[PATCH 0/4] vpl: Introduce a verifying program loader

Simon Glass sjg at chromium.org
Sat Jul 3 15:46:26 CEST 2021 

Hi,

On Fri, 7 May 2021 at 16:37, Simon Glass <sjg at chromium.org> wrote:
>
> U-Boot provides a verified-boot feature based around FIT, but there is
> no standard way of implementing it for a board. At present the various
> required pieces must be built up separately, to produce a working
> implementation. In particular, there is no built-in support for selecting
> A/B boot or recovery mode.
>
> This series introduces VPL, a verified program loader. Its purpose is to
> run the verified-boot process and decide which SPL binary should be run.
> Adding VPL into the boot flow provides a standard way of implementing
> verified boot. So far, only the phase itself is added. More work is
> needed to add logic to the phase, based on continuing discussions about
> how best to standardise this feature.
>
>
> Simon Glass (4):
>   doc: Convert SPL documentation to ReST
>   doc: Expand SPL docs to explain the phase and config
>   binman: Add VPL support
>   Introduce Verifying Program Loader (VPL)
>
>  common/Kconfig                             |  67 ++++++++
>  common/spl/Kconfig                         | 168 ++++++++++++++++++++-
>  common/spl/spl.c                           |  25 ++-
>  doc/develop/index.rst                      |   1 +
>  doc/{README.SPL => develop/spl.rst}        |  99 +++++++-----
>  include/bootstage.h                        |   2 +
>  include/linux/kconfig.h                    |   3 +
>  include/spl.h                              |  20 ++-
>  lib/Kconfig                                |  54 +++++++
>  scripts/Kbuild.include                     |   4 +
>  scripts/Makefile.build                     |   4 +
>  tools/binman/etype/u_boot_vpl.py           |  42 ++++++
>  tools/binman/etype/u_boot_vpl_bss_pad.py   |  44 ++++++
>  tools/binman/etype/u_boot_vpl_dtb.py       |  28 ++++
>  tools/binman/etype/u_boot_vpl_expanded.py  |  45 ++++++
>  tools/binman/etype/u_boot_vpl_nodtb.py     |  42 ++++++
>  tools/binman/ftest.py                      | 110 +++++++++++---
>  tools/binman/state.py                      |   3 +-
>  tools/binman/test/082_fdt_update_all.dts   |   2 +
>  tools/binman/test/201_u_boot_vpl.dts       |  11 ++
>  tools/binman/test/202_u_boot_vpl_nodtb.dts |  13 ++
>  tools/binman/test/203_fdt_incl_vpl.dts     |  13 ++
>  tools/binman/test/204_vpl_bss_pad.dts      |  17 +++
>  23 files changed, 748 insertions(+), 69 deletions(-)
>  rename doc/{README.SPL => develop/spl.rst} (61%)
>  create mode 100644 tools/binman/etype/u_boot_vpl.py
>  create mode 100644 tools/binman/etype/u_boot_vpl_bss_pad.py
>  create mode 100644 tools/binman/etype/u_boot_vpl_dtb.py
>  create mode 100644 tools/binman/etype/u_boot_vpl_expanded.py
>  create mode 100644 tools/binman/etype/u_boot_vpl_nodtb.py
>  create mode 100644 tools/binman/test/201_u_boot_vpl.dts
>  create mode 100644 tools/binman/test/202_u_boot_vpl_nodtb.dts
>  create mode 100644 tools/binman/test/203_fdt_incl_vpl.dts
>  create mode 100644 tools/binman/test/204_vpl_bss_pad.dts
>
> --
> 2.31.1.607.g51e8a6a459-goog
>

Are there any comments on this series?

I plan to build on this to actually implement the verifying loader at
some point.

Regards,
Simon

More information about the U-Boot mailing list