trini
commented
6 years ago I still need to clean up and re-test my changes to automatically support meta-raspberrypi. meta-efi-secure-boot does not work with U-Boot (regardless of architecture) as EFI support there doesn't have what's needed for secure boot. IMA/TPM/TPM2 and anything else that doesn't depend on the firmware is fine. As U-Boot as TPM/TPM2 support you can leverage PCRs that you have U-Boot work with in your policy.
Ks89
Is it possible to use this layer on devices with u-boot? If yes, which features are compatible?