Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | # SPDX-License-Identifier: GPL-2.0+ # Copyright 2023 Linaro Limited # """Bintool implementation for mkeficapsule tool mkeficapsule is a tool used for generating EFI capsules. The following are the commandline options to be provided to the tool Usage: mkeficapsule [options] <image blob> <output file> Options: -g, --guid <guid string> guid for image blob type -i, --index <index> update image index -I, --instance <instance> update hardware instance -v, --fw-version <version> firmware version -p, --private-key <privkey file> private key file -c, --certificate <cert file> signer's certificate file -m, --monotonic-count <count> monotonic count -d, --dump_sig dump signature (*.p7) -A, --fw-accept firmware accept capsule, requires GUID, no image blob -R, --fw-revert firmware revert capsule, takes no GUID, no image blob -o, --capoemflag Capsule OEM Flag, an integer between 0x0000 and 0xffff -h, --help print a help message """ from binman import bintool class Bintoolmkeficapsule(bintool.Bintool): """Handles the 'mkeficapsule' tool This bintool is used for generating the EFI capsules. The capsule generation parameters can either be specified through commandline, or through a config file. """ def __init__(self, name): super().__init__(name, 'mkeficapsule tool for generating capsules', r'mkeficapsule version (.*)') def generate_capsule(self, image_index, image_guid, hardware_instance, payload, output_fname, priv_key, pub_key, monotonic_count=0, version=0, oemflags=0): """Generate a capsule through commandline-provided parameters Args: image_index (int): Unique number for identifying payload image image_guid (str): GUID used for identifying the image hardware_instance (int): Optional unique hardware instance of a device in the system. 0 if not being used payload (str): Path to the input payload image output_fname (str): Path to the output capsule file priv_key (str): Path to the private key pub_key(str): Path to the public key monotonic_count (int): Count used when signing an image version (int): Image version (Optional) oemflags (int): Optional 16 bit OEM flags Returns: str: Tool output """ args = [ f'--index={image_index}', f'--guid={image_guid}', f'--instance={hardware_instance}' ] if version: args += [f'--fw-version={version}'] if oemflags: args += [f'--capoemflag={oemflags}'] if priv_key and pub_key: args += [ f'--monotonic-count={monotonic_count}', f'--private-key={priv_key}', f'--certificate={pub_key}' ] args += [ payload, output_fname ] return self.run_cmd(*args) def generate_empty_capsule(self, image_guid, output_fname, accept=True): """Generate empty capsules for FWU A/B updates Args: image_guid (str): GUID used for identifying the image in case of an accept capsule output_fname (str): Path to the output capsule file accept (bool): Generate an accept capsule, else a revert capsule Returns: str: Tool output """ if accept: args = [ f'--guid={image_guid}', '--fw-accept' ] else: args = [ '--fw-revert' ] args += [ output_fname ] return self.run_cmd(*args) def fetch(self, method): """Fetch handler for mkeficapsule This builds the tool from source Returns: tuple: str: Filename of fetched file to copy to a suitable directory str: Name of temp directory to remove, or None """ if method != bintool.FETCH_BUILD: return None cmd = ['tools-only_defconfig', 'tools'] result = self.build_from_git( 'https://source.denx.de/u-boot/u-boot.git', cmd, 'tools/mkeficapsule') return result |