[U-Boot] [PATCH] verified-boot: Minimal support for booting U-Boot proper from SPL
Simon Glass
sjg at chromium.org
Fri Jun 10 03:06:15 CEST 2016
Hi Teddy,
On 28 May 2016 at 18:58, Teddy Reed <teddy.reed at gmail.com> wrote:
> This allows a board to configure verified boot within the SPL using
> a FIT or FIT with external data. It also allows the SPL to perform
> signature verification without needing relocation.
>
> The board configuration will need to add the following feature defines:
> CONFIG_SPL_CRYPTO_SUPPORT
> CONFIG_SPL_HASH_SUPPORT
> CONFIG_SPL_SHA256
>
> In this example, SHA256 is the only selected hashing algorithm.
>
> And the following booleans:
> CONFIG_SPL=y
> CONFIG_SPL_DM=y
> CONFIG_SPL_LOAD_FIT=y
> CONFIG_SPL_FIT=y
> CONFIG_SPL_OF_CONTROL=y
> CONFIG_SPL_OF_LIBFDT=y
> CONFIG_SPL_FIT_SIGNATURE=y
>
> Signed-off-by: Teddy Reed <teddy.reed at gmail.com>
> Cc: Simon Glass <sjg at chromium.org>
> Cc: Andreas Dannenberg <dannenberg at ti.com>
> ---
> Kconfig | 11 +++++++++++
> common/Makefile | 1 +
> drivers/Makefile | 1 +
> drivers/crypto/rsa_mod_exp/mod_exp_sw.c | 1 +
> lib/Makefile | 9 ++++-----
> lib/rsa/Kconfig | 4 ++++
> lib/rsa/Makefile | 2 +-
> 7 files changed, 23 insertions(+), 6 deletions(-)
>
Acked-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot
mailing list