From d21bd69b6e95ca7824941e7f527871cd5c63c7f7 Mon Sep 17 00:00:00 2001
From: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Date: Sun, 6 Nov 2016 16:37:56 +0100
Subject: tools: mkimage: add firmware-ivt image type for HAB verification

When we want to use Secure Boot with HAB from SPL over U-Boot.img,
we need to append the IVT to the image and leave space for the CSF.
Images generated as firmware_ivt can directly be signed using the
Freescale code signing tool. For creation of a CSF, mkimage outputs
the correct HAB Blocks for the image.
The changes to the usual firmware image class are quite small,
that is why I implemented that directly into the default_image.

Cc: sbabic@denx.de

v2-Changes: None

Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Reviewed-by: George McCollister <george.mccollister@gmail.com>
Tested-by: George McCollister <george.mccollister@gmail.com>
---
 tools/mkimage.c | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'tools/mkimage.c')

diff --git a/tools/mkimage.c b/tools/mkimage.c
index 49d5d1ed70a..f48135ff798 100644
--- a/tools/mkimage.c
+++ b/tools/mkimage.c
@@ -9,6 +9,7 @@
  */
 
 #include "mkimage.h"
+#include "imximage.h"
 #include <image.h>
 #include <version.h>
 
@@ -508,6 +509,37 @@ int main(int argc, char **argv)
 		} else {
 			copy_file(ifd, params.datafile, pad_len);
 		}
+		if (params.type == IH_TYPE_FIRMWARE_IVT) {
+			/* Add alignment and IVT */
+			uint32_t aligned_filesize = (params.file_size + 0x1000
+					- 1) & ~(0x1000 - 1);
+			flash_header_v2_t ivt_header = { { 0xd1, 0x2000, 0x40 },
+					params.addr, 0, 0, 0, params.addr
+							+ aligned_filesize
+							- tparams->header_size,
+					params.addr + aligned_filesize
+							- tparams->header_size
+							+ 0x20, 0 };
+			int i = params.file_size;
+			for (; i < aligned_filesize; i++) {
+				if (write(ifd, &i, 1) != 1) {
+					fprintf(stderr,
+							"%s: Write error on %s: %s\n",
+							params.cmdname,
+							params.imagefile,
+							strerror(errno));
+					exit(EXIT_FAILURE);
+				}
+			}
+			if (write(ifd, &ivt_header, sizeof(flash_header_v2_t))
+					!= sizeof(flash_header_v2_t)) {
+				fprintf(stderr, "%s: Write error on %s: %s\n",
+						params.cmdname,
+						params.imagefile,
+						strerror(errno));
+				exit(EXIT_FAILURE);
+			}
+		}
 	}
 
 	/* We're a bit of paranoid */
-- 
cgit