Hi, On Fri, 7 May 2021 at 16:37, Simon Glass <[email protected]> wrote: > > U-Boot provides a verified-boot feature based around FIT, but there is > no standard way of implementing it for a board. At present the various > required pieces must be built up separately, to produce a working > implementation. In particular, there is no built-in support for selecting > A/B boot or recovery mode. > > This series introduces VPL, a verified program loader. Its purpose is to > run the verified-boot process and decide which SPL binary should be run. > Adding VPL into the boot flow provides a standard way of implementing > verified boot. So far, only the phase itself is added. More work is > needed to add logic to the phase, based on continuing discussions about > how best to standardise this feature. > > > Simon Glass (4): > doc: Convert SPL documentation to ReST > doc: Expand SPL docs to explain the phase and config > binman: Add VPL support > Introduce Verifying Program Loader (VPL) > > common/Kconfig | 67 ++++++++ > common/spl/Kconfig | 168 ++++++++++++++++++++- > common/spl/spl.c | 25 ++- > doc/develop/index.rst | 1 + > doc/{README.SPL => develop/spl.rst} | 99 +++++++----- > include/bootstage.h | 2 + > include/linux/kconfig.h | 3 + > include/spl.h | 20 ++- > lib/Kconfig | 54 +++++++ > scripts/Kbuild.include | 4 + > scripts/Makefile.build | 4 + > tools/binman/etype/u_boot_vpl.py | 42 ++++++ > tools/binman/etype/u_boot_vpl_bss_pad.py | 44 ++++++ > tools/binman/etype/u_boot_vpl_dtb.py | 28 ++++ > tools/binman/etype/u_boot_vpl_expanded.py | 45 ++++++ > tools/binman/etype/u_boot_vpl_nodtb.py | 42 ++++++ > tools/binman/ftest.py | 110 +++++++++++--- > tools/binman/state.py | 3 +- > tools/binman/test/082_fdt_update_all.dts | 2 + > tools/binman/test/201_u_boot_vpl.dts | 11 ++ > tools/binman/test/202_u_boot_vpl_nodtb.dts | 13 ++ > tools/binman/test/203_fdt_incl_vpl.dts | 13 ++ > tools/binman/test/204_vpl_bss_pad.dts | 17 +++ > 23 files changed, 748 insertions(+), 69 deletions(-) > rename doc/{README.SPL => develop/spl.rst} (61%) > create mode 100644 tools/binman/etype/u_boot_vpl.py > create mode 100644 tools/binman/etype/u_boot_vpl_bss_pad.py > create mode 100644 tools/binman/etype/u_boot_vpl_dtb.py > create mode 100644 tools/binman/etype/u_boot_vpl_expanded.py > create mode 100644 tools/binman/etype/u_boot_vpl_nodtb.py > create mode 100644 tools/binman/test/201_u_boot_vpl.dts > create mode 100644 tools/binman/test/202_u_boot_vpl_nodtb.dts > create mode 100644 tools/binman/test/203_fdt_incl_vpl.dts > create mode 100644 tools/binman/test/204_vpl_bss_pad.dts > > -- > 2.31.1.607.g51e8a6a459-goog >
Are there any comments on this series? I plan to build on this to actually implement the verifying loader at some point. Regards, Simon
