Hi Jan, On Mon, 6 Feb 2023 at 03:42, Jan Kiszka <jan.kis...@siemens.com> wrote: > > On 04.02.23 23:23, Simon Glass wrote: > > Hi Jan, > > > > On Fri, 3 Feb 2023 at 23:35, Jan Kiszka <jan.kis...@siemens.com> wrote: > >> > >> On 04.02.23 01:20, Simon Glass wrote: > >>> Hi Jan, > >>> > >>> On Fri, 3 Feb 2023 at 05:29, Jan Kiszka <jan.kis...@siemens.com> wrote: > >>>> > >>>> From: Jan Kiszka <jan.kis...@siemens.com> > >>>> > >>>> Allows to create a public key device tree dtsi for inclusion into U-Boot > >>>> SPL and proper during first build already. This can be achieved via > >>>> CONFIG_DEVICE_TREE_INCLUDES. > >>>> > >>>> Signed-off-by: Jan Kiszka <jan.kis...@siemens.com> > >>>> --- > >>>> tools/key2dtsi.py | 64 +++++++++++++++++++++++++++++++++++++++++++++++ > >>>> 1 file changed, 64 insertions(+) > >>>> create mode 100755 tools/key2dtsi.py > >>> > >>> Please can you build this into Binman instead? We really don't want > >>> any more of these scripts. Perhaps you can add a new entry type? > >>> > >> > >> I don't think you are requesting something that makes any sense: > >> > >> "Binman creates and manipulate *images* for a board from a set of binaries" > > > > I mean that Binman can include a public key in the DT, if that it was > > you are wanting. We don't want to add scripts for creating images and > > pieces of images. > > > > Perhaps I just don't understand the goal here. How would your script be > > used? > > > > We feed the generated dtsi into the U-Boot build, using > CONFIG_DEVICE_TREE_INCLUDES. This ensures that will be signed along with > the built artifacts. Have a look at patch 9 for the steps, specifically > the doc update bits. Full bitbake (Isar) integration is available under > [1], specifically [2] in combination with [3]. >
OK, so is Binman run in this case? > Jan > > [1] https://github.com/siemens/meta-iot2050/tree/master/recipes-bsp/u-boot > [2] > https://github.com/siemens/meta-iot2050/blob/master/recipes-bsp/u-boot/files/rules.tmpl > [3] > https://github.com/siemens/meta-iot2050/blob/master/recipes-bsp/u-boot/files/secure-boot.cfg > > -- > Siemens AG, Technology > Competence Center Embedded Linux > Regards, Simon
