Securing u-boot: allow only authentic images

Simon Glass sjg at
Thu Jul 27 02:49:45 CEST 2023


On Tue, 25 Jul 2023 at 09:40, Martin van den Berg
<martinvdberg at> wrote:
> Hi there,
> I'm new to u-boot and in need for a little assistance, I hope someone can
> point me in the right direction.
> I need to secure the bootloader of a device to some extend. The device is
> currently using u-boot as bootloader and I would like to stick with that.
> The device runs an OpenWRT. The SoC is a HLK7628N.
> At this moment, it is possible to use the u-boot bootloader to replace the
> image of the device with any other image. I would like to have u-boot to
> allow only authentic (signed?) images. What is the best way to accomplish
> this?
> Any pointers, examples and so on will be much appreciated.

You can also find various talks on this topic, some linked from

If you find any others that are interesting, please do add them to


More information about the U-Boot mailing list