On 03.02.23 19:52, Tom Rini wrote:
On Fri, Feb 03, 2023 at 01:26:34PM +0100, Jan Kiszka wrote:
From: Jan Kiszka jan.kiszka@siemens.com
Will be needed when CONFIG_ENV_WRITEABLE_LIST is enabled. The listed variables shall remain writable, for informational purposes - they have to be considered untrusted because the persistent U-Boot env is not protected.
Signed-off-by: Jan Kiszka jan.kiszka@siemens.com
include/configs/iot2050.h | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/include/configs/iot2050.h b/include/configs/iot2050.h index 5186dfd8ff8..52094e18ea8 100644 --- a/include/configs/iot2050.h +++ b/include/configs/iot2050.h @@ -56,4 +56,12 @@
#include <configs/ti_armv7_common.h>
+#ifdef CONFIG_ENV_WRITEABLE_LIST +/* relevant for secure boot with CONFIG_ENV_WRITEABLE_LIST=y */ +#define CONFIG_ENV_FLAGS_LIST_STATIC \
- "board_uuid:sw,board_name:sw,board_serial:sw,board_a5e:sw," \
- "mlfb:sw,fw_version:sw,seboot_version:sw," \
- "eth1addr:mw,eth2addr:mw,watchdog_timeout_ms:dw,boot_targets:sw"
+#endif
#endif /* __CONFIG_IOT2050_H */
I don't think you've tested the whole series on top of current master, this needs to be CFG_ENV_FLAGS_LIST_STATIC. If this is the only thing that needs changing, I can just correct this while applying, otherwise a v6, and I'll try my best to not forget to grab this before -rc2, I know this whole series has been waiting a while so I thank you for your patience and persistence here.
Oh, thanks for pointing that I indeed forgot to test the secure boot case again this time. I'll fix up and do v6 ASAP.
Jan