Hi, On Thu, 4 Nov 2021 at 05:23, Heinrich Schuchardt <xypron.g...@gmx.de> wrote: > > > > On 11/4/21 04:11, Rover Mo wrote: > > Dear Heinrich, > > > > > > Thank for your comments. > > > > > > >How about CONFIG_EFI_SECURE_BOOT? Should this also disable the default? > > > > I think yes. > > I will update the relation to "default y if !FIT_SIGNATURE && > > !EFI_SECURE_BOOT", > > and add "!EFI_SECURE_BOOT" into LEGACY_IMAGE_FORMAT. > > > >>> + It is enabled by default for backward compatibility, unless > >> > >>Backwards relative to UEFI? > > > > No. > > > > This description is from CONFIG_LEGACY_IMAGE_FORMAT. > > > > ``` > > config LEGACY_IMAGE_FORMAT > > bool "Enable support for the legacy image format" > > default y if !FIT_SIGNATURE > > help > > This option enables the legacy image format. It is enabled by > > default for backward compatibility, unless FIT_SIGNATURE is > > set where it is disabled so that unsigned images cannot be > > loaded. If a board needs the legacy image format support in this > > case, enable it here. > > ``` > > > > In my understand,this backward compatibility is to support both secure boot > > and > > non-secure boot when necessary. > > > >>This focuses very much on default values. How about: > >> > >>"The booti command is used for launching unsigned AArch64 and RISC-V > >>Linux kernel images. If you want to have secure boot either via signed > >>FIT images or via signed UEFI images, this option should be disabled." > > > > I agree, this description is more comprehensive. > > > > So that I want to update the commit title to "boot: don't enable > > thenon-secure boot commands by default ifsecure boot enabled" > > > >>Why AArch64 and not RISC-V? > > > > The help information of CMD_BOOTI only mentions AArch64, so I followed it. > > > > Should I update as following? > > ```diff > > - Boot an AArch64 Linux Kernel image from memory. > > + Boot an AArch64/RISC-V Linux Kernel image from memory. > > Yes, please.
Also please do check tests (make qcheck) since sandbox enables more options than most boards. - Simon > > Best regards > > Heinrich > > > ``` > > > > Best regards, > > Rover > > > > At 2021-11-04 02:24:34, "Heinrich Schuchardt" <xypron.g...@gmx.de> wrote: > >>On 11/3/21 08:44, Rover Mo wrote: > >>> To prevent boot unsigned images, same as CONFIG_LEGACY_IMAGE_FORMAT, > >> > >>nits: > >>%s/boot/booting/ > >> > >>> don't enable CONFIG_CMD_BOOTI and CONFIG_CMD_BOOTI by default if > >>> CONFIG_FIT_SIGNATURE is enabled. > >> > >>Disabling the booti and the bootz command does not stop you from booting > >>unsigned images, e.g. using the bootefi command. > >> > >>> > >>> Signed-off-by: Yuezhang.Mo <myz...@126.com> > >>> --- > >>> cmd/Kconfig | 11 ++++++++++- > >>> 1 file changed, 10 insertions(+), 1 deletion(-) > >>> > >>> diff --git a/cmd/Kconfig b/cmd/Kconfig > >>> index 5b30b13e43..5f9dd91928 100644 > >>> --- a/cmd/Kconfig > >>> +++ b/cmd/Kconfig > >>> @@ -203,15 +203,24 @@ config BOOTM_EFI > >>> > >>> config CMD_BOOTZ > >>> bool "bootz" > >>> + default y if !FIT_SIGNATURE > >>> help > >>> Boot the Linux zImage > >>> + It is enabled by default for backward compatibility, unless > >>> + FIT_SIGNATURE is set where it is disabled so that unsigned images > >>> + cannot be loaded. If a board needs to boot a Linux zImage in this > >>> + case, enable it here. > >>> > >>> config CMD_BOOTI > >>> bool "booti" > >>> depends on ARM64 || RISCV > >>> - default y > >>> + default y if !FIT_SIGNATURE > >> > >>How about CONFIG_EFI_SECURE_BOOT? Should this also disable the default? > >> > >>> help > >>> Boot an AArch64 Linux Kernel image from memory. > >>> + It is enabled by default for backward compatibility, unless > >> > >>Backwards relative to UEFI? > >> > >>This focuses very much on default values. How about: > >> > >>"The booti command is used for launching unsigned AArch64 and RISC-V > >>Linux kernel images. If you want to have secure boot either via signed > >>FIT images or via signed UEFI images, this option should be disabled." > >> > >>> + FIT_SIGNATURE is set where it is disabled so that unsigned images > >>> + cannot be loaded. If a board needs to boot an AArch64 Linux Kernel > >> > >>Why AArch64 and not RISC-V? > >> > >>Who needs all those lines. > >> > >>Best regards > >> > >>Heinrich > >> > >>> + image in this case, enable it here. > >>> > >>> config BOOTM_LINUX > >>> bool "Support booting Linux OS images" > >>> > > > > > >
