[U-Boot] [PATCH 3/5] x86: baytrail: secureboot: Add functions for verification of u-boot
Anatolij Gustschin
agust at denx.de
Mon May 15 07:29:59 UTC 2017
Hi Simon,
On Sun, 14 May 2017 21:03:34 -0600
Simon Glass sjg at chromium.org wrote:
...
> > Introduce functions that check the integrity of u-boot by utilising the
> > hashes stored in the oem-data block.
>
> U-Boot
yes, will fix it.
...
> > +/**
> > + * This function compares a hash which gets retrieved from the oem data block
>
> I think the function style we have settled on is:
>
> /**
> * verify_oem_sha256() - one line summary
> *
> * More explanation here
> *
> * @hashid: ...
> * ...
> */
OK, I'll rework and resubmit.
...
> > +
> > +/**
> > + * This function verifies the integrity for u-boot, its devicetree and the ucode
> > + * appended or inserted to the devicetree.
> > + *
> > + * @return true on success, false on error
> > + */
>
> Can you put this comment in the header file?
yes, will do.
...
> > +bool verify_u_boot_bin(void);
> > +bool verify_public_key(void);
>
> These nee comments. Also how about an fsp_ prefix since they are in
> the fsp file?
OK, I'll move comments from functions in .c file to this header and
use fsp_ prefix.
...
> > + if (!verify_u_boot_bin()) {
> > + /* if our u-boot binary checksum isn't equal to
>
> /*
> * If our ...
OK, thanks!
--
Anatolij
More information about the U-Boot
mailing list