Hello,
I am trying to enable secure boot feature for custom IMX8MPLUS board running #Android 11. I have followed the Android Security guide provided by NXP
In the device/nxp/imx8m/evk_8mp/UbootKernelBoardConfig.mk I see as follows:
# u-boot target
TARGET_BOOTLOADER_CONFIG := imx8mp:imx8mp_evk_android_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-trusty:imx8mp_evk_android_trusty_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-trusty-secure-unlock:imx8mp_evk_android_trusty_secure_unlock_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-dual:imx8mp_evk_android_dual_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-trusty-dual:imx8mp_evk_android_trusty_dual_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-evk-uuu:imx8mp_evk_android_uuu_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-powersave:imx8mp_evk_android_powersave_defconfig
TARGET_BOOTLOADER_CONFIG += imx8mp-trusty-powersave:imx8mp_evk_android_trusty_powersave_defconfig
After compilation in the build log I can see all the defconfigs are build.
Do I have to update all the defconfigs for Secure boot? Shall I take the values from build-log for csf from all of them seperately? How do I make sure which defconfig is getting used while bootup?
Thanks,
Abhiroop
