mirror of
https://github.com/brain-hackers/u-boot-brain
synced 2024-06-09 23:36:03 +09:00
56d2050f40
Add DEK blob encapsulation support for IMX8M through "dek_blob" command. On ARMv8, u-boot runs in non-secure, thus cannot encapsulate a DEK blob for encrypted boot. The DEK blob is encapsulated by OP-TEE through a trusted application call. U-boot sends and receives the DEK and the DEK blob binaries through OP-TEE dynamic shared memory. To enable the DEK blob encapsulation, add to the defconfig: CONFIG_SECURE_BOOT=y CONFIG_FAT_WRITE=y CONFIG_CMD_DEKBLOB=y Signed-off-by: Clement Faure <clement.faure@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> Signed-off-by: Peng Fan <peng.fan@nxp.com> |
||
---|---|---|
.. | ||
arc | ||
arm | ||
m68k | ||
microblaze | ||
mips | ||
nds32 | ||
nios2 | ||
powerpc | ||
riscv | ||
sandbox | ||
sh | ||
x86 | ||
xtensa | ||
.gitignore | ||
Kconfig | ||
u-boot-elf.lds |