<ccf>
Ahoj, in a board specific platformcode (/board/rockchip/blafoo) I can successfully use fdt_setprop_u32(), now I want to use fdt_getprop_u32(), but that does fail with a linker failure: undefined reference to `fdt_getprop_u32'. Any ideas?
d-s-e has quit [Ping timeout: 250 seconds]
<sjg1>
sng: I suppose we could but I'm not in an ideal environment for calls...I sent a reply
<apalos>
But you seem so disjoint and refusing to accept the fact that u-boot has EFI already
<apalos>
which is a bit annoying,
<apalos>
If you dont understand the patches, ask for a better explanation
<apalos>
Right now your plan for adding the signatures, which again, *you* asked to be in a dtb
<apalos>
is just messing things even more
<apalos>
the signature is not per board, it's per vendor per image or whatever
<apalos>
So the solution of 'ask vendors to include a custom .dtsi' is just beyond me
<apalos>
the sensible one is have a Kconfig option which says "this is the public cert I want to build u-boot with"
<apalos>
and you keep repeating that comment
<apalos>
"we in google sign stuff on a server later"
<apalos>
We get it,
<apalos>
But this is NOT signing
<apalos>
so please the email properly, instead of responding random thoughts
<apalos>
Because I am pretty sure I spend time on responding
<apalos>
read the email*
<apalos>
because looking at your responses always feels like you spent 5 mins, skimming through the email
MWelchUK7 has quit [Server closed connection]
goliath has quit [Quit: SIGSEGV]
MWelchUK7 has joined #u-boot
unjust has joined #u-boot
goliath has joined #u-boot
<sjg1>
apalos: I hope you can understand that there are frustrations on both sides. I'll forgo that until we can talk about it f2f
<sjg1>
apalos: If you want a Kconfig with the public cert, that's fine...just add it to the .dtsi
<sjg1>
apalos: I try to understand the emails, but they can be long and sometimes just repeat the same points. This is not my day job and I don't have a good understanding of much of the stuff you are working on
<apalos>
All I am saying is that if wyou need more time, take more time
<apalos>
If you need me to explain certian stuff ask, I am here
<sjg1>
apalos: "disjoint and refusing to accept the fact that u-boot has EFI already" - that just makes no sense to me. My complaint was about FIP, where Linaro/ARM seems to have invented a new format for no earthly reason
<apalos>
There's no point overloading emails, it just gets more confusing
<apalos>
sjg1: Linaro has nothing to do with TF-A :>
<apalos>
we contribute patches, but that's it
<apalos>
but my whole point is pretty simple
<apalos>
1. U-Boot has a Kconfig that says "authenticated capsule updates"
<sjg1>
apalos: Can we get past the 'we want to change the input files' thing, or is that going to be argued for another few weeks? It is just frustrating
<apalos>
2. if a user chooses that he should be prompted for a public jey
<apalos>
but we dont want to change input files
<apalos>
The only thing that is needed is a /dtb with the public key
<apalos>
Because that's how the code works, which you requested
<apalos>
So that .dtb should be automatically generated, by reading Kconfig with the key
<apalos>
If the key gets injected into the .dtb or a .dtsi that eventually gets concatenated on the final u-boot binary makes little difference to me tbh
<apalos>
we need a u-boot.bin with the correct .dtb appended which includes the public key
<apalos>
and a u-boot.dtb which has all the nodes we need
<apalos>
taht's it
<apalos>
if you prefer it on a .dtsi that gets concatenated with the dtb in the end fine, i dont honestly see a difference
<apalos>
But having vendors providing a .dtsi with a custom key per build, is just hard to use
<apalos>
We should make their life easier not harder
<apalos>
sjg1: the only fundamental difference is that the U-Boot DM extra nodes can be hardcoded because they are static and that's fine
<apalos>
the public key on the other hand needs to be easily configurable
<apalos>
Especially based on the huge success vendors have to mess things up security wise :>
goliath has quit [Quit: SIGSEGV]
d-s-e has quit [Quit: Konversation terminated!]
mmu_man has quit [Ping timeout: 250 seconds]
ikarso has quit [Quit: Connection closed for inactivity]
frieder has quit [Remote host closed the connection]
apritzel has joined #u-boot
sng has joined #u-boot
sng has quit [Remote host closed the connection]
sng has joined #u-boot
apritzel has quit [Ping timeout: 252 seconds]
sng has quit [Read error: Connection reset by peer]
vulpes2[m] has quit [Remote host closed the connection]
xypron has quit [Server closed connection]
xypron has joined #u-boot
mmu_man has joined #u-boot
pgreco_ is now known as pgreco
behanw has joined #u-boot
apritzel has joined #u-boot
apritzel has quit [Ping timeout: 240 seconds]
unjust has quit [Quit: unjust]
sng has joined #u-boot
soxrok2212 has quit [Read error: Connection reset by peer]