From: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
To: "Ivan T. Ivanov" <iivanov@suse.de>,
Srinivas Kandagatla <srinivas.kandagatla@linaro.org>,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>
Cc: Nicolas Saenz Julienne <nsaenz@kernel.org>,
Florian Fainelli <f.fainelli@gmail.com>,
Stefan Wahren <stefan.wahren@i2se.com>,
linux-rpi-kernel@lists.infradead.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
Tim Gover <tim.gover@raspberrypi.com>
Subject: Re: [PATCH v3 2/3] ARM: dts: Add nvmem node for BCM2711 bootloader public key
Date: Fri, 21 Apr 2023 09:55:33 +0200 [thread overview]
Message-ID: <d3bbd951-67b0-95a3-8f26-a100d6ed12e6@linaro.org> (raw)
In-Reply-To: <20230420122924.37997-3-iivanov@suse.de>
On 20/04/2023 14:29, Ivan T. Ivanov wrote:
> From: Tim Gover <tim.gover@raspberrypi.com>
>
> Make a copy of the bootloader secure-boot public key available to the OS
> via an nvmem node. The placement information is populated by the
> Raspberry Pi firmware[1] if a public key is present in the BCM2711
> bootloader EEPROM.
>
> [1] https://www.raspberrypi.com/documentation/computers/configuration.html#nvmem-nodes
>
> Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
> [iivanov] Added link to documentation.
> Signed-off-by: Ivan T. Ivanov <iivanov@suse.de>
> ---
> arch/arm/boot/dts/bcm2711-rpi.dtsi | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> diff --git a/arch/arm/boot/dts/bcm2711-rpi.dtsi b/arch/arm/boot/dts/bcm2711-rpi.dtsi
> index 98817a6675b9..e30fbe84f9c3 100644
> --- a/arch/arm/boot/dts/bcm2711-rpi.dtsi
> +++ b/arch/arm/boot/dts/bcm2711-rpi.dtsi
> @@ -15,6 +15,7 @@ aliases {
> ethernet0 = &genet;
> pcie0 = &pcie0;
> blconfig = &blconfig;
> + blpubkey = &blpubkey;
> };
> };
>
> @@ -67,6 +68,19 @@ blconfig: nvram@0 {
> no-map;
> status = "disabled";
> };
> +
> + /*
> + * RPi4 will copy the binary public key blob (if present) from the bootloader
> + * into memory for use by the OS.
> + */
> + blpubkey: nvram@1 {
> + compatible = "raspberrypi,bootloader-public-key", "nvmem-rmem";
> + #address-cells = <1>;
> + #size-cells = <1>;
> + reg = <0x0 0x0 0x0>;
> + no-map;
> + status = "disabled";
Why this is disabled? What external resources are missing?
Best regards,
Krzysztof
next prev parent reply other threads:[~2023-04-21 7:56 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-20 12:29 [PATCH v3 0/3] Add nvmem node for BCM2711 bootloader public key Ivan T. Ivanov
2023-04-20 12:29 ` [PATCH v3 1/3] dt-bindings: nvmem: rmem: Add raspberrypi,bootloader-public-key Ivan T. Ivanov
2023-04-21 7:56 ` Krzysztof Kozlowski
2023-05-12 10:20 ` Srinivas Kandagatla
2023-04-20 12:29 ` [PATCH v3 2/3] ARM: dts: Add nvmem node for BCM2711 bootloader public key Ivan T. Ivanov
2023-04-21 7:55 ` Krzysztof Kozlowski [this message]
2023-04-21 7:59 ` Tim Gover
2023-04-25 16:02 ` Stefan Wahren
2023-04-25 16:24 ` Tim Gover
2023-05-18 11:56 ` Ivan T . Ivanov
2023-04-20 12:29 ` [PATCH v3 3/3] nvmem: rmem: Use NVMEM_DEVID_AUTO Ivan T. Ivanov
2023-05-12 10:21 ` Srinivas Kandagatla
2023-04-25 16:33 ` [PATCH v3 0/3] Add nvmem node for BCM2711 bootloader public key Stefan Wahren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d3bbd951-67b0-95a3-8f26-a100d6ed12e6@linaro.org \
--to=krzysztof.kozlowski@linaro.org \
--cc=devicetree@vger.kernel.org \
--cc=f.fainelli@gmail.com \
--cc=iivanov@suse.de \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-rpi-kernel@lists.infradead.org \
--cc=nsaenz@kernel.org \
--cc=robh+dt@kernel.org \
--cc=srinivas.kandagatla@linaro.org \
--cc=stefan.wahren@i2se.com \
--cc=tim.gover@raspberrypi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).