diff options
| author | Tom Rini <[email protected]> | 2025-10-20 10:17:54 -0600 |
|---|---|---|
| committer | Tom Rini <[email protected]> | 2025-10-20 10:17:54 -0600 |
| commit | d5996409cecbc181ab3f4f04bdb24284a2837d9c (patch) | |
| tree | 971253a2fd6e768d07324b37c03b05e18def4dff /doc/develop/bootstd/script.rst | |
| parent | aabda5407ff2f6d896215b2b8a31064f939fb4dc (diff) | |
| parent | d3ac0d60da066bf4ddb5a60174be8108fdc16862 (diff) | |
Merge patch series "Add support for secure falcon mode: disable fallback"
Anshul Dalal <[email protected]> says:
Continuing from the last series[1], this patch series addresses the requirement of
allowing no fallbacks in secure falcon mode.
To do this in a clean way, all the falcon mode logic for each boot media was
refactored to a corresponding *_load_image_os function whereas the regular
boot is implemented in *_load_image, this allows us to easily return early in
case the *_load_image_os function fails with secure mode enabled.
The series also introduces the new SPL_OS_BOOT_SECURE config symbol which
enables secure falcon boot flow.
The generic flow after the patch series looks as follows:
static int spl_<bootmedia>_load_image(...) {
if (CONFIG_IS_ENABLED(OS_BOOT)) {
ret = spl_<bootmedia>_load_image_os(...);
puts("Failcon mode failed\n");
if (CONFIG_IS_ENABLED(OS_BOOT_SECURE)) {
puts("no fallback allowed!\n");
return ret;
}
puts("Falling back to U-Boot\n");
}
/* Regular boot flow */
}
[1]: https://lore.kernel.org/u-boot/[email protected]/
Link: https://lore.kernel.org/r/[email protected]
Diffstat (limited to 'doc/develop/bootstd/script.rst')
0 files changed, 0 insertions, 0 deletions