[PATCH] HSD #2205749969: board: altera: Add fitImage to support S10 secure boot for both U-Boot and kernel

Thu Sep 1 07:54:54 CEST 2022

From: "Ooi, Joyce" <joyce.ooi at intel.com>

FitImage files are added to load Linux kernel image and U-boot
image for Stratix10 Secure Boot.

Signed-off-by: Ooi, Joyce <joyce.ooi at intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim at intel.com>
---
 .../stratix10-socdk/its/kernel-sign.its       | 51 +++++++++++++++++++
 .../altera/stratix10-socdk/its/uboot-sign.its | 41 +++++++++++++++
 2 files changed, 92 insertions(+)
 create mode 100644 board/altera/stratix10-socdk/its/kernel-sign.its
 create mode 100644 board/altera/stratix10-socdk/its/uboot-sign.its

diff --git a/board/altera/stratix10-socdk/its/kernel-sign.its b/board/altera/stratix10-socdk/its/kernel-sign.its
new file mode 100644
index 0000000000..5136365b99
--- /dev/null
+++ b/board/altera/stratix10-socdk/its/kernel-sign.its
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2019 Intel Corporation. All rights reserved
+ *
+ * SPDX-License-Identifier: GPL-2.0
+ */
+
+/dts-v1/;
+
+/ {
+	description = "Linux kernel image with FDT blob";
+	#address-cells = <1>;
+
+	images {
+		kernel {
+			description = "Linux Kernel";
+			data = /incbin/("Image");
+			type = "kernel";
+			arch = "arm64";
+			os = "linux";
+			compression = "none";
+			load = <0x2080000>;
+			entry = <0x2080000>;
+			hash {
+				algo = "sha256";
+			};
+		};
+		fdt {
+			description = "Linux DTB";
+			data = /incbin/("socfpga_stratix10_socdk.dtb");
+			type = "flat_dt";
+			arch = "arm64";
+			compression = "none";
+			hash {
+				algo = "sha256";
+			};
+		};
+	};
+	configurations {
+		default = "conf";
+		conf {
+			description = "Linux boot configuration";
+			kernel = "kernel";
+			fdt = "fdt";
+			signature {
+				algo = "sha256,rsa4096";
+				key-name-hint = "dev";
+				sign-images = "fdt", "kernel";
+			};
+		};
+	};
+};
diff --git a/board/altera/stratix10-socdk/its/uboot-sign.its b/board/altera/stratix10-socdk/its/uboot-sign.its
new file mode 100644
index 0000000000..611bb980f9
--- /dev/null
+++ b/board/altera/stratix10-socdk/its/uboot-sign.its
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2019 Intel Corporation. All rights reserved
+ *
+ * SPDX-License-Identifier: GPL-2.0
+ */
+
+/dts-v1/;
+
+/ {
+	description = "Authenticator";
+	#address-cells = <1>;
+
+	images {
+		standalone {
+			description = "Authenticator binary";
+			data = /incbin/("../../../../u-boot-dtb.bin");
+			type = "standalone";
+			arch = "arm64";
+			compression = "none";
+			load = <0x1000>;
+			entry = <0x1000>;
+			os = "u-boot";
+			hash {
+				algo = "sha256";
+			};
+		};
+	};
+
+	configurations {
+		default = "conf";
+		conf {
+			description = "Authenticator fitImage";
+			standalone = "standalone";
+			signature {
+				algo = "sha256,rsa4096";
+				key-name-hint = "dev";
+				sign-images = "standalone";
+			};
+		};
+	};
+};
-- 
2.26.2

