On Sunday 26 February 2023 01:56:23 Martin Rowe wrote: > On Sat, 25 Feb 2023 at 21:16, Pali Rohár <p...@kernel.org> wrote: > > I think that the remaining part is to patch linux DTB file at runtime > > for emmc support. So if u-boot mmc device is of eMMC type then fixup > > linux dtb file and others do nothing. > > One question I didn't think of when suggesting this: does runtime > patching the kernel's dtb break signed/verified booting
I do not think so. Signature verification should be done before patching. > The reason I > ask is because we now only need to patch the kernel dtb, not the > u-boot one. If we needed to do both, then it would make sense to > handle them in the same way through u-boot. The barrier to creating a > patched kernel dtb file on its own is very low, so I'm not sure adding > some "magic" to u-boot to make it work is the best solution, > especially if it might break verified boot.