[Buildroot] [PATCH 2/2] package/imx-cst: new package

Thomas Perrot thomas.perrot at bootlin.com
Wed Apr 20 08:39:23 UTC 2022 

This package provides i.MX Code Signing Tools uses to sign i.MX bootloader
to enable secure boot (HABv4 and AHAB).

Signed-off-by: Thomas Perrot <thomas.perrot at bootlin.com>
---

Changes v2:
- - Add a trailing slash
  - Preserve CFLAGS and LDFLAGS

 DEVELOPERS                     |  1 +
 package/Config.in.host         |  1 +
 package/imx-cst/Config.in.host |  8 ++++++
 package/imx-cst/imx-cst.hash   |  3 +++
 package/imx-cst/imx-cst.mk     | 49 ++++++++++++++++++++++++++++++++++
 5 files changed, 62 insertions(+)
 create mode 100644 package/imx-cst/Config.in.host
 create mode 100644 package/imx-cst/imx-cst.hash
 create mode 100644 package/imx-cst/imx-cst.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 6e49334dcc42..86cb04e54e5d 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -2767,6 +2767,7 @@ F:	package/xorcurses/

 N:	Thomas Perrot <thomas.perrot at bootlin.com>
 F:	package/byacc/
+F:	package/imx-cst/

 N:	Thomas Petazzoni <thomas.petazzoni at bootlin.com>
 F:	arch/Config.in.arm
diff --git a/package/Config.in.host b/package/Config.in.host
index cd1c34b5a3d9..282594b40b8d 100644
--- a/package/Config.in.host
+++ b/package/Config.in.host
@@ -40,6 +40,7 @@ menu "Host utilities"
 	source "package/google-breakpad/Config.in.host"
 	source "package/gptfdisk/Config.in.host"
 	source "package/imagemagick/Config.in.host"
+	source "package/imx-cst/Config.in.host"
 	source "package/imx-mkimage/Config.in.host"
 	source "package/imx-usb-loader/Config.in.host"
 	source "package/jh71xx-tools/Config.in.host"
diff --git a/package/imx-cst/Config.in.host b/package/imx-cst/Config.in.host
new file mode 100644
index 000000000000..84cb825e59cf
--- /dev/null
+++ b/package/imx-cst/Config.in.host
@@ -0,0 +1,8 @@
+config BR2_PACKAGE_HOST_IMX_CST
+	bool "host imx-cst"
+	help
+	  I.MX code signing tool provides software code signing
+	  support designed that integrate the HABv4 and AHAB
+	  library.
+
+	  https://www.nxp.com/webapp/sps/download/license.jsp?colCode=IMX_CST_TOOL
diff --git a/package/imx-cst/imx-cst.hash b/package/imx-cst/imx-cst.hash
new file mode 100644
index 000000000000..9c27bfe82038
--- /dev/null
+++ b/package/imx-cst/imx-cst.hash
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256  2bcc03c7cedba58f7207a72a28e75cfe78007988d68c1095c793cce991c2936e  imx-cst-e2c687a856e6670e753147aacef42d0a3c07891a-br1.tar.gz
+sha256  5dee6f54c636a97b15d7e9dfc8075248c36764b3819828cbc94cbd17c1755fb9  LICENSE.bsd3
diff --git a/package/imx-cst/imx-cst.mk b/package/imx-cst/imx-cst.mk
new file mode 100644
index 000000000000..c91dfb602cbf
--- /dev/null
+++ b/package/imx-cst/imx-cst.mk
@@ -0,0 +1,49 @@
+################################################################################
+#
+# imx-cst
+#
+################################################################################
+
+# debian/3.3.1+dfsg-2
+IMX_CST_SITE = https://gitlab.apertis.org/pkg/imx-code-signing-tool.git
+IMX_CST_SITE_METHOD = git
+IMX_CST_VERSION = e2c687a856e6670e753147aacef42d0a3c07891a
+IMX_CST_LICENSE = BSD-3-Clause
+IMX_CST_LICENSE_FILES = LICENSE.bsd3
+
+HOST_IMX_CST_DEPENDENCIES = host-byacc host-flex host-openssl
+
+ifneq ($(filter %64,$(HOSTARCH)),)
+HOST_IMX_CST_OSTYPE = linux64
+else
+HOST_IMX_CST_OSTYPE = linux32
+endif
+
+# We don't use HOST_CONFIGURE_OPTS when building cst, because we need
+# to preserve the CFLAGS/LDFLAGS used by their Makefile.
+define HOST_IMX_CST_BUILD_CMDS
+	$(HOST_MAKE_ENV) $(MAKE) \
+		OSTYPE=$(HOST_IMX_CST_OSTYPE) \
+		ENCRYPTION=yes \
+		AR="$(HOSTAR)" \
+		CC="$(HOSTCC)" \
+		LD="$(HOSTCC)" \
+		OBJCOPY="$(HOSTOBJCOPY)" \
+		RANLIB="$(HOSTRANLIB)" \
+		EXTRACFLAGS="$(HOST_CFLAGS) $(HOST_CPPFLAGS)" \
+		EXTRALDFLAGS="$(HOST_LDFLAGS)" \
+		PWD=$(@D)/code/cst \
+		-C $(@D)/code/cst \
+		build
+	$(HOST_MAKE_ENV) $(MAKE) $(HOST_CONFIGURE_OPTS) \
+		COPTS="$(HOST_CFLAGS) $(HOST_CPPFLAGS) $(HOST_LDFLAGS)" \
+		-C $(@D)/code/hab_csf_parser
+endef
+
+define HOST_IMX_CST_INSTALL_CMDS
+	$(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/cst $(HOST_DIR)/bin/cst
+	$(INSTALL) -D -m 755 $(@D)/code/cst/code/obj.linux64/srktool $(HOST_DIR)/bin/srktool
+	$(INSTALL) -D -m 755 $(@D)/code/hab_csf_parser/csf_parser $(HOST_DIR)/bin/csf_parser
+endef
+
+$(eval $(host-generic-package))
--
2.35.1

More information about the buildroot mailing list