* [PATCH] common: bootm: Enforce CONFIG_BOOTM_FORCE_SIGNED_IMAGES for TEE bins
@ 2020-04-22 11:39 Albert Schwarzkopf
2020-04-23 7:06 ` Sascha Hauer
0 siblings, 1 reply; 2+ messages in thread
From: Albert Schwarzkopf @ 2020-04-22 11:39 UTC (permalink / raw)
To: barebox
Currently, unsigned TEE binaries can be booted. This patch ensures
that CONFIG_BOOTM_FORCE_SIGNED_IMAGES is also enforced for TEE
binaries.
Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
---
common/bootm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/common/bootm.c b/common/bootm.c
index 366f31455..9fdb0bc1f 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -592,6 +592,7 @@ int bootm_boot(struct bootm_data *bootm_data)
*/
data->oftree_file = NULL;
data->initrd_file = NULL;
+ data->tee_file = NULL;
if (os_type != filetype_oftree) {
printf("Signed boot and image is no FIT image, aborting\n");
ret = -EINVAL;
--
2.17.1
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-04-23 7:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-22 11:39 [PATCH] common: bootm: Enforce CONFIG_BOOTM_FORCE_SIGNED_IMAGES for TEE bins Albert Schwarzkopf
2020-04-23 7:06 ` Sascha Hauer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox