Currently secure falcon mode still allows for booting from raw kernel images if the support is enabled by (CMD_BOOTI or CMD_BOOTZ).
So, this patch documents the need to explicitly disable those config options to ensure only a verifiable FIT is a valid payload. Signed-off-by: Anshul Dalal <[email protected]> --- doc/develop/falcon.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/doc/develop/falcon.rst b/doc/develop/falcon.rst index add0376d272..5fe45b175d6 100644 --- a/doc/develop/falcon.rst +++ b/doc/develop/falcon.rst @@ -356,6 +356,10 @@ following configuration fragment to enable Falcon Mode: CONFIG_SPL_FIT_SIGNATURE=y CONFIG_SPL_RSA=y + # Disable support for booting raw kernel image + CONFIG_CMD_BOOTI=n + CONFIG_CMD_BOOTZ=n + # Only support MMC falcon mode CONFIG_SPL_SPI_FLASH_SUPPORT=n CONFIG_SPL_NOR_SUPPORT=n -- 2.51.0
