5 May
2014
5 May
'14
7:55 p.m.
Dear Simon,
In message CAPnjgZ2-qC8YK8t2DvmzXWKy3Wd+=7VY1Ti=Jm98LF96PLfu-g@mail.gmail.com you wrote:
Should we not prevent booting uImages or not signed FIT Images when CONFIG_FIT_SIGNATURE is defined? Or at least prevent booting such unsigned images through an U-Boot env variable.
What Do you think?
There is a 'required' property in the public keys which is intended to support this. If you mark a key as 'required then it will need to be verified by any image that is loaded. There is a test for this case, but it may not be comprehensive.
But what about legacy uImage files? It appears nothing would stop booting one of those?
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de
Accident: A condition in which presence of mind is good, but absence
of body is better.