Am Montag, den 05.08.2019, 11:23 +0200 schrieb Rouven Czerwinski: > Always select the piggy verification if HAB is enabled on i.MX8, > otherwise the signed PBL might load untrusted piggydata. > > Signed-off-by: Rouven Czerwinski <r.czerwinski@xxxxxxxxxxxxxx> > --- > arch/arm/mach-imx/Kconfig | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/arm/mach-imx/Kconfig b/arch/arm/mach-imx/Kconfig > index 8fcef3f..ac16290 100644 > --- a/arch/arm/mach-imx/Kconfig > +++ b/arch/arm/mach-imx/Kconfig > @@ -792,6 +792,7 @@ config HABV4 > select IMX_OCOTP > depends on ARCH_IMX6 || ARCH_IMX8MQ > depends on OFDEVICE > + select PBL_VERIFY_PIGGY if ARCH_IMX8MQ Shouldn't this be the other way around and do a "select PBL_VERIFY_PIGGY if HABV4" from the ARCH_IMX8MQ symbol? At least to me this would make it more clear what's going on here. Regards, Lucas _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox
