[U-Boot] [PATCH v3] configs: SECURE_BOOT: Enable CONFIG_CMD_EXT4_WRITE
As part of chain of trust with confidentiality along with distro boot, linux kernel image needs to be stored in encrypted form on ext4 boot partition. So enable CONFIG_CMD_EXT4_WRITE in case of Secure boot on ARM based platforms.
Signed-off-by: Sumit Garg sumit.garg@nxp.com Reviewed-by: Tom Rini trini@konsulko.com ---
Changes in v3: Enable CMD_EXT4_WRITE option for ARM platforms only.
Changes in v2: Instead of adding CMD_EXT4_WRITE option in each defconfig, added this option in Kconfig.
board/freescale/common/Kconfig | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/board/freescale/common/Kconfig b/board/freescale/common/Kconfig index 8a5c456..280f7d4 100644 --- a/board/freescale/common/Kconfig +++ b/board/freescale/common/Kconfig @@ -7,6 +7,8 @@ config CHAIN_OF_TRUST select SHA_HW_ACCEL select SHA_PROG_HW_ACCEL select ENV_IS_NOWHERE + select CMD_EXT4 if ARM + select CMD_EXT4_WRITE if ARM bool default y
On 01/08/2018 12:23 AM, Sumit Garg wrote:
As part of chain of trust with confidentiality along with distro boot, linux kernel image needs to be stored in encrypted form on ext4 boot partition. So enable CONFIG_CMD_EXT4_WRITE in case of Secure boot on ARM based platforms.
Signed-off-by: Sumit Garg sumit.garg@nxp.com Reviewed-by: Tom Rini trini@konsulko.com
Changes in v3: Enable CMD_EXT4_WRITE option for ARM platforms only.
Changes in v2: Instead of adding CMD_EXT4_WRITE option in each defconfig, added this option in Kconfig.
Applied to fsl-qoriq master. Thanks.
York
participants (2)
-
Sumit Garg -
York Sun