Primary slot validation behavior with MCUBOOT_VALIDATE_PRIMARY_SLOT #2669
Description
From our understanding and code review, MCUboot appears to perform validation of the primary slot during normal boot flow even without enabling MCUBOOT_VALIDATE_PRIMARY_SLOT.
However, it is not fully clear what additional guarantees this macro provides beyond the default behavior.
Could you please clarify the following:
- In which specific scenarios does MCUBOOT_VALIDATE_PRIMARY_SLOT introduce additional validation compared to the default flow?
- Are there any boot paths where primary slot validation may be skipped if this macro is not enabled?
- Is the purpose of this macro to enforce unconditional validation of the primary slot on every boot, regardless of image state or metadata (e.g., image OK flags)?
Understanding this distinction would help us decide whether enabling this option is necessary for our use case.