From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andre Przywara <andre.przywara@arm.com>
Date: Fri, 15 Dec 2017 14:36:31 +0000
Subject: [U-Boot] [PATCH v3 1/5] sunxi: a64: Enable FIT Signature
In-Reply-To: <20171215134157.hnjqip573bvjf22m@flea.lan>
References: <1513144986-13619-1-git-send-email-jagan@amarulasolutions.com>
 <20171213153947.sbtu7b5hudy7xhpn@flea.lan>
 <CAD6G_RRaxpirHcne05GXQpZCg6hcx1ntEWHn+KCua5vpVvzN4Q@mail.gmail.com>
 <20171215134157.hnjqip573bvjf22m@flea.lan>
Message-ID: <0e04918f-ed53-76f0-857a-de3bb0f7a260@arm.com>
List-Id: <u-boot.lists.denx.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: u-boot@lists.denx.de

Hi,

On 15/12/17 13:41, Maxime Ripard wrote:
> On Thu, Dec 14, 2017 at 02:03:12PM +0530, Jagan Teki wrote:
>> On Wed, Dec 13, 2017 at 9:09 PM, Maxime Ripard
>> <maxime.ripard@free-electrons.com> wrote:
>>> On Wed, Dec 13, 2017 at 11:33:02AM +0530, Jagan Teki wrote:
>>>> From: Jagan Teki <jagannadh.teki@gmail.com>
>>>>
>>>> Enable FIT_SIGNATURE for sunxi a64.
>>>>
>>>> Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
>>>> ---
>>>> Changes for v3:
>>>> - Move imply outside block
>>>> Changes for v2:
>>>> - Use imply instead of select
>>>>
>>>>  arch/arm/mach-sunxi/Kconfig | 1 +
>>>>  1 file changed, 1 insertion(+)
>>>>
>>>> diff --git a/arch/arm/mach-sunxi/Kconfig b/arch/arm/mach-sunxi/Kconfig
>>>> index 1fededd..05e2d47 100644
>>>> --- a/arch/arm/mach-sunxi/Kconfig
>>>> +++ b/arch/arm/mach-sunxi/Kconfig
>>>> @@ -179,6 +179,7 @@ config MACH_SUN50I
>>>>       select SUNXI_DRAM_DW_32BIT
>>>>       select FIT
>>>>       select SPL_LOAD_FIT
>>>> +     imply FIT_SIGNATURE
>>>
>>> I'm really not sure we should force it by default. How much code size
>>> is it adding?
>>
>> Why we need to consider u-boot size? (because it may cross the loader2 size?)
>> Here is the delta of u-boot elf
> 
> The same reason than anything else on our arm64 builds lately: we have
> a u-boot binary too big for the size compared to our environment offset.

I agree, and aside from that I don't see how this is useful:
- We don't *need* this for Allwinner boards.
- It is not usable without some more setup (which that other doc patch
describes).
- As Maxime mentioned, this is not very helpful on it's own, due to it
inherent vulnerability without a protected SPL as well.
- No other boards seems to set FIT_SIGNATURE.

So you can happily add this to your private config file (overlay), where
you create U-Boot binaries and pipe them to some encryption chain
afterwards. But I don't think it belongs into the mainline Kconfig.

Cheers,
Andre.