On 11/3/21 08:44, Rover Mo wrote:
To prevent boot unsigned images, same as CONFIG_LEGACY_IMAGE_FORMAT,
nits: %s/boot/booting/
don't enable CONFIG_CMD_BOOTI and CONFIG_CMD_BOOTI by default if CONFIG_FIT_SIGNATURE is enabled.
Disabling the booti and the bootz command does not stop you from booting unsigned images, e.g. using the bootefi command.
Signed-off-by: Yuezhang.Mo <myz...@126.com> --- cmd/Kconfig | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cmd/Kconfig b/cmd/Kconfig index 5b30b13e43..5f9dd91928 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -203,15 +203,24 @@ config BOOTM_EFI config CMD_BOOTZ bool "bootz" + default y if !FIT_SIGNATURE help Boot the Linux zImage + It is enabled by default for backward compatibility, unless + FIT_SIGNATURE is set where it is disabled so that unsigned images + cannot be loaded. If a board needs to boot a Linux zImage in this + case, enable it here. config CMD_BOOTI bool "booti" depends on ARM64 || RISCV - default y + default y if !FIT_SIGNATURE
How about CONFIG_EFI_SECURE_BOOT? Should this also disable the default?
help Boot an AArch64 Linux Kernel image from memory. + It is enabled by default for backward compatibility, unless
Backwards relative to UEFI? This focuses very much on default values. How about: "The booti command is used for launching unsigned AArch64 and RISC-V Linux kernel images. If you want to have secure boot either via signed FIT images or via signed UEFI images, this option should be disabled."
+ FIT_SIGNATURE is set where it is disabled so that unsigned images + cannot be loaded. If a board needs to boot an AArch64 Linux Kernel
Why AArch64 and not RISC-V? Who needs all those lines. Best regards Heinrich
+ image in this case, enable it here. config BOOTM_LINUX bool "Support booting Linux OS images"