[PATCH 4/4] arm: mach-k3: security: Remove certificate if detected on GP device

Tom Rini trini at konsulko.com
Mon Jul 18 14:08:37 CEST 2022

On Fri, Jul 15, 2022 at 11:34:35AM -0500, Andrew Davis wrote:

> If the device is a GP and we detect a signing certificate then remove it.
> It would fail to authenticate otherwise as the device is GP and has no
> secure authentication services in SYSFW.
> This shouldn't happen often as trying to boot signed images on GP devices
> doesn't make much sense, but if we run into a signed image we should at
> least try to ignore the certificate and boot the image anyway. This could
> help with users of GP devices who only have HS images available.
> If this does happen, print a nice big warning.
> Signed-off-by: Andrew Davis <afd at ti.com>

Reviewed-by: Tom Rini <trini at konsulko.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20220718/6f1344ef/attachment.sig>

More information about the U-Boot mailing list