[U-Boot] [PATCH 1/4] bootm: allow to disable legacy image format

Wolfgang Denk wd at denx.de
Fri May 9 15:35:34 CEST 2014


Dear Simon,

In message <CAPnjgZ1_Cf-eu592YqF0=th7MT1da6Gh7Pv1Lxaf79kV8Lw9OQ at mail.gmail.com> you wrote:
> 
> I agree that it might be dangerous to allow legacy boot when signature
> verification is used. It would be nice to fix that.

I think there is general agreement on this point.

> This means that legacy is on by default, unless signature verification
> is enabled, in which case the default flips. But I worry that it might
> only confuse people. This seems like a Wolfgang / Tom question :-)

OK, here is my 0.02€ to it:

I think, no matter how we implement it, this should exactly the
behaviour.  Average users tend to avoid reading documentation, so if
they enable signature verification the most likely want a secure
system, so we should give them just that.  Only if someone really
knows what he is doing he should be able to enable support for
(insecure) legacy images.

As for the implementation - yes, the
#ifdef CONFIG_FIT_SIGNATURE_VERIFICATION
approach indeed does not look very nice, but then, it appears to be
the straightforward implementation of what we want to do?

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
Time is an illusion perpetrated by the manufacturers of space.


More information about the U-Boot mailing list