@@ -243,6 +243,8 @@ EOF
fitimage_emit_section_setup() {
setup_csum="${FIT_HASH_ALG}"
+ setup_sign_algo="${FIT_SIGN_ALG}"
+ setup_sign_keyname="${UBOOT_SIGN_IMG_KEYNAME}"
cat << EOF >> $1
setup-$2 {
@@ -259,6 +261,17 @@ fitimage_emit_section_setup() {
};
};
EOF
+
+ if [ "${UBOOT_SIGN_ENABLE}" = "1" -a "${FIT_SIGN_INDIVIDUAL}" = "1" -a -n "$setup_sign_keyname" ] ; then
+ sed -i '$ d' $1
+ cat << EOF >> $1
+ signature-1 {
+ algo = "$setup_csum,$setup_sign_algo";
+ key-name-hint = "$setup_sign_keyname";
+ };
+ };
+EOF
+ fi
}
#
If FIT_SIGN_INDIVIDUAL is set to “1”, a signature section is added to all screen sections, but not to the setup section. To match the setup section with all other sections, the signature is also added. This also helps to implement the associated tests generically. This change is intended to make the code more consistent. However, it is not intended to make the FIT_SIGN_INDIVIDUAL function more popular. Technically, it would be better to remove the signature from all other image sections and discard the FIT_SIGN_INDIVIDUAL function, the use of which is no longer recommended anyway. Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> --- meta/classes-recipe/kernel-fitimage.bbclass | 13 +++++++++++++ 1 file changed, 13 insertions(+)