[PATCH] configs: am62ax: enable secure device configs by default
TI's security enforcing SoCs will authenticate each binary it loads by comparing it's signature with keys etched into the SoC during the boot up process. The am62ax family of SoCs by default will have some level of security enforcement checking. To keep things as simple as possible, enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of secure SoCs will work out of the box
Enable the CONFIG_TI_SECURE_DEVICE by default
Signed-off-by: Bryan Brattlof bb@ti.com --- configs/am62ax_evm_a53_defconfig | 1 + configs/am62ax_evm_r5_defconfig | 2 ++ 2 files changed, 3 insertions(+)
diff --git a/configs/am62ax_evm_a53_defconfig b/configs/am62ax_evm_a53_defconfig index 8d6428f22eb11..c7aed9ad33520 100644 --- a/configs/am62ax_evm_a53_defconfig +++ b/configs/am62ax_evm_a53_defconfig @@ -1,5 +1,6 @@ CONFIG_ARM=y CONFIG_ARCH_K3=y +CONFIG_TI_SECURE_DEVICE=y CONFIG_SYS_MALLOC_F_LEN=0x8000 CONFIG_SPL_LIBCOMMON_SUPPORT=y CONFIG_SPL_LIBGENERIC_SUPPORT=y diff --git a/configs/am62ax_evm_r5_defconfig b/configs/am62ax_evm_r5_defconfig index fac48fbd12608..e5bee144466ec 100644 --- a/configs/am62ax_evm_r5_defconfig +++ b/configs/am62ax_evm_r5_defconfig @@ -1,5 +1,6 @@ CONFIG_ARM=y CONFIG_ARCH_K3=y +CONFIG_TI_SECURE_DEVICE=y CONFIG_SYS_MALLOC_F_LEN=0x9000 CONFIG_SPL_LIBCOMMON_SUPPORT=y CONFIG_SPL_LIBGENERIC_SUPPORT=y @@ -52,6 +53,7 @@ CONFIG_SPL_RAM_SUPPORT=y CONFIG_SPL_RAM_DEVICE=y CONFIG_SPL_REMOTEPROC=y CONFIG_SPL_THERMAL=y +CONFIG_SPL_YMODEM_SUPPORT=y CONFIG_HUSH_PARSER=y CONFIG_CMD_ASKENV=y CONFIG_CMD_DFU=y
base-commit: 318af47668aa2347ca9bbf2114cb9af1d8739aca
On Fri, Mar 17, 2023 at 06:37:11PM -0500, Bryan Brattlof wrote:
TI's security enforcing SoCs will authenticate each binary it loads by comparing it's signature with keys etched into the SoC during the boot up process. The am62ax family of SoCs by default will have some level of security enforcement checking. To keep things as simple as possible, enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of secure SoCs will work out of the box
Enable the CONFIG_TI_SECURE_DEVICE by default
Signed-off-by: Bryan Brattlof bb@ti.com
Reviewed-by: Tom Rini trini@konsulko.com
Bryan Brattlof bb@ti.com writes:
TI's security enforcing SoCs will authenticate each binary it loads by comparing it's signature with keys etched into the SoC during the boot up process. The am62ax family of SoCs by default will have some level of security enforcement checking. To keep things as simple as possible, enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of secure SoCs will work out of the box
Enable the CONFIG_TI_SECURE_DEVICE by default
Signed-off-by: Bryan Brattlof bb@ti.com
Reviewed-by: Kamlesh Gurudasani kamlesh@ti.com
On Fri, Mar 17, 2023 at 06:37:11PM -0500, Bryan Brattlof wrote:
TI's security enforcing SoCs will authenticate each binary it loads by comparing it's signature with keys etched into the SoC during the boot up process. The am62ax family of SoCs by default will have some level of security enforcement checking. To keep things as simple as possible, enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of secure SoCs will work out of the box
Enable the CONFIG_TI_SECURE_DEVICE by default
Signed-off-by: Bryan Brattlof bb@ti.com Reviewed-by: Tom Rini trini@konsulko.com Reviewed-by: Kamlesh Gurudasani kamlesh@ti.com
Applied to u-boot/next, thanks!
participants (3)
-
Bryan Brattlof -
Kamlesh Gurudasani -
Tom Rini