From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C6C5FC433F5 for ; Wed, 5 Oct 2022 08:35:42 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6E36984E5C; Wed, 5 Oct 2022 10:34:37 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; secure) header.d=siemens.com header.i=jan.kiszka@siemens.com header.b="NB60Ovtk"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 3F77784E09; Wed, 5 Oct 2022 10:34:10 +0200 (CEST) Received: from mta-65-226.siemens.flowmailer.net (mta-65-226.siemens.flowmailer.net [185.136.65.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id ACD8284E4B for ; Wed, 5 Oct 2022 10:33:56 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=jan.kiszka@siemens.com Received: by mta-65-226.siemens.flowmailer.net with ESMTPSA id 2022100508335641205c4ac196f4a7d4 for ; Wed, 05 Oct 2022 10:33:56 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=ChtN3A1BeVPzKB1POyi4F3luL6ChoHL/UCFbpPKRbhE=; b=NB60OvtkMC/dM29aeOkNnJ7DXeDQHR3cPU1zVJTCXfbFdm7E0e16apFBN+HpF5ZH5LiekQ KUYY7VNX9mF6xN16tYLPXpGTJHUM7By0khWc2ua3AXb6GLYZfHXH3y0aG0cwIBn78c6RlPt1 dRi1DMrI6vVkmFoLMDPbah9pSgUyM=; From: Jan Kiszka To: U-Boot Mailing List Subject: [PATCH V2 09/13] arm: dts: iot2050: Allow verifying U-Boot proper by SPL Date: Wed, 5 Oct 2022 10:33:49 +0200 Message-Id: <166d2b374353310560aacd305f53235253dc31bf.1664958832.git.jan.kiszka@siemens.com> In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean From: Jan Kiszka Add hashes and configuration signature stubs to prepare verified boot of main U-Boot by SPL. Signed-off-by: Jan Kiszka --- arch/arm/dts/k3-am65-iot2050-boot-image.dtsi | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi index 3ee0842e993..9082a79a034 100644 --- a/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi +++ b/arch/arm/dts/k3-am65-iot2050-boot-image.dtsi @@ -14,6 +14,7 @@ filename = "flash.bin"; pad-byte = <0xff>; size = <0x8c0000>; + allow-repack; blob-ext@0x000000 { offset = <0x000000>; @@ -45,6 +46,9 @@ entry = <0x80800000>; u-boot-nodtb { }; + hash { + algo = "sha256"; + }; }; @fdt-SEQ { @@ -52,6 +56,9 @@ type = "flat_dt"; arch = "arm64"; compression = "none"; + hash { + algo = "sha256"; + }; }; #ifdef CONFIG_WDT_K3_RTI_FW_FILE @@ -64,6 +71,9 @@ filename = CONFIG_WDT_K3_RTI_FW_FILE; missing-msg = "k3-rti-wdt-firmware"; }; + hash { + algo = "sha256"; + }; }; #endif }; @@ -77,10 +87,16 @@ #ifdef CONFIG_WDT_K3_RTI_FW_FILE loadables = "k3-rti-wdt-firmware"; #endif + signature { + sign-images = "firmware", "fdt", "loadables"; + }; }; }; }; + fdtmap { + }; + /* primary env */ fill@0x680000 { offset = <0x680000>; -- 2.35.3