857e313a3d
Fman microcode is executable code (AFAICT) loaded into a coprocessor. As such, if verified boot is enabled, it must be verified like other executable code. However, this is not currently done. This commit adds verified boot functionality by encapsulating the microcode in a FIT, which can then be signed/verified as normal. By default we allow fallback to unencapsulated firmware, but if CONFIG_FIT_SIGNATURE is enabled, then we make it mandatory. Because existing Layerscape do not use this config (instead enabling CONFIG_CHAIN_OF_TRUST), this should not break any existing boards. An example (mildly-abbreviated) its is provided below: / { #address-cells = <1>; images { firmware { data = /incbin/(/path/to/firmware); type = "firmware"; arch = "arm64"; compression = "none"; signature { algo = "sha256,rsa2048"; key-name-hint = "your key name"; }; }; }; configurations { default = "conf"; conf { description = "Load FMAN microcode"; fman = "firmware"; }; }; }; Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Peng Fan <peng.fan@nxp.com> |
||
---|---|---|
.. | ||
b4860.c | ||
dtsec.c | ||
eth.c | ||
fdt.c | ||
fm.c | ||
fm.h | ||
init.c | ||
ls1043.c | ||
ls1046.c | ||
Makefile | ||
memac_phy.c | ||
memac.c | ||
p1023.c | ||
p4080.c | ||
p5020.c | ||
p5040.c | ||
t1024.c | ||
t1040.c | ||
t2080.c | ||
t4240.c | ||
tgec_phy.c | ||
tgec.c |