Add CST_EXTRA_CMDLINE_OPTIONS environment variable to allow build tools like PTXdist or Yocto to pass additional cst command line options. This becomes important for newer cst versions (> 3.3.1) since they support multiple backends: ssl (default) and pkcs11. Signed-off-by: Marco Felsch <m.felsch@xxxxxxxxxxxxxx> --- Changelog: v2: - unchaned - v1-link: https://lore.barebox.org/barebox/20231010143314.2031253-1-m.felsch@xxxxxxxxxxxxxx/T/#t scripts/imx/imx-image.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/scripts/imx/imx-image.c b/scripts/imx/imx-image.c index 4a0a44b3a9b3..8a5768ca8b62 100644 --- a/scripts/imx/imx-image.c +++ b/scripts/imx/imx-image.c @@ -670,7 +670,7 @@ static int hab_sign(struct config_data *data, const char *csfcmds, int fd, outfd, ret, lockfd; char *csffile, *command; struct stat s; - char *cst; + char *cst, *cstopts; void *buf; size_t csf_space = CSF_LEN; unsigned int offset = 0; @@ -679,6 +679,10 @@ static int hab_sign(struct config_data *data, const char *csfcmds, if (!cst) cst = "cst"; + cstopts = getenv("CST_EXTRA_CMDLINE_OPTIONS"); + if (!cstopts) + cstopts = ""; + ret = asprintf(&csffile, "%s.slot%u.csfbin", data->outfile, csf_slot); if (ret < 0) exit(1); @@ -716,11 +720,11 @@ static int hab_sign(struct config_data *data, const char *csfcmds, if (ret == -1) return -EINVAL; else if (ret == 0) - ret = asprintf(&command, "%s -o %s -i /dev/stdin", - cst, csffile); + ret = asprintf(&command, "%s -o %s -i /dev/stdin %s", + cst, csffile, cstopts); else - ret = asprintf(&command, "%s -o %s;", - cst, csffile); + ret = asprintf(&command, "%s -o %s %s;", + cst, csffile, cstopts); if (ret < 0) return -ENOMEM; -- 2.39.2
