Message ID | 20240410183834.153876-1-afd@ti.com |
---|---|
State | Accepted |
Commit | adf418d8c1d43388ebcb5f4ca87e113b27ff934f |
Delegated to: | Tom Rini |
Headers | show |
Series | arm: mach-k3: security: Lower verbosity of cert message for GP | expand |
Andrew Davis <afd@ti.com> writes: > When we find a certificate on an image to be booted on a GP device we > print out a message explaining that the certificate is being skipped. > This message is rather long and is printed for every image. Shorten > the message and make the long version into a debug message. > > Signed-off-by: Andrew Davis <afd@ti.com> > --- > arch/arm/mach-k3/security.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c > index 22697a263a8..7c46914d9dd 100644 > --- a/arch/arm/mach-k3/security.c > +++ b/arch/arm/mach-k3/security.c > @@ -50,7 +50,7 @@ void ti_secure_image_check_binary(void **p_image, size_t *p_size) > > if (get_device_type() == K3_DEVICE_TYPE_GP) { > if (ti_secure_cert_detected(*p_image)) { > - printf("Warning: Detected image signing certificate on GP device. " > + debug("Warning: Detected image signing certificate on GP device. " > "Skipping certificate to prevent boot failure. " > "This will fail if the image was also encrypted\n"); > > @@ -60,6 +60,7 @@ void ti_secure_image_check_binary(void **p_image, size_t *p_size) > return; > } > > + printf("Skipping authentication on GP device\n"); > *p_image += cert_length; > *p_size -= cert_length; > } > -- > 2.39.2 Would be nice if it only emitted the message once! Tested-by: Jonathan Humphreys <j-humphreys@ti.com>
On Wed, 10 Apr 2024 13:38:34 -0500, Andrew Davis wrote: > When we find a certificate on an image to be booted on a GP device we > print out a message explaining that the certificate is being skipped. > This message is rather long and is printed for every image. Shorten > the message and make the long version into a debug message. > > Applied to u-boot/master, thanks!
diff --git a/arch/arm/mach-k3/security.c b/arch/arm/mach-k3/security.c index 22697a263a8..7c46914d9dd 100644 --- a/arch/arm/mach-k3/security.c +++ b/arch/arm/mach-k3/security.c @@ -50,7 +50,7 @@ void ti_secure_image_check_binary(void **p_image, size_t *p_size) if (get_device_type() == K3_DEVICE_TYPE_GP) { if (ti_secure_cert_detected(*p_image)) { - printf("Warning: Detected image signing certificate on GP device. " + debug("Warning: Detected image signing certificate on GP device. " "Skipping certificate to prevent boot failure. " "This will fail if the image was also encrypted\n"); @@ -60,6 +60,7 @@ void ti_secure_image_check_binary(void **p_image, size_t *p_size) return; } + printf("Skipping authentication on GP device\n"); *p_image += cert_length; *p_size -= cert_length; }
When we find a certificate on an image to be booted on a GP device we print out a message explaining that the certificate is being skipped. This message is rather long and is printed for every image. Shorten the message and make the long version into a debug message. Signed-off-by: Andrew Davis <afd@ti.com> --- arch/arm/mach-k3/security.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)