[U-Boot] booting signed Images
Heiko Schocher
hs at denx.de
Mon May 5 09:35:43 CEST 2014
Hello Simon,
just talked with Wolfgang about the booting process from signed images,
as it is described in:
doc/uImage.FIT/verified-boot.txt
doc/uImage.FIT/signature.txt
If we see it correct, then it is still possible to boot an uImage
or a FIT image without signature with "bootm" when CONFIG_FIT_SIGNATURE
is defined.
The question raised, if this is a good behaviour.
Should we not prevent booting uImages or not signed FIT Images when
CONFIG_FIT_SIGNATURE is defined?
Or at least prevent booting such unsigned images through an U-Boot
env variable.
What Do you think?
Thanks in advance
bye,
Heiko
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
More information about the U-Boot
mailing list