diff options
| author | Robert Rosengren <robert.rosengren@stericsson.com> | 2010-12-15 09:48:59 +0100 |
|---|---|---|
| committer | Michael BRANDT <michael.brandt@stericsson.com> | 2011-01-27 16:06:37 +0100 |
| commit | bc03d1e9728ab1faa9eebbee3ed90e57bd27c051 (patch) | |
| tree | 32733565d203074d952928421c8edb481342e230 /common | |
| parent | 3f27019fbb4a5c411e80c5c876bfae0a67228da5 (diff) | |
db8500: Verify signature of kernel before booting
Verification of the kernel and ITP signature before allowing to boot is
added. This feature is configurable and by default not activated. MeeGo-
built RPM will have this enabled.
ST-Ericsson ID: WP275634, ER275440
Change-Id: Ib888f39dd5dca1bc8b7d6e1b002da83a77908b07
Reviewed-on: http://gerrit.lud.stericsson.com/gerrit/11415
Tested-by: Robert ROSENGREN <robert.rosengren@stericsson.com>
Reviewed-by: Michael BRANDT <michael.brandt@stericsson.com>
Reviewed-by: QATOOLS
Reviewed-by: Jens WIKLANDER <jens.wiklander@stericsson.com>
Diffstat (limited to 'common')
| -rw-r--r-- | common/cmd_bootm.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/common/cmd_bootm.c b/common/cmd_bootm.c index 94ddac37c..0cac9cf1b 100644 --- a/common/cmd_bootm.c +++ b/common/cmd_bootm.c @@ -867,6 +867,18 @@ static void *boot_get_kernel (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[] /* copy from dataflash if needed */ img_addr = genimg_get_image (img_addr); +#if defined(CONFIG_SECURE_KERNEL_BOOT) + { + /* + * Extern declaration could more nicely done, but keeping + * it here to have as low impact as possible... + */ + extern int sec_bridge_verify_kernel_image(u32 *img_addr); + if (sec_bridge_verify_kernel_image ((u32*)&img_addr)) + img_addr = 0; + } +#endif + /* check image type, for FIT images get FIT kernel node */ *os_data = *os_len = 0; switch (genimg_get_format ((void *)img_addr)) { |