From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marek Vasut Date: Thu, 6 Jun 2019 10:05:58 +0200 Subject: [U-Boot] [EXT] Re: [PATCH 4/6] spl: mmc: support loading i.MX container format file In-Reply-To: References: <9faa828b-9ebc-8bc7-9232-6ce1ff8f75a8@denx.de> <479ee7a2-8225-7211-46d6-0f9bd2e95881@denx.de> <20190605135201.GN7705@bill-the-cat> <9df27c64-b54e-7c65-56a9-9b0481378ded@denx.de> Message-ID: <31735fe5-c4d5-c1dd-de88-d6eb1f508bac@denx.de> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On 6/6/19 9:54 AM, Peng Fan wrote: [...] >>>>>>>> We would not introduce cypto driver in SPL stage, that means HAB >>>>>>>> FIT and AHAB container needs to be dropped when SPL loading other >>>> images. >>>>>>>> ROM already provides API for bootloader to authenticate images, >>>>>>>> introducing complex crypto driver in SPL could enlarge code size >>>>>>>> and make things complicated. >>>>>>> >>>>>>> Ah I see, so it's all making the whole crypto simpler by >>>>>>> offloading the hard parts into the firmware, which just magically >>>>>>> handles everything , without having much extra code in the SPL ? >>>>>> >>>>>> Yes. Use what ROM provides will make things easier for U-Boot. >>>>> >>>>> Is it possible to perform a security audit on the ROM as easily as >>>>> on U-Boot ? I mean, U-Boot is free software, the source is >>>>> available, so security researchers can easily scrutinize it. Is the ROM ? >>>> >>>> So, here's my two cents (and it may or may not seem contradictory >>>> with my opinions in the secure boot thread going on currently on the >>>> Linaro Boot Architecture list). Yes, it would and IMHO is better >>>> when we use free and open software to solve our problems (and an >>>> aside to the RISC-V folks as this is yet another area they can make >>>> the world a better place in). But I am a believe in dealing with the >>>> world as it stands at times too. The question isn't "can we get NXP >>>> to re-spin i.MX8 to use the FIT image format?" as that's obviously >>>> going to be "No.". The question is, "can we support this format in a >>>> clean manner?" and the answer is obviously "Yes.". So please lets >>>> keep that in mind with reviewing the code as at the end of the day it >>>> is more beneficial for this to be supported in mainline U-Boot than only >> supported in the vendor tree. >>> >>> Thanks. So I think you agree the current approach. Could I get any A-b >>> or R-b tags from the list? >> >> I would still like an answer to my question about the security auditing above. > > Sorry. Missed your thread. I not work on ROM stuff, but I think answer is > no to public. I see. -- Best regards, Marek Vasut