[Skiboot] [PATCH 01/15] doc/device-tree: Add ibm,secureboot.txt

Claudio Carvalho cclaudio at linux.vnet.ibm.com
Thu Aug 11 15:23:43 AEST 2016


This adds a documentation for the ibm,secureboot device tree node.

Signed-off-by: Claudio Carvalho <cclaudio at linux.vnet.ibm.com>
---
 doc/device-tree/ibm,secureboot.txt | 42 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 doc/device-tree/ibm,secureboot.txt

diff --git a/doc/device-tree/ibm,secureboot.txt b/doc/device-tree/ibm,secureboot.txt
new file mode 100644
index 0000000..387cb25
--- /dev/null
+++ b/doc/device-tree/ibm,secureboot.txt
@@ -0,0 +1,42 @@
+Device tree bindings for ibm,secureboot
+=======================================
+
+This node represents the presence of the ROM verification code in the
+platform. It has properties related to secure boot and trusted boot.
+
+Required properties
+-------------------
+
+- compatible :  ibm,secureboot version. It is related to the ROM verification
+		code version.
+
+- hash-algo : 	hash algorithm used for the hw-key-hash. Aspects such as the
+		size of the hw-key-hash can be infered from this property.
+
+- secure-enabled : this property exists whether the system is booting on
+		   secure mode.
+
+- trusted-enabled : this property exists whether the system is booting on
+		    trusted mode.
+
+- hw-key-hash : hash of three concatenated hardware public key. This is
+		required by the ROM verification code to verify images.
+
+Example
+-------
+
+For the first version "ibm,secureboot-v1", the ROM verification code expects the
+hw-key-hash to be a sha512 hash.
+
+ibm,secureboot {
+	compatible = "ibm,secureboot-v1";
+	hash-algo = "sha512";
+	secure-enabled;
+	trusted-enabled;
+	hw-key-hash = <0x40d487ff 0x7380ed6a 0xd54775d5 0x795fea0d 0xe2f541fe
+0xa9db06b8 0x466a42a3 0x20e65f75 0xb4866546 0x17d907 0x515dc2a5 0xf9fc5095
+0x4d6ee0c9 0xb67d219d 0xfb708535 0x1d01d6d1>;
+	phandle = <0x100000fd>;
+	linux,phandle = <0x100000fd>;
+};
+
-- 
1.9.1



More information about the Skiboot mailing list