diff options
author | Nick Bofferding <bofferdn@us.ibm.com> | 2017-11-14 09:48:55 -0600 |
---|---|---|
committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2017-11-14 16:09:57 -0500 |
commit | 70c697000c8a24f3d777eefcc1d632164fe6e7f5 (patch) | |
tree | eb632a372687169bf646f7e8bd0d0cd8d7d4d599 /src/build/buildpnor/genPnorImages.pl | |
parent | f7dfd17dfc996414b5989aa464817dd595b5623b (diff) | |
download | talos-hostboot-70c697000c8a24f3d777eefcc1d632164fe6e7f5.tar.gz talos-hostboot-70c697000c8a24f3d777eefcc1d632164fe6e7f5.zip |
Secure Boot: Fix parallel and multiple pass image signing issues
Change-Id: Id88717a7647cf916a4aaad652d70807d5027cb33
RTC: 180781
Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/49655
Reviewed-by: Michael Baiocchi <mbaiocch@us.ibm.com>
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Reviewed-by: Stephen M. Cprek <smcprek@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/build/buildpnor/genPnorImages.pl')
-rwxr-xr-x | src/build/buildpnor/genPnorImages.pl | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/build/buildpnor/genPnorImages.pl b/src/build/buildpnor/genPnorImages.pl index 5d5d207d2..f610f38a0 100755 --- a/src/build/buildpnor/genPnorImages.pl +++ b/src/build/buildpnor/genPnorImages.pl @@ -597,6 +597,19 @@ sub manipulateImages my $componentId = convertEyecatchToCompId($eyeCatch); $CUR_OPEN_SIGN_REQUEST .= " --sign-project-FW-token $componentId "; + # @TODO RTC 182358 + # This is a tactical workaround for the signing tooling not being + # able to handle muliple different platform binary contents for the same + # component ID. The signing tooling should be modified to tolerate this + # scenario, at which point the workaround can be removed. + if ($buildType eq "fspbuild") + { + my @signatureFiles= + glob("$bin_dir/SIGNTOOL_*/$componentId/*sig_p.raw"); + print "Deleting @signatureFiles\n"; + unlink @signatureFiles; + } + # Used for corrupting partitions. By default all protected offsets start # immediately after the container header which is size = PAGE_SIZE. # *Note: this is before ECC. |