[Skiboot] [PATCH 14/15] libstb/drivers: Add ROM code driver

Stewart Smith stewart at linux.vnet.ibm.com
Tue Sep 20 18:28:11 AEST 2016


Claudio Carvalho <cclaudio at linux.vnet.ibm.com> writes:
> This adds a driver for the ROM verification code. The driver is compatible
> with 'ibm,secureboot-v1'.
>
> The presense of a verification code in the platform is indicated by the
> presence of the ibm,secureboot node in the device tree.
>
> The ibm,secureboot node is documented in
> 'doc/device-tree/ibm,secureboot.txt'

I think i've made the comment elsewhere but:
1) is there source available for the ROM code?
2) why are we calling it rather than our own SHA512 code?
3) why would we not verify the ROM code result against a local SHA512
   implementation?

Are future processors going to follow this model? If not, then let's
just bring in the SHA512 code now and be done with it rather than carry
both?

-- 
Stewart Smith
OPAL Architect, IBM.



More information about the Skiboot mailing list