "$deployDir/fitImage-its-${KERNEL_FIT_NAME}.its"
812			if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
813				ln -snf fitImage-its-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${KERNEL_FIT_LINK_NAME}"
814			fi
815
816			bbnote "Copying linux.bin file..."
817			install -m 0644 ${B}/linux.bin $deployDir/fitImage-linux.bin-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT}
818			if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
819				ln -snf fitImage-linux.bin-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT} "$deployDir/fitImage-linux.bin-${KERNEL_FIT_LINK_NAME}"
820			fi
821		fi
822
823		if [ -n "${INITRAMFS_IMAGE}" ]; then
824			bbnote "Copying fit-image-${INITRAMFS_IMAGE}.its source file..."
825			install -m 0644 ${B}/fit-image-${INITRAMFS_IMAGE}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its"
826			if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
827				ln -snf fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}"
828			fi
829
830			if [ "${INITRAMFS_IMAGE_BUNDLE}" != "1" ]; then
831				bbnote "Copying fitImage-${INITRAMFS_IMAGE} file..."
832				install -m 0644 ${B}/${KERNEL_OUTPUT_DIR}/fitImage-${INITRAMFS_IMAGE} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT}"
833				if [ -n "${KERNEL_FIT_LINK_NAME}" ] ; then
834					ln -snf fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}${KERNEL_FIT_BIN_EXT} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}"
835				fi
836			fi
837		fi
838	fi
839}
840