Add config options EFI_PKEY_DTB_EMBED and EFI_PKEY_FILE which are to
be used for embedding the public key to be used for capsule
authentication into the platform's device tree.
The embedding of the public key would take place during the platform
build process.
Signed-off-by: Sughosh Ganu <sughosh.g...@linaro.org>
---
Changes since V1:
* Provide a default name for public key file, eficapsule.esl as
suggested by Heinrich.
* Remove the superfluous default n statement for EFI_PKEY_DTB_EMBED
lib/efi_loader/Kconfig | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
index 79b488823a..089accaaaa 100644
--- a/lib/efi_loader/Kconfig
+++ b/lib/efi_loader/Kconfig
@@ -179,6 +179,21 @@ config EFI_CAPSULE_AUTHENTICATE
Select this option if you want to enable capsule
authentication
+config EFI_PKEY_DTB_EMBED
+ bool "Embed the public key in the Device Tree"
+ depends on EFI_CAPSULE_AUTHENTICATE
+ help
+ Select this option if the public key used for capsule
+ authentication is to be embedded into the platform's
+ device tree.
+
+config EFI_PKEY_FILE
+ string "Public Key esl file to be embedded into the Device Tree"
+ default "eficapsule.esl"
+ help
+ Specify the absolute path of the public key esl file that is
+ to be embedded in the platform's device tree.
+
config EFI_CAPSULE_FIRMWARE_FIT
bool "FMP driver for FIT image"
depends on EFI_CAPSULE_FIRMWARE_MANAGEMENT
--
2.17.1
