Hi Tom,
On 20 December 2013 11:59, Tom Rini trini@ti.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/06/2013 06:36 PM, Simon Glass wrote:
Hi Tom,
On 2 October 2013 08:44, Simon Glass sjg@chromium.org wrote:
This series adds a few improvements to the image signing feature to make it easier to use on the Beaglebone Black.
- Add a DEV_TREE_BIN option to make it easier to include the correct FDT
(with embedded public keys) into the U-Boot image
- Enable cache for more TI boards (to speed things up)
- Increase malloc size
- Enable CONFIG_OF_CONTROL, FIT and secure boot on am33xx/omap (RFC only, not sure we want this, although we could create a
separate
config for it)I also have a change to adjust mkimage to automatically make space in
the
FDT when adding hashes and signatures. Included here is the ENOSPC
patch,
but the fit_image.c patch will wait until the dumpimage tool is merged, since I am changing the same code.
With this, secure boot was tested successfully on Beaglebone Black.
Do you think any of these patches should be applied?
Sorry I've taken so long to cycle back on this. At the high level, I'm OK with it. But we need to make sure we can do these features optionally, perhaps with a separate build?
Do you think we should apply the ones except for the secure boot stuff (marked RFC)?
Regards, Simon