[PATCH V4 09/14] arm: dts: iot2050: Allow verifying U-Boot proper by SPL
Jan Kiszka
jan.kiszka at siemens.com
Thu Feb 2 09:07:54 CET 2023
From: Jan Kiszka <jan.kiszka at siemens.com>
Add hashes and configuration signature stubs to prepare verified boot
of main U-Boot by SPL.
Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
---
arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi
index 3ee0842e993..9082a79a034 100644
--- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi
+++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi
@@ -14,6 +14,7 @@
filename = "flash.bin";
pad-byte = <0xff>;
size = <0x8c0000>;
+ allow-repack;
blob-ext at 0x000000 {
offset = <0x000000>;
@@ -45,6 +46,9 @@
entry = <0x80800000>;
u-boot-nodtb {
};
+ hash {
+ algo = "sha256";
+ };
};
@fdt-SEQ {
@@ -52,6 +56,9 @@
type = "flat_dt";
arch = "arm64";
compression = "none";
+ hash {
+ algo = "sha256";
+ };
};
#ifdef CONFIG_WDT_K3_RTI_FW_FILE
@@ -64,6 +71,9 @@
filename = CONFIG_WDT_K3_RTI_FW_FILE;
missing-msg = "k3-rti-wdt-firmware";
};
+ hash {
+ algo = "sha256";
+ };
};
#endif
};
@@ -77,10 +87,16 @@
#ifdef CONFIG_WDT_K3_RTI_FW_FILE
loadables = "k3-rti-wdt-firmware";
#endif
+ signature {
+ sign-images = "firmware", "fdt", "loadables";
+ };
};
};
};
+ fdtmap {
+ };
+
/* primary env */
fill at 0x680000 {
offset = <0x680000>;
--
2.35.3
More information about the U-Boot
mailing list