[U-Boot] [PATCH 0/8] Secure boot improvements and test on Beaglebone Black

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Tom Rini <trini@ti.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH 0/8] Secure boot improvements and test on Beaglebone Black
Date: Fri, 20 Dec 2013 13:59:52 -0500	[thread overview]
Message-ID: <52B493A8.3050806@ti.com> (raw)
In-Reply-To: <CAPnjgZ3jjUZKfsPRYqhDiB=Guj18nvGJCv2jXOTBaNs4kzfrPw@mail.gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/06/2013 06:36 PM, Simon Glass wrote:
> Hi Tom,
> 
> On 2 October 2013 08:44, Simon Glass <sjg@chromium.org> wrote:
>> This series adds a few improvements to the image signing feature to
>> make it easier to use on the Beaglebone Black.
>>
>> - Add a DEV_TREE_BIN option to make it easier to include the correct FDT
>> (with embedded public keys) into the U-Boot image
>> - Enable cache for more TI boards (to speed things up)
>> - Increase malloc size
>> - Enable CONFIG_OF_CONTROL, FIT and secure boot on am33xx/omap
>>     (RFC only, not sure we want this, although we could create a separate
>>      config for it)
>>
>> I also have a change to adjust mkimage to automatically make space in the
>> FDT when adding hashes and signatures. Included here is the ENOSPC patch,
>> but the fit_image.c patch will wait until the dumpimage tool is merged,
>> since I am changing the same code.
>>
>> With this, secure boot was tested successfully on Beaglebone Black.
> 
> Do you think any of these patches should be applied?

Sorry I've taken so long to cycle back on this.  At the high level, I'm
OK with it.  But we need to make sure we can do these features
optionally, perhaps with a separate build?

- -- 
Tom
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJStJOnAAoJENk4IS6UOR1WpGcP/0CljP92ImQWtwcNcyCsjOqU
Nkm2hJ1eI3e4XGEVkO9zWAxrcTtCOgdWdOnMeLjtpWTrWZ/CKmEXcbU6rxR7Q/vu
/8r0FrUaYNHxsuTs0P5aBWhs3G+C83wKbbFViseHaKx2GMQ8+SZg72YBgDdI1t+B
rEaA9t4/ZEFKY5HgJ47NZ/cJvs/2EFpbGTZgmgiqT/1P0aayN6YOAvmbkkkuxn8g
HIJ8Jt1bGZ6CqTkDMt/qCeunCinSU76C19Bj+6cMTtoam9rltzdWaPoc4adi3QPw
WfEZnUia5KxuGDLV/itO2LUrO58r8N5eOJN3iISAGkgzmRumhaxjlOrytq97p//D
ZHlbwp2aQKLTRLh7B9T7HRs3AW3j+ltlQ11iF0GXtZ4WGeqy2IfMrhY708CwG/p5
Nu12cDW7hk5QJs/Dy55VsnxQ8t4yp/Y6v1K9g49BWKp/KZVa8qEab8VIV2N9iO38
czHfs4tlY3LgdP2y7fx15gANMM82eK6z9PkDtP+tvlkBGCh/FQ1wLUiq3pBR0VKu
vhmM33RzkI9l2nIFzDybwU5iLfjGOm4ILuLNsQpTU1wWCjoyCi6t3fkqNQfHrguS
Kun0UHf7M104q0SxwR03hv/RZw9sM5vFFq/2rWQI+vZ2neMMCd+LtOiIQUPTWUp+
NEYG+D/UfhT3WGlvzMdT
=wxou
-----END PGP SIGNATURE-----

next prev parent reply	other threads:[~2013-12-20 18:59 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-10-02 14:44 [U-Boot] [PATCH 0/8] Secure boot improvements and test on Beaglebone Black Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 1/8] am33xx/omap: Allow cache enable for all Sitara/OMAP Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 2/8] hash: Export functions to find and show hash Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 3/8] fdt: Add DEV_TREE_BIN option to specify a device tree binary file Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 4/8] fdt: Update functions which write to an FDT to return -ENOSPC Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 5/8] arm: ti: Increase malloc size to 16MB for armv7 boards Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 6/8] RFC: am33xx/omap: Enable CONFIG_OF_CONTROL Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 7/8] RFC: am33xx/omap: Enable FIT support Simon Glass
2013-10-02 14:44 ` [U-Boot] [PATCH 8/8] RFC: am33xx/omap: Enable secure boot with CONFIG_FIT_SIGNATURE Simon Glass
2013-12-06 23:36 ` [U-Boot] [PATCH 0/8] Secure boot improvements and test on Beaglebone Black Simon Glass
2013-12-20 18:59   ` Tom Rini [this message]
2013-12-26 20:05     ` Simon Glass
2013-12-30  7:40   ` [U-Boot] sandbox question TigerLiu at viatech.com.cn
2013-12-31  0:42     ` TigerLiu at viatech.com.cn
2014-01-07 23:58       ` Simon Glass
2014-01-08  0:52         ` TigerLiu at viatech.com.cn
2014-01-08  3:46           ` Abraham Varricatt
2014-01-08 10:30             ` TigerLiu at viatech.com.cn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=52B493A8.3050806@ti.com \
    --to=trini@ti.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox