git.baikalelectronics.ru Git - uboot.git/commit

author	Siew Chin Lim <elly.siew.chin.lim@intel.com>
	Mon, 1 Mar 2021 12:04:11 +0000 (20:04 +0800)
committer	Ley Foon Tan <ley.foon.tan@intel.com>
	Mon, 8 Mar 2021 02:59:10 +0000 (10:59 +0800)
commit	1bf280baac4c5ee5d8272addf99abe5b83329fad
tree	2c422be99e5e4ebd40d2b8b9df36a39a22a8aa06	tree \| snapshot
parent	81afbcfffc67ddbd81f3b4f70f628deb7d3adfe4	commit \| diff

arm: socfpga: soc64: Support Vendor Authorized Boot (VAB)

Vendor Authorized Boot is a security feature for authenticating
the images such as U-Boot, ARM trusted Firmware, Linux kernel,
device tree blob and etc loaded from FIT. After those images are
loaded from FIT, the VAB certificate and signature block appended
at the end of each image are sent to Secure Device Manager (SDM)
for authentication. U-Boot will validate the SHA384 of the image
against the SHA384 hash stored in the VAB certificate before
sending the image to SDM for authentication.

Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Reviewed-by: Ley Foon Tan <ley.foon.tan@intel.com>

arch/arm/mach-socfpga/Kconfig		diff \| blob \| history
arch/arm/mach-socfpga/Makefile		diff \| blob \| history
arch/arm/mach-socfpga/board.c		diff \| blob \| history
arch/arm/mach-socfpga/include/mach/mailbox_s10.h		diff \| blob \| history
arch/arm/mach-socfpga/include/mach/secure_vab.h	[new file with mode: 0644]	blob
arch/arm/mach-socfpga/secure_vab.c	[new file with mode: 0644]	blob
common/Kconfig.boot		diff \| blob \| history