On 11/3/21 08:44, Rover Mo wrote:
To prevent boot unsigned images, same as CONFIG_LEGACY_IMAGE_FORMAT,
nits: %s/boot/booting/
don't enable CONFIG_CMD_BOOTI and CONFIG_CMD_BOOTI by default if CONFIG_FIT_SIGNATURE is enabled.
Disabling the booti and the bootz command does not stop you from booting unsigned images, e.g. using the bootefi command.
Signed-off-by: Yuezhang.Mo myzmzz@126.com
cmd/Kconfig | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/cmd/Kconfig b/cmd/Kconfig index 5b30b13e43..5f9dd91928 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -203,15 +203,24 @@ config BOOTM_EFI
config CMD_BOOTZ bool "bootz"
default y if !FIT_SIGNATURE help Boot the Linux zImage
It is enabled by default for backward compatibility, unlessFIT_SIGNATURE is set where it is disabled so that unsigned imagescannot be loaded. If a board needs to boot a Linux zImage in thiscase, enable it here.config CMD_BOOTI bool "booti" depends on ARM64 || RISCV
- default y
- default y if !FIT_SIGNATURE
How about CONFIG_EFI_SECURE_BOOT? Should this also disable the default?
help Boot an AArch64 Linux Kernel image from memory.
It is enabled by default for backward compatibility, unless
Backwards relative to UEFI?
This focuses very much on default values. How about:
"The booti command is used for launching unsigned AArch64 and RISC-V Linux kernel images. If you want to have secure boot either via signed FIT images or via signed UEFI images, this option should be disabled."
FIT_SIGNATURE is set where it is disabled so that unsigned imagescannot be loaded. If a board needs to boot an AArch64 Linux Kernel
Why AArch64 and not RISC-V?
Who needs all those lines.
Best regards
Heinrich
image in this case, enable it here.config BOOTM_LINUX bool "Support booting Linux OS images"