On Thu, 10 Oct 2013, Tero Kristo wrote: > On 10/09/2013 09:59 PM, Paul Walmsley wrote: > > Eh, one correction: > > > > On Wed, 9 Oct 2013, Paul Walmsley wrote: > > > > > We could easily wind up with kernels that won't boot at all when used > > > with newer DT data. > > > > This is a misstatement of the issue: the concern here is that newer > > kernels may not boot at all with older DT data - which could easily be in > > locked areas of the flash or firmware. > > I wonder who would be crazy enough to put DT data into a locked area, and to > what purpose. If you can update the kernel, there is no point locking down DT > data, this will just cause you unnecessary misery. The DT data will be used by bootloaders also :-( In situations where the bootloaders are signed and locked, the security people are also insisting that the DT data be signed and locked. - Paul -- To unsubscribe from this list: send the line "unsubscribe devicetree" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html