u-boot

Mirrors/u-boot

Fork 0

mirror of https://github.com/AsahiLinux/u-boot synced 2025-01-23 10:25:10 +00:00

Commit graph

Author	SHA1	Message	Date
Sughosh Ganu	6a2e26b95f	efi_loader: capsule: Remove the check for capsule_authentication_enabled environment variable The current capsule authentication code checks if the environment variable capsule_authentication_enabled is set, for authenticating the capsule. This is in addition to the check for the config symbol CONFIG_EFI_CAPSULE_AUTHENTICATE. Remove the check for the environment variable. The capsule will now be authenticated if the config symbol is set. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Reviwed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>	2021-05-18 12:36:12 +02:00
Simon Glass	401d1c4f5d	common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>	2021-02-02 15:33:42 -05:00
Sughosh Ganu	04be98bd6b	efi: capsule: Add support for uefi capsule authentication Add support for authenticating uefi capsules. Most of the signature verification functionality is shared with the uefi secure boot feature. The root certificate containing the public key used for the signature verification is stored as part of the device tree blob. The root certificate is stored as an efi signature list(esl) file -- this file contains the x509 certificate which is the root certificate. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>	2020-12-31 14:41:31 +01:00

Author

SHA1

Message

Date

Sughosh Ganu

6a2e26b95f

efi_loader: capsule: Remove the check for capsule_authentication_enabled environment variable

The current capsule authentication code checks if the environment
variable capsule_authentication_enabled is set, for authenticating the
capsule. This is in addition to the check for the config symbol
CONFIG_EFI_CAPSULE_AUTHENTICATE. Remove the check for the environment
variable. The capsule will now be authenticated if the config symbol
is set.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviwed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

2021-05-18 12:36:12 +02:00

Simon Glass

401d1c4f5d

common: Drop asm/global_data.h from common header

Move this out of the common header and include it only where needed.  In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly.   Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>

2021-02-02 15:33:42 -05:00

Sughosh Ganu

04be98bd6b

efi: capsule: Add support for uefi capsule authentication

Add support for authenticating uefi capsules. Most of the signature
verification functionality is shared with the uefi secure boot
feature.

The root certificate containing the public key used for the signature
verification is stored as part of the device tree blob. The root
certificate is stored as an efi signature list(esl) file -- this file
contains the x509 certificate which is the root certificate.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>

2020-12-31 14:41:31 +01:00

3 commits