diff options
author | Andrew Davis <afd@ti.com> | 2022-05-04 15:52:26 -0500 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2022-05-11 09:22:24 -0400 |
commit | 11f32da79f5519b5b12d000bb990e55b0c351b6e (patch) | |
tree | 4bc73309a51fcd1ccc9bb1808d5e21c6270641b1 | |
parent | 6665ab179532932f34162bc62d0240116f2e38ac (diff) | |
download | u-boot-11f32da79f5519b5b12d000bb990e55b0c351b6e.tar.gz u-boot-11f32da79f5519b5b12d000bb990e55b0c351b6e.tar.bz2 u-boot-11f32da79f5519b5b12d000bb990e55b0c351b6e.zip |
spl: Force disable non-FIT loading for TI secure devices
Booting of non-FIT images bypass our chain-of-trust boot flow,
these options should not be allowed when high security is set.
Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
-rw-r--r-- | common/spl/Kconfig | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 43485af468..50ff113cab 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -219,7 +219,8 @@ config SPL_BOOTCOUNT_LIMIT config SPL_RAW_IMAGE_SUPPORT bool "Support SPL loading and booting of RAW images" default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA)) - default y if !TI_SECURE_DEVICE + default y + depends on !TI_SECURE_DEVICE help SPL will support loading and booting a RAW image when this option is y. If this is not set, SPL will move on to other available @@ -227,7 +228,8 @@ config SPL_RAW_IMAGE_SUPPORT config SPL_LEGACY_IMAGE_FORMAT bool "Support SPL loading and booting of Legacy images" - default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT + default y if !SPL_LOAD_FIT + depends on !TI_SECURE_DEVICE help SPL will support loading and booting Legacy images when this option is y. If this is not set, SPL will move on to other available |