From patchwork Wed Apr 7 14:41:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 416716 Delivered-To: patch@linaro.org Received: by 2002:a02:8562:0:0:0:0:0 with SMTP id g89csp531375jai; Wed, 7 Apr 2021 07:42:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy8/1ltQemuQXCXiBTarc0IiIUUGWLU3eXLBtYulR/fdSKWyBVMIQZ4RU9wHA/HhWV4q4Hn X-Received: by 2002:aa7:c351:: with SMTP id j17mr1866230edr.199.1617806573304; Wed, 07 Apr 2021 07:42:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617806573; cv=none; d=google.com; s=arc-20160816; b=WWwKNivqYmAra/glMSfVcxIslMROnOZ8enk/aOEB0iZCP58Hz9WyMzYBzD0sdqIoHc e355UspTzbr1eDxkym6RrWqmWOOvwOWzA7kdEoZhvotzk+aVrGYsUJERQ5ttce+RlftD FhZRFPsxwZgwVI3oMcJzq7o5AK5Gr0YrAdG50yg57UbZ8+vQ+VjrUhLcjml/Xwk4MPHD v158DbE3knV4+X/hGQg3HL1ZGsTE0JJ369q5NUi4UJVjPF/TSNQwcRr8Ygpf6a2K7MYv e+91OBMVDhY0oCsRpZl4R6weOglftHXfHiB1zL6um3rk0bJ24fR9fd0xxrqIuc1Fit8I WLHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from; bh=UO+zI44bv9eoBYDn2athkpJ6l6vpa7QbRJaIhESOB50=; b=TnhHPAYtfitMb2GwbOZFJiLtzIpSyhoAn2XAi3fD2MNttcXufkeupkaAr6yBPEL7Fw qi6skorfxK3RoiyjwBlKxJZh6f+grgu9krpjSal73lfDlHGRPbApq4WnZPVDQ/1AjuIM OvVXQdRhXDo55VBG4molv5zSSfUyYu9ZEgxRip5Yfrkan2DvO0Zvpj7DQBcqAELPlcIQ 4qxHLlrGMS5jIli7M6Z1wsHhCvDpnxPJ1xI7W5rKrxWxy2G571usGkSV+jR2skzenP4Y ffDlO3H3m0d81bsJ+azKD9a1uf6idKTHx2eiIXd1FWrJKEspcHItEgXe4VJcKu8WZWtA KTAg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id u19si20381229edo.410.2021.04.07.07.42.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Apr 2021 07:42:53 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 7489581777; Wed, 7 Apr 2021 16:42:32 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id CFAFE8039D; Wed, 7 Apr 2021 16:42:23 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id D7C628039D for ; Wed, 7 Apr 2021 16:42:18 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 86AED11FB; Wed, 7 Apr 2021 07:42:17 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6F91F3F792; Wed, 7 Apr 2021 07:42:15 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Alexander Graf , Simon Glass , Bin Meng , Pali Rohar , Sughosh Ganu Subject: [RESEND PATCH v1 2/5] efi_loader: Kconfig: Add symbols for embedding the public key into the platform's dtb Date: Wed, 7 Apr 2021 20:11:44 +0530 Message-Id: <20210407144147.29251-3-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210407144147.29251-1-sughosh.ganu@linaro.org> References: <20210407144147.29251-1-sughosh.ganu@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean Add config options EFI_PKEY_DTB_EMBED and EFI_PKEY_FILE which are to be used for embedding the public key to be used for capsule authentication into the platform's device tree. The embedding of the public key would take place during the platform build process. Signed-off-by: Sughosh Ganu --- lib/efi_loader/Kconfig | 15 +++++++++++++++ 1 file changed, 15 insertions(+) -- 2.17.1 diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index 0b99d7c774..de3083a979 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -179,6 +179,21 @@ config EFI_CAPSULE_AUTHENTICATE Select this option if you want to enable capsule authentication +config EFI_PKEY_DTB_EMBED + bool "Embed the public key in the Device Tree" + default n + depends on EFI_CAPSULE_AUTHENTICATE + help + Select this option if the public key used for capsule + authentication is to be embedded into the platform's + device tree. + +config EFI_PKEY_FILE + string "Public Key esl file to be embedded into the Device Tree" + help + Specify the absolute path of the public key esl file that is + to be embedded in the platform's device tree. + config EFI_CAPSULE_FIRMWARE_FIT bool "FMP driver for FIT image" depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT