spl: allow board_spl_fit_post_load() to fail
Heinrich Schuchardt
xypron.glpk at gmx.de
Sat May 9 18:38:33 CEST 2020
On 5/9/20 6:13 PM, Patrick Wildt wrote:
> On i.MX platforms board_spl_fit_post_load() can check the loaded
> SPL image for authenticity using its HAB engine. U-Boot's SPL
> mechanism allows booting images from other sources as well, but
> in the current setup the SPL would just hang if it encounters an
> image that does not pass scrutiny. Allowing the function to return
> an error, allows the SPL to try booting from another source as a
> fallback instead of ending up as a brick.
>
> Signed-off-by: Patrick Wildt <patrick at blueri.se>
Could an intruder abuse this by destroying a signed image and providing
an unsigned image on a source under his control?
Best regards
Heinrich
More information about the U-Boot
mailing list