On Thu, Jun 09, 2016 at 07:18:44PM -0700, Teddy Reed wrote:
This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation.
The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256
In this example, SHA256 is the only selected hashing algorithm.
And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y
Signed-off-by: Teddy Reed teddy.reed@gmail.com Acked-by: Simon Glass sjg@chromium.org Acked-by: Andreas Dannenberg dannenberg@ti.com Acked-by: Sumit Garg sumit.garg@nxp.com
Applied to u-boot/master, thanks!