[PATCH 4/4] arm: mach-k3: security: Remove certificate if detected on GP device
Tom Rini
trini at konsulko.com
Thu Aug 4 22:52:15 CEST 2022
On Fri, Jul 15, 2022 at 11:34:35AM -0500, Andrew Davis wrote:
> If the device is a GP and we detect a signing certificate then remove it.
> It would fail to authenticate otherwise as the device is GP and has no
> secure authentication services in SYSFW.
>
> This shouldn't happen often as trying to boot signed images on GP devices
> doesn't make much sense, but if we run into a signed image we should at
> least try to ignore the certificate and boot the image anyway. This could
> help with users of GP devices who only have HS images available.
>
> If this does happen, print a nice big warning.
>
> Signed-off-by: Andrew Davis <afd at ti.com>
> Reviewed-by: Tom Rini <trini at konsulko.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20220804/c3912d5a/attachment.sig>
More information about the U-Boot
mailing list