Forums › Reference, Evaluation, and Development Boards › U-Boot boot.scr.cmd developer warning
The ST meta layers and Octavo SDK’s ship with a boot.scr.cmd with an interesting warning to the developer:
https://github.com/octavosystems/osd32mp1-build-tools/blob/master/files/ssbl/boot.scr.cmd
1 2 3 4 5 6 7 8 9 10 | ######################################################################### # SAMPLE BOOT SCRIPT: PLEASE DON'T USE this SCRIPT in REAL PRODUCT ######################################################################### # this script is only a OpenSTLinux helper to manage multiple target with the # same bootfs, for real product with only one supported configuration change the # bootcmd in U-boot or use the normal path for extlinux.conf to use DISTRO # boocmd (generic distibution); U-Boot searches with boot_prefixes="/ /boot/": # - /extlinux/extlinux.conf # - /boot/extlinux/extlinux.conf ######################################################################### |
I have reviewed the script and of course it runs correctly from a Yocto dunfell build. The configuration changes don’t make any sense and am ready to disregard the warning. I assume the message is for U-Boot loaders that support multiple boards such as “osd32mp1-red” and “osd32mp1-brk” where the board / target is set dynamically. What is ST asking for us to change?
Carlos,
I think the warning is more about security rather than functionality. The features in the script can be used to inject malicious code such as a device tree overlay that should not be applied on a production level product. The suggestion is to use hard coded paths in u-boot bootcmd to setup boot.
Best,
Neeraj
Octavo Systems LLC all rights reserved
OCTAVO is registered in the U.S. Patent and Trademark Office. OSD, C-SiP, and the Octavo Logo are trademarks of Octavo Systems LLC.
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields