[PATCH 4/4] arm: mach-k3: security: Remove certificate if detected on GP device
trini at konsulko.com
Mon Jul 18 14:08:37 CEST 2022
On Fri, Jul 15, 2022 at 11:34:35AM -0500, Andrew Davis wrote:
> If the device is a GP and we detect a signing certificate then remove it.
> It would fail to authenticate otherwise as the device is GP and has no
> secure authentication services in SYSFW.
> This shouldn't happen often as trying to boot signed images on GP devices
> doesn't make much sense, but if we run into a signed image we should at
> least try to ignore the certificate and boot the image anyway. This could
> help with users of GP devices who only have HS images available.
> If this does happen, print a nice big warning.
> Signed-off-by: Andrew Davis <afd at ti.com>
Reviewed-by: Tom Rini <trini at konsulko.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 659 bytes
Desc: not available
More information about the U-Boot