From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 56AC6EB64D8 for ; Mon, 19 Jun 2023 00:50:20 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2348184773; Mon, 19 Jun 2023 02:50:17 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="zIEgk9Ws"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E1D8485746; Mon, 19 Jun 2023 02:50:09 +0200 (CEST) Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id C388F8474E for ; Mon, 19 Jun 2023 02:50:00 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-1b5079b8cb3so5529405ad.1 for ; Sun, 18 Jun 2023 17:50:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1687135799; x=1689727799; h=in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:cc:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=Vgo2XEi/kRY42Ee56syY5rFTJxI4nWf6wtZlRkqF9C8=; b=zIEgk9WsD87k4PFApyWPWumihFzpxYOZhTWsiCfGvH2rdNuKb3pxTVls0Dp3eQG1uc 9rDGgFUxaZkshLB9RNPgH/Cl6zWSElP2mJDbXfGUFtv7I+YVZ1pJgxul7G/AXetsPuRW gUuKlWohl6HCo4B6vnjkfE0B8s2uDzE4h5F5iUQwBLau/PmemdjWXx6yUwKXu97GcJzg 2LVNuWygqJpm3urZ6edEGJloaMJ0od+5uy0BJAfGnzURlFgKG3zDN7X4u9WQG0lrI/1h ZlCwPdC7uVD9wy3ZjZtME9ZKucQROuKVNifQIT/xKZ8E+e6BEfnVwEnIfRBIgiCs/Q7z 6E6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687135799; x=1689727799; h=in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Vgo2XEi/kRY42Ee56syY5rFTJxI4nWf6wtZlRkqF9C8=; b=kFUat9NLDWaYLe614MN6kf3H55muwWpGfzemKZbAQyLAReByksPyCHamdXbuCsC7Og yyhh8EVSYkIBsmrjj8ofZk3UBauqIqDqGDg4+Ti4tupM1W9xqbe6Lcz93NTL+FRC4qpX aIlk5U+TFKhnN03NYwJDJBmOPEKbQdXn7V+yczP28vaalF+A/UT66MMRpWzVUjwjTuCR KHCoFwT49Oxt6m+esJHNCQDBqks0eVMt42T+A5h+uNsGzE/WjzjUQJizs3OgU37FN2JM nNmwpIdH7OCwoEDye3Z1++3MjaTDK18XhhN79RTLyAFMa0LIP9HVWIoP/XK+yZIEWBlG 2k8g== X-Gm-Message-State: AC+VfDxDPhH+BTb/MkFvekW3c0Pq5qljMdrM/01wX46k1uFh7xE04qsP oEYwuBHlGVLJV5R6hEcYICAzvA== X-Google-Smtp-Source: ACHHUZ6y0oAcsLP5WRJZ8j1u194R418PgvUKHuu7KvJ22X2+RxFmDCXfAAIpKCIT+MotZ8FJ+ONepw== X-Received: by 2002:a17:903:32c4:b0:1b0:3cda:6351 with SMTP id i4-20020a17090332c400b001b03cda6351mr10607864plr.0.1687135798897; Sun, 18 Jun 2023 17:49:58 -0700 (PDT) Received: from laputa ([2400:4050:c3e1:100:7540:94e3:d1be:6785]) by smtp.gmail.com with ESMTPSA id h5-20020a170902f54500b001b39f8dc06fsm2293480plf.152.2023.06.18.17.49.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 18 Jun 2023 17:49:58 -0700 (PDT) Date: Mon, 19 Jun 2023 09:49:54 +0900 From: Takahiro Akashi To: Heinrich Schuchardt Cc: Masahisa Kojima , Ilias Apalodimas , u-boot@lists.denx.de Subject: Re: [PATCH] doc: uefi: explicitly describe manual dtb update is required Message-ID: Mail-Followup-To: Takahiro Akashi , Heinrich Schuchardt , Masahisa Kojima , Ilias Apalodimas , u-boot@lists.denx.de References: <20230615080344.106856-1-masahisa.kojima@linaro.org> <0cc1670a-ff5e-4c28-9e73-cc1901ffc1d4@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0cc1670a-ff5e-4c28-9e73-cc1901ffc1d4@gmx.de> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean On Sat, Jun 17, 2023 at 09:58:13PM +0200, Heinrich Schuchardt wrote: > On 6/15/23 10:03, Masahisa Kojima wrote: > > To enforce anti-rollback to any older version, dtb must be > > always update manually. This should be described in the > > documentation. > > > > Signed-off-by: Masahisa Kojima > > --- > > doc/develop/uefi/uefi.rst | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst > > index ffd13cebe9..d5f8c5f236 100644 > > --- a/doc/develop/uefi/uefi.rst > > +++ b/doc/develop/uefi/uefi.rst > > @@ -552,6 +552,9 @@ update using a capsule file with --fw-version of 5, the update will fail. > > When the --fw-version in the capsule file is updated, lowest-supported-version > > in the dtb might be updated accordingly. > > > > +If user needs to enroce anti-rollback to any older version, > > +the lowest-supported-version property in dtb must be always updated manually. > > Thank you for updating the documentation. > > Allowing to circumvent the rollback protection is a security issue. On a > secure system you would probably want to disable console commands like > mc and fdt. Shouldn't we provide an advice for safe settings? Is there any case where a user wants to use fdt for some reason, for example, in CONFIG_PREBOOT or CONFIG_BOOTCOMMAND? -Takahiro Akashi > E.g. > > "If a user wanted to enable a rollback to a version forbidden by the > lowest-supported-version property specified in U-Boot's control > device-tree, they could change this property using the fdt command. > Secure systems should not enable this command." > > Best regards > > Heinrich > > > + > > To insert the lowest supported version into a dtb > > > > .. code-block:: console > > > > base-commit: e350d0c60d413d441cbdfa9432ebadb56f625903 >