From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Wed, 15 Jun 2022 16:23:55 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1o1Tw1-00343c-Pl for lore@lore.pengutronix.de; Wed, 15 Jun 2022 16:23:55 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1o1Tw1-0002Y3-VQ; Wed, 15 Jun 2022 16:23:53 +0200 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1o1TuW-00023h-1X; Wed, 15 Jun 2022 16:22:20 +0200 Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.94.2) (envelope-from ) id 1o1TuT-000hQB-Tp; Wed, 15 Jun 2022 16:22:19 +0200 Received: from ejo by dude03.red.stw.pengutronix.de with local (Exim 4.94.2) (envelope-from ) id 1o1TuT-004AEm-OK; Wed, 15 Jun 2022 16:22:17 +0200 From: Enrico Jorns To: ptxdist@pengutronix.de Date: Wed, 15 Jun 2022 16:22:16 +0200 Message-Id: <20220615142217.990960-5-ejo@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220615142217.990960-1-ejo@pengutronix.de> References: <20220615142217.990960-1-ejo@pengutronix.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [ptxdist] [PATCH 4/5] image-rauc: add support for crypt bundles X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: ejo@pengutronix.de, jlu@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Signed-off-by: Enrico Jorns --- platforms/image-rauc.in | 8 ++++++++ rules/image-rauc.make | 12 +++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/platforms/image-rauc.in b/platforms/image-rauc.in index 3835e0718..7772fd95b 100644 --- a/platforms/image-rauc.in +++ b/platforms/image-rauc.in @@ -39,6 +39,14 @@ config IMAGE_RAUC_BUNDLE_FORMAT_VERITY help The improved 'verity' bundle format +config IMAGE_RAUC_BUNDLE_FORMAT_CRYPT + bool "crypt" + help + The 'crypt' bundle format for fully encryptable bundles + + Note that you must run 'rauc encrypt' on a crypt bundle to generate a + fully encrypted bundle. + endchoice config IMAGE_RAUC_INTERMEDIATE diff --git a/rules/image-rauc.make b/rules/image-rauc.make index f7bed6e49..23d8d83b5 100644 --- a/rules/image-rauc.make +++ b/rules/image-rauc.make @@ -26,10 +26,20 @@ IMAGE_RAUC_CONFIG := rauc.config ifdef PTXCONF_IMAGE_RAUC +ifdef PTXCONF_IMAGE_RAUC_BUNDLE_FORMAT_PLAIN +IMAGE_RAUC_BUNDLE_FORMAT := "plain" +endif +ifdef PTXCONF_IMAGE_RAUC_BUNDLE_FORMAT_VERITY +IMAGE_RAUC_BUNDLE_FORMAT := "verity" +endif +ifdef PTXCONF_IMAGE_RAUC_BUNDLE_FORMAT_CRYPT +IMAGE_RAUC_BUNDLE_FORMAT := "crypt" +endif + IMAGE_RAUC_ENV = \ $(CODE_SIGNING_ENV) \ RAUC_BUNDLE_COMPATIBLE="$(call remove_quotes,$(PTXCONF_RAUC_COMPATIBLE))" \ - RAUC_BUNDLE_FORMAT="$(call ptx/ifdef,PTXCONF_IMAGE_RAUC_BUNDLE_FORMAT_VERITY,verity,plain)" \ + RAUC_BUNDLE_FORMAT=$(IMAGE_RAUC_BUNDLE_FORMAT) \ RAUC_BUNDLE_VERSION="$(call remove_quotes, $(PTXCONF_RAUC_BUNDLE_VERSION))" \ RAUC_BUNDLE_BUILD=$(call ptx/sh, date +%FT%T%z) \ RAUC_BUNDLE_DESCRIPTION=$(PTXCONF_IMAGE_RAUC_DESCRIPTION) \ -- 2.30.2