diff mbox series

[2/3] arm-bsp/u-boot: corstone1000: Enable UEFI secure boot

Message ID 20240430154654.26833-3-harsimransingh.tungal@arm.com
State New
Headers show
Series corstone1000:arm-bsp: Enable SMM gateway authenticated variables and Secure Boot | expand

Commit Message

harsimransingh.tungal@arm.com April 30, 2024, 3:46 p.m. UTC 
From: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>

This change enables the UEFI secure boot and its related configurations
for corstone1000

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
---
 .../u-boot/u-boot-corstone1000.inc            |  1 +
 ...corstone1000-Enable-UEFI-Secure-boot.patch | 28 +++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0048-corstone1000-Enable-UEFI-Secure-boot.patch
diff mbox series

Patch

diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc
index 4b45fbbf..82049c43 100644
--- a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-corstone1000.inc
@@ -63,6 +63,7 @@  SRC_URI:append = " \
     file://0045-efi-corstone1000-fwu-update-RPC-ABI.patch			  \
     file://0046-Corstone1000-Change-MMCOMM-buffer-location.patch		  \
     file://0047-corstone1000-dts-add-external-system-node.patch \
+    file://0048-corstone1000-Enable-UEFI-Secure-boot.patch 			  \
     "
 
 do_configure:append() {
diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0048-corstone1000-Enable-UEFI-Secure-boot.patch b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0048-corstone1000-Enable-UEFI-Secure-boot.patch
new file mode 100644
index 00000000..1e91249a
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/0048-corstone1000-Enable-UEFI-Secure-boot.patch
@@ -0,0 +1,28 @@ 
+From b2ef7318686d13cfa2ac76d6f2d69c17135328df Mon Sep 17 00:00:00 2001
+From: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
+Date: Thu, 11 Apr 2024 13:35:54 +0000
+Subject: [PATCH] corstone1000: Enable UEFI Secure boot
+
+Enable secure boot and related configurations for corstone1000
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
+---
+ configs/corstone1000_defconfig | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/configs/corstone1000_defconfig b/configs/corstone1000_defconfig
+index 8770b474e2..0ecba096d5 100644
+--- a/configs/corstone1000_defconfig
++++ b/configs/corstone1000_defconfig
+@@ -80,3 +80,7 @@ CONFIG_EFI_SET_TIME=y
+ CONFIG_EFI_GET_TIME=y
+ CONFIG_VIRTIO_NET=y
+ CONFIG_VIRTIO_MMIO=y
++CONFIG_EFI_SECURE_BOOT=y
++CONFIG_FIT_SIGNATURE=y
++CONFIG_EFI_LOADER=y
++CONFIG_CMD_NVEDIT_EFI=y
+-- 
+2.34.1
+