On Fr, 2015-03-13 at 15:28 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: > > It's not the job of barebox to define security policies, it must fit > > well into the larger security design, which may require compromises. > > I disagree, disable by default non secure feature is require to pass > secure boot certification Is there a specific certification you are targeting? How do you intend to handle console access in verified boot mode? Allowing access to md/mw would break any security. I was thinking about switching off access to the HW AES keys as soon as a prompt appears. At least on MX28/MX6 that's possible and important. Regards, Jan -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox