diff options
author | Simon Glass <sjg@chromium.org> | 2018-07-17 13:25:47 -0600 |
---|---|---|
committer | Simon Glass <sjg@chromium.org> | 2018-08-01 16:30:48 -0600 |
commit | 24d0d3c30db0bba6579ae55e1d6202e229c23a0e (patch) | |
tree | 7b93e2bc56584edd1b7c043e144fbc0aa2ca54a4 /tools/binman/README.entries | |
parent | 94a7c603b45b9abdd9e6960ed2b096dd4553c91c (diff) |
binman: Add an entry for a Chromium vblock
This adds support for a Chromium verified boot block, used to sign a
read-write section of the image.
Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'tools/binman/README.entries')
-rw-r--r-- | tools/binman/README.entries | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tools/binman/README.entries b/tools/binman/README.entries index 41b70192c0..1b75ca0052 100644 --- a/tools/binman/README.entries +++ b/tools/binman/README.entries @@ -496,6 +496,23 @@ complicated. Otherwise it is the same as the u_boot entry. +Entry: vblock: An entry which contains a Chromium OS verified boot block +------------------------------------------------------------------------ + +Properties / Entry arguments: + - keydir: Directory containing the public keys to use + - keyblock: Name of the key file to use (inside keydir) + - signprivate: Name of provide key file to use (inside keydir) + - version: Version number of the vblock (typically 1) + - kernelkey: Name of the kernel key to use (inside keydir) + - preamble-flags: Value of the vboot preamble flags (typically 0) + +Chromium OS signs the read-write firmware and kernel, writing the signature +in this block. This allows U-Boot to verify that the next firmware stage +and kernel are genuine. + + + Entry: x86-start16: x86 16-bit start-up code for U-Boot ------------------------------------------------------- |