@@ -54,6 +54,14 @@
"ivt_offset=" __stringify(BOOTROM_IVT_HDR_OFFSET)"\0"\
"warp7_auth_or_fail=hab_auth_img_or_fail ${hab_ivt_addr} ${filesize} 0;\0" \
"loadcmd=fatload\0" \
+ "do_bootscript_hab=" \
+ "if test ${hab_enabled} -eq 1; then " \
+ "setexpr hab_ivt_addr ${loadaddr} - ${ivt_offset}; " \
+ "setenv script ${script_signed}; " \
+ "${loadcmd} mmc ${mmcdev}:${mmcpart} ${hab_ivt_addr} ${script}; " \
+ "run warp7_auth_or_fail; " \
+ "run bootscript; "\
+ "fi;\0" \
"loadbootscript=" \
"${loadcmd} mmc ${mmcdev}:${mmcpart} ${loadaddr} ${script};\0" \
"bootscript=echo Running bootscript from mmc ...; " \
@@ -80,6 +88,7 @@
#define CONFIG_BOOTCOMMAND \
"mmc dev ${mmcdev};" \
"mmc dev ${mmcdev}; if mmc rescan; then " \
+ "run do_bootscript_hab;" \
"if run loadbootscript; then " \
"run bootscript; " \
"else " \
This patch adds support for verifying a signed boot.scr. With this in place it's possible for run-time Linux to update boot.scr to set different variables such as switching between different boot partitions, pointing to different kernels etc and for u-boot to verify these changes via the HAB prior to executing the commands contained in boot.scr. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> --- include/configs/warp7.h | 9 +++++++++ 1 file changed, 9 insertions(+)