On Mon, 17 Feb 2025 19:09:47 +0100, Ahmad Fatoum wrote:
> Unlike the functionality controlled by CONFIG_INSECURE, most
> functionality in barebox is not as clear-cut: In secure systems, it's
> better to turn off the option, but with enough care, board code may
> disable the option later on.
>
> To help with securing barebox, let's identify these options that need a
> more thorough look by having them select HAS_INSECURE_DEFAULTS.
>
> [...]
Applied, thanks!
[1/3] common: introduce CONFIG_HAS_INSECURE_DEFAULTS
https://git.pengutronix.de/cgit/barebox/commit/?id=1ceb8fadf957 (link may not be stable)
[2/3] Documentation: user: optee: bring up-to-date
https://git.pengutronix.de/cgit/barebox/commit/?id=1db2bef631dd (link may not be stable)
[3/3] Documentation: user: add security consideration for using barebox
https://git.pengutronix.de/cgit/barebox/commit/?id=9fb315ae4bc5 (link may not be stable)
Best regards,
--
Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
