[...]
If we implement secure boot according the UEFI specification, one option would be to package the device tree as a UEFI driver image and let the stub install it as a configuration table. The unload callback could be used to remove the device tree.
Sure but this is not in scope for the current patchset is it?
Exactly.
Similarly you can just include the DTB in U-Boot and naturally have it verified.
I am not arguing that DTB verification is needed. We absolutely agree on that. All i am saying is that the extra functionality can be added in the future, since we already have a valid way of providing it with the current patchset.
BTW, Ilias, where should such a discussion about dtb verification be held, Boot-arch ML, Linaro Connect, ELC or whatever else conference? Otherwise just leave the decision in distributors' hands?
We did send some e-mails on boot-arch ML in the past [1]. The subject is quite controversial since there are a lot of opinions on this. I think Linaro is working on a device tree evolution project at the moment with one of the subjects being device tree verification. We can certainly discuss more during Linaro Connect.
[1] https://lists.linaro.org/pipermail/boot-architecture/2019-June/001053.html
Thanks /Ilias
Thanks, -Takahiro Akashi
Regards /Ilias
Best regards
Heinrich