From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andreas Dannenberg <dannenberg@ti.com>
Date: Wed, 20 Jul 2016 13:19:22 -0500
Subject: [U-Boot] [PATCH v3 0/9] Secure Boot by
 Authenticating/Decrypting SPL FIT blobs
In-Reply-To: <1467037164-28093-1-git-send-email-dannenberg@ti.com>
References: <1467037164-28093-1-git-send-email-dannenberg@ti.com>
Message-ID: <20160720181922.GI19566@borg.dal.design.ti.com>
List-Id: <u-boot.lists.denx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: u-boot@lists.denx.de

On Mon, Jun 27, 2016 at 09:19:15AM -0500, Andreas Dannenberg wrote:
> This is an updated version of a patch series that introduces a generic way
> to optionally post-process blobs as they get extracted by the SPL from the
> u-boot.img FIT image, and uses this scheme to perform some authentication/
> decryption related processing on TI's high-secure (HS) SoC variants. For
> additional background please see here [1].

I just wanted to point out that this now-accepted patch series in by
itself is not a 100% complete solution to address all needs of secure
boot. Specifically, the extensions made rely on loading U-Boot as a FIT
image (CONFIG_SPL_LOAD_FIT) but do not prevent the loading of a legacy
non-FIT U-Boot image. This is something that will need to get addressed
in a follow-on patch.

Regards,
Andreas

> [1] http://lists.denx.de/pipermail/u-boot/2016-June/258716.html