Frans Hendriks uploaded patch set #13 to this change.

View Change

vendorcode/eltan/security/verified_boot: Add verified boot support

Create verified boot support, which includes verifiication of bootblock.
This feature use the vendorcode/eltan/security/lib.

cbfs_locator is used to init the verified boot support.
vendor_secure_prepare() and vendor_secure_locate() are used to preform the
required action in each stage.

The next lists will be used for verification:
 * bootblock_verify_list
 * postcar_verify_list
 * romstage_verify_list
 * ramstage_verify_list

BUG=N/A
TEST=Created binary and verify logging on Facebook FBG-1701

Change-Id: If6c1423b0b4a309cefb7fe7a29d5100ba289e0b4
Signed-off-by: Frans Hendriks <fhendriks@eltan.com>
---
A src/vendorcode/eltan/security/verified_boot/Kconfig
A src/vendorcode/eltan/security/verified_boot/Makefile.inc
A src/vendorcode/eltan/security/verified_boot/vboot_check.c
A src/vendorcode/eltan/security/verified_boot/vboot_check.h
4 files changed, 646 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/35/30835/13

To view, visit change 30835. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: If6c1423b0b4a309cefb7fe7a29d5100ba289e0b4
Gerrit-Change-Number: 30835
Gerrit-PatchSet: 13
Gerrit-Owner: Frans Hendriks <fhendriks@eltan.com>
Gerrit-Reviewer: Frans Hendriks <fhendriks@eltan.com>
Gerrit-Reviewer: Martin Roth <martinroth@google.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com>
Gerrit-Reviewer: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Angel Pons <th3fanbus@gmail.com>
Gerrit-CC: Arthur Heymans <arthur@aheymans.xyz>
Gerrit-CC: Nico Huber <nico.h@gmx.de>
Gerrit-CC: Patrick Rudolph
Gerrit-CC: Patrick Rudolph <siro@das-labor.org>
Gerrit-CC: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-MessageType: newpatchset