From patchwork Wed Apr 7 11:53:30 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 416678 Delivered-To: patch@linaro.org Received: by 2002:a02:8562:0:0:0:0:0 with SMTP id g89csp393422jai; Wed, 7 Apr 2021 04:54:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxsNJa1pcj/jgNyyQ3DrzEfIKpS6/GWKb6UEBsS2HzpXIkb7gCaJjSjZiaNypbVuqGdVhrj X-Received: by 2002:a05:6402:26ce:: with SMTP id x14mr3889240edd.359.1617796467428; Wed, 07 Apr 2021 04:54:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617796467; cv=none; d=google.com; s=arc-20160816; b=oeEdDQweNc/htNX+iFEEfeK1hrR+YTr5X472BLStANWdW0BrhXfvvx17G0/3EfTM85 YbV1ruE0wDgc9yB+yA9SYTfKsu3vD3ib067kDEcIieDoBjAd4a86IzCHX0M7AUaJAF7w zFo+HMA1NSpuWV5M+nY3kJdtN5m61xYh8078UTSlk9XLgvAO7QzWoDfbOALoD3P3A1UT sOuwZBRS7HPrUKBTsMtNjMSORzDj4W/uKpBnQWG5vksPE5Blb81Uclavwq9pVYHEottM tNphur4UqYhACb9lKHdLXZM4gKPf/a5h3g5hAFLGVzER3uluz+d8dLi633OfwgECMUec Mc4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to :from; bh=0HNFvDUKT1XM1haCIHFs+i6VWypK2g9tGTcJi1xsen8=; b=D2h+zgxdxwbl2XwSJPKsTRX8Hth7ceXpVUvq6cqKDcrq3DhBMiQw7FVcXLjzwfqHEl orxrJTazkwZOD6z81763RVvuUFFQAycSbcPAUrS86Z35l2Ogh3/Hr2NZ1MDmkmQ+nDp4 TpXTi9ua8E0EeOi4UpeH9AHlwkXg8Hm7TiE3oVxtWUKST+Ge3xltHgquK8SuJma63yrz CD6fD80EI2cBqAj1hmNW3P6cyZ+jPOQfpD127V0gVFLSroMJ6KNCHb0UhM+IEdqYhK5N AeYgnMgcKq3HF153KRizubN0Pxytx7OU5l5ZSWYIP6jGPPUPjqJMwN/3DU440QhChKg3 h7Jg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id o13si20318903edi.135.2021.04.07.04.54.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Apr 2021 04:54:27 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 65BB380C69; Wed, 7 Apr 2021 13:54:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 2BD5180C69; Wed, 7 Apr 2021 13:54:19 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id F03FF805B4 for ; Wed, 7 Apr 2021 13:54:15 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 297361063; Wed, 7 Apr 2021 04:54:14 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 460553F792; Wed, 7 Apr 2021 04:54:12 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Alexander Graf , Simon Glass , Bin Meng , =?utf-8?q?Pali_Roh=C3=A1r?= Subject: [PATCH 0/5] Add support for embedding public key in platform's dtb Date: Wed, 7 Apr 2021 17:23:30 +0530 Message-Id: <20210407115335.8615-1-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.17.1 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean Patch 1 fixes an issue of selection of IMAGE_SIGN_INFO config option when capsule authentication is enabled. Patch 2 add two config symbols, EFI_PKEY_DTB_EMBED and EFI_PKEY_FILE which are used for enabling embedding of the public key in the dtb, and specifying the esl file name. Patch 3 moves efi_capsule_auth_enabled as a weak function, which can be used as a default mechanism for checking if capsule authentication has been enabled. Patch 4 adds a default weak function for retrieving the public key from the platform's dtb. Patch 5 adds the functionality to embed the esl file into the platform's dtb during the platform build. I have tested this functionality on the STM32MP157C DK2 board. [1] - https://lists.denx.de/pipermail/u-boot/2021-March/442867.html Sughosh Ganu (5): efi_loader: Kconfig: Select IMAGE_SIGN_INFO when capsule authentication is enabled efi_loader: Kconfig: Add symbols for embedding the public key into the platform's dtb efi_capsule: Add a weak function to check whether capsule authentication is enabled efi_capsule: Add a weak function to get the public key needed for capsule authentication Makefile: Add provision for embedding public key in platform's dtb Makefile | 10 ++++++ board/emulation/common/qemu_capsule.c | 6 ---- lib/efi_loader/Kconfig | 16 ++++++++++ lib/efi_loader/efi_capsule.c | 44 ++++++++++++++++++++++++--- 4 files changed, 66 insertions(+), 10 deletions(-) -- 2.17.1