diff mbox series

[isar-cip-core,3/3] Enable secured boot for BBB

Message ID OS3PR01MB5880D01E2FB9699B6F47A66F951FA@OS3PR01MB5880.jpnprd01.prod.outlook.com (mailing list archive)
State Accepted
Headers show
Series Enable secured boot for BBB | expand

Commit Message

tho1.nguyendat@toshiba.co.jp Aug. 22, 2023, 6:54 a.m. UTC 
From: Nguyen Dat Tho <tho1.nguyendat@toshiba.co.jp>
Date: Tue, 13 Dec 2022 10:14:04 +0700
Subject: [PATCH 3/3] u-boot: Add EFI secure boot dependency

CONFIG_EFI_SECURE_BOOT depends on CONFIG_FIT_SIGNATURE.
Enable CONFIG_FIT_SIGNATURE to make sure CONFIG_EFI_SECURE_BOOT enabled

Signed-off-by: Nguyen Dat Tho <tho1.nguyendat@toshiba.co.jp>
---
 recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 1 +
 1 file changed, 1 insertion(+)

--
2.30.2

Comments

Jan Kiszka Aug. 28, 2023, 6:41 a.m. UTC | #1 
On 22.08.23 08:54, tho1.nguyendat@toshiba.co.jp wrote:
> From: Nguyen Dat Tho <tho1.nguyendat@toshiba.co.jp>
> Date: Tue, 13 Dec 2022 10:14:04 +0700
> Subject: [PATCH 3/3] u-boot: Add EFI secure boot dependency
> 
> CONFIG_EFI_SECURE_BOOT depends on CONFIG_FIT_SIGNATURE.
> Enable CONFIG_FIT_SIGNATURE to make sure CONFIG_EFI_SECURE_BOOT enabled
> 
> Signed-off-by: Nguyen Dat Tho <tho1.nguyendat@toshiba.co.jp>
> ---
>  recipes-bsp/u-boot/files/secure-boot.cfg.tmpl | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> index 956dcbf..6111007 100644
> --- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> +++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
> @@ -4,3 +4,4 @@ CONFIG_USE_BOOTCOMMAND=y
>  CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype}
> ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load
> ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r}
> efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r}
> ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!';
> sleep 1000; reset"
>  CONFIG_EFI_VARIABLES_PRESEED=y
>  CONFIG_EFI_SECURE_BOOT=y
> +CONFIG_FIT_SIGNATURE=y
> -- 
> 2.30.2
> 

Thanks, applied.

Jan
diff mbox series

Patch

diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
index 956dcbf..6111007 100644
--- a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
+++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
@@ -4,3 +4,4 @@  CONFIG_USE_BOOTCOMMAND=y
 CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype} ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r} efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
 CONFIG_EFI_VARIABLES_PRESEED=y
 CONFIG_EFI_SECURE_BOOT=y
+CONFIG_FIT_SIGNATURE=y