From: Thierry Reding <thierry.reding-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: Jimmy Zhang <jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
Cc: Allen Martin <AMartin-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>,
Stephen Warren <swarren-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>,
"alban.bedel-RM9K5IK7kjKj5M59NBduVrNAH6kLmebB@public.gmane.org"
<alban.bedel-RM9K5IK7kjKj5M59NBduVrNAH6kLmebB@public.gmane.org>,
"linux-tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [tegrarcm PATCH v1 2/4] Add option --ml_rcm <rcm_ml_blob>
Date: Mon, 7 Mar 2016 09:54:08 +0100 [thread overview]
Message-ID: <20160307085408.GD31189@ulmo.nvidia.com> (raw)
In-Reply-To: <b47263cc6b5a412bbbb9cd4a17d223cf-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
[-- Attachment #1: Type: text/plain, Size: 2255 bytes --]
On Sat, Mar 05, 2016 at 02:35:51AM +0000, Jimmy Zhang wrote:
>
>
> > -----Original Message-----
> > From: Allen Martin
> > Sent: Friday, March 04, 2016 5:25 PM
> > To: Jimmy Zhang
> > Cc: Stephen Warren; alban.bedel-RM9K5IK7kjKj5M59NBduVrNAH6kLmebB@public.gmane.org; linux-
> > tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> > Subject: Re: [tegrarcm PATCH v1 2/4] Add option --ml_rcm <rcm_ml_blob>
> >
> > On Fri, Mar 04, 2016 at 03:44:45PM -0800, Jimmy Zhang wrote:
> > > This option along with "--pkc <keyfile>" allows user to generate
> > > signed query version rcm, miniloader rcm and signed bootloader
> > > (flasher). With these signed blob, user will then be able to run
> > > tegrarcm on a fused system without keyfile.
> > >
> > > Command syntax:
> > > $ ./tegrarcm --ml_rcm <ml_rcm_blob> --pkc <keyfile>
> > >
> > > Example:
> > > 1. connect usb cable to recovery mode usb port 2. put target in
> > > recovery mode 3. run command as below:
> > > $ sudo ./tegrarcm --ml_rcm t124_ml_rcm.bin --pkc rsa_priv.der
> > >
> >
> > Why this extra step to write the signed miniloader to a separate file?
> > Why not just sign the miniloader in memory when using the --signed
> > option? It looks like this is also generating a file for the signed
> > RCM messages, which should just be done in memory as well like we do
> > when using CMAC signing.
> >
> This is for production purpose for fused board. User can run this step to generate all signed blobs
> from a secured server. On production server, assuming non secured, user uses previous signed
> blobs to download flasher on fused board. By doing so, we can avoid to send rsa keyfile to
> production server.
I don't like how this makes people jump through hoops to use this
feature. Couldn't we instead implement infrastructure for both
workflows?
For example, the standard behaviour could be to sign everything in
memory, which would allow developers to use this in the most
straightforward way. A command-line option could be added to switch
into "production" mode, where the necessary files are generated and
later used, which would allow the kind of setup that you describe
where the signing and flashing machines are separate.
Thierry
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2016-03-07 8:54 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-04 23:44 [tegrarcm PATCH v1 0/4] Add flashing support for T124 rsa fused board Jimmy Zhang
[not found] ` <1457135087-967-1-git-send-email-jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-04 23:44 ` [tegrarcm PATCH v1 1/4] Add option "--pkc" Jimmy Zhang
[not found] ` <1457135087-967-2-git-send-email-jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-05 1:43 ` Allen Martin
2016-03-07 19:55 ` Stephen Warren
[not found] ` <56DDDCC8.9090803-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2016-03-09 0:50 ` Jimmy Zhang
[not found] ` <6dc28718c5ec4d4aba4bcafcf36409be-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
2016-03-09 17:32 ` Stephen Warren
2016-03-04 23:44 ` [tegrarcm PATCH v1 2/4] Add option --ml_rcm <rcm_ml_blob> Jimmy Zhang
[not found] ` <1457135087-967-3-git-send-email-jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-05 1:25 ` Allen Martin
[not found] ` <20160305012506.GA19189-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-05 2:35 ` Jimmy Zhang
[not found] ` <b47263cc6b5a412bbbb9cd4a17d223cf-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
2016-03-07 8:54 ` Thierry Reding [this message]
2016-03-07 20:15 ` Stephen Warren
[not found] ` <56DDE16A.8030809-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2016-03-09 1:21 ` Jimmy Zhang
[not found] ` <efa82104830b489a8ebe29238bb48034-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
2016-03-09 17:35 ` Stephen Warren
2016-03-04 23:44 ` [tegrarcm PATCH v1 3/4] Add option --signed Jimmy Zhang
[not found] ` <1457135087-967-4-git-send-email-jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-07 8:58 ` Thierry Reding
2016-03-07 20:31 ` Stephen Warren
[not found] ` <56DDE53D.4060206-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2016-03-09 0:36 ` Jimmy Zhang
[not found] ` <90950f4d7098476891feda7e5e803cfa-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
2016-03-09 17:29 ` Stephen Warren
[not found] ` <56E05D75.5050707-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2016-03-09 21:01 ` Jimmy Zhang
[not found] ` <efdc080b4a0f4bd4a8a736d947417acd-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
2016-03-09 21:03 ` Stephen Warren
2016-03-04 23:44 ` [tegrarcm PATCH v1 4/4] Increate USB timeout value Jimmy Zhang
[not found] ` <1457135087-967-5-git-send-email-jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-05 1:46 ` Allen Martin
[not found] ` <20160305014644.GC19189-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org>
2016-03-05 2:39 ` Jimmy Zhang
2016-03-07 19:39 ` Stephen Warren
[not found] ` <56DDD90B.1040802-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2016-03-09 1:41 ` Jimmy Zhang
[not found] ` <973e4d88a8a24062964655a6ec3b2c71-wO81nVYWzR7YuxH7O460wFaTQe2KTcn/@public.gmane.org>
2016-03-09 17:41 ` Stephen Warren
[not found] ` <56E06042.2060604-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>
2016-03-09 19:56 ` Jimmy Zhang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160307085408.GD31189@ulmo.nvidia.com \
--to=thierry.reding-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=AMartin-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
--cc=alban.bedel-RM9K5IK7kjKj5M59NBduVrNAH6kLmebB@public.gmane.org \
--cc=jimmzhang-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
--cc=linux-tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=swarren-DDmLM1+adcrQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox