From patchwork Mon Apr 12 15:05:24 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 419562 Delivered-To: patch@linaro.org Received: by 2002:a17:906:6d12:0:0:0:0 with SMTP id m18csp1703123ejr; Mon, 12 Apr 2021 08:07:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyebAJ8pf2JAq3UblK+nuSgmcLqsyb5YFQPAgI25X9kkGyOlsSB95BiS7RrpwUB8qKSd6hJ X-Received: by 2002:a05:6402:105a:: with SMTP id e26mr29692302edu.164.1618240021136; Mon, 12 Apr 2021 08:07:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618240021; cv=none; d=google.com; s=arc-20160816; b=0gCzpReeGN0OuOBuK5RScN2Wp+DVrrkvgh+M21ZPzm08lBex0ql7co6peD/mIuxByg bTPOzaypEGgHfOu6cCvZD5aTAuDAGipJiWBomLMNSkW3B6etPGcMHCFsNbz72Ld/DqUZ l0jWUyyGL/a+q9ceLmCSqKr7Nvip/Y33J7PHZfEMwcsDXDuzTfU3vrlWaAmOxUyTWF9A yMBiiJMzE4PJrJSRVF4dVNVurH5ZyJZGW3nqJd8cZpPXgtT6soovIUuTfD+0U79JSXs5 KuYU3D9ttTv5ZuH5fwh3uJ6VknYcqN5xqJKRYBJmIko1TrNRO8bGI4SNEIAdAfYMynZ4 FjwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from; bh=cJn00+5+IP8+4xS2Cf5KQe2xZs675gDnX8n9jmDdF4s=; b=C2x5uWF9f9qaed2aHJ0Lf5kR9hHKOgYXMKC0JM06YaKcgCqnHw8sEFpPTDg19nDwpB Yzs3bACP/km2FBxSSXdWFI6GO2LU/+DEXtMBq0NLVYsiOsyNgtPuZNyHrjpJ1tzt1H02 JgRXqosf9Dq3OxElo8QRCNCAF+YDm6aqhKqGmhNemMYzMrBXx9DnWTkmp4sIly/WQeq+ o1yXraj13G3SC0Uwhxwt/7hwPPZoBSYFZr5BAoCDYHosMLls9UNc7ZKSk4uKO6VYa60g pv8vNhPc0gknr6p69zAUoJeCbWQn+IRsmp3Ue0SOMVug/E1ghh374ieB/hnhE802qB/e EEpQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id do7si7561361ejc.307.2021.04.12.08.07.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Apr 2021 08:07:01 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id A478E8187F; Mon, 12 Apr 2021 17:06:23 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 2774981782; Mon, 12 Apr 2021 17:06:05 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 5C63180C65 for ; Mon, 12 Apr 2021 17:05:56 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1B125113E; Mon, 12 Apr 2021 08:05:55 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.16.44]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 038AE3F694; Mon, 12 Apr 2021 08:05:52 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Alexander Graf , Simon Glass , Bin Meng , Pali Rohar , Sughosh Ganu Subject: [PATCH v2 2/4] efi_loader: Kconfig: Add symbols for embedding the public key into the platform's dtb Date: Mon, 12 Apr 2021 20:35:24 +0530 Message-Id: <20210412150526.29822-3-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210412150526.29822-1-sughosh.ganu@linaro.org> References: <20210412150526.29822-1-sughosh.ganu@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean Add config options EFI_PKEY_DTB_EMBED and EFI_PKEY_FILE which are to be used for embedding the public key to be used for capsule authentication into the platform's device tree. The embedding of the public key would take place during the platform build process. Signed-off-by: Sughosh Ganu --- Changes since V1: * Provide a default name for public key file, eficapsule.esl as suggested by Heinrich. * Remove the superfluous default n statement for EFI_PKEY_DTB_EMBED lib/efi_loader/Kconfig | 15 +++++++++++++++ 1 file changed, 15 insertions(+) -- 2.17.1 diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig index 79b488823a..089accaaaa 100644 --- a/lib/efi_loader/Kconfig +++ b/lib/efi_loader/Kconfig @@ -179,6 +179,21 @@ config EFI_CAPSULE_AUTHENTICATE Select this option if you want to enable capsule authentication +config EFI_PKEY_DTB_EMBED + bool "Embed the public key in the Device Tree" + depends on EFI_CAPSULE_AUTHENTICATE + help + Select this option if the public key used for capsule + authentication is to be embedded into the platform's + device tree. + +config EFI_PKEY_FILE + string "Public Key esl file to be embedded into the Device Tree" + default "eficapsule.esl" + help + Specify the absolute path of the public key esl file that is + to be embedded in the platform's device tree. + config EFI_CAPSULE_FIRMWARE_FIT bool "FMP driver for FIT image" depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT