From patchwork Tue Aug 22 06:54:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tho1.nguyendat@toshiba.co.jp X-Patchwork-Id: 13360243 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8E857EE49A5 for ; Tue, 22 Aug 2023 06:54:36 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw.securemx.jp [210.130.202.152]) by mx.groups.io with SMTP id smtpd.web11.2886.1692687270954203781 for ; Mon, 21 Aug 2023 23:54:31 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: toshiba.co.jp, ip: 210.130.202.152, mailfrom: tho1.nguyendat@toshiba.co.jp) Received: by mo-csw.securemx.jp (mx-mo-csw1802) id 37M6sTMR3159271; Tue, 22 Aug 2023 15:54:29 +0900 X-Iguazu-Qid: 2yAbS7mhe9sInqfx39 X-Iguazu-QSIG: v=2; s=0; t=1692687268; q=2yAbS7mhe9sInqfx39; m=Tj/XVnBRfT4LikfFLLC5n9PR24p780tTooW3RD04LRs= Received: from imx2-a.toshiba.co.jp (imx2-a.toshiba.co.jp [106.186.93.35]) by relay.securemx.jp (mx-mr1803) id 37M6sRDD2220477 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 22 Aug 2023 15:54:28 +0900 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RK4P2Scxto7Umj5Oq3a4P5zEhM5fxOkgCzk0Q3CaaUCV8Va38LrFxCDoGEEViNCAhEEtqbi/L2p0mNwAxsH07ZnTjefmoxWwNPUO8qxSwzMNjSPocUMOVjRgH4CaCO4e5Pbz5Cb6jwinidFmxrjmV8bz5ZoGzWIk4dPAJC/Qha+aHdj4ugu0M6YvyVRLexuUGB8afcQVpFKjXLmQ+aNhOg4De9A7nSd15gyTJYqLaPWUR7WJ6TZLFL/LCVLJHeNsIHBnuyiGslQ50PNz/hN7Qqrj/v+nlh0zFhvrEVqpvD42ICqcuMvm2riJ0Hia1RWPiPumv2FQUkMLZxSOrGXT9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EwqHaHuLulkC0lNzTyKD6X4iTSglim1mCQT9RnBDF08=; b=mG2zC3WQM0WpjE0L6Kp+9rAPtbXHRxzSL1tl5Pg5rL6ale82oB46jYT9KuZKIHCDuNXxQss5HqH6z0sQoxTPHk/vZc4uYJArTXpa58JCXt4E9yYxyKkQDpTSfnLcFavK6enYukfhfz5rjFDhG2WnSY5r/CAi7SFwfEwx6dROmf6emE2c8DMsvRY++Q2mHczohTebt6KIpcMQK6/zV4Te3pJxDqotFOlbxxcunZ4NSwc+wvd5iU+A4gWtM/+azIQNKzoVx90SIK8g3TjqF+65fNY/UjeNHR/4CQ1xnQOCdsTmFhZRYPhKjEEW859H7iplNDLVYFaFToZimdsutkQdpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=toshiba.co.jp; dmarc=pass action=none header.from=toshiba.co.jp; dkim=pass header.d=toshiba.co.jp; arc=none From: To: , CC: , Subject: [cip-dev] [isar-cip-core 2/3] Enable secured boot for BBB Thread-Topic: [cip-dev] [isar-cip-core 2/3] Enable secured boot for BBB Thread-Index: AQHZ1MS71r2R0sh2P0eeFdRgpuM7Jw== Date: Tue, 22 Aug 2023 06:54:25 +0000 X-TSB-HOP2: ON Message-ID: Accept-Language: vi-VN, en-US Content-Language: vi-VN X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=toshiba.co.jp; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: OS3PR01MB5880:EE_|TYCPR01MB5773:EE_ x-ms-office365-filtering-correlation-id: d7086edf-a096-4254-39c8-08dba2dc9f8c x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 6WUAbUOQJsplmYdgWIQ/HWYb6c4vdyy0n/VzSrFLAEhwLQx8xMkO+nPsivLohnbd+vT/tGAaT8SHFxBvQv2c4d4uKOtqh1kLzb+6OMw0VjmAMjcV4xBeM38TSdCe2QntE2yLvT3XKkVPWq0n6BqWCFQcSADG/ZOLAk7cWS+NtdpltOlWxuCLow0XlxXTV7WOeS0PMIbGKEm0MZojkZJr4RZbIqo2Dj5flpSro/40/Y+G0LmPLHtgsXNHh+AZWHgIFvtXlVbtxQmmjClO7a7ZI0M7NU+rJ0HOYaZlICzpe1wjRd7aMzSFvwcoZiAKRJFCeGiaIYytgSgGdDa0PchuR0Ij+reV12ew5f5Jnf6JTGpphz3Iv4CyR62iwuiyar2/v1KlDIY8ocBA0LDsX8bR/wsUetwuCzbpJzFZxFRAraDh/uI4+mjTqValK52q5zZyHJg9yuwVKTlYK2t3M06YLtzI+79Jn38o/mQa8bHNVqnj+90O6+BpFje6L85hF5ot4CrAgIurUmCj89hlOM/nSamIsT7g3oh9xgNTHcXvZQGztnsYOStWLvCYp9g1pmeT+jg1yK3N2IjcEqUefWN45R6uiQosc8QjxT3RPRbYKJWvL0FDBQZx5HsZ0hUoWhpg11tjmptpPpF1rfedcmcH2w== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:OS3PR01MB5880.jpnprd01.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(39860400002)(346002)(376002)(396003)(136003)(366004)(1800799009)(451199024)(186009)(71200400001)(4326008)(8676002)(8936002)(316002)(478600001)(19627405001)(66556008)(66446008)(110136005)(91956017)(54906003)(64756008)(66476007)(76116006)(66946007)(41300700001)(7696005)(6506007)(55016003)(9686003)(38070700005)(122000001)(38100700002)(33656002)(26005)(5660300002)(107886003)(2906002)(86362001)(83380400001)(52536014)(403724002);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-2022-jp?b?NHpmQlhuZi9IN3Vib0ho?= =?iso-2022-jp?b?K2grMitQNmN5UEk0UlltQmZoMFFReFVHaW9iWis2bTVDNlVma0pUbU1o?= =?iso-2022-jp?b?TU9WbUR3YU8zQlVPVVNCNkYyU3cxK1RHMytlY3NYc2hZbUp3aTQ3Q1Bk?= =?iso-2022-jp?b?eS9LdXFMazBpaXEvMVkxeWYwQTVTU3F3THZsdW1KVGx4RkFWalh4VU5x?= =?iso-2022-jp?b?NXJ3b0doNXF6SGZWMUFFZmNMZk1tMWYzUWI0eTU4RS9XWERTYjdHNC9p?= =?iso-2022-jp?b?WFJzeHhqSkhwNjVaT2UvcEZ5eWpMWWIveXpxb21XTkd0UisveVBtSFBh?= =?iso-2022-jp?b?UWNUa0lhMjNMRWRhUGdXWkNOR09sTHo5OUpkS1lSNXV4eEFUNWVZVVIy?= =?iso-2022-jp?b?ZldtWFE4WDdlaC9tZ3FKWE01emJZZjlsNG82bWdzbjlKcWE5V013K3pj?= =?iso-2022-jp?b?ekFnaDNtVTZPdElyMGszbEZpdXA5NEdRL280T0FYRHlSUHk4RysxQ2RH?= =?iso-2022-jp?b?eE43U1I0YlFHSUJiS29zaVExYlFFcVdKN04zdWJBTkNBakxuVWVmNUxT?= =?iso-2022-jp?b?Mys5UVV4bHNPbzVKa3d3NlJ1cDRQQlRkRFVKUHNHWGZzdnV2dzN6Ym1F?= =?iso-2022-jp?b?NHNpM3dyWERBNFBrRjhYa3YwM0EwbDM4K0d4RTF1aHA2UHRwRmx6M1lj?= =?iso-2022-jp?b?ejcyNWtQN0taOUh2b0hGUEExSTBmQTF0RmRTYnJOdC9mWmZYSXdhK3Zx?= =?iso-2022-jp?b?dWI4cWFkS2tNcHlQZitJb1JrajZZVlRneUdsNUJhdHM4eXA3MWloekVU?= =?iso-2022-jp?b?VkVZUzI1ME1lMFVPbUx0L0hweFRpcmRORE1XNm9USHhKZm9LQjNUdlpm?= =?iso-2022-jp?b?SHRYTzB6TXFRVjFJcThuTWxDRGpLQTNtSk54L3BmOTNhb2MxaUY4eXlP?= =?iso-2022-jp?b?S0dnMFlELzZTNjdpaE1NNlpTT0hkSlV1WmtZa29sU2E4VVUzY2RrQjVl?= =?iso-2022-jp?b?L2RiRm5kd2tsT1NVYkRFRjFvcnRwL25SWUxjM1ZVdEhLVFFRbFhZTWc1?= =?iso-2022-jp?b?YVFpZGY2MHlPaFUraHZHTjlvOWFYVWNsUHhVZVF6Si8yWXQ4a2sreTV4?= =?iso-2022-jp?b?Y0l6N1htdVlsdW9YLzJ0ZVZuKyt1RDhmTVQvV0VFVHhVbXVaek8yZWFW?= =?iso-2022-jp?b?LzFCOFVFQU1nWDU4UTZCOTRVSjJXYzloTGhBKzBPVU93MmpvSy8xTDNF?= =?iso-2022-jp?b?K3dGcG5WYm9PMHVDNmNSbm5RVElXL3huWGozYUNYUC9LREhYMnVOUnps?= =?iso-2022-jp?b?Q0VlbG94cWtjWG85QkxWU0d5dTFNaUZ6Tm9sc3VUREhMOXdyZ2RGNzhK?= =?iso-2022-jp?b?YVZweFpOaGw0M2RmUzBMWGp6b09aNGVIVGxGTDczZ2FuV0Y5WTdqV1Nn?= =?iso-2022-jp?b?ejFYTnRDMGwrL0g0RVIwS3J2ckhoOCtGYnplTTV1K2JCcXZMNHB4Ymw2?= =?iso-2022-jp?b?a01vM0htSXRBUnBGUWJGcSt3YnJTby83UE5VQUhaVXBQRUttTVpycjdT?= =?iso-2022-jp?b?WDhSTTh3NVhjQ01peldYTlU3NTRuUFRKZ0xQTHZGM3NzN2MrVzVKaDdy?= =?iso-2022-jp?b?dU0xRUZkbFNjSU9hZnlSRVN2Y2RFK2toOHpDOXo4dFpkb2gxWnhnUjNt?= =?iso-2022-jp?b?eGIyaXhnODhGZ1d1aTFwZWFtY3FLL0dJSmxWdWV2NW1MTjBvODNRSnE0?= =?iso-2022-jp?b?Z1AzUEErNmZaY1VFeGpyTlZDY0tHaFZyT3grb1ExNUd1dDlsYy9DT0JH?= =?iso-2022-jp?b?ejBxNzhqOC9iWlhMS1VBUmQ1TkF3MDBGQUpxWWVRUzN3bk1TcytwOWFu?= =?iso-2022-jp?b?YmJCb0pQQ2l5MlE3alhTYmQ1aExBMnVZS29PL1pvdjhwV1k4M2t1ZEhm?= =?iso-2022-jp?b?NEgwTE5hcThDT1ZqL3BQS3ZaQ1AybHlKM20zdy9tNVJLVG1pYmxORU5i?= =?iso-2022-jp?b?eFBUNWllOEpnRGNTbnhDR1VsRm42UTdURDVJZk1wYytBeUVKQVZDeTRi?= =?iso-2022-jp?b?aHo3ZUVzLzJ5ZFk1TGNMek5abEs1RVk5YlhuZTVyT1BrY2lKV1JwWnI5?= =?iso-2022-jp?b?K1FydkFPdHJoVHBUdGNLMGRsWXlpeFYrSnp4NWFkbFNDTG5MaXdrSGFo?= =?iso-2022-jp?b?QjBpMkxGbDhxa2tkTHpwQ240SnhidU1zWEpPQWpOdi9ZWDNHM2RqQ0E0?= =?iso-2022-jp?b?bVBDMXRjQWM0a0VoY2JhNGZmek4xR05rbll5ZlpwdzFUWWJ1VDVoYkk5?= =?iso-2022-jp?b?alowV2VOL2dCelFQZjl0T3cxZ3RTN3NEQlVqTTFzbmsySW84cnczZ1hJ?= =?iso-2022-jp?b?V3B0bWJQeFM0N2c9PQ==?= MIME-Version: 1.0 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: pNgHnxuXndWnedjsUVyD28xBqHgWr3lOn5pj+c2Wo8cEqUBIrwHjK0XmF2sD7KQOgw8tlf8ZPRDFqIIf+nl4DLh03rlzkC0ImL8dnrDR+RwTU66uLCLNQam4uJZd09Cm1tS+wN2HT4A1APnLg87ZZaGS1JjBLxZ8KmBGLf5JnuJyFnLEGlk9v9O/2iH68c7Pjg/ggbiT4rib1KEFmhSeR9awk7oH0sc9CFmXQ+fB+EPCotbBI+diStCi7nk2sLNV3EO6mj/AlYOa5TZIjGP6dXZB1MOz4lTTGtH36hogvqid5CM+QfO34Zh3mjb3mIOvg9B7XxMHGUYs6rKI7sauPssG/MmX4C8z9Q+fgZgKDUhJQtNCO7YYNy6LtrcNH6u0ZBYRxna7Mf9p8x+IWMUun+ILyvrshUM6p4r395M/ki2TPaKW48+kEiWMXQ4y3+IMF5NIxq2VRcfI5mxh5Ow0VTPj4jBZgJ3CzG+FR7N4Nh7PS52eHitltDQXMzgNTKjBAKPq7vqna9Mc1Zc9Rug57lkEh5sMYCtOM7PEPkXx3/plpiDGuBO3SDcuuYigCzEWRLT9Uxt58hvwYWnexPt3qn2nZrRlODiGrerv5VdaKQJMBhh9kVgC/izdM94TTsMdDFgtniAe1mFML++VU3/647fXHvTjifd1C+YpSdbwHsin0nCBmm4KUNlhZ4EcY/gJGLgB10sHOH4AfSVx//YzNbt2gsXIFHNA+hGSsk8hCrtJDNTyh7QGSgMh2RysR1akjQWh3zX8esAv8o73coj4JjwT+6+yhHOscL0ZoMV+ve/iHr9Gt5gIvyZARdIp2FdBHlLgqIYT38da91B6+ZxI/Q== X-OriginatorOrg: toshiba.co.jp X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: OS3PR01MB5880.jpnprd01.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d7086edf-a096-4254-39c8-08dba2dc9f8c X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Aug 2023 06:54:25.5858 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f109924e-fb71-4ba0-b2cc-65dcdf6fbe4f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: S7OV3eBixWd+DkST1S+52MSsxP2Xm/U4W13obXA9Bud15OScsglLOKTVqqH0f3zIpblJo92k4DSa8grE43ADW7TWVuzXSp9lyd+eZSD2pxI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYCPR01MB5773 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 22 Aug 2023 06:54:36 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/12813 From: Nguyen Dat Tho Subject: [PATCH 2/3] bbb: Enable secured boot Signed-off-by: Nguyen Dat Tho --- wic/bbb-efibootguard-secureboot.wks.in | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 wic/bbb-efibootguard-secureboot.wks.in -- 2.30.2 diff --git a/wic/bbb-efibootguard-secureboot.wks.in b/wic/bbb-efibootguard-secureboot.wks.in new file mode 100644 index 0000000..504e2d8 --- /dev/null +++ b/wic/bbb-efibootguard-secureboot.wks.in @@ -0,0 +1,13 @@ +part --source rawcopy --sourceparams "file=/usr/lib/u-boot/bbb/MLO" --no-table --align 128 +part --source rawcopy --sourceparams "file=/usr/lib/u-boot/bbb/u-boot.img" --no-table --align 384 + +include ebg-signed-sysparts.inc + +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.verity" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" +part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" + +# home and var are extra partitions +part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G +part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G + +bootloader --ptable gpt --append="rootwait console=ttyO0,115200 omap_wdt.early_enable=1 omap_wdt.nowayout=1 watchdog.handle_boot_enabled=0"