arm: socfpga: soc64: Support Vendor Authorized Boot (VAB) Vendor Authorized Boot is a security feature for authenticating the images such as U-Boot, ARM trusted Firmware, Linux kernel, device tree blob and etc loaded from FIT. After those images are loaded from FIT, the VAB certificate and signature block appended at the end of each image are sent to Secure Device Manager (SDM) for authentication. U-Boot will validate the SHA384 of the image against the SHA384 hash stored in the VAB certificate before sending the image to SDM for authentication. Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com> Reviewed-by: Ley Foon Tan <ley.foon.tan@intel.com>

commit: 2492d591d6363a6decc2b173e9e1926868663df8 [log] [tgz]
author: Siew Chin Lim <elly.siew.chin.lim@intel.com> Mon Mar 01 20:04:11 2021 +0800
committer: Ley Foon Tan <ley.foon.tan@intel.com> Mon Mar 08 10:59:10 2021 +0800
tree: 2c422be99e5e4ebd40d2b8b9df36a39a22a8aa06
parent: 8a71416e097815d15b187df6fef7ae888767db0f [diff] [blame]
diff --git a/arch/arm/mach-socfpga/Makefile b/arch/arm/mach-socfpga/Makefile
index 82b681d..1f1e217 100644
--- a/arch/arm/mach-socfpga/Makefile
+++ b/arch/arm/mach-socfpga/Makefile

@@ -4,6 +4,7 @@
 # Wolfgang Denk, DENX Software Engineering, wd@denx.de.
 #
 # Copyright (C) 2012-2017 Altera Corporation <www.altera.com>
+# Copyright (C) 2017-2020 Intel Corporation <www.intel.com>
 
 obj-y	+= board.o
 obj-y	+= clock_manager.o
@@ -47,6 +48,7 @@
 obj-y	+= misc_s10.o
 obj-y	+= mmu-arm64_s10.o
 obj-y	+= reset_manager_s10.o
+obj-$(CONFIG_SOCFPGA_SECURE_VAB_AUTH)	+= secure_vab.o
 obj-y	+= system_manager_s10.o
 obj-y	+= timer_s10.o
 obj-y	+= wrap_pinmux_config_s10.o
commit	2492d591d6363a6decc2b173e9e1926868663df8	[log] [tgz]
author	Siew Chin Lim <elly.siew.chin.lim@intel.com>	Mon Mar 01 20:04:11 2021 +0800
committer	Ley Foon Tan <ley.foon.tan@intel.com>	Mon Mar 08 10:59:10 2021 +0800
tree	2c422be99e5e4ebd40d2b8b9df36a39a22a8aa06
parent	8a71416e097815d15b187df6fef7ae888767db0f [diff] [blame]