From: Andrew Davis Date: Wed, 4 May 2022 20:52:26 +0000 (-0500) Subject: spl: Force disable non-FIT loading for TI secure devices X-Git-Url: http://git.dujemihanovic.xyz/?a=commitdiff_plain;h=11f32da79f5519b5b12d000bb990e55b0c351b6e;p=u-boot.git spl: Force disable non-FIT loading for TI secure devices Booting of non-FIT images bypass our chain-of-trust boot flow, these options should not be allowed when high security is set. Signed-off-by: Andrew Davis Reviewed-by: Tom Rini --- diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 43485af468..50ff113cab 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -219,7 +219,8 @@ config SPL_BOOTCOUNT_LIMIT config SPL_RAW_IMAGE_SUPPORT bool "Support SPL loading and booting of RAW images" default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA)) - default y if !TI_SECURE_DEVICE + default y + depends on !TI_SECURE_DEVICE help SPL will support loading and booting a RAW image when this option is y. If this is not set, SPL will move on to other available @@ -227,7 +228,8 @@ config SPL_RAW_IMAGE_SUPPORT config SPL_LEGACY_IMAGE_FORMAT bool "Support SPL loading and booting of Legacy images" - default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT + default y if !SPL_LOAD_FIT + depends on !TI_SECURE_DEVICE help SPL will support loading and booting Legacy images when this option is y. If this is not set, SPL will move on to other available