On Wed, Dec 11, 2019 at 11:10:42AM +0900, AKASHI Takahiro wrote: > On Tue, Dec 10, 2019 at 08:54:12PM -0500, Tom Rini wrote: > > On Wed, Dec 11, 2019 at 09:41:56AM +0900, AKASHI Takahiro wrote: > > > Simon, > > > > > > On Wed, Dec 04, 2019 at 05:28:59PM +0900, AKASHI Takahiro wrote: > > > > On Wed, Dec 04, 2019 at 08:31:26AM +0100, Heinrich Schuchardt wrote: > > > > > On 12/4/19 3:43 AM, AKASHI Takahiro wrote: > > > > > >Tom, Simon, Heinrich, > > > > > > > > > > > >I have submitted three major patch sets for UEFI secure boot: > > > > > >* x509/pkcs7 parser > > > > > >* RSA library extension > > > > > >* UEFI secure boot > > > > > > > > > > > >I have no technical issues to fix now and have seen only a few minor > > > > > >comments on them (if I confirm that you have no more comments, > > > > > >I can submit new version almost immediately). > > > > > >Considering those, can I expect that those patches be merged > > > > > >in v2020.01? > > > > > > > > > > > >If not, do you need to have more time for your reviewing? > > > > > >What else do you expect from my side to accelerate the upstream? > > > > > > > > > > We are reaching the end of the release cycle. So do not expect any of > > > > > these patch series to be merged in v2020.01. > > > > > cf. https://www.denx.de/wiki/U-Boot/ReleaseCycle > > > > > > > > I have often seen several patches (not bug fix) merged > > > > even after "merge window". > > > > Anyway, > > > > > > > > > To my understanding the UEFI secure boot series depends on the other > > > > > two > > > > > so it must be merged last. > > > > > > > > So once the first two patch set are accepted by the maintainers, > > > > do you agree to merging the third one (i.e. secure boot patch itself) > > > > promptly? > > > > -> Heinrich > > > > > > > > As I said, I have had no technical issues on the first two patches > > > > and haven't heard any comments/objections from the maintainers so far. > > > > Are you willing to accept them for the next release? > > > > -> Tom, Simon > > > > > > Can you confirm that you have queued my "RSA library extension" patch > > > in your -next(?) branch, please? > > > > Please note that I raised a concern with the RSA patch series that needs > > to be addressed. There's unexplained / unexpected size growth on > > platforms that aren't otherwise enabling new features. Thanks! > > I misunderstood your statement there. > Questions: > 1) How did you measure the size growth? > Please specify the exact command(s). > 2) Did you use T1042RDB_PI_NAND_SECURE_BOOT_defconfig without any change?
So, I have the following script for doing size tests: #!/bin/bash # Initial and constant buildman args ARGS="-devl" ALL=0 KEEP=0 # Find our arguments while test $# -ne 0; do if [ "$1" == "--all" ]; then ALL=1 shift 1 elif [ "$1" == "--branch" ]; then BRANCH=$2 shift 2 elif [ "$1" == "--keep" ]; then KEEP=1 ARGS="$ARGS -k" shift 1 else MACHINE=$1 shift fi done if [ -z $MACHINE ]; then echo Usage: $0 MACHINE [--all] [--keep] [--branch BRANCH] exit 1 fi # If not all, then only first/last if [ $ALL -ne 1 ]; then ARGS="$ARGS --step 0" fi if [ ! -z $BRANCH ]; then ARGS="$ARGS -b $BRANCH" else ARGS="$ARGS -b `git rev-parse --abbrev-ref HEAD`" fi mkdir -p /tmp/$MACHINE export SOURCE_DATE_EPOCH=`date +%s` ./tools/buildman/buildman -o /tmp/$MACHINE $ARGS -SBC $MACHINE ./tools/buildman/buildman -o /tmp/$MACHINE $ARGS -SsB $MACHINE [ $KEEP -eq 0 ] && rm -rf /tmp/$MACHINE And yes, I applied just the series and built the world. The T1042RDB_PI_NAND_SECURE_BOOT_defconfig config along with a handful of other PowerPC platforms (also of the _SECURE_BOOT variety) had the same size growth. I didn't bisect down to the specific commit in question at the time. -- Tom
signature.asc
Description: PGP signature