| Message ID | OS3PR01MB588051DBC3BEBB617CC6B0CA951FA@OS3PR01MB5880.jpnprd01.prod.outlook.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | Enable secured boot for BBB | expand |
On 22.08.23 08:54, tho1.nguyendat@toshiba.co.jp wrote: > From: Nguyen Dat Tho <tho1.nguyendat@toshiba.co.jp> > Subject: [PATCH 2/3] bbb: Enable secured boot > > Signed-off-by: Nguyen Dat Tho <tho1.nguyendat@toshiba.co.jp> > --- > wic/bbb-efibootguard-secureboot.wks.in | 13 +++++++++++++ > 1 file changed, 13 insertions(+) > create mode 100644 wic/bbb-efibootguard-secureboot.wks.in > > diff --git a/wic/bbb-efibootguard-secureboot.wks.in > b/wic/bbb-efibootguard-secureboot.wks.in > new file mode 100644 > index 0000000..504e2d8 > --- /dev/null > +++ b/wic/bbb-efibootguard-secureboot.wks.in > @@ -0,0 +1,13 @@ > +part --source rawcopy --sourceparams "file=/usr/lib/u-boot/bbb/MLO" > --no-table --align 128 > +part --source rawcopy --sourceparams > "file=/usr/lib/u-boot/bbb/u-boot.img" --no-table --align 384 > + > +include ebg-signed-sysparts.inc > + > +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.verity" > --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" > +part --source empty --align 1024 --fixed-size 1G --uuid > "${ABROOTFS_PART_UUID_B}" > + > +# home and var are extra partitions > +part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home > --fstype=ext4 --label home --align 1024 --size 1G > +part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var > --fstype=ext4 --label var --align 1024 --size 2G > + > +bootloader --ptable gpt --append="rootwait console=ttyO0,115200 > omap_wdt.early_enable=1 omap_wdt.nowayout=1 watchdog.handle_boot_enabled=0" > -- > 2.30.2 > Kconfig changes are missing so that "kas-container menu" can select this as well. Jan
diff --git a/wic/bbb-efibootguard-secureboot.wks.in b/wic/bbb-efibootguard-secureboot.wks.in new file mode 100644 index 0000000..504e2d8 --- /dev/null +++ b/wic/bbb-efibootguard-secureboot.wks.in @@ -0,0 +1,13 @@ +part --source rawcopy --sourceparams "file=/usr/lib/u-boot/bbb/MLO" --no-table --align 128 +part --source rawcopy --sourceparams "file=/usr/lib/u-boot/bbb/u-boot.img" --no-table --align 384 + +include ebg-signed-sysparts.inc + +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.verity" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" +part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" + +# home and var are extra partitions +part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G +part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G + +bootloader --ptable gpt --append="rootwait console=ttyO0,115200 omap_wdt.early_enable=1 omap_wdt.nowayout=1 watchdog.handle_boot_enabled=0"