Hi Alex, On Fri, 14 May 2021 at 15:50, Alex G. <mr.nuke...@gmail.com> wrote: > > > > On 5/6/21 9:24 AM, Simon Glass wrote: > > Drop the #ifdefs which are easy to remove without refactoring. > > > > Signed-off-by: Simon Glass <s...@chromium.org> > > --- > > > > (no changes since v1) > > > > common/Kconfig.boot | 10 ++++++++++ > > common/image-fit-sig.c | 8 ++------ > > common/image-fit.c | 7 ++++--- > > 3 files changed, 16 insertions(+), 9 deletions(-) > > > > diff --git a/common/Kconfig.boot b/common/Kconfig.boot > > index 03a6e6f214f..a31d9847124 100644 > > --- a/common/Kconfig.boot > > +++ b/common/Kconfig.boot > > @@ -191,6 +191,16 @@ config SPL_FIT_SIGNATURE > > select SPL_IMAGE_SIGN_INFO > > select SPL_FIT_FULL_CHECK > > > > +config SPL_FIT_SIGNATURE_MAX_SIZE > > + hex "Max size of signed FIT structures in SPL" > > + depends on SPL_FIT_SIGNATURE > > + default 0x10000000 > > + help > > + This option sets a max size in bytes for verified FIT uImages. > > + A sane value of 256MB protects corrupted DTB structures from > > overlapping > > + device memory. Assure this size does not extend past expected > > storage > > + space. > > + > > I can't find an argument of why we'd want a separate > FIT_SIGNATURE_MAX_SIZE for SPL. This also seems unrelated to the commit > message of reducing ifdefs.
Often SPL has lower limits, e.g. since there is only so much SRAM, a large file might indicate some sort of attack. Regards, SImon
