[Skiboot] [PATCH 14/15] libstb/drivers: Add ROM code driver
Stewart Smith
stewart at linux.vnet.ibm.com
Tue Sep 20 18:28:11 AEST 2016
Claudio Carvalho <cclaudio at linux.vnet.ibm.com> writes:
> This adds a driver for the ROM verification code. The driver is compatible
> with 'ibm,secureboot-v1'.
>
> The presense of a verification code in the platform is indicated by the
> presence of the ibm,secureboot node in the device tree.
>
> The ibm,secureboot node is documented in
> 'doc/device-tree/ibm,secureboot.txt'
I think i've made the comment elsewhere but:
1) is there source available for the ROM code?
2) why are we calling it rather than our own SHA512 code?
3) why would we not verify the ROM code result against a local SHA512
implementation?
Are future processors going to follow this model? If not, then let's
just bring in the SHA512 code now and be done with it rather than carry
both?
--
Stewart Smith
OPAL Architect, IBM.
More information about the Skiboot
mailing list