Hi Teddy,
On 28 May 2016 at 18:58, Teddy Reed teddy.reed@gmail.com wrote:
This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation.
The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256
In this example, SHA256 is the only selected hashing algorithm.
And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y
Signed-off-by: Teddy Reed teddy.reed@gmail.com Cc: Simon Glass sjg@chromium.org Cc: Andreas Dannenberg dannenberg@ti.com
Kconfig | 11 +++++++++++ common/Makefile | 1 + drivers/Makefile | 1 + drivers/crypto/rsa_mod_exp/mod_exp_sw.c | 1 + lib/Makefile | 9 ++++----- lib/rsa/Kconfig | 4 ++++ lib/rsa/Makefile | 2 +- 7 files changed, 23 insertions(+), 6 deletions(-)
Acked-by: Simon Glass sjg@chromium.org