Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mechanism to add public keys to uboot #18

Open
Ham22 opened this issue Nov 22, 2016 · 1 comment
Open

Mechanism to add public keys to uboot #18

Ham22 opened this issue Nov 22, 2016 · 1 comment
Labels
s: backlog
Milestone
ci40 verified boo...

Comments

@Ham22
Copy link
Member

Ham22 commented Nov 22, 2016
edited by Shpinkso
Loading

The public keys used to verify a signed fit image are stored in a special node of u-boot's device tree. However mkimage relies on knowing the fit images key config to add these correctly to uboot. This is done by reading the fit image itself making it a dependency of building uboot.

When using higher level build systems such as openwrt, buildroot, etc this can add complexities because linux would need to become a dependency of u-boot in order to get a fit image.
@Ham22 Ham22 added this to the ci40 verified boot support milestone Nov 22, 2016
@Ham22
Copy link
Member Author

Ham22 commented Nov 22, 2016

Possibly we could generate a fake fit image that has the same key config as the fit image we intend to boot?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
s: backlog
Projects
None yet
Milestone
ci40 verified boot support
Development

No branches or pull requests
2 participants
@Ham22 @Shpinkso