On 08/25/2017 03:03 AM, Sumit Garg wrote:
As part of chain of trust with confidentiality along with distro boot, linux kernel image needs to be stored in encrypted form on ext4 boot partition. So enable CONFIG_CMD_EXT4_WRITE in case of Secure boot.
Signed-off-by: Sumit Garg sumit.garg@nxp.com
Changes in v2: Instead of adding CMD_EXT4_WRITE option in each defconfig, added this option in Kconfig.
board/freescale/common/Kconfig | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/board/freescale/common/Kconfig b/board/freescale/common/Kconfig index 53b606e..3496eed 100644 --- a/board/freescale/common/Kconfig +++ b/board/freescale/common/Kconfig @@ -6,6 +6,8 @@ config CHAIN_OF_TRUST select SPL_BOARD_INIT if (ARM && SPL) select SHA_HW_ACCEL select SHA_PROG_HW_ACCEL
- select CMD_EXT4
- select CMD_EXT4_WRITE bool default y
Are you going to need this for all PowerPC platforms? This changes increases 3K in text section.
Will Ruchika confirm?
York