Hi Tom,
On 3 August 2016 at 19:48, Tom Rini trini@konsulko.com wrote:
On Wed, Aug 03, 2016 at 07:16:12PM -0600, Simon Glass wrote:
Hi Andrew,
On 1 August 2016 at 09:30, Andrew F. Davis afd@ti.com wrote:
Disable support for loading non-FIT images for AM57xx platforms using the high-security (HS) device variant.
Signed-off-by: Andrew F. Davis afd@ti.com
configs/am57xx_hs_evm_defconfig | 1 + 1 file changed, 1 insertion(+)
diff --git a/configs/am57xx_hs_evm_defconfig b/configs/am57xx_hs_evm_defconfig index a4bfdd5..e6f3ebc 100644 --- a/configs/am57xx_hs_evm_defconfig +++ b/configs/am57xx_hs_evm_defconfig @@ -41,6 +41,7 @@ CONFIG_FIT=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT_IMAGE_POST_PROCESS=y +CONFIG_SPL_PANIC_ON_NON_FIT_IMAGE=y CONFIG_OF_LIST="am57xx-beagle-x15" CONFIG_DM_I2C=y CONFIG_DM_SPI=y
Why do we need to panic? Can we use something like CONFIG_IMAGE_FORMAT_LEGACY?
The need to panic is because if we cannot authenticate we are to fail as this is a secure device.
We already have a hang in board_init_r() (SPL: failed to boot from all boot devices). I'm suggesting that instead of panic we just return an error from spl_parse_image_header() and let things work in the normal way.
Anyway, I don't mind if people prefer this approach.
It's strange that this patch does not seem to be in patchwork.
Regards, Simon