Some distributions provide UEFI binaries like Shim that have been signed
using a Microsoft certificate. Provide the download paths for the public
keys.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
If OP-TEE is compiled with an EDK2 application running in secure world
it can process and store UEFI variables in an RPMB.
Add documentation for the config options enabling this.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
A small text in docs/uefi/uefi.rst was added to explain how we can
configure and utilise UEFI secure boot feature on U-Boot.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The load file 2 protocol can be used by the Linux kernel to load the initial
RAM disk. U-Boot can be configured to provide an implementation.
Add a description to the UEFI overview and document the related functions
in the API section.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This patch adds a new section "Launching a UEFI binary from a FIT image"
documenting the usage of the CONFIG_BOOTM_EFI extension to bootm command
that offers a verified boot alternative for UEFI binaries such as GRUB2.
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Change the UEFI documentation to Sphinx style and integrate it into the
rest of the Sphinx generated documentation.
Remove the inaccurate TODO list in doc/uefi/uefi.rst.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
