From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 79524CCA47B for ; Thu, 2 Jun 2022 17:34:16 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 326888432E; Thu, 2 Jun 2022 19:34:14 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="d1b5PYgw"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id F3C6984330; Thu, 2 Jun 2022 19:34:11 +0200 (CEST) Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id D220884328 for ; Thu, 2 Jun 2022 19:34:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=alpernebiyasak@gmail.com Received: by mail-ej1-x631.google.com with SMTP id m20so11271774ejj.10 for ; Thu, 02 Jun 2022 10:34:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=JFosxBhZ7Q98Cbi+F9yarpBORreM3k9G8QQOqNT6qcw=; b=d1b5PYgwCW39yZs6Xo2LPPOjCvLhBZOdRkG6H+nYU+KYhr3a8thkZiIrj1xjvT7C7X 2HiVCHnsXXaQWyGt3L1zSt05s9kDENGBiSfDAIovB9h78zgNsaJgYiz161PPDDOZfqZ2 DSKkionjHrTFPvRg7nRVYBt3RmR/GQthNX09pJ8KJZLPqfpbgFsmg4vVnYQgNVQRN5BI zzyKEsbGe4nYNweuAMB8U+IWBHFuHGtbavYdNRmmQfwTgGWKR2B++5NY2l/7EMoKoqF8 D8t6gjuWxKu+daRxkfxZ6gfLsgUdSiqkvzCwxL1ryeYNqe9c5hbA4u1IixkhmjsKabGt ZWqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=JFosxBhZ7Q98Cbi+F9yarpBORreM3k9G8QQOqNT6qcw=; b=j8avqtoSWV49SfzFfApeVZYobnbLt/7h4CKPvEo5ibKBg4Jlawqn9WA4SvpFDJpKoM r+Eti9QU7DfqBkwuksleZG5DLL+DL63LsDRlypbFDleYuplU8AZgz7uWgrhzTL6qAKMD orvl9djnGwzZGFDBzsT45kfr87KF5M4j+H+1dAB/KKmr+QpWZP0NmCGAGyOKz2PdIj0V VFrkCom6cD3kqR5nw8TLZPD5IE49cdhYLtYe9b1xFDPKPpZE7o6Y80KUmMJfGcXlLnZi pFIoHA+gQR3pX+wAYpV/EtK0/P6qU8HVv9tAPi99PupkJ0hbFmEVLL0M2dBDgrIMB3eI 7y8g== X-Gm-Message-State: AOAM530qK7+Ybv3yKMvykQbkxRGCMPEys/NcufsIgU0nGeGV0F71hvvb S69IcljGDCCyd4RDY0UuIaC8n8j/5+8= X-Google-Smtp-Source: ABdhPJxZx/SP6pu306RaR2sjEYnNxAboNkHXJInzlo39SR26HyxBuWPqbE/B4RBJ6TenduwMGKDvvg== X-Received: by 2002:a17:906:6a24:b0:6fe:fa6b:4386 with SMTP id qw36-20020a1709066a2400b006fefa6b4386mr5375920ejc.351.1654191248489; Thu, 02 Jun 2022 10:34:08 -0700 (PDT) Received: from [192.168.0.74] ([178.233.178.185]) by smtp.gmail.com with ESMTPSA id fx3-20020a1709069e8300b007072dc80e06sm1875911ejc.190.2022.06.02.10.34.06 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 02 Jun 2022 10:34:07 -0700 (PDT) Message-ID: <17ae7b7b-8e7e-7261-6776-4b3b705754de@gmail.com> Date: Thu, 2 Jun 2022 20:34:04 +0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux aarch64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0 Subject: Re: [u-boot PATCH 3/3] k3-am642-evm-u-boot: Use binman to generate u-boot.img and tispl.bin Content-Language: en-US To: Andrew Davis Cc: sjg@chromium.org, vigneshr@ti.com, praneeth@ti.com, u-boot@lists.denx.de, Tom Rini , n-francis@ti.com, Roger Quadros , Nishanth Menon References: <20220509072936.12899-1-rogerq@kernel.org> <20220509072936.12899-4-rogerq@kernel.org> <3dec7c74-e486-79da-e4e7-cad6205471a5@ti.com> <28124041-81c8-265f-5f54-57a7fb7562e4@ti.com> <3d5690e0-d77b-4592-dd55-0952d849a84b@kernel.org> <20220526141529.GV13239@bill-the-cat> <76474ded-a782-f491-eac6-ece3c5f4a7da@gmail.com> From: Alper Nebi Yasak In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean On 31/05/2022 17:15, Andrew Davis wrote: > On 5/31/22 12:06 AM, Roger Quadros wrote: >> On 27/05/2022 20:50, Alper Nebi Yasak wrote: >>> This would definitely work, see etype/mkimage.py for example. I'd prefer >>> to know the file-format details (and maybe replicate them in binman) if >>> you could afford to publish them, though... >> >> This is a question to Nishanth/Andrew. > > What file format are we talking about here? If it is the signed format, > it's an attached x509 certificate, that is already published [0] and > the tools to make it are public [1]. Thanks, I meant this. I saw 'secure-binary-image.sh' in the first patch, which lead me to 'doc/README.ti-secure', which mentions NDA and logins, so I stopped looking there. > There is also an effort to replicate some of this in binman too [2]. > > Thanks, > Andrew > > [0] https://software-dl.ti.com/tisci/esd/latest/2_tisci_msgs/security/sec_cert_format.html > [1] https://git.ti.com/cgit/security-development-tools/core-secdev-k3 > [2] https://lore.kernel.org/all/20220510200511.GK3901321@bill-the-cat/T/