Gitiles
Code Review Sign In
192.168.1.100 / T103 / 1f884588077ad3476b9c91cbb0ee9ee0332bbb68 / . / meta / meta-mediatek-gpl / recipes-kernel / linux / linux-mtk-extension.inc
blob: 756a1b1d40381c90cac93bf21a5d745094b7ae90 [file] [log] [blame]
rjw1f884582022-01-06 17:20:42 +0800[diff] [blame^]1inherit kernel externalsrc kernel-fitimage-extension recovery-kernel-fitimage
2
3DEPENDS_append_aarch64 = " libgcc"
4KERNEL_CC_append_aarch64 = " ${TOOLCHAIN_OPTIONS}"
5KERNEL_LD_append_aarch64 = " ${TOOLCHAIN_OPTIONS}"
6
7LICENSE = "GPL-2.0"
8LIC_FILES_CHKSUM = "file://COPYING;md5=d7810fab7487fb0aad327b76f1be7cd7"
9EXTERNALSRC = "${KERNEL_SRC}"
10STAGING_KERNEL_DIR = "${KERNEL_SRC}"
11LINUX_VERSION_EXTENSION = "-custom"
12KERNEL_EXTRA_ARGS = "dtbs"
13KERNEL_CONFIG_COMMAND = "oe_runmake_call -C ${S} O=${B} ${KBUILD_DEFCONFIG}"
14
15DST_IMG_KEY_FILE = "${TOPDIR}/../src/devtools/nfsb/rsa.key"
16MTD_DST_IMG_KEY_FILE = "${TOPDIR}/../src/devtools/nfsb/mtd_verity/rsa.key"
17
18do_configure_prepend() {
19 install -d ${TMPDIR}/work-shared/${MACHINE}
20 ln -nfs ${STAGING_KERNEL_DIR} ${TMPDIR}/work-shared/${MACHINE}/kernel-source
21}
22
23do_compile_prepend() {
24
25 SRC_IMG_KEY_FILE=""
26
27 if [ "${ROOTFS_VERITY_KEY}" = "" ]; then
28 SRC_IMG_KEY_FILE="${MTK_KEY_DIR}/${VERIFIED_KEY}.pem"
29 else
30 SRC_IMG_KEY_FILE="${MTK_KEY_DIR}/${ROOTFS_VERITY_KEY}.pem"
31 fi
32
33 #backwards compatible for FORCE_DISABLE_DM_VERITY which only for NFSB actually
34 if [ "${SECURE_BOOT_ENABLE}" = "yes" ] && [ "${SECURE_BOOT_TYPE}" = "" ]; then
35 ENABLE_DM_NFSB="yes"
36 fi
37 if [ "${FORCE_DISABLE_DM_VERITY}" = "yes" ]; then
38 ENABLE_DM_NFSB="no"
39 fi
40 echo "SECURE_BOOT_ENABLE is ${SECURE_BOOT_ENABLE},SECURE_BOOT_TYPE is ${SECURE_BOOT_TYPE}"
41 if [ "${SECURE_BOOT_ENABLE}" = "yes" ] && [ "${SECURE_BOOT_TYPE}" = "avb" ]; then
42 ENABLE_DM_VERITY="yes"
43 fi
44 echo "ENABLE_DM_VERITY is ${ENABLE_DM_VERITY}"
45 if [ "${SECURE_BOOT_ENABLE}" = "yes" ] && [ "${ENABLE_DM_NFSB}" = "yes" ]; then
46 if ! grep -Fxq "CONFIG_DM_NFSB=y" ${B}/.config ; then
47 echo "Error: If SECURE_BOOT_ENABLE is set to yes,kernel must be configed CONFIG_DM_NFSB=y"
48 exit 1
49 fi
50
51 if test -e ${SRC_IMG_KEY_FILE}; then
52 cp ${SRC_IMG_KEY_FILE} ${DST_IMG_KEY_FILE}
53 python ${TOPDIR}/../src/devtools/nfsb/pretreat-key.py ${TOPDIR} ${KERNEL_SRC}
54 fi
55 else
56 if grep -Fxq "CONFIG_DM_NFSB=y" ${B}/.config ; then
57 echo "Error: If SECURE_BOOT_ENABLE is set to no,kernel must be configed CONFIG_DM_NFSB=n"
58 exit 1
59 fi
60 fi
61
62 if [ "${SECURE_BOOT_ENABLE}" = "yes" ] && [ "${ENABLE_DM_VERITY}" = "yes" ]; then
63 if ! grep -Fxq "CONFIG_DM_VERITY=y" ${B}/.config ; then
64 echo "Error: If SECURE_BOOT_ENABLE is set to yes,kernel must be configed CONFIG_DM_VERITY=y"
65 exit 1
66 fi
67 fi
68
69 if [ "${ENABLE_MTD_VERITY}" = "yes" ]; then
70 echo "ENABLE_MTD_VERITY is abandoned, plese use ENABLE_ROOTFS_CHECK in [project].config and CONFIG_ROOTFS_CHECK in kernel config"
71 exit 1
72 fi
73
74 if [ "${SECURE_BOOT_ENABLE}" = "yes" ] && [ "${ENABLE_ROOTFS_CHECK}" = "yes" ]; then
75 if ! grep -Fxq "CONFIG_ROOTFS_CHECK=y" ${B}/.config ; then
76 echo "Error: If SECURE_BOOT_ENABLE and ENABLE_ROOTFS_CHECK is set to yes,kernel must be configed CONFIG_ROOTFS_CHECK=y"
77 exit 1
78 fi
79
80 if test -e ${SRC_IMG_KEY_FILE}; then
81 cp ${SRC_IMG_KEY_FILE} ${MTD_DST_IMG_KEY_FILE}
82 python ${TOPDIR}/../src/devtools/nfsb/mtd_verity/pretreat-key.py ${TOPDIR} ${KERNEL_SRC}
83 fi
84 else
85 if grep -Fxq "CONFIG_ROOTFS_CHECK=y" ${B}/.config ; then
86 echo "Error: If SECURE_BOOT_ENABLE and ENABLE_ROOTFS_CHECK is set to no,kernel must be configed CONFIG_ROOTFS_CHECK=n"
87 exit 1
88 fi
89 fi
90
91 if [ "${ENABLE_USRDATA_DM_CRYPT}" = "yes" ]; then
92 if ! grep -Fxq "CONFIG_DM_CRYPT=y" ${B}/.config ; then
93 echo "Error: If ENABLE_USRDATA_DM_CRYPT is set to yes,kernel must be configed CONFIG_DM_CRYPT=y"
94 exit 1
95 fi
96 fi
97}