mirror of
https://xff.cz/git/u-boot/
synced 2025-09-03 01:32:47 +02:00
spl: Force disable non-FIT loading for TI secure devices
Booting of non-FIT images bypass our chain-of-trust boot flow, these options should not be allowed when high security is set. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
This commit is contained in:
@@ -219,7 +219,8 @@ config SPL_BOOTCOUNT_LIMIT
|
||||
config SPL_RAW_IMAGE_SUPPORT
|
||||
bool "Support SPL loading and booting of RAW images"
|
||||
default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA))
|
||||
default y if !TI_SECURE_DEVICE
|
||||
default y
|
||||
depends on !TI_SECURE_DEVICE
|
||||
help
|
||||
SPL will support loading and booting a RAW image when this option
|
||||
is y. If this is not set, SPL will move on to other available
|
||||
@@ -227,7 +228,8 @@ config SPL_RAW_IMAGE_SUPPORT
|
||||
|
||||
config SPL_LEGACY_IMAGE_FORMAT
|
||||
bool "Support SPL loading and booting of Legacy images"
|
||||
default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT
|
||||
default y if !SPL_LOAD_FIT
|
||||
depends on !TI_SECURE_DEVICE
|
||||
help
|
||||
SPL will support loading and booting Legacy images when this option
|
||||
is y. If this is not set, SPL will move on to other available
|
||||
|
Reference in New Issue
Block a user