mb/facebook/fbg1701: Only verify the publickey when needed
The public key should only be validated if the manifest is signed. BUG=N/A TEST=testedd on fbg1701 Change-Id: I703ed442e0b1926859f593ce9ca84133013224ea Signed-off-by: Wim Vervoorn <wvervoorn@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/36816 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Frans Hendriks <fhendriks@eltan.com>
This commit is contained in:
parent
f4a304722a
commit
0bb4f0c766
|
@ -25,10 +25,12 @@ const verify_item_t bootblock_verify_list[] = {
|
|||
{ { (void *)0xffffffff - CONFIG_C_ENV_BOOTBLOCK_SIZE + 1,
|
||||
CONFIG_C_ENV_BOOTBLOCK_SIZE, } }, HASH_IDX_BOOTBLOCK,
|
||||
MBOOT_PCR_INDEX_0 },
|
||||
#if CONFIG(VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST)
|
||||
{ VERIFY_BLOCK, "PublicKey",
|
||||
{ { (void *)CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_LOCATION,
|
||||
CONFIG_VENDORCODE_ELTAN_VBOOT_KEY_SIZE, } }, HASH_IDX_PUBLICKEY,
|
||||
MBOOT_PCR_INDEX_0 },
|
||||
#endif
|
||||
{ VERIFY_TERMINATOR, NULL, { { NULL, 0 } }, 0, 0 }
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue