5 May
2014
5 May
'14
9:35 a.m.
Hello Simon,
just talked with Wolfgang about the booting process from signed images, as it is described in:
doc/uImage.FIT/verified-boot.txt doc/uImage.FIT/signature.txt
If we see it correct, then it is still possible to boot an uImage or a FIT image without signature with "bootm" when CONFIG_FIT_SIGNATURE is defined.
The question raised, if this is a good behaviour.
Should we not prevent booting uImages or not signed FIT Images when CONFIG_FIT_SIGNATURE is defined? Or at least prevent booting such unsigned images through an U-Boot env variable.
What Do you think?
Thanks in advance
bye, Heiko
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany