Falcon mode uses falcon_image_file from the env during mmc fs boot, but external env can be compromised. Therefore disable access to external env by setting SPL_ENV_IS_NOWHERE when SPL_OS_BOOT_SECURE is set.
Signed-off-by: Anshul Dalal <[email protected]> --- env/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/env/Kconfig b/env/Kconfig index 03c189b7266..d68cb90f3a4 100644 --- a/env/Kconfig +++ b/env/Kconfig @@ -827,6 +827,7 @@ if SPL_ENV_SUPPORT config SPL_ENV_IS_NOWHERE bool "SPL Environment is not stored" default y if ENV_IS_NOWHERE + default y if SPL_OS_BOOT_SECURE help Similar to ENV_IS_NOWHERE, used for SPL environment. -- 2.51.0
