On Tue, 16 Aug 2022 at 09:16, Sean Anderson <sean.ander...@seco.com> wrote: > > Fman microcode is executable code (AFAICT) loaded into a > coprocessor. As such, if verified boot is enabled, it must be verified > like other executable code. However, this is not currently done. > > This commit adds verified boot functionality by encapsulating the > microcode in a FIT, which can then be signed/verified as normal. By > default we allow fallback to unencapsulated firmware, but if > CONFIG_FIT_SIGNATURE is enabled, then we make it mandatory. Because > existing Layerscape do not use this config (instead enabling > CONFIG_CHAIN_OF_TRUST), this should not break any existing boards. > > An example (mildly-abbreviated) its is provided below: > > / { > #address-cells = <1>; > > images { > firmware { > data = /incbin/(/path/to/firmware); > type = "firmware"; > arch = "arm64"; > compression = "none"; > signature { > algo = "sha256,rsa2048"; > key-name-hint = "your key name"; > }; > }; > }; > > configurations { > default = "conf"; > conf { > description = "Load FMAN microcode"; > fman = "firmware"; > }; > }; > }; > > Signed-off-by: Sean Anderson <sean.ander...@seco.com> > --- > > (no changes since v1) > > drivers/net/fm/fm.c | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+)
Reviewed-by: Simon Glass <s...@chromium.org>