From: Alexander Holler <holler@ahsoftware.de>
To: Robin Findley <rfindley@usa.net>
Cc: "meta-freescale@yoctoproject.org" <meta-freescale@yoctoproject.org>
Subject: Re: [PATCH 0/1] arm: imx: fsl_otp: make fuses (OTP memory) read-only
Date: Thu, 13 Nov 2014 20:19:49 +0100 [thread overview]
Message-ID: <54650455.90002@ahsoftware.de> (raw)
In-Reply-To: <5460C7A0.30008@ahsoftware.de>
Am 10.11.2014 um 15:11 schrieb Alexander Holler:
> Am 08.11.2014 22:54, schrieb Robin Findley:
>> From Alexander Holler
>>> But there is absolutely no reason to include this ONE TIME FUNCTIONALITY
>>> into any kernel meant for the public, especially as it is very
>>> dangerous.
>>
>> The problem isn't that someone can burn fuses in a commercial product.
>> Rather, the problem is a designer who ships a product with unburned
>> fuses. If
>> a designer is unaware of the fuses, and ships them unburned (unless he
>> has
>> good reason), then he shouldn't be selling commercial products. You
>> can't
>> design an imx product without knowing about the fuses. They are
>> fundamental
>> to the design process.
>
> You're only talking about locked products which are including the SW, do
> you?
>
> What's if the software isn't part of you manufacturing process and you
> want to leave the customer the choice to enter secure mode whenever he
> wish?
>
> Setting and locking fuses means removing options and crippling the HW.
> That's their only purpose.
And because I've just got reminded to that fact by some other device:
There are many devices which don't ship at first with security mode
enabled but where the manufacturer intends to use security mode with a
later update of the firmware. So even if the user-visible software is
already part of a device, there are reasons to not disable options by
locking the fuses.
Regards,
Alexander Holler
next prev parent reply other threads:[~2014-11-13 19:22 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-08 21:54 [PATCH 0/1] arm: imx: fsl_otp: make fuses (OTP memory) read-only Robin Findley
2014-11-10 14:11 ` Alexander Holler
2014-11-13 19:19 ` Alexander Holler [this message]
-- strict thread matches above, loose matches on Subject: below --
2014-11-07 9:43 Alexander Holler
2014-11-07 14:00 ` Eric Bénard
2014-11-07 14:31 ` Jon Nettleton
2014-11-07 14:55 ` Alexander Holler
2014-11-07 15:04 ` Eric Bénard
2014-11-07 15:07 ` Otavio Salvador
2014-11-07 15:23 ` Alexander Holler
2014-11-07 16:00 ` Otavio Salvador
2014-11-07 16:38 ` Alexander Holler
2014-11-08 2:03 ` Nikolay Dimitrov
2014-11-08 8:58 ` Chris Tapp
2014-11-08 9:32 ` Jon Nettleton
2014-11-08 18:49 ` Alexander Holler
2014-11-09 10:14 ` Alexander Holler
2014-11-09 15:09 ` Eric Bénard
2014-11-09 17:03 ` Bob Cochran
2014-11-09 12:34 ` Nikolay Dimitrov
2014-11-09 18:09 ` Alexander Holler
2014-11-09 19:20 ` Nikolay Dimitrov
2014-11-07 16:03 ` Eric Bénard
2014-11-07 15:50 ` Eric Bénard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54650455.90002@ahsoftware.de \
--to=holler@ahsoftware.de \
--cc=meta-freescale@yoctoproject.org \
--cc=rfindley@usa.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.