diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2017-10-03 14:28:34 -0500 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-10-10 13:34:14 -0400 |
commit | c411e8e3e1d3f2983f681d960c98c90f5feebaaf (patch) | |
tree | 4ae37a9744f79ac323f713003c3c9b9efa7d0055 | |
parent | 784ba67b9ddfab853a61ccab96648707f3fd8f88 (diff) | |
download | talos-hostboot-c411e8e3e1d3f2983f681d960c98c90f5feebaaf.tar.gz talos-hostboot-c411e8e3e1d3f2983f681d960c98c90f5feebaaf.zip |
Secure Boot: Support __getkey option in production signing
RTC: 177220
Change-Id: I6cb9d15a9285ad176ed966c9e876828fe4efd772
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/47104
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Reviewed-by: Marshall J. Wilks <mjwilks@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
-rwxr-xr-x | src/build/buildpnor/genPnorImages.pl | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl index beaa81e03..428446a98 100755 --- a/src/build/buildpnor/genPnorImages.pl +++ b/src/build/buildpnor/genPnorImages.pl @@ -277,7 +277,11 @@ my $OPEN_SIGN_REQUEST= my $OPEN_SIGN_KEY_TRANS_REQUEST = $OPEN_SIGN_REQUEST; # Production signing parameters -my $OPEN_PRD_SIGN_PARAMS = "--mode production "; +my $OPEN_PRD_SIGN_PARAMS = "--mode production " + . "--hwPrivKeyA __get " + . "--hwPrivKeyB __get " + . "--hwPrivKeyC __get " + . "--swPrivKeyP __get "; # Imprint key signing parameters. In a non-secure compile, omit the keys to # generate a secure header without signatures |