From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by yocto-www.yoctoproject.org (Postfix, from userid 118) id 9CF92E008D3; Fri, 7 Nov 2014 06:48:52 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on yocto-www.yoctoproject.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham version=3.3.1 X-Spam-HAM-Report: * -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] Received: from mail.ahsoftware.de (h1446028.stratoserver.net [85.214.92.142]) by yocto-www.yoctoproject.org (Postfix) with ESMTP id 6FAF0E002A8 for ; Fri, 7 Nov 2014 06:48:50 -0800 (PST) Received: by mail.ahsoftware.de (Postfix, from userid 65534) id 1052E2C9C207; Fri, 7 Nov 2014 15:48:48 +0100 (CET) Received: from eiche.ahsoftware (p4FC3685E.dip0.t-ipconnect.de [79.195.104.94]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.ahsoftware.de (Postfix) with ESMTPSA id 19EBA2C9C20C for ; Fri, 7 Nov 2014 15:48:48 +0100 (CET) Received: by eiche.ahsoftware (Postfix, from userid 65534) id 51F808C411; Fri, 7 Nov 2014 15:48:47 +0100 (CET) Received: from krabat.ahsoftware (unknown [IPv6:feee::5246:5dff:fe8b:95f8]) by eiche.ahsoftware (Postfix) with ESMTP id AE7937F846; Fri, 7 Nov 2014 14:40:59 +0000 (UTC) Message-ID: <545CD9F0.50207@ahsoftware.de> Date: Fri, 07 Nov 2014 15:40:48 +0100 From: Alexander Holler User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.7.0 MIME-Version: 1.0 To: Otavio Salvador References: <1415353415-3805-1-git-send-email-holler@ahsoftware.de> <1415353415-3805-2-git-send-email-holler@ahsoftware.de> In-Reply-To: Cc: "meta-freescale@yoctoproject.org" , Jon Nettleton Subject: Re: [PATCH 1/1] arm: imx: fsl_otp: make fuses (OTP memory) read-only X-BeenThere: meta-freescale@yoctoproject.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Usage and development list for the meta-fsl-* layers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 14:48:52 -0000 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Am 07.11.2014 um 12:34 schrieb Otavio Salvador: > On Fri, Nov 7, 2014 at 7:43 AM, Alexander Holler wrote: >> Nothing in userspace should be able to kill the HW. >> Not even just as root and for sure not that easy. >> >> For obvious reason, I haven't tested this patch thoroughly. >> >> Reported-by: Jon Nettleton >> Signed-off-by: Alexander Holler > > I have a mix of feelings about the patch. > > Long story, short: > > - We ought to have a FSL_OTP_WRITE_SUPPORT config option > > The writing support is specially useful for manufacturing images where > we can use Linux to do the initial programing, consult a database to > find out inventory information (MAC address for example) and do proper > programing on the OTP fuses. However I also believe we shouldn't have > this available on regular kernel images as it is easy to get a > 'expensive paper weight'. > > So would you be keen to rework the patch and include a write support > config option? No. Sorry but I really think such dangerous stuff never should make it's way into any kernel which doesn't have big red and yellow signs attached to it. And unfortunately that isn't possible. And even if it would be possible to mark kernels as dangerous, I think that functionality should only be part of a bootloader where it isn't reachable by normal userspace. Regards, Alexander Holler