[PATCH v4 1/8] binman: ti-secure: Add support for firewalling entities
Simon Glass
sjg at chromium.org
Fri Dec 15 18:49:02 CET 2023
Hi Jon,
On Thu, 14 Dec 2023 at 14:49, Jon Cormier <jcormier at criticallink.com> wrote:
>
> Hi Manorit,
>
> This commit added a possibly unintentional dependency on python 3.9+.
>
> I ran into this while trying to build the soon-to-be-released 09.01.00.008.
>
> Build failure on ubuntu 20.04 which uses python 3.8:
> "binman: 'type' object is not subscriptable"
Thank you for reporting this. Yes, we should not require python 3.9,
even though I feel it is reasonable to give up on 3.6 at this stage.
>
> This can be fixed by:
>
> diff --git a/tools/binman/etype/ti_secure.py b/tools/binman/etype/ti_secure.py
> index f80eb542c956..872c6d38ff46 100644
> --- a/tools/binman/etype/ti_secure.py
> +++ b/tools/binman/etype/ti_secure.py
> @@ -16,7 +16,7 @@ class Firewall():
> id: int
> region: int
> control : int
> - permissions: list[hex]
> + permissions: list
> start_address: str
> end_address: str
>
> > Hi Manorit,
> >
> > On Wed, 11 Oct 2023 at 23:02, Manorit Chawdhry <m-chawd... at ti.com> wrote:
> > >
> > > Hi Simon,
> > >
> > > On 11:54-20231011, Manorit Chawdhry wrote:
> > > > We can now firewall entities while loading them through our secure
> > > > entity TIFS, the required information should be present in the
> > > > certificate that is being parsed by TIFS.
> > > >
> > > > The following commit adds the support to enable the certificates to be
> > > > generated if the firewall configurations are present in the binman dtsi
> > > > nodes.
> > > >
> > > > Signed-off-by: Manorit Chawdhry <m-chawd... at ti.com>
> > > > ---
> > > [..]
> > > > tools/binman/btool/openssl.py | 16 +++++++-
> > > > tools/binman/etype/ti_secure.py | 90
> > > > +++++++++++++++++++++++++++++++++++++++++
> > > > tools/binman/etype/x509_cert.py | 3 +-
> > > > 3 files changed, 106 insertions(+), 3 deletions(-)
> > > >
> > > > from binman.entry import EntryArg
> > > > from binman.etype.x509_cert import Entry_x509_cert
> > > > +from dataclasses import dataclass
> > >
> > > What all python versions do we support in u-boot? I see that dataclasses
> > > are in-built from python3.7 but for older versions we would need to
> > > install them separately, do I need to add this in buildman requirements
> > > for those versions?
> >
> > I would prefer not to worry about Python 3.6 if possible. There are a
> > few workarounds in buildman for it, though.
Regards,
Simon
More information about the U-Boot
mailing list