| /openbmc/u-boot/doc/uImage.FIT/ |
| H A D | signature.txt | 11 that it can be verified using a public key later. Provided that the private
13 any image can be verified in this way.
15 See verified-boot.txt for more general information on verified boot.
153 - required: If present this indicates that the key must be verified for the
155 normally verified by the FIT image booting algorithm. Valid values are
314 verified later even if the FIT has been signed with other keys in the
320 FITs are verified when loaded. After the configuration is selected a list
322 each image must be verified against those keys. This means that every image
352 Simple Verified Boot Test
355 Please see doc/uImage.FIT/verified-boot.txt for more information
[all …]
|
| H A D | verified-boot.txt | 1 U-Boot Verified Boot
6 Verified boot here means the verification of all software loaded into a
10 Verified boot extends from the moment of system reset to as far as you wish
16 which use verified boot. Since the machine will only run software that has
24 Verified boot uses cryptographic algorithms to 'sign' software images.
26 be verified using a public key. As its name suggests the public key can be
96 a standard place. Then when a FIT is loaded it can be verified using that
|
| H A D | beaglebone_vboot.txt | 1 Verified Boot on the Beaglebone Black
7 Before reading this, please read verified-boot.txt and signature.txt. These
11 verified boot works in U-Boot. There is also a test which runs through the
16 for an example of how to enable verified boot using U-Boot.
22 packaged with the kernel. In particular this is important with verified boot,
24 public keys can be changed and verified boot is useless. An attacker can
37 1. Build U-Boot for the board, with the verified boot options enabled.
68 b. Configure and build U-Boot with verified boot enabled:
199 'required' property, which tells U-Boot that this key must be verified for the
302 'dev' and the '+' means that it verified. If it showed '-' that would be bad.
[all …]
|
| /openbmc/u-boot/test/py/tests/ |
| H A D | test_vboot.py | 4 # U-Boot Verified Boot Test
7 This tests verified boot in the following ways:
11 - Check that verification shows that no keys are verified
13 - Check that verification shows that a key is now verified
39 """Test verified boot signing with mkimage and verification with 'bootm'.
75 with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)):
130 """Test verified boot with the given hash algorithm.
|
| H A D | test_avb.py | 5 # Android Verified Boot 2.0 Test
8 This tests Android Verified Boot 2.0 support in U-boot:
|
| /openbmc/u-boot/lib/libavb/ |
| H A D | avb_slot_verify.h | 136 * successfully verified.
156 * The partitions loaded and verified from from the slot are
162 * Rollback indexes for the verified slot are stored in the
204 * will end up pointing to the vbmeta partition for the verified
206 * partition of the verified slot.
214 * the slot that was verified.
221 * struct is verified and descriptors will not processed. The return
296 * AVB_SLOT_VERIFY_RESULT_OK is returned if everything is verified
300 * everything is verified correctly out but one or more public keys
|
| /openbmc/u-boot/doc/SPL/ |
| H A D | README.spl-secure-boot | 1 Overview of SPL verified boot on powerpc/mpc85xx & arm/layerscape platforms
7 This document provides an overview of how SPL verified boot works on powerpc/
|
| /openbmc/u-boot/post/drivers/ |
| H A D | rtc.c | 12 * The Real Time Clock (RTC) operation is verified by this test.
13 * The following features are verified:
15 * This is verified by analyzing the rtc_get() return status.
17 * This is verified by reading RTC in polling within
|
| /openbmc/u-boot/doc/ |
| H A D | README.avb2 | 1 Android Verified Boot 2.0
3 This file contains information about the current support of Android Verified
8 Verified Boot establishes a chain of trust from the bootloader to system images
|
| H A D | README.uniphier | 110 Verified Boot
113 U-Boot supports an image verification method called "Verified Boot".
212 To use the Verified Boot, you need to enable the following two options:
252 Please note the "u-boot.bin" must be signed, and verified by someone when it is
256 the system reset. If the Chain of Trust has a breakage somewhere, the verified
259 7. Boot verified kernel
332 If they are not displayed, the Verified Boot is not working.
|
| /openbmc/openbmc/poky/meta/recipes-core/initscripts/initscripts-1.0/ |
| H A D | volatiles | 1 # This configuration file lists filesystem objects that should get verified
21 # Thus, if a link is in the place to be verified, the object will be created
|
| /openbmc/libpldm/tests/fuzz/ |
| H A D | fd-fuzz.cpp | 59 bool verified; member
194 fuzz_ctx->verified = false; in cb_update_component()
227 assert(!fuzz_ctx->verified); in cb_firmware_data()
256 assert(!fuzz_ctx->verified); in cb_verify()
273 fuzz_ctx->verified = true; in cb_verify()
289 assert(fuzz_ctx->verified); in cb_apply()
|
| /openbmc/u-boot/common/ |
| H A D | image-sig.c | 289 int verified = 0; in fit_image_verify_sig() local
304 verified = 1; in fit_image_verify_sig()
315 return verified ? 0 : -EPERM; in fit_image_verify_sig()
377 * @return 0 if all verified ok, <0 on error
508 int verified = 0; in fit_config_verify_sig() local
523 verified = 1; in fit_config_verify_sig()
534 if (verified) in fit_config_verify_sig()
|
| /openbmc/openbmc-test-automation/lib/ |
| H A D | redfish_request.py | 120 else in case of true, certificate needs to be verified.
167 else in case of true, certificate needs to be verified.
216 else in case of true, certificate needs to be verified.
274 else in case of true, certificate needs to be verified.
330 else in case of true, certificate needs to be verified.
|
| /openbmc/u-boot/tools/binman/etype/ |
| H A D | vblock.py | 6 # Support for a Chromium OS verified boot block, used to sign a read-write
18 """An entry which contains a Chromium OS verified boot block
|
| /openbmc/u-boot/test/py/tests/vboot/ |
| H A D | sandbox-kernel.dts | 4 model = "Sandbox Verified Boot Test";
|
| H A D | sandbox-u-boot.dts | 4 model = "Sandbox Verified Boot Test";
|
| /openbmc/qemu/tests/qemu-iotests/ |
| H A D | 265.out | 5 Content verified.
|
| /openbmc/openbmc/meta-phosphor/recipes-phosphor/flash/noverify-bmc-update/ |
| H A D | noverify-bmc-verify.service | 6 ExecStart=/bin/mv /run/initramfs/bmc-image /run/initramfs/bmc-image-verified
|
| H A D | noverify-bmc-update.service | 6 ExecStart=/bin/mv /run/initramfs/bmc-image-verified /run/initramfs/image-bmc
|
| /openbmc/phosphor-power/phosphor-regulators/docs/config_file/ |
| H A D | pmbus_write_vout_command.md | 59 … value of VOUT_COMMAND is verified by reading it from the device. If false or not specified, the u…
|
| /openbmc/openbmc/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/ |
| H A D | bmc-verify.sh | 12 if [ "Verified OK" = "$r" ]; then
|
| /openbmc/u-boot/arch/x86/include/asm/arch-ivybridge/fsp/ |
| H A D | fsp_configs.h | 17 * Dummy structure for now as currently only SPD is verified in U-Boot.
|
| /openbmc/phosphor-state-manager/service_files/ |
| H A D | obmc-powered-off@.service | 13 # verified that power has been removed from the chassis. Then
|
| /openbmc/u-boot/tools/ |
| H A D | fit_common.h | 16 * @ptr: image header to be verified
|