summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Davis <afd@ti.com>2022-05-04 15:52:26 -0500
committerTom Rini <trini@konsulko.com>2022-05-11 09:22:24 -0400
commit11f32da79f5519b5b12d000bb990e55b0c351b6e (patch)
tree4bc73309a51fcd1ccc9bb1808d5e21c6270641b1
parent6665ab179532932f34162bc62d0240116f2e38ac (diff)
downloadu-boot-11f32da79f5519b5b12d000bb990e55b0c351b6e.tar.gz
u-boot-11f32da79f5519b5b12d000bb990e55b0c351b6e.tar.bz2
u-boot-11f32da79f5519b5b12d000bb990e55b0c351b6e.zip
spl: Force disable non-FIT loading for TI secure devices
Booting of non-FIT images bypass our chain-of-trust boot flow, these options should not be allowed when high security is set. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
-rw-r--r--common/spl/Kconfig6
1 files changed, 4 insertions, 2 deletions
diff --git a/common/spl/Kconfig b/common/spl/Kconfig
index 43485af468..50ff113cab 100644
--- a/common/spl/Kconfig
+++ b/common/spl/Kconfig
@@ -219,7 +219,8 @@ config SPL_BOOTCOUNT_LIMIT
config SPL_RAW_IMAGE_SUPPORT
bool "Support SPL loading and booting of RAW images"
default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA))
- default y if !TI_SECURE_DEVICE
+ default y
+ depends on !TI_SECURE_DEVICE
help
SPL will support loading and booting a RAW image when this option
is y. If this is not set, SPL will move on to other available
@@ -227,7 +228,8 @@ config SPL_RAW_IMAGE_SUPPORT
config SPL_LEGACY_IMAGE_FORMAT
bool "Support SPL loading and booting of Legacy images"
- default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT
+ default y if !SPL_LOAD_FIT
+ depends on !TI_SECURE_DEVICE
help
SPL will support loading and booting Legacy images when this option
is y. If this is not set, SPL will move on to other available