get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/2196419/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2196419,
    "url": "http://patchwork.ozlabs.org/api/patches/2196419/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20260213192838.157084-1-marex@nabladev.com/",
    "project": {
        "id": 18,
        "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api",
        "name": "U-Boot",
        "link_name": "uboot",
        "list_id": "u-boot.lists.denx.de",
        "list_email": "u-boot@lists.denx.de",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20260213192838.157084-1-marex@nabladev.com>",
    "list_archive_url": null,
    "date": "2026-02-13T19:28:13",
    "name": "[v2] binman: add CST backend selection for i.MX8M signing",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "ffc9baf6691548d5bd714f8ec8eb893a86be88f8",
    "submitter": {
        "id": 91452,
        "url": "http://patchwork.ozlabs.org/api/people/91452/?format=api",
        "name": "Marek Vasut",
        "email": "marex@nabladev.com"
    },
    "delegate": {
        "id": 151988,
        "url": "http://patchwork.ozlabs.org/api/users/151988/?format=api",
        "username": "festevam",
        "first_name": "Fabio",
        "last_name": "Estevam",
        "email": "festevam@gmail.com"
    },
    "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20260213192838.157084-1-marex@nabladev.com/mbox/",
    "series": [
        {
            "id": 492137,
            "url": "http://patchwork.ozlabs.org/api/series/492137/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=492137",
            "date": "2026-02-13T19:28:13",
            "name": "[v2] binman: add CST backend selection for i.MX8M signing",
            "version": 2,
            "mbox": "http://patchwork.ozlabs.org/series/492137/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2196419/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2196419/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<u-boot-bounces@lists.denx.de>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=nabladev.com header.i=@nabladev.com header.a=rsa-sha256\n header.s=dkim header.b=AYIsX5Im;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)",
            "phobos.denx.de;\n dmarc=pass (p=reject dis=none) header.from=nabladev.com",
            "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de",
            "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=nabladev.com header.i=@nabladev.com\n header.b=\"AYIsX5Im\";\n\tdkim-atps=neutral",
            "phobos.denx.de; dmarc=pass (p=reject dis=none)\n header.from=nabladev.com",
            "phobos.denx.de;\n spf=pass smtp.mailfrom=marex@nabladev.com"
        ],
        "Received": [
            "from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fCPD35Gfjz1xvS\n\tfor <incoming@patchwork.ozlabs.org>; Sat, 14 Feb 2026 07:39:31 +1100 (AEDT)",
            "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id C86EF83DC9;\n\tFri, 13 Feb 2026 21:39:19 +0100 (CET)",
            "by phobos.denx.de (Postfix, from userid 109)\n id EACD583C4B; Fri, 13 Feb 2026 20:28:42 +0100 (CET)",
            "from mx.nabladev.com (mx.nabladev.com [178.251.229.89])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 8E85683CF2\n for <u-boot@lists.denx.de>; Fri, 13 Feb 2026 20:28:40 +0100 (CET)",
            "from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon)\n with ESMTPSA id 52B6410BB7A; Fri, 13 Feb 2026 20:28:39 +0100 (CET)"
        ],
        "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de",
        "X-Spam-Level": "",
        "X-Spam-Status": "No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,\n RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,\n SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=nabladev.com;\n s=dkim; t=1771010919; h=from:subject:date:message-id:to:cc:mime-version:\n content-transfer-encoding; bh=yTdREr2RYk7sAle3WscIQqAudJrNzexQjiTS8JTjkvA=;\n b=AYIsX5ImkiIgqxLE7bcWCUY7Mhjl0HXRm7UCWPkEc6HH8yHgm1m88N6+3r1EDJ1l9v2KID\n XpXCTxc3/SnoRPRlJy7PFZwE0qblXsZ+MpUgDSyLT+xBRUPHzxPfotmOm79J8lAnHFRt/N\n uWmHtDIryND/4lRW7uGOIArEvqOgc4zNao9pnFLnC2roCCB44HzOY5BGn0093BPQr5k7Sl\n Cw7mGtgBfhUaWKMIjueAtYvT/E4U3X6/IXBR1AnXnxWKTF49NB4v60f7Tnm35qS1ktglGe\n bcfKoJlQVF8z314Amot99aR+L2IIzgsLbou8N4oSf1SGPlgNLSZ/DY9zpgz1HQ==",
        "From": "Marek Vasut <marex@nabladev.com>",
        "To": "u-boot@lists.denx.de",
        "Cc": "Marek Vasut <marex@nabladev.com>,\n Alper Nebi Yasak <alpernebiyasak@gmail.com>,\n Simon Glass <sjg@chromium.org>, Tom Rini <trini@konsulko.com>",
        "Subject": "[PATCH v2] binman: add CST backend selection for i.MX8M signing",
        "Date": "Fri, 13 Feb 2026 20:28:13 +0100",
        "Message-ID": "<20260213192838.157084-1-marex@nabladev.com>",
        "X-Mailer": "git-send-email 2.51.0",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "X-Last-TLS-Session-Version": "TLSv1.3",
        "X-Mailman-Approved-At": "Fri, 13 Feb 2026 21:39:18 +0100",
        "X-BeenThere": "u-boot@lists.denx.de",
        "X-Mailman-Version": "2.1.39",
        "Precedence": "list",
        "List-Id": "U-Boot discussion <u-boot.lists.denx.de>",
        "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>",
        "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>",
        "List-Post": "<mailto:u-boot@lists.denx.de>",
        "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>",
        "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>",
        "Errors-To": "u-boot-bounces@lists.denx.de",
        "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>",
        "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de",
        "X-Virus-Status": "Clean"
    },
    "content": "Add support for setting the CST backend, both via DT property and\nCST_BACKEND environment variable. The CST currently supports two\nbackends, 'ssl' and 'pkcs11', with 'ssl' being the default when\nCST tool is invoked without any -b parameter. Keep 'ssl' backend\nas the default, but explicitly pass it via the '-b' parameter,\nunless the user selects 'pkcs11' via either method.\n\nSigned-off-by: Marek Vasut <marex@nabladev.com>\n---\nCc: Alper Nebi Yasak <alpernebiyasak@gmail.com>\nCc: Simon Glass <sjg@chromium.org>\nCc: Tom Rini <trini@konsulko.com>\nCc: u-boot@lists.denx.de\n---\nV2: Fill in documentation for all used DT properties\n---\n doc/imx/habv4/guides/mx8m_spl_secure_boot.txt | 30 ++++++++++++-------\n tools/binman/entries.rst                      |  7 +++++\n tools/binman/etype/nxp_imx8mcst.py            | 12 +++++++-\n 3 files changed, 37 insertions(+), 12 deletions(-)",
    "diff": "diff --git a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt\nindex 1bea091344d..a3ebd397d82 100644\n--- a/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt\n+++ b/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt\n@@ -167,17 +167,25 @@ The nxp-imx8mcst etype is configurable using either DT properties or environment\n variables. The following DT properties and environment variables are supported.\n Note that environment variables override DT properties.\n \n-+--------------------+-----------+------------------------------------------------------------------+\n-| DT property        | Variable  | Description                                                      |\n-+====================+===========+==================================================================+\n-| nxp,loader-address |           | SPL base address                                                 |\n-+--------------------+-----------+------------------------------------------------------------------+\n-| nxp,srk-table      | SRK_TABLE | full path to SRK_1_2_3_4_table.bin                               |\n-+--------------------+-----------+------------------------------------------------------------------+\n-| nxp,csf-crt        | CSF_KEY   | full path to the CSF Key CSF1_1_sha256_4096_65537_v3_usr_crt.pem |\n-+--------------------+-----------+------------------------------------------------------------------+\n-| nxp,img-crt        | IMG_KEY   | full path to the IMG Key IMG1_1_sha256_4096_65537_v3_usr_crt.pem |\n-+--------------------+-----------+------------------------------------------------------------------+\n++--------------------+-------------+------------------------------------------------------------------+\n+| DT property        | Variable    | Description                                                      |\n++====================+=============+==================================================================+\n+| nxp,loader-address |             | SPL base address                                                 |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,srk-table      | SRK_TABLE   | full path to SRK_1_2_3_4_table.bin                               |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,csf-crt        | CSF_KEY     | full path to the CSF Key CSF1_1_sha256_4096_65537_v3_usr_crt.pem |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,img-crt        | IMG_KEY     | full path to the IMG Key IMG1_1_sha256_4096_65537_v3_usr_crt.pem |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,fast-auth      |             | enable fast authentication method                                |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,srk-crt        | SRK_KEY     | full path to the SRK Key SRK1_sha256_4096_65537_v3_ca_crt.pem    |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,unlock         |             | unlock CAAM in SPL                                               |\n++--------------------+-------------+------------------------------------------------------------------+\n+| nxp,cst-backend    | CST_BACKEND | CST tool backend, default is 'ssl', or selectable 'pkcs11'       |\n++--------------------+-------------+------------------------------------------------------------------+\n \n Environment variables can be set as follows to point the build process\n to external key material:\ndiff --git a/tools/binman/entries.rst b/tools/binman/entries.rst\nindex 8922d6cd070..29bc778d0e5 100644\n--- a/tools/binman/entries.rst\n+++ b/tools/binman/entries.rst\n@@ -1664,6 +1664,13 @@ Entry: nxp-imx8mcst: NXP i.MX8M CST .cfg file generator and cst invoker\n \n Properties / Entry arguments:\n     - nxp,loader-address - loader address (SPL text base)\n+    - nxp,srk-table - full path to SRK_1_2_3_4_table.bin\n+    - nxp,csf-crt - full path to the CSF Key CSF1_1_sha256_4096_65537_v3_usr_crt.pem\n+    - nxp,img-crt - full path to the IMG Key IMG1_1_sha256_4096_65537_v3_usr_crt.pem\n+    - nxp,fast-auth - enable fast authentication method\n+    - nxp,srk-crt - full path to the SRK Key SRK1_sha256_4096_65537_v3_ca_crt.pem\n+    - nxp,unlock - unlock CAAM in SPL\n+    - nxp,cst-backend - CST tool backend, default is 'ssl', or selectable 'pkcs11'\n \n \n \ndiff --git a/tools/binman/etype/nxp_imx8mcst.py b/tools/binman/etype/nxp_imx8mcst.py\nindex dd9f226b751..3a95da6a35d 100644\n--- a/tools/binman/etype/nxp_imx8mcst.py\n+++ b/tools/binman/etype/nxp_imx8mcst.py\n@@ -90,6 +90,10 @@ class Entry_nxp_imx8mcst(Entry_mkimage):\n                 'SRK_KEY', fdt_util.GetString(self._node, 'nxp,srk-crt',\n                                               f'SRK1_{KEY_NAME}.pem'))\n \n+        self.backend = os.getenv(\n+            'CST_BACKEND', fdt_util.GetString(self._node, 'nxp,cst-backend',\n+                                              'ssl'))\n+\n         self.unlock = fdt_util.GetBool(self._node, 'nxp,unlock')\n         self.ReadEntries()\n \n@@ -161,8 +165,14 @@ class Entry_nxp_imx8mcst(Entry_mkimage):\n         with open(cfg_fname, 'w') as cfgf:\n             config.write(cfgf)\n \n+        # SSL is the default backend, PKCS11 backend is optional\n+        if self.backend == \"pkcs11\":\n+            cst_backend = \"pkcs11\"\n+        else:\n+            cst_backend = \"ssl\"\n+\n         output_fname = tools.get_output_filename(f'nxp.csf-output-blob.{uniq}')\n-        args = ['-i', cfg_fname, '-o', output_fname]\n+        args = ['-i', cfg_fname, '-o', output_fname, '-b', cst_backend]\n         if self.cst.run_cmd(*args) is not None:\n             outdata = tools.read_file(output_fname)\n             # fixme: 0x2000 should be CONFIG_CSF_SIZE\n",
    "prefixes": [
        "v2"
    ]
}