Commit Graph

1 Commits

Author SHA1 Message Date
Mario Six
a1b6b0a9c1 arm: mvebu: Implement secure boot
The patch implements secure booting for the mvebu architecture.

This includes:
- The addition of secure headers and all needed signatures and keys in
  mkimage
- Commands capable of writing the board's efuses to both write the
  needed cryptographic data and enable the secure booting mechanism
- The creation of convenience text files containing the necessary
  commands to write the efuses

The KAK and CSK keys are expected to reside in the files kwb_kak.key and
kwb_csk.key (OpenSSL 2048 bit private keys) in the top-level directory.

Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Stefan Roese <sr@denx.de>
2017-02-01 09:04:18 +01:00