Informatic/image.its

## image.its
/dts-v1/;

/ {
	description = "Example FIT image";
	#address-cells = <1>;

	images {
		kernel@1 {
			description = "default kernel";
			data = /incbin/("./zImage");
			type = "kernel";
			arch = "arm";
			os = "linux";
			compression = "none";
			load = <0x42000000>;
			entry = <0x42000000>;
			hash@1 {
				algo = "sha1";
			};
		};

		ramdisk@1 {
			description = "rootfs";
			data = /incbin/("./rootfs.cpio.gz");
			type = "ramdisk";
			arch = "arm";
			os = "linux";
			compression = "gzip";
			load = <00000000>;
			entry = <00000000>;
			hash@1 {
				algo = "sha1";
			};
		};

		fdt@1 {
			description = "device tree";
			data = /incbin/("./sun8i-h2-plus-orangepi-zero.dtb");
			type = "flat_dt";
			arch = "arm";
			compression = "none";
			hash@1 {
				algo = "sha1";
			};
		};

	};

	configurations {
		default = "config@1";

		config@1 {
			description = "default configuration";
			kernel = "kernel@1";
			ramdisk = "ramdisk@1";
			fdt = "fdt@1";

			signature@1 {
				algo = "sha1,rsa2048";
				key-name-hint = "dev";
				sign-images = "fdt", "kernel", "ramdisk";
			};
		};
	};
};

## post-image-signatures.sh
#!/bin/sh
# post-image-signatures.sh - build full .itb image with signatures

set -e

BOARD_DIR="$( dirname "${0}" )"
KEYS_DIR="${BOARD_DIR}/../../keys"
MKIMAGE="${HOST_DIR}/bin/mkimage"
IMAGE_ITS="image.its"
OUTPUT_NAME="image.itb"

# We have to copy .its file over to images/ for /incbin/ to work
cp "${BOARD_DIR}/${IMAGE_ITS}" "${BINARIES_DIR}"

cd "${BINARIES_DIR}"

echo " -> Building..."
"${MKIMAGE}" -D "-I dts -O dtb -p 2000" -f ${IMAGE_ITS} ${OUTPUT_NAME}

echo " -> Signing..."
"${MKIMAGE}" -D "-I dts -O dtb -p 2000" -F -k "${KEYS_DIR}" -K "${BUILD_DIR}/uboot-2017.03/dts/dt.dtb" -r ${OUTPUT_NAME}

rm ${IMAGE_ITS}

# Rebuild uboot with patched dtb
cd "${BUILD_DIR}/.."
make uboot-rebuild
	/dts-v1/;

	/ {
	description = "Example FIT image";
	#address-cells = <1>;

	images {
	kernel@1 {
	description = "default kernel";
	data = /incbin/("./zImage");
	type = "kernel";
	arch = "arm";
	os = "linux";
	compression = "none";
	load = <0x42000000>;
	entry = <0x42000000>;
	hash@1 {
	algo = "sha1";
	};
	};

	ramdisk@1 {
	description = "rootfs";
	data = /incbin/("./rootfs.cpio.gz");
	type = "ramdisk";
	arch = "arm";
	os = "linux";
	compression = "gzip";
	load = <00000000>;
	entry = <00000000>;
	hash@1 {
	algo = "sha1";
	};
	};

	fdt@1 {
	description = "device tree";
	data = /incbin/("./sun8i-h2-plus-orangepi-zero.dtb");
	type = "flat_dt";
	arch = "arm";
	compression = "none";
	hash@1 {
	algo = "sha1";
	};
	};

	};

	configurations {
	default = "config@1";

	config@1 {
	description = "default configuration";
	kernel = "kernel@1";
	ramdisk = "ramdisk@1";
	fdt = "fdt@1";

	signature@1 {
	algo = "sha1,rsa2048";
	key-name-hint = "dev";
	sign-images = "fdt", "kernel", "ramdisk";
	};
	};
	};
	};
	#!/bin/sh
	# post-image-signatures.sh - build full .itb image with signatures

	set -e

	BOARD_DIR="$( dirname "${0}" )"
	KEYS_DIR="${BOARD_DIR}/../../keys"
	MKIMAGE="${HOST_DIR}/bin/mkimage"
	IMAGE_ITS="image.its"
	OUTPUT_NAME="image.itb"

	# We have to copy .its file over to images/ for /incbin/ to work
	cp "${BOARD_DIR}/${IMAGE_ITS}" "${BINARIES_DIR}"

	cd "${BINARIES_DIR}"

	echo " -> Building..."
	"${MKIMAGE}" -D "-I dts -O dtb -p 2000" -f ${IMAGE_ITS} ${OUTPUT_NAME}

	echo " -> Signing..."
	"${MKIMAGE}" -D "-I dts -O dtb -p 2000" -F -k "${KEYS_DIR}" -K "${BUILD_DIR}/uboot-2017.03/dts/dt.dtb" -r ${OUTPUT_NAME}

	rm ${IMAGE_ITS}

	# Rebuild uboot with patched dtb
	cd "${BUILD_DIR}/.."
	make uboot-rebuild