We have successfully built u-boot loader for rk3288 from the rock_bsp repository here: https://github.com/radxa/rock-bsp.git
We were able to create keys and sign the loader image using the secureBootConsole tool we found here: https://bitbucket.org/T-Firefly/firefly-rk3288/src/45fb49ab0f41/RKTools/linu...
After using the "upgrade_tool" to flash the loader image to the rk3288, the new u-boot announces itself. It reports this rather than 0 and 0...
SecureBootEn = 1, SecureBootLock = 1 : : Secure Boot Mode: 0x0 ====================
QUESTION ========
What is the process necessary to set the Efuse to the appropriate hash based on the public key, so that the loader will run in Secure Boot Mode?
We assume this is the necessary step to be able to read the larger Efuse (available in Secure Mode only)?