doc/device-tree/ibm,secureboot.rst


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

.. _device-tree/ibm,secureboot:

ibm,secureboot
==============

The ``ìbm,secureboot`` node provides secure boot and trusted boot information
up to the target OS. Further information can be found in :ref:`stb-overview`.

Required properties
-------------------

.. code-block:: none

    compatible:         Either one of the following values:

                        ibm,secureboot-v1  :  The container-verification-code
                                              is stored in a secure ROM memory.

                        ibm,secureboot-v2  :  The container-verification-code
                                              is stored in a reserved memory.
                                              It described by the ibm,cvc child
                                              node.

    secure-enabled:     this property exists when the firmware stack is booting
                        in secure mode (hardware secure boot jumper asserted).

    trusted-enabled:    this property exists when the firmware stack is booting
                        in trusted mode.

    hw-key-hash:        hash of the three hardware public keys trusted by the
                        platformw owner. This is used to verify if a firmware
                        code is signed with trusted keys.

    hw-key-hash-size:   hw-key-hash size

    os-secureboot-enforcing:
                        this property is created by the secure variable backend
                        if it detects a desire by the owner to requre any
                        images (e.g. kernels) to be signed by an appropriate
                        key stored in secure variables.

    physical-presence-asserted:
                        this property exists to indicate the physical presence
                        of user to request key clearance.

    clear-os-keys:      this property exists when the firmware indicates that
                        physical presence is asserted to clear only Host OS
                        secure boot keys.

    clear-all-keys:     this property exists when the firmware indicates that
                        physical presence is asserted to clear all sensistive
                        data controlled by platform firmware.

    clear-mfg-keys:     this property exists only during manufacturing process
                        when the firmware indicates to clear all senstive data
                        during manufacturing. It is only valid on development
                        drivers.

Obsolete properties
-------------------

.. code-block:: none

    hash-algo:          Superseded by the hw-key-hash-size property in
                        'ibm,secureboot-v2'.

Example
-------

.. code-block:: dts

    ibm,secureboot {
        compatible = "ibm,secureboot-v2";
        secure-enabled;
        trusted-enabled;
        hw-key-hash-size = <0x40>;
        hw-key-hash = <0x40d487ff 0x7380ed6a 0xd54775d5 0x795fea0d 0xe2f541fe
                       0xa9db06b8 0x466a42a3 0x20e65f75 0xb4866546 0x0017d907
                       0x515dc2a5 0xf9fc5095 0x4d6ee0c9 0xb67d219d 0xfb708535
                       0x1d01d6d1>;
        phandle = <0x100000fd>;
        linux,phandle = <0x100000fd>;
    };