Dummy device tree for verified boot
Gamble, Bradley
bradley.gamble at ncipher.com
Wed Apr 15 16:05:19 CEST 2020
Hello,
I am currently attempting to utilize Verified Boot to verify FIT images on my T104x-based device. I am building U-Boot with the standard options for Verified Boot (CONFIG_FIT, CONFIG_FIT_SIGNATURE, CONFIG_RSA, CONFIG_OF_CONTROL and CONFIG_OF_SEPARATE).
When building U-Boot I need to supply a DTB image at build time. However, the device I am targetting may have a number of different configurations. This has been manged previously by using a single version of U-Boot and loading different FIT images containing different DTBs based on how the device will be used.
Does the DTB supplied to U-Boot at build time have to be "fully-featured"? Can it be a dummy DTB containing minimal nodes just for the purpose of storing the key contents for Verified Boot?
Kind regards,
BDG
________________________________
[cid:image28dcb9.JPG at 434a8dea.4eb6ff24] <http://www.ncipher.com>
Bradley Gamble
Software Engineer
Tel: +44 1293 580000
nCipher Security
Manor Royal
Crawley RH10 9HA
United Kingdom
www.ncipher.com<http://www.ncipher.com>
[cid:imagec22e21.JPG at 371fb8cf.429ceea3]<https://www.ncipher.com/2020/global-encryption-trends-study?utm_source=email-signature&utm_medium=email&utm_campaign=2020_04-GETS-Internal>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image28dcb9.JPG
Type: image/jpeg
Size: 26793 bytes
Desc: image28dcb9.JPG
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200415/20b63db3/attachment-0002.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: imagec22e21.JPG
Type: image/jpeg
Size: 23049 bytes
Desc: imagec22e21.JPG
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200415/20b63db3/attachment-0003.jpe>
More information about the U-Boot
mailing list