From mboxrd@z Thu Jan 1 00:00:00 1970 From: Gamble, Bradley Date: Wed, 15 Apr 2020 14:05:19 +0000 Subject: Dummy device tree for verified boot Message-ID: <1586959519873.39755@ncipher.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hello, I am currently attempting to utilize Verified Boot to verify FIT images on my T104x-based device. I am building U-Boot with the standard options for Verified Boot (CONFIG_FIT, CONFIG_FIT_SIGNATURE, CONFIG_RSA, CONFIG_OF_CONTROL and CONFIG_OF_SEPARATE). When building U-Boot I need to supply a DTB image at build time. However, the device I am targetting may have a number of different configurations. This has been manged previously by using a single version of U-Boot and loading different FIT images containing different DTBs based on how the device will be used. Does the DTB supplied to U-Boot at build time have to be "fully-featured"? Can it be a dummy DTB containing minimal nodes just for the purpose of storing the key contents for Verified Boot? Kind regards, BDG ________________________________ [cid:image28dcb9.JPG at 434a8dea.4eb6ff24] Bradley Gamble Software Engineer Tel: +44 1293 580000 nCipher Security Manor Royal Crawley RH10 9HA United Kingdom www.ncipher.com [cid:imagec22e21.JPG at 371fb8cf.429ceea3] -------------- next part -------------- A non-text attachment was scrubbed... Name: image28dcb9.JPG Type: image/jpeg Size: 26793 bytes Desc: image28dcb9.JPG URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: imagec22e21.JPG Type: image/jpeg Size: 23049 bytes Desc: imagec22e21.JPG URL: