[PATCH v3 0/7] vpl: Introduce a verifying program loader
Simon Glass
sjg at chromium.org
Mon Jul 12 04:19:12 CEST 2021
U-Boot provides a verified-boot feature based around FIT, but there is
no standard way of implementing it for a board. At present the various
required pieces must be built up separately, to produce a working
implementation. In particular, there is no built-in support for selecting
A/B boot or recovery mode.
This series introduces VPL, a verified program loader. Its purpose is to
run the verified-boot process and decide which SPL binary should be run.
Adding VPL into the boot flow provides a standard way of implementing
verified boot. So far, only the phase itself is added along with some
Kconfig options. The next step is to create a build for sandbox.
Changes in v3:
- Move VPL Kconfig options to a separate patch
- Add full build support for VPL
Changes in v2:
- Add some more VPL Kconfig options
Simon Glass (7):
doc: Convert SPL documentation to ReST
doc: Expand SPL docs to explain the phase and config
test: Tidy up test building with SPL
spl: Move TPL_HASH_SUPPORT down next to other TPL options
binman: Add VPL support
Introduce Verifying Program Loader (VPL)
vpl: Add Kconfig options for VPL
Kconfig | 10 +
Makefile | 15 +-
arch/sandbox/Kconfig | 8 +
common/Kconfig | 67 ++++++
common/spl/Kconfig | 226 +++++++++++++++++++--
common/spl/spl.c | 25 ++-
doc/develop/index.rst | 1 +
doc/{README.SPL => develop/spl.rst} | 99 +++++----
drivers/clk/Kconfig | 10 +
drivers/core/Makefile | 2 +-
drivers/gpio/Kconfig | 11 +
drivers/i2c/Kconfig | 11 +
drivers/misc/Kconfig | 19 ++
drivers/pinctrl/Kconfig | 18 +-
drivers/rtc/Kconfig | 9 +
drivers/serial/Kconfig | 20 ++
drivers/sysreset/Kconfig | 10 +
drivers/timer/Kconfig | 10 +
include/bootstage.h | 2 +
include/linux/kconfig.h | 3 +
include/spl.h | 20 +-
lib/Kconfig | 62 ++++++
scripts/Kbuild.include | 4 +
scripts/Makefile.autoconf | 12 ++
scripts/Makefile.build | 4 +
scripts/Makefile.lib | 5 +
scripts/Makefile.spl | 37 +++-
test/test-main.c | 2 +-
tools/binman/etype/u_boot_vpl.py | 42 ++++
tools/binman/etype/u_boot_vpl_bss_pad.py | 44 ++++
tools/binman/etype/u_boot_vpl_dtb.py | 28 +++
tools/binman/etype/u_boot_vpl_expanded.py | 45 ++++
tools/binman/etype/u_boot_vpl_nodtb.py | 42 ++++
tools/binman/ftest.py | 110 ++++++++--
tools/binman/state.py | 3 +-
tools/binman/test/082_fdt_update_all.dts | 2 +
tools/binman/test/201_u_boot_vpl.dts | 11 +
tools/binman/test/202_u_boot_vpl_nodtb.dts | 13 ++
tools/binman/test/203_fdt_incl_vpl.dts | 13 ++
tools/binman/test/204_vpl_bss_pad.dts | 17 ++
40 files changed, 997 insertions(+), 95 deletions(-)
rename doc/{README.SPL => develop/spl.rst} (61%)
create mode 100644 tools/binman/etype/u_boot_vpl.py
create mode 100644 tools/binman/etype/u_boot_vpl_bss_pad.py
create mode 100644 tools/binman/etype/u_boot_vpl_dtb.py
create mode 100644 tools/binman/etype/u_boot_vpl_expanded.py
create mode 100644 tools/binman/etype/u_boot_vpl_nodtb.py
create mode 100644 tools/binman/test/201_u_boot_vpl.dts
create mode 100644 tools/binman/test/202_u_boot_vpl_nodtb.dts
create mode 100644 tools/binman/test/203_fdt_incl_vpl.dts
create mode 100644 tools/binman/test/204_vpl_bss_pad.dts
--
2.32.0.93.g670b81a890-goog
More information about the U-Boot
mailing list