From patchwork Sat Jul 15 13:45:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 703196 Delivered-To: patch@linaro.org Received: by 2002:a5d:4e4d:0:b0:314:25da:8dc4 with SMTP id r13csp154059wrt; Sat, 15 Jul 2023 06:46:47 -0700 (PDT) X-Google-Smtp-Source: APBJJlGGoX1U3wEix0enYrH4iuYLg1NgO/62Lrt55W75JzS6vsFUCsjNMBhRwJWAOSj+6gYiDhNG X-Received: by 2002:a05:6402:1a46:b0:51d:f8f0:3676 with SMTP id bf6-20020a0564021a4600b0051df8f03676mr5246494edb.42.1689428807210; Sat, 15 Jul 2023 06:46:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689428807; cv=none; d=google.com; s=arc-20160816; b=ZeMaHjibhAhgu7qoNIT0Fpp9J7xe2E7q29H+4j60RC4KJQjCDokSyi0Jp2AIiKhdl5 ZqrfjFFU6pTc7+FVnE2ew0bo2aSUcS+Vaq+9FWywDYvp8lQkRXgDXQ1Mt7F5gkJOngzu DbKbEHyUXey1yUtLj43E0DkO4fridGwtmo/loNkzlipuskjyWASeyTaBXe1Fup1XIHoD V769u6MKeNpMB/At4wVcM3zOeswI03S+9OzkgLB8fcasgYTgbfAVuaTTP7zXpijN6tD4 p/gLENy27jyqJTmP9lJo5+bpY2iMhkSjsSXapQotgc2RD6nXmlMkKBFcmzYPqNXSlWhN C1PA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=8ZHIfIl9CYML7DQSF8ljiQwzHbsXHG5zIKx7ZwSiD2s=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=0Mh9u6g9n6UYrdiwp/7LKUOMYeWkfOz7PzYOiCDDenJ4fQ6E6EhK/myn3sYnoteIAc nSW74SFXGGVQO8cboys/66oaJKI5pj9utmHlDqnrJ4ophPfJLJFCw6+nL1LMyO/hJYCI gAsiA/uAUGNRvleE72OOW+xuZDXB6dYDY7ncacOxkq/mVU+pIOB8TjJJq9SqMSsJNE/f tarZH/GHQz7UK0IZz4FOGH131BAdDEzJOJJkfWEHAtBVvJ9wYfvZXg9RMq5Kp4hH/V8X ST2YmgXdJfZoV5ooqOCNcAqcPqne4PnGRMwsV6N6YcZ+vZETtg3oXr/nxi4VU/9AYNtp Jxpg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id k21-20020aa7c395000000b0051e10e83750si10799435edq.294.2023.07.15.06.46.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 15 Jul 2023 06:46:47 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 75DA786177; Sat, 15 Jul 2023 15:46:17 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id DF81086182; Sat, 15 Jul 2023 15:46:13 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 7800A860A6 for ; Sat, 15 Jul 2023 15:46:11 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 53D571063; Sat, 15 Jul 2023 06:46:53 -0700 (PDT) Received: from a076522.blr.arm.com (a076522.blr.arm.com [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5AFC43F67D; Sat, 15 Jul 2023 06:46:08 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v4 04/12] doc: capsule: Document the new mechanism to embed ESL file into dtb Date: Sat, 15 Jul 2023 19:15:25 +0530 Message-Id: <20230715134533.2025893-5-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230715134533.2025893-1-sughosh.ganu@linaro.org> References: <20230715134533.2025893-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Update the document to specify how the EFI Signature List(ESL) file can be embedded into the platform's dtb as part of the u-boot build. Signed-off-by: Sughosh Ganu Reviewed-by: Simon Glass --- Changes since V3: None doc/develop/uefi/uefi.rst | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index 6626ceec52..3d07aa33b8 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -522,20 +522,16 @@ and used by the steps highlighted below. ... } -You can do step-4 manually with +You can perform step-4 by defining the Kconfig symbol +CONFIG_EFI_CAPSULE_ESL_FILE. Once this has been done, the signature +node can be added to the u-boot.dtsi file. For reference, check the +u-boot.dtsi file for the sandbox architecture. If this node has not +been added to the architecture's u-boot.dtsi file, this needs to be +done. The node has currently been added for the sandbox and arm +architectures' in the u-boot.dtsi file. Once the u-boot.dtsi file has +been added with the signature node, the esl file will automatically +get embedded into the platform's dtb as part of u-boot build. -.. code-block:: console - - $ dtc -@ -I dts -O dtb -o signature.dtbo signature.dts - $ fdtoverlay -i orig.dtb -o new.dtb -v signature.dtbo - -where signature.dts looks like:: - - &{/} { - signature { - capsule-key = /incbin/("CRT.esl"); - }; - }; Anti-rollback Protection ************************