2018-04-12 21:53 GMT+08:00 Tom Rini <tr...@konsulko.com>:
> On Wed, Apr 11, 2018 at 11:13:05PM +0800, Jun Nie wrote:
>> It may be unnecessary to check signature on unlocked board.
>> Get the hint from platform specific code to support secure boot
>> and non-secure boot with the same binary, so that boot is not
>> blocked if board is not locked and has no key for signature
>> Signed-off-by: Jun Nie <jun....@linaro.org>
> I'm not sure I like the concept here. Wouldn't this make it easier to
> break in to a secure setup with some binary editing? Or is that really
> no worse than today? Also, can you please follow up with an
> implementation of fit_board_skip_sig_verification? Thanks!
SoC boot ROM shall verify signature of SPL before running. Binary
editing shall make signature invalid. If it is possible to run an
edited SPL, the secure boot is already hacked and this patch does not
make it worse. I surely will post implementation, which is just
reading some register to get fuse value for lock status. I post this
patch to get opinions from community first.
U-Boot mailing list