Djam/u-boot
1
0
Fork 0
mirror of https://github.com/u-boot/u-boot.git synced 2025-05-08 10:39:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

SPL: Add signature verification when loading image

Browse source 
U-boot proper signature is not verified by SPL on most platforms
even config SPL_FIT_SIGNATURE is enabled. Only fsl-layerscape
platform support secure boot in platform specific code. So
verified boot cannot be achieved if u-boot proper is loaded by
SPL.

This patch add signature verification to u-boot proper images
when loading FIT image in SPL. It is tested on Allwinner bananapi
zero board with H2+ SoC.

Signed-off-by: Jun Nie <jun.nie@linaro.org>
This commit is contained in:
Jun Nie 2018-02-27 16:55:58 +08:00 committed by Tom Rini
parent 50905b55c7
commit 5c643db4cc
3 changed files with 48 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

2
include/image.h
View file

@ -1013,6 +1013,8 @@ int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
const char *comment, int require_keys,
const char *engine_id);
int fit_image_verify_with_data(const void *fit, int image_noffset,
const void *data, size_t size);
int fit_image_verify(const void *fit, int noffset);
int fit_config_verify(const void *fit, int conf_noffset);
int fit_all_image_verify(const void *fit);