summaryrefslogtreecommitdiff
path: root/include/image.h
diff options
context:
space:
mode:
authorJun Nie <jun.nie@linaro.org>2018-02-27 16:55:58 +0800
committerTom Rini <trini@konsulko.com>2018-03-19 09:59:32 -0400
commit5c643db4cc95c6ac6457731cb5bb75d6896e415b (patch)
tree0fc4b285f0a0da1bc15fb9b8cb3e7d8918bb9916 /include/image.h
parent50905b55c7b9c3a20e2c5a7e5f7ae8236ecd7a8e (diff)
downloadu-boot-5c643db4cc95c6ac6457731cb5bb75d6896e415b.tar.gz
SPL: Add signature verification when loading image
U-boot proper signature is not verified by SPL on most platforms even config SPL_FIT_SIGNATURE is enabled. Only fsl-layerscape platform support secure boot in platform specific code. So verified boot cannot be achieved if u-boot proper is loaded by SPL. This patch add signature verification to u-boot proper images when loading FIT image in SPL. It is tested on Allwinner bananapi zero board with H2+ SoC. Signed-off-by: Jun Nie <jun.nie@linaro.org>
Diffstat (limited to 'include/image.h')
-rw-r--r--include/image.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/image.h b/include/image.h
index dbdaecbfdd..88e17fc91e 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1013,6 +1013,8 @@ int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
const char *comment, int require_keys,
const char *engine_id);
+int fit_image_verify_with_data(const void *fit, int image_noffset,
+ const void *data, size_t size);
int fit_image_verify(const void *fit, int noffset);
int fit_config_verify(const void *fit, int conf_noffset);
int fit_all_image_verify(const void *fit);