Mirrors/u-boot
2
0
Fork 0
mirror of https://github.com/AsahiLinux/u-boot synced 2024-11-10 15:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

spl: Force disable non-FIT loading for TI secure devices

Browse source 
Booting of non-FIT images bypass our chain-of-trust boot flow,
these options should not be allowed when high security is set.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This commit is contained in:
Andrew Davis 2022-05-04 15:52:26 -05:00 committed by Tom Rini
parent 6665ab1795
commit 11f32da79f
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
common/spl/Kconfig
View file

@ -219,7 +219,8 @@ config SPL_BOOTCOUNT_LIMIT
config SPL_RAW_IMAGE_SUPPORT config SPL_RAW_IMAGE_SUPPORT
bool "Support SPL loading and booting of RAW images" bool "Support SPL loading and booting of RAW images"
default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA)) default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA))
default y if !TI_SECURE_DEVICE default y
depends on !TI_SECURE_DEVICE
help help
SPL will support loading and booting a RAW image when this option SPL will support loading and booting a RAW image when this option
is y. If this is not set, SPL will move on to other available is y. If this is not set, SPL will move on to other available
@ -227,7 +228,8 @@ config SPL_RAW_IMAGE_SUPPORT
config SPL_LEGACY_IMAGE_FORMAT config SPL_LEGACY_IMAGE_FORMAT
bool "Support SPL loading and booting of Legacy images" bool "Support SPL loading and booting of Legacy images"
default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT default y if !SPL_LOAD_FIT
depends on !TI_SECURE_DEVICE
help help
SPL will support loading and booting Legacy images when this option SPL will support loading and booting Legacy images when this option
is y. If this is not set, SPL will move on to other available is y. If this is not set, SPL will move on to other available