From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CEA2EC433EF for ; Tue, 31 May 2022 14:15:53 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id AE52980FF0; Tue, 31 May 2022 16:15:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="xYDqk03h"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E2C0483B0E; Tue, 31 May 2022 16:15:47 +0200 (CEST) Received: from lelv0142.ext.ti.com (lelv0142.ext.ti.com [198.47.23.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 70D2C805FE for ; Tue, 31 May 2022 16:15:44 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=afd@ti.com Received: from lelv0266.itg.ti.com ([10.180.67.225]) by lelv0142.ext.ti.com (8.15.2/8.15.2) with ESMTP id 24VEFbTD054565; Tue, 31 May 2022 09:15:37 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1654006537; bh=WZ+1ddiFsbjRIOXsdC3W6ADJ978P+JaV60eYHow9iu4=; h=Date:Subject:To:CC:References:From:In-Reply-To; b=xYDqk03h7nlGWgHz32yn2+qggalqsH+SOianezzxfwkLLYKKf649IMIN9NaBoWCGZ W35hXNQvCHT9NgEtcuj6kbx22Cz8F7QBPyIqv+UQb7bgL2CbOzfg5fh+7DvlhTkHc3 0gKtI4SAeyxWROnsiHdhPt3pNpkNymQlcOIJ605c= Received: from DLEE109.ent.ti.com (dlee109.ent.ti.com [157.170.170.41]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 24VEFbbC106607 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 31 May 2022 09:15:37 -0500 Received: from DLEE101.ent.ti.com (157.170.170.31) by DLEE109.ent.ti.com (157.170.170.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.14; Tue, 31 May 2022 09:15:37 -0500 Received: from lelv0326.itg.ti.com (10.180.67.84) by DLEE101.ent.ti.com (157.170.170.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.14 via Frontend Transport; Tue, 31 May 2022 09:15:37 -0500 Received: from [10.250.32.110] (ileax41-snat.itg.ti.com [10.172.224.153]) by lelv0326.itg.ti.com (8.15.2/8.15.2) with ESMTP id 24VEFaGa003654; Tue, 31 May 2022 09:15:36 -0500 Message-ID: Date: Tue, 31 May 2022 09:15:36 -0500 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1 Subject: Re: [u-boot PATCH 3/3] k3-am642-evm-u-boot: Use binman to generate u-boot.img and tispl.bin Content-Language: en-US To: Roger Quadros , Alper Nebi Yasak , Nishanth Menon CC: , , , , Tom Rini , References: <20220509072936.12899-1-rogerq@kernel.org> <20220509072936.12899-4-rogerq@kernel.org> <3dec7c74-e486-79da-e4e7-cad6205471a5@ti.com> <28124041-81c8-265f-5f54-57a7fb7562e4@ti.com> <3d5690e0-d77b-4592-dd55-0952d849a84b@kernel.org> <20220526141529.GV13239@bill-the-cat> <76474ded-a782-f491-eac6-ece3c5f4a7da@gmail.com> From: Andrew Davis In-Reply-To: Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean On 5/31/22 12:06 AM, Roger Quadros wrote: > Hi, > > On 27/05/2022 20:50, Alper Nebi Yasak wrote: >> On 26/05/2022 17:15, Tom Rini wrote: >>> On Thu, May 26, 2022 at 10:28:45AM +0300, Roger Quadros wrote: >>>> Any thoughts on how to get the new ti-secure etype work with atf-bl31 and >>>> tee-os etypes so that it can take the data output of those entries and create >>>> a signed binary with filenames from those entries or atf-bl31-path and >>>> tee-os-path? >>>> >>>> Can something like this work? >>>> >>>> ti-secure { >>>> atf-bl31 { >>>> filename = "bl31.bin"; >>>> }; >>>> } >>>> >>>> We could probably get rid of filename property from ti-secure etype and use >>>> blob for regular files. >>>> >>>> ti-secure { >>>> blob { >>>> filename = "somefile.ext"; >>>> } >>>> } >> >> This would definitely work, see etype/mkimage.py for example. I'd prefer >> to know the file-format details (and maybe replicate them in binman) if >> you could afford to publish them, though... > > This is a question to Nishanth/Andrew. > What file format are we talking about here? If it is the signed format, it's an attached x509 certificate, that is already published [0] and the tools to make it are public [1]. There is also an effort to replicate some of this in binman too [2]. Thanks, Andrew [0] https://software-dl.ti.com/tisci/esd/latest/2_tisci_msgs/security/sec_cert_format.html [1] https://git.ti.com/cgit/security-development-tools/core-secdev-k3 [2] https://lore.kernel.org/all/20220510200511.GK3901321@bill-the-cat/T/ >> >> >> Sorry I couldn't look at either series yet, but I see mentions of >> k3_fit_atf.sh, so let me point out another series [1][2] that might also >> interest you: >> >> [1] [RESEND, RFC 0/8] Integration of sysfw and tispl with U-Boot >> https://lore.kernel.org/u-boot/20220406122919.6104-1-n-francis@ti.com/ >> >> [2] [PATCH RFC v2 00/11] Integration of sysfw, tispl and tiboot3 >> https://lore.kernel.org/u-boot/20220506043759.8193-1-n-francis@ti.com/ > > Thanks for this pointer. I will review those patches and see how we can > consolidate. > > cheers, > -roger