-----Original Message----- From: Phillips Kim-R1AAHA Sent: Saturday, March 30, 2013 4:08 AM To: Gupta Ruchika-R66431 Cc: Otavio Salvador; U-Boot Mailing List; Fleming Andy-AFLEMING Subject: Re: [U-Boot] [PATCH 0/5] FSL SECURE BOOT: Add support for next level image validation
On Fri, 29 Mar 2013 04:43:23 +0000 Gupta Ruchika-R66431 R66431@freescale.com wrote:
From: otavio.salvador@gmail.com [mailto:otavio.salvador@gmail.com] On Behalf Of Otavio Salvador Sent: Thursday, March 28, 2013 8:23 PM To: Gupta Ruchika-R66431 Cc: U-Boot Mailing List; Fleming Andy-AFLEMING Subject: Re: [U-Boot] [PATCH 0/5] FSL SECURE BOOT: Add support for next level image validation
On Thu, Mar 28, 2013 at 7:46 AM, Ruchika Gupta ruchika.gupta@freescale.com wrote:
The patch set adds support for next level image validation (linux, rootfs, dtb) in secure boot scenarios.
It seems to focus in PowerPC, do you know if same code could be ported to ARM?
For the code to be ported to ARM platform, corresponding hardware blocks
like cryptographic accelerator/SW support for crypto operations, IOMMU and a security monitor block will be required.
i.mx6 has, and other future ARM-based devices will have, a CAAM, so I see no reason why any of this code should be restricted to power arch at all.
How does this patchseries integrate with this SHA offload patchseries:
http://article.gmane.org/gmane.comp.boot-loaders.u-boot/156321
and this "verified boot" implementation:
http://article.gmane.org/gmane.comp.boot-loaders.u-boot/156422
?
Kim
Thanks for the suggestion Kim. I will have a look at the links you mentioned and see how my patches can fit in. Since I am on leave this week so my response on this will be a little delayed.
Ruchika