binman: etype: Add xilinx-bootgen etype
This adds a new etype 'xilinx-bootgen'. By using this etype it is possible to created an signed SPL (FSBL in Xilinx terms) for ZynqMP boards. The etype uses Xilinx Bootgen tools in order to transform the SPL into a bootable image and sign the image with a given primary and secondary public key. For more information to signing the FSBL please refer to the Xilinx Bootgen documentation. Here is an example of the etype in use: spl { filename = "boot.signed.bin"; xilinx-bootgen { pmufw-filename = "pmu-firmware.elf"; psk-key-name-hint = "psk0"; ssk-key-name-hint = "ssk0"; auth-params = "ppk_select=0", "spk_id=0x00000000"; u-boot-spl-nodtb { }; u-boot-spl-dtb { }; }; }; For this to work the hash of the primary public key has to be fused into the ZynqMP device and authentication (RSA_EN) has to be set. For testing purposes: if ppk hash check should be skipped one can add the property 'fsbl_config = "bh_auth_enable";' to the etype. However, this should only be used for testing(!). Signed-off-by:Lukas Funke <lukas.funke@weidmueller.com> Reviewed-by:
Simon Glass <sjg@chromium.org>
Loading
Please register or sign in to comment