On 7/4/22 14:51, Peter Robinson wrote:
Hi Peng,
I did a test to do overlay for U-Boot runtime dtb, but after overlay finish, U-Boot DM driver not work properly because the of_node pointer is changed in a device.
So I am thinking whether this is valid to overlay to runtime U-Boot dtb or not. The reason I try this is that I wanna overlay the EFI capsule signature to U-Boot dtb, then capsule update with authentication could work, otherwise I need integrate the signature in dts and rebuild the image. I understand current U-Boot not support overlay U-Boot runtime dtb, just thinking whether this is valid or should we support it.
Applying overlays to the control device-tree is not supported. Allowing console access on a system where you plan to apply authenticated capsules seems unwise from a security viewpoint. So we should not support your scenario.
You can apply overlays to the device-tree passed to the Linux kernel.
Best regards
Heinrich
Bootin did a pretty good blog post for DT overlays in U-Boot, not sure if that's useful for this usecase but for reference: https://bootlin.com/blog/using-the-u-boot-extension-board-manager-beaglebone...