[PATCH 2/2] ARM: dts: imx8mm-venice: prepare for dek blob encapsulation
Tim Harvey
tharvey at gateworks.com
Fri Dec 15 19:34:24 CET 2023
On Thu, Dec 14, 2023 at 8:30 AM Fabio Estevam <festevam at gmail.com> wrote:
>
> Hi Tim,
>
> On Thu, Dec 14, 2023 at 1:25 PM Tim Harvey <tharvey at gateworks.com> wrote:
> >
> > Prepare for DEK blob encapsulation support through "dek_blob" command.
> > On ARMv8, u-boot runs in non-secure, thus cannot encapsulate a DEK blob
> > for encrypted boot.
> >
> > The DEK blob is encapsulated by OP-TEE through a trusted application
> > call. U-boot sends and receives the DEK and the DEK blob binaries
> > through OP-TEE dynamic shared memory.
> >
> > To enable the DEK blob encapsulation, add to the defconfig:
> > CONFIG_SECURE_BOOT=y
>
> This option does not exist.
>
> Do you mean CONFIG_IMX_HAB=y?
Fabio,
The commit log details are not valid for upstream. I was basing this
off of 8d060e4a66d6884341fbb3d8ab1d837a3f173d47 which made it upstream
with the same message.
I can submit a v2 if necessary.
Best Regards,
Tim
More information about the U-Boot
mailing list