[PATCH 2/6] bootm: Add missing BOOTM_FORCE_SIGNED_IMAGES option
Sascha Hauer
s.hauer at pengutronix.de
Tue May 10 07:08:05 PDT 2016
The code already tests for this option, but it does not
yet exist. Add the option to force using signed images.
Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
common/Kconfig | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/common/Kconfig b/common/Kconfig
index aa257bf..0be7cda 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -627,6 +627,15 @@ config BOOTM_FITIMAGE_SIGNATURE
Additionally the barebox device tree needs a /signature node with the
public key with which the image has been signed.
+config BOOTM_FORCE_SIGNED_IMAGES
+ bool
+ prompt "Force booting of signed images"
+ depends on BOOTM_FITIMAGE_SIGNATURE
+ help
+ With this option enabled only signed images can be booted, unsigned images
+ are refused to boot. Effectively this means only FIT images can be booted
+ since they are the only supported image type that support signing.
+
config BLSPEC
depends on BLOCK
depends on FLEXIBLE_BOOTARGS
--
2.8.0.rc3
More information about the barebox
mailing list