When TI_SECURE_DEV_PKG is not defined we warn that the file '*_HS' was
not generated but generate an unsigned one anyway, first fix this
warning to say that it was generated but not secured.
When the user then exports TI_SECURE_DEV_PKG after getting this warning,
and tries to re-build, 'make' will detect the build artifacts as
unchanged and so assume they do not need to be re-generated. This causes
it to fail to sign the files and it will pack unsigned files into the
final image, even though TI_SECURE_DEV_PKG is now correctly defined and
working.
Fix this by using FORCE on the targets causes them to be re-run even if
the dependent files have not changed.
This then causes another issue. We currently rename the signed dtb files
to overwrite the non-signed ones. We do this so the 'mkimage' tool gives
the packaged dtb sections the correct name. If we do not rename the files
then SPL will not find them during boot.
Fix this by renaming the dtb files by appending _HS to the end of the
filename, after the ".dtb", this causes them to still be named correctly
in the FIT blob.
projects / uboot.git / commit