From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: Simon Glass <sjg@chromium.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Sughosh Ganu <sughosh.ganu@linaro.org>,
Masami Hiramatsu <masami.hiramatsu@linaro.org>,
Mark Kettenis <mark.kettenis@xs4all.nl>,
U-Boot Mailing List <u-boot@lists.denx.de>,
Alex Graf <agraf@csgraf.de>
Subject: Re: [PATCH v8 12/12] (RFC) efi_loader, dts: add public keys for capsules to device tree
Date: Mon, 17 Jan 2022 10:42:07 +0900 [thread overview]
Message-ID: <20220117014207.GC7045@laputa> (raw)
In-Reply-To: <CAPnjgZ17=1Tax+usJRMEaBrhbWrcE_ZZJpRoE2qvYuW-03DTQg@mail.gmail.com>
On Wed, Jan 12, 2022 at 01:03:54PM -0700, Simon Glass wrote:
> Hi Heinrich,
>
> On Sat, 1 Jan 2022 at 15:53, Heinrich Schuchardt <xypron.glpk@gmx.de> wrote:
> >
> > On 12/20/21 06:02, AKASHI Takahiro wrote:
> > > By specifying CONFIG_EFI_CAPSULE_KEY_PATH, the build process will
> > > automatically insert the given key into the device tree.
> > > Otherwise, users are required to do so manually, possibly, with
> > > the utility script, fdtsig.sh.
> >
> > Why do we need a script fdtsig.sh? Can't you integrate this into the
> > Makefile?
Because signing phase of capsules would be different from compiling phase
of U-Boot. So,
> It should be handled by binman, IMO.
Yes, either way, we should have a separate script/command.
-Takahiro Akashi
> Regards,
> Simon
prev parent reply other threads:[~2022-01-17 1:42 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-20 5:02 [PATCH v8 00/12] efi_loader: capsule: improve capsule authentication support AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 01/12] tools: mkeficapsule: rework the code a little bit AKASHI Takahiro
2022-01-01 21:35 ` Heinrich Schuchardt
2022-01-06 9:01 ` AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 02/12] tools: build mkeficapsule with tools-only_defconfig AKASHI Takahiro
2022-01-01 21:42 ` Heinrich Schuchardt
2022-01-06 9:20 ` AKASHI Takahiro
2022-01-12 20:03 ` Simon Glass
2021-12-20 5:02 ` [PATCH v8 03/12] tools: mkeficapsule: add firmwware image signing AKASHI Takahiro
2022-01-01 21:50 ` Heinrich Schuchardt
2022-01-17 8:11 ` AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 04/12] tools: mkeficapsule: add man page AKASHI Takahiro
2022-01-01 22:02 ` Heinrich Schuchardt
2022-01-06 10:25 ` AKASHI Takahiro
2022-01-06 19:26 ` Heinrich Schuchardt
2022-01-07 2:31 ` AKASHI Takahiro
2022-01-09 22:40 ` Heinrich Schuchardt
2021-12-20 5:02 ` [PATCH v8 05/12] doc: update UEFI document for usage of mkeficapsule AKASHI Takahiro
2022-01-01 22:09 ` Heinrich Schuchardt
2022-01-07 2:20 ` AKASHI Takahiro
2022-01-09 22:36 ` Heinrich Schuchardt
2021-12-20 5:02 ` [PATCH v8 06/12] test/py: efi_capsule: add image authentication test AKASHI Takahiro
2022-01-01 22:18 ` Heinrich Schuchardt
2022-01-17 2:03 ` AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 07/12] tools: mkeficapsule: allow for specifying GUID explicitly AKASHI Takahiro
2022-01-01 22:42 ` Heinrich Schuchardt
2022-01-17 2:14 ` AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 08/12] test/py: efi_capsule: align with the syntax change of mkeficapsule AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 09/12] test/py: efi_capsule: add a test for "--guid" option AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 10/12] test/py: efi_capsule: check the results in case of CAPSULE_AUTHENTICATE AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 11/12] (RFC) tools: add fdtsig.sh AKASHI Takahiro
2021-12-20 5:02 ` [PATCH v8 12/12] (RFC) efi_loader, dts: add public keys for capsules to device tree AKASHI Takahiro
2022-01-01 22:53 ` Heinrich Schuchardt
2022-01-12 20:03 ` Simon Glass
2022-01-17 1:42 ` AKASHI Takahiro [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220117014207.GC7045@laputa \
--to=takahiro.akashi@linaro.org \
--cc=agraf@csgraf.de \
--cc=ilias.apalodimas@linaro.org \
--cc=mark.kettenis@xs4all.nl \
--cc=masami.hiramatsu@linaro.org \
--cc=sjg@chromium.org \
--cc=sughosh.ganu@linaro.org \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox