Dear Simon, In message <e7751e81-610b-9cdd-e14d-04fc5b7a2...@gmail.com> you wrote: > > Hmm, on my board, SPL loads U-Boot from NOR to SDRAM, then checks the > uimage CRC. I'd say this is enough checks. That might not hold for all > boards though.
If you check the image in RAM, then yes. I've also seen implementations where it gets checked on the fly (for boot time reasons), so write corruption would not be covered. > Could we put U-Boot into a fit image and put the environment in a > subimage? But it might increase SPL code size when a fit image has to be > parsed... Yes, of course this can be done. You would need such code anyway in SPL if you gor for Falcon mode, where you would load a (signed) FIT image with the Linux kernel and DTB (and maybe even a ramdisk image). But as mentioned - this depends on the use case and on available resources. It may not be possible on many more resource-constricted boards - there, other mechanisms should be possible. Best regards, Wolfgang Denk -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: w...@denx.de "Free markets select for winning solutions." - Eric S. Raymond _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
