From 094a81f5deff3b8cf5342138afefef8d8f34f8ff Mon Sep 17 00:00:00 2001 From: Bill Richardson Date: Fri, 25 Sep 2015 14:39:52 -0700 Subject: cleanup: Handle signed RW images a bit cleaner For signed EC RW images (CONFIG_RWSIG), there's no point in embedding the public key or signature into the image itself since it will just be replaced by the signer (either as the next step in the build process, or after the fact for MP releases). This takes that out and just points to where the pubkey and signature will be placed. BUG=none BRANCH=none TEST=make buildall I also checked the signatures with futility show -t build/*/ec.bin They still look good, and the one signed image I booted (Cr50) works as before. Change-Id: Ib39b7c508914851f81a1bebb2450e08ef0def76c Signed-off-by: Bill Richardson Reviewed-on: https://chromium-review.googlesource.com/302630 Reviewed-by: Randall Spangler --- Makefile.rules | 7 ------- 1 file changed, 7 deletions(-) (limited to 'Makefile.rules') diff --git a/Makefile.rules b/Makefile.rules index 65500f317b..e2951d095a 100644 --- a/Makefile.rules +++ b/Makefile.rules @@ -71,7 +71,6 @@ cmd_sharedlib_elf = $(CC) $(libsharedobjs_deps) \ -Wl,-Map,$(out)/$(SHOBJLIB)/$(SHOBJLIB).map # commands for RSA signature -cmd_pubkey = ./util/pem_extract_pubkey.py $(PEM) > $@ cmd_rsasign = futility sign --type usbpd1 --pem $(PEM) $(out)/$*.bin.tmp # commands to build optional xref files @@ -274,12 +273,6 @@ $(sharedlib-objs): | $(out)/ec_version.h $(out)/ec_version.h: $(call quiet,version,VERSION) -$(out)/gen_pub_key.h: $(PEM) - $(call quiet,pubkey,PUBKEY ) - -$(out)/RO/common/rwsig.o: $(out)/gen_pub_key.h -$(out)/RW/common/rwsig.o: $(out)/gen_pub_key.h - $(build-utils): $(out)/%:$(build-srcs) $(call quiet,c_to_build,BUILDCC) -- cgit v1.2.1