[U-Boot] rockchip: SecureBoot Support?
Eddie Cai
eddie.cai.kernel at gmail.com
Fri Aug 5 04:04:37 CEST 2016
Hi
2016-08-05 9:36 GMT+08:00 Simon Glass <sjg at chromium.org>:
> Hi Gregory,
>
> On 3 August 2016 at 21:21, Gregory Ray <gregory.ray at eyeio.com> wrote:
>> Hello,
>>
>> Is SecureBoot from the manufacturers u-boot distribution operational? When I
>> try to sign the loader using the SBC it complains "Sign loader failed!"
>>
>> I did a standard make:
>>
>> CROSS_COMPILE=/Developer/arm-eabi-4.8/bin/arm-eabi- make O=firefly
>> firefly-rk3288_defconfig all
>>
>> Then generated the loader binary for SecureBootConsole by trying these
>> combinations, all failed with same error:
>>
>> ./firefly/tools/mkimage -n rk3288 -T rkimage -d \
>>
>> ./firefly/spl/u-boot-spl-nodtb.bin out && \
>>
>> cat out | openssl rc4 -K 7c4e0304550509072d2c7b38170d1711 > sbc_in.bin
>>
>>
>> ./firefly/tools/mkimage -n rk3288 -T rkspi -d \
>>
>> ./firefly/spl/u-boot-spl-nodtb.bin out && \
>>
>> cat out | openssl rc4 -K 7c4e0304550509072d2c7b38170d1711 > sbc_in.bin
>>
>> I also tried using the boot_merger tool from the manufacturer distribution
>> using the RK3288.ini with PATH=./firefly/spl/u-boot-spl-nodtb.bin. This
>> still failed with same error.
>>
>>
>> If this feature is not yet functional, is it on the roadmap?
>
> Which feature are you referring to here? What is the 'manufacturers
> u-boot distribution'? If it is not mainline, then I suspect only the
> Rockchip people know about it.
I guess you are talking about verified boot?
>
>>
>>
>> Thanks,
>>
>> Gregory Ray
>
> Regards,
> Simon
> _______________________________________________
> U-Boot mailing list
> U-Boot at lists.denx.de
> http://lists.denx.de/mailman/listinfo/u-boot
More information about the U-Boot
mailing list