Firmware secure boot is to ensure firmware running on chip is the one
which is signed and released officially. Without this, it will be failed
to download firmware result from wrong security key data.
The main difference between secure and non-secure boot is content of
secure section, which is one type of many firmware sections, and is to
provide key data.
The basic steps for key data are:
1. read cryptography method and key_index from efuse (patch 2/4)
2. parse firmware file to select secure section by the information of
step 1 (patch 3/4)
3. download firmware with selected secure section and key data (patch 4/4)
Ping-Ke Shih (4):
wifi: rtw89: fw: consider checksum length of security data
wifi: rtw89: fw: read firmware secure information from efuse
wifi: rtw89: fw: parse secure section from firmware file
wifi: rtw89: fw: download firmware with key data for secure boot
drivers/net/wireless/realtek/rtw89/core.h | 15 +
drivers/net/wireless/realtek/rtw89/efuse.h | 1 +
drivers/net/wireless/realtek/rtw89/efuse_be.c | 142 +++++++++
drivers/net/wireless/realtek/rtw89/fw.c | 296 ++++++++++++++++--
drivers/net/wireless/realtek/rtw89/fw.h | 47 ++-
drivers/net/wireless/realtek/rtw89/pci.c | 2 +
drivers/net/wireless/realtek/rtw89/rtw8922a.c | 3 +
7 files changed, 484 insertions(+), 22 deletions(-)
--
2.25.1
