Hi Grant,
On Tue, Aug 27, 2019 at 10:35:37AM +0000, Grant Likely wrote:
Hi Takahiro,
On 17/05/2019 01:12, AKASHI Takahiro wrote: [...]
In fact, I have already imported relevant kernel code into U-Boot and it now works perfectly with my experimental UEFI secure boot patch,
Speaking of which, where can I find the experimental UEFI secure boot patches? I've not been able to find any recent postings.
Here's my repository: https://git.linaro.org/people/takahiro.akashi/u-boot.git efi/secboot
But it's quite old and not ready for public review, yet it works in some way. Since then, I've done - implementing image authentication as close to EDK2's semantics as possible, including timestamp-based revocation - improving portability of linux-kernel-based pkcs7/x509 parsers - reworking the code in general for better maintainability - adding initial automated testing of image/variable authentication based on pytest framework
On the other hand, Sughosh and Pipat are working on integrating StMM-based UEFI variables/secure storage into U-Boot.
As far as my part is concerned, my plan is that I will focus on developing more test cases and verifying the authentication code. Once I have some good confidence, I'd like to submit the patch set. It will be around the next Connect, I guess?
Thanks, -Takahiro Akashi
Thanks, g.