secure boot: Rename efuse option for UART bootloader to option for ROM interpreter

2024-10-05 20:47:46 -04:00 · 2016-11-11 15:14:13 +11:00 · 2016-11-11 15:14:13 +11:00 · 8691b54758
commit 8691b54758
parent bcdebda8e4
2 changed files with 20 additions and 20 deletions
--- a/components/bootloader/Kconfig.projbuild
+++ b/components/bootloader/Kconfig.projbuild
@ -93,14 +93,14 @@ config SECURE_BOOT_DISABLE_JTAG
          It is recommended this option remains set for production environments.
-config SECURE_BOOT_DISABLE_UART_BOOTLOADER
+config SECURE_BOOT_DISABLE_ROM_BASIC
- 	   bool "First boot: Permanently disable UART bootloader"
+       bool "First boot: Permanently disable ROM BASIC fallback"
       depends on SECURE_BOOTLOADER_ENABLED
       default Y
       help
-	      Bootloader permanently disables UART and other bootloader modes when enabling secure boot. This happens on first boot.
+          Bootloader permanently disables ROM BASIC (on UART console) as a fallback if the bootloader image becomes invalid. This happens on first boot.
-		  It is recommended this option remains set for production environments.
+          It is recommended this option remains set in production environments.
 config SECURE_BOOT_TEST_MODE
       bool "Test mode: don't actually enable secure boot"
--- a/components/bootloader_support/src/secure_boot_signatures.c
+++ b/components/bootloader_support/src/secure_boot_signatures.c
@ -46,7 +46,7 @@ esp_err_t esp_secure_boot_verify_signature(uint32_t src_addr, uint32_t length)
    uint8_t digest[32];
    ptrdiff_t keylen;
    const uint8_t *data, *digest_data;
-    uint32_t digest_len, chunk_len;
+    uint32_t digest_len;
    const signature_block_t *sigblock;
    bool is_valid;