Hi,
I have produced a signed linux UKI image.
But I need to build u-boot to only allow booting with the signed
certificate.
So I need a ubootefi.var for (EFI_VAR_SEED_FILE) according
tohttps://github.com/u-boot/u-boot/blob/ee2af844ba1b27b2e959c4e649e4b769fbeb4074/lib/efi_loader/Kconfig#L146
How
Hi Jonas on mobile and on vacation, I'll respond in a week or so. In the
meantime https://www.linaro.org/blog/uefi-secureboot-in-u-boot/ this might
help.
In sort you have to include the efi keys in the uboot binary.
Cheers
Ilias
On Wed, Aug 21, 2024, 20:35 Jonas Kvinge wrote:
> On Tue, 2024-0
On Tue, 2024-08-20 at 16:29 +0200, Caleb Connolly wrote:
> Hi Jonas,
>
>
> I don't know the details of how this is implemented, but the way to
> solve this is by doing EFI secureboot in U-Boot. The trick is to
> embed
> the securebook public key hash into U-Boot, there it will be
> validated
>
Hi Jonas,
On Mon, 19 Aug 2024 at 07:11, Jonas Kvinge wrote:
>
> Hi,
>
> I have a custom installation of openSUSE Tumbleweed which uses u-boot
> and Grub.
> To use secure boot on the RPI, one creates a boot.img containing the
> kernel and other files which is signed, and the eeprom is locked to
>
Hi Jonas,
On 19/08/2024 15:11, Jonas Kvinge wrote:
Hi,
I have a custom installation of openSUSE Tumbleweed which uses u-boot
and Grub.
To use secure boot on the RPI, one creates a boot.img containing the
kernel and other files which is signed, and the eeprom is locked to
only allow booting with
5 matches
Mail list logo
