dany/u-boot-megous
1
0
Fork 0
mirror of https://xff.cz/git/u-boot/ synced 2025-09-03 01:32:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

spl: Force disable non-FIT loading for TI secure devices

Browse Source 
Booting of non-FIT images bypass our chain-of-trust boot flow,
these options should not be allowed when high security is set.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
This commit is contained in:
Andrew Davis
2022-05-04 15:52:26 -05:00
committed by Tom Rini
parent 6665ab1795
commit 11f32da79f
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
common/spl/Kconfig
View File

@@ -219,7 +219,8 @@ config SPL_BOOTCOUNT_LIMIT
config SPL_RAW_IMAGE_SUPPORT
bool "Support SPL loading and booting of RAW images"
default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA))
default y if !TI_SECURE_DEVICE
default y
depends on !TI_SECURE_DEVICE
help
SPL will support loading and booting a RAW image when this option
is y. If this is not set, SPL will move on to other available
@@ -227,7 +228,8 @@ config SPL_RAW_IMAGE_SUPPORT
config SPL_LEGACY_IMAGE_FORMAT
bool "Support SPL loading and booting of Legacy images"
default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT
default y if !SPL_LOAD_FIT
depends on !TI_SECURE_DEVICE
help
SPL will support loading and booting Legacy images when this option
is y. If this is not set, SPL will move on to other available