Skip to content

Commit bd4bc19

Browse files
bigbrettdanielinux
authored andcommitted
Document WOLFBOOT_SKIP_BOOT_VERIFY
1 parent 4b75152 commit bd4bc19

1 file changed

Lines changed: 28 additions & 0 deletions

File tree

docs/firmware_update.md

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -286,6 +286,34 @@ make clean && make
286286
make test-sim-self-update-monolithic
287287
```
288288

289+
#### Skipping boot image verification
290+
291+
When wolfBoot is used together with the [self-header](#self-header-persisting-the-bootloader-manifest)
292+
and [monolithic updates](#monolithic-updates) features, an external verifier such as
293+
[wolfHSM](wolfHSM.md) can verify the combined bootloader+application payload before wolfBoot runs.
294+
In this scenario, wolfBoot's own boot-time verification is redundant and can be skipped as a
295+
performance optimization.
296+
297+
Setting `WOLFBOOT_SKIP_BOOT_VERIFY=1` in the build configuration disables both the integrity (hash)
298+
and authenticity (signature) checks that wolfBoot normally performs on the boot image at startup.
299+
300+
**WARNING: This option completely disables boot-time firmware verification. It is only safe to use
301+
when ALL of the following conditions are met:**
302+
303+
- The self-header feature is enabled, so the bootloader manifest is persisted alongside the
304+
application image
305+
- Monolithic updates are enabled, so the bootloader and application are always updated together as a
306+
single payload
307+
- An external entity (e.g. an HSM running wolfHSM) is guaranteed to verify the full monolithic
308+
payload before wolfBoot boots
309+
310+
**Using this option outside of this specific scenario removes all boot-time authenticity and integrity
311+
guarantees and is not secure.**
312+
313+
Note that this option only affects verification of the boot image at startup. Firmware updates
314+
staged in the update partition are still fully verified (signature and integrity) before being
315+
installed, regardless of this setting.
316+
289317
### Incremental updates (aka: 'delta' updates)
290318

291319
wolfBoot supports incremental updates, based on a specific older version. The sign tool

0 commit comments

Comments
 (0)