On Tue, Jun 03, 2025 at 07:54:42PM +0530, Anshul Dalal wrote: > In the secure OS_BOOT spl execution code path, CMD_BOOTZ enables loading > of a zImage which might allow an attacker to bypass the authenticated > boot with fitImage by replacing it with a malicious image with header > identical to zImage. > > Disabling CMD_BOOTZ ensures this code path is never hit inside > spl_parse_image_header. > > Signed-off-by: Anshul Dalal <ansh...@ti.com>
Reviewed-by: Tom Rini <tr...@konsulko.com> -- Tom
signature.asc
Description: PGP signature
