Hi Paul, On Mon, 5 Aug 2024 at 07:35, Paul HENRYS <[email protected]> wrote: > > The property 'fit,keys-directory' can be added to the configuration file > passed to binman to specify a directory where keys are stored and can be > used by mkimage to sign and cipher data.
Environmental things like directories are best handled by binman itself, e.g. with the --indir argument. In this case it seems that you want a specific directory, rather than finding the keys in one of many possible directories. So I suggest adding a new entryarg for the FIT which lets you specify this key dir. > > Signed-off-by: Paul HENRYS <[email protected]> > --- > tools/binman/btool/mkimage.py | 5 ++++- > tools/binman/entries.rst | 3 +++ > tools/binman/etype/fit.py | 6 ++++++ > 3 files changed, 13 insertions(+), 1 deletion(-) BTW when you change the fit docs you need to use 'binman entry-docs' to regenerate the entries.rts file, in the same patch. > > diff --git a/tools/binman/btool/mkimage.py b/tools/binman/btool/mkimage.py > index 39a4c8c1432..dbcf8daac30 100644 > --- a/tools/binman/btool/mkimage.py > +++ b/tools/binman/btool/mkimage.py > @@ -22,7 +22,7 @@ class Bintoolmkimage(bintool.Bintool): > > # pylint: disable=R0913 > def run(self, reset_timestamp=False, output_fname=None, external=False, > - pad=None, align=None): > + pad=None, align=None, keys_dir=None): > """Run mkimage > > Args: > @@ -34,6 +34,7 @@ class Bintoolmkimage(bintool.Bintool): > other things to be easily added later, if required, such as > signatures > align: Bytes to use for alignment of the FIT and its external > data > + keys_dir: directory where keys are stored > version: True to get the mkimage version > """ > args = [] > @@ -45,6 +46,8 @@ class Bintoolmkimage(bintool.Bintool): > args += ['-B', f'{align:x}'] > if reset_timestamp: > args.append('-t') > + if keys_dir: > + args += ['-k', keys_dir] > if output_fname: > args += ['-F', output_fname] > return self.run_cmd(*args) > diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst > index 12482703782..eb33eb9eedf 100644 > --- a/tools/binman/entries.rst > +++ b/tools/binman/entries.rst > @@ -864,6 +864,9 @@ The top-level 'fit' node supports the following special > properties: > > fit,fdt-list-dir = "arch/arm/dts > > + fit,keys-directory > + Provides a directory where keys can be retrieved. > + > Substitutions > ~~~~~~~~~~~~~ > > diff --git a/tools/binman/etype/fit.py b/tools/binman/etype/fit.py > index ee44e5a1cd6..d20906aab3b 100644 > --- a/tools/binman/etype/fit.py > +++ b/tools/binman/etype/fit.py > @@ -96,6 +96,9 @@ class Entry_fit(Entry_section): > > fit,fdt-list-dir = "arch/arm/dts > > + fit,keys-directory > + Provides a directory where keys can be retrieved. > + > Substitutions > ~~~~~~~~~~~~~ > > @@ -518,6 +521,9 @@ class Entry_fit(Entry_section): > align = self._fit_props.get('fit,align') > if align is not None: > args.update({'align': fdt_util.fdt32_to_cpu(align.value)}) > + keys_dir = self._fit_props.get('fit,keys-directory') > + if keys_dir is not None: > + args.update({'keys_dir': keys_dir.value}) > if self.mkimage.run(reset_timestamp=True, output_fname=output_fname, > **args) is None: > if not self.GetAllowMissing(): > -- > 2.25.1 > > -- This message and any attachments herein are confidential, intended solely > for the addressees and are SoftAtHome’s ownership. Any unauthorized use or > dissemination is prohibited. If you are not the intended addressee of this > message, please cancel it immediately and inform the sender. Regards, Simon
