Re:[PATCH v2] boot: don't enable the non-secure boot commands by default if secure boot enabled

Dear Simon Glass,

Also please do check tests (make qcheck) since sandbox enables more options than most boards.

All tests passed, please check the detailed log in the attachment.

Best regards, Rover Mo

At 2021-11-09 15:21:43, "Rover Mo" myzmzz@126.com wrote:

To prevent booting unsigned images, don't enable the non-secure boot commands(booti, bootz .etc) by default if secure boot enabled.

Signed-off-by: Rover Mo myzmzz@126.com Cc: Heinrich Schuchardt xypron.glpk@gmx.de Cc: Simon Glass sjg@chromium.org

---

Changes for v2:

• Don't enable the non-secure boot commands too if !EFI_SECURE_BOOT
• Update the help information
• Changed commit title

cmd/Kconfig | 11 +++++++++-- common/Kconfig.boot | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/cmd/Kconfig b/cmd/Kconfig index 5b30b13e43..98c588e638 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -203,15 +203,22 @@ config BOOTM_EFI

config CMD_BOOTZ bool "bootz"

• default y if !FIT_SIGNATURE && !EFI_SECURE_BOOT help Boot the Linux zImage

•  The bootz command is used for launching unsigned Linux zImage.
  

•  If you want to have secure boot either via signed FIT images or via
  

•  signed UEFI images, this option should be disabled.
  
  

config CMD_BOOTI bool "booti" depends on ARM64 || RISCV

• default y

• default y if !FIT_SIGNATURE && !EFI_SECURE_BOOT help

•  Boot an AArch64 Linux Kernel image from memory.
  

•  Boot an AArch64/RISC-V Linux Kernel image from memory.
  

•  The booti command is used for launching unsigned AArch64 and RISC-V
  

•  Linux kernel images. If you want to have secure boot either via signed
  

•  FIT images or via signed UEFI images, this option should be disabled.
  
  

config BOOTM_LINUX bool "Support booting Linux OS images" diff --git a/common/Kconfig.boot b/common/Kconfig.boot index a8d4be23a9..574f35b42e 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -283,7 +283,7 @@ endif # FIT

config LEGACY_IMAGE_FORMAT bool "Enable support for the legacy image format"

• default y if !FIT_SIGNATURE

• default y if !FIT_SIGNATURE && !EFI_SECURE_BOOT help This option enables the legacy image format. It is enabled by default for backward compatibility, unless FIT_SIGNATURE is

-- 2.25.1