[PATCH u-boot v2019.04-aspeed-openbmc 0/6] Runtime control of vboot via GPIO
Andrew Jeffery
andrew at aj.id.au
Mon Jan 31 12:25:32 AEDT 2022
Hello,
This u-boot series implements support for controlling whether verified
boot is enabled at runtime by measuring the state of the
"bmc-secure-boot" GPIO for AST2600-based BMCs.
Previously, whether or not verified boot was required was configured at
build time.
These patches build on top of the series Eddie recently sent to the list
to enable use of GPIOs in the SPL:
https://lore.kernel.org/openbmc/20220124191503.88452-1-eajames@linux.ibm.com/
I've tested the changes under qemu, and they behave as expected for the
Rainier platform configuration.
I'll figure out how we go about upstreaming the series once Eddie's
series has been picked up.
Please review!
Andrew
Andrew Jeffery (6):
gpio: Add gpio_request_by_line_name()
image: Control FIT uImage signature verification at runtime
ARM: ast2600: Control FIT uImage signature verification at runtime
configs: ast2600: Runtime control of FIT signature verification
ARM: dts: rainier: Add gpio-line-names property with bmc-secure-boot
image: Fix indentation of macros
Kconfig | 9 ++++
arch/arm/dts/ast2600-rainier.dts | 32 +++++++++++++
arch/arm/mach-aspeed/ast2600/Makefile | 1 +
arch/arm/mach-aspeed/ast2600/secure-boot.c | 53 ++++++++++++++++++++++
common/image-fit.c | 17 ++++++-
configs/ast2600_openbmc_spl_emmc_defconfig | 1 +
drivers/gpio/gpio-uclass.c | 26 +++++++++++
include/asm-generic/gpio.h | 19 ++++++++
include/image.h | 13 +++++-
9 files changed, 167 insertions(+), 4 deletions(-)
create mode 100644 arch/arm/mach-aspeed/ast2600/secure-boot.c
--
2.32.0
More information about the openbmc
mailing list