raspberrypi/rpi-eeprom
1
0
Fork 0
mirror of https://github.com/raspberrypi/rpi-eeprom.git synced 2026-01-20 21:13:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

rpi-eeprom-config: Process bootcode arg with other file replacements

Browse Source 
It should be possible to change the config, public key, signature
and signed bootcode in a single operation.
This commit is contained in:
Tim Gover
2024-04-17 08:35:37 +01:00
committed by Tim Gover
parent ca7a39efe9
commit a2fb4ed28d
1 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
rpi-eeprom-config
View File

@@ -510,7 +510,7 @@ Operating modes:
The configuration file will be taken from: The configuration file will be taken from:
* The blconfig reserved memory nvmem device * The blconfig reserved memory nvmem device
* The cached bootloader configuration 'vcgencmd bootloader_config' * The cached bootloader configuration 'vcgencmd bootloader_config'
* The current pending update - typically /boot/pieeprom.upd * The current pending update - typically /boot/firmware/pieeprom.upd
sudo -E rpi-eeprom-config --edit [pieeprom.bin] sudo -E rpi-eeprom-config --edit [pieeprom.bin]
@@ -524,8 +524,7 @@ Operating modes:
the corresponding RSA public key. the corresponding RSA public key.
Requires Python Cryptodomex libraries and OpenSSL. To install on Raspberry Pi OS run:- Requires Python Cryptodomex libraries and OpenSSL. To install on Raspberry Pi OS run:-
sudo apt install openssl python-pip sudo apt install python3-pycryptodome
sudo python3 -m pip install cryptodomex
rpi-eeprom-digest -k private.pem -i bootconf.txt -o bootconf.sig rpi-eeprom-digest -k private.pem -i bootconf.txt -o bootconf.sig
rpi-eeprom-config --config bootconf.txt --digest bootconf.sig --pubkey public.pem --out pieeprom-signed.bin pieeprom.bin rpi-eeprom-config --config bootconf.txt --digest bootconf.sig --pubkey public.pem --out pieeprom-signed.bin pieeprom.bin
@@ -571,10 +570,15 @@ See 'rpi-eeprom-update -h' for more information about the available EEPROM image
image = BootloaderImage(args.eeprom, args.out) image = BootloaderImage(args.eeprom, args.out)
if args.timestamp is not None: if args.timestamp is not None:
image.set_timestamp(args.timestamp) image.set_timestamp(args.timestamp)
if args.bootcode is not None: if args.bootcode is not None:
image.update_file(args.bootcode, BOOTCODE_BIN) image.update_file(args.bootcode, BOOTCODE_BIN)
image.write()
elif args.config is not None: if args.cacertder is not None:
image.update_file(args.cacertder, CACERT_DER)
if args.config is not None:
# The public key, EEPROM config and signature should be set together
if not os.path.exists(args.config): if not os.path.exists(args.config):
exit_error("config file '%s' not found" % args.config) exit_error("config file '%s' not found" % args.config)
image.update_file(args.config, BOOTCONF_TXT) image.update_file(args.config, BOOTCONF_TXT)
@@ -582,10 +586,9 @@ See 'rpi-eeprom-update -h' for more information about the available EEPROM image
image.update_file(args.digest, BOOTCONF_SIG) image.update_file(args.digest, BOOTCONF_SIG)
if args.pubkey is not None: if args.pubkey is not None:
image.update_key(args.pubkey, PUBKEY_BIN) image.update_key(args.pubkey, PUBKEY_BIN)
if args.cacertder is not None:
image.update_file(args.cacertder, CACERT_DER) if args.config is not None or args.timestamp is not None or args.bootcode is not None or args.cacertder is not None:
image.write() debug("Writing image")
elif args.config is None and args.timestamp is not None:
image.write() image.write()
else: else:
image.read() image.read()