spl: Force disable non-FIT loading for TI secure devices Booting of non-FIT images bypass our chain-of-trust boot flow, these options should not be allowed when high security is set. Signed-off-by: Andrew Davis <afd@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>

commit: 11f32da79f5519b5b12d000bb990e55b0c351b6e [log] [tgz]
author: Andrew Davis <afd@ti.com> Wed May 04 15:52:26 2022 -0500
committer: Tom Rini <trini@konsulko.com> Wed May 11 09:22:24 2022 -0400
tree: 4bc73309a51fcd1ccc9bb1808d5e21c6270641b1
parent: 6665ab179532932f34162bc62d0240116f2e38ac [diff] [blame]
diff --git a/common/spl/Kconfig b/common/spl/Kconfig
index 43485af..50ff113 100644
--- a/common/spl/Kconfig
+++ b/common/spl/Kconfig

@@ -219,7 +219,8 @@
 config SPL_RAW_IMAGE_SUPPORT
 	bool "Support SPL loading and booting of RAW images"
 	default n if (ARCH_MX6 && (SPL_MMC || SPL_SATA))
-	default y if !TI_SECURE_DEVICE
+	default y
+	depends on !TI_SECURE_DEVICE
 	help
 	  SPL will support loading and booting a RAW image when this option
 	  is y. If this is not set, SPL will move on to other available
@@ -227,7 +228,8 @@
 
 config SPL_LEGACY_IMAGE_FORMAT
 	bool "Support SPL loading and booting of Legacy images"
-	default y if !TI_SECURE_DEVICE && !SPL_LOAD_FIT
+	default y if !SPL_LOAD_FIT
+	depends on !TI_SECURE_DEVICE
 	help
 	  SPL will support loading and booting Legacy images when this option
 	  is y. If this is not set, SPL will move on to other available
commit	11f32da79f5519b5b12d000bb990e55b0c351b6e	[log] [tgz]
author	Andrew Davis <afd@ti.com>	Wed May 04 15:52:26 2022 -0500
committer	Tom Rini <trini@konsulko.com>	Wed May 11 09:22:24 2022 -0400
tree	4bc73309a51fcd1ccc9bb1808d5e21c6270641b1
parent	6665ab179532932f34162bc62d0240116f2e38ac [diff] [blame]