[{"id":3672807,"web_url":"http://patchwork.ozlabs.org/comment/3672807/","msgid":"<CAFLszTgmb+6UaF5DW6ZmVnosh2HZKkC2xCbGmQ2gHPb5fLAsJA@mail.gmail.com>","list_archive_url":null,"date":"2026-04-02T16:37:27","subject":"Re: [2/4] boot: fit: support generating DM verity cmdline parameters","submitter":{"id":6170,"url":"http://patchwork.ozlabs.org/api/people/6170/","name":"Simon Glass","email":"sjg@chromium.org"},"content":"Hi Daniel,\n\nOn 2026-04-02T03:08:27, Daniel Golle <daniel@makrotopia.org> wrote:\n> boot: fit: support generating DM verity cmdline parameters\n> boot: fit: support generating DM verity cmdline parameters\n>\n> Add fit_verity_build_cmdline(): when a FILESYSTEM loadable carries a\n> dm-verity subnode, construct the dm-mod.create= kernel cmdline parameter\n> from the verity metadata (block-size, data-blocks, algo, root-hash,\n> salt) and append it to bootargs.\n>\n> Also add dm-mod.waitfor=/dev/fit0[,/dev/fitN] for each dm-verity device\n> so the kernel waits for the underlying FIT block device to appear before\n> setting up device-mapper targets. This is needed when the block driver\n> probes late, e.g. because it depends on NVMEM calibration data.\n>\n> The dm-verity target references /dev/fitN where N is the loadable's\n> index in the configuration -- matching the order Linux's FIT block\n> driver assigns block devices.  hash-start-block is read directly from\n> the FIT dm-verity node; mkimage ensures its value equals num-data-blocks\n> by invoking veritysetup with --no-superblock.\n>\n> Signed-off-by: Daniel Golle <daniel@makrotopia.org>\n\n> diff --git a/boot/Kconfig b/boot/Kconfig\n> @@ -142,6 +142,27 @@ config FIT_CIPHER\n> +config FIT_VERITY\n> +     ...\n> +       and BOOTSTD bootmeths.\n> +\n> +\n\nDrop extra blank line.\n\n> diff --git a/boot/image-fit.c b/boot/image-fit.c\n> @@ -2642,3 +2682,299 @@ out:\n> +     if (!data_block_size || data_block_size < 512 ||\n> +         !hash_block_size || hash_block_size < 512 ||\n> +         !num_data_blocks)\n> +             return -EINVAL;\n\ndm-verity requires block sizes to be a power of two (and divisible by\n512). The first check `!data_block_size` is redundant given the `<\n512` check that follows. Please can you add a power-of-two validation\nusing is_power_of_2() from <linux/log2.h>? Otherwise the kernel will\nlikely reject the table at boot time with a confusing error.\n\n> diff --git a/boot/image-fit.c b/boot/image-fit.c\n> @@ -2642,3 +2682,299 @@ out:\n> +int fit_verity_build_cmdline(const void *fit, int conf_noffset,\n> +                          struct bootm_headers *images)\n> +{\n> +     ...\n> +     if (found) {\n> +             /* Transfer ownership to the bootm_headers */\n> +             images->dm_mod_create = dm_create;\n> +             images->dm_mod_waitfor = dm_waitfor;\n> +     } else {\n> +             free(dm_create);\n> +             free(dm_waitfor);\n> +     }\n> +\n> +     return found;\n\nWhen found > 0, this returns a positive value which could be confused\nwith an error by callers that only check `< 0`. The call site in\nboot_get_loadable() does `if (fit_img_result < 0) return\nfit_img_result;` so it works, but I suspect returning 0 for success\nand keeping the count internal would be cleaner.  What do you think?\n\n> diff --git a/boot/bootm.c b/boot/bootm.c\n> @@ -242,6 +242,7 @@ static int boot_get_kernel(...)\n> static int bootm_start(void)\n> {\n> +     fit_verity_free(&images);\n>       memset((void *)&images, 0, sizeof(images));\n\nJust to check: fit_verity_free() is called here before memset(), which\nmeans the pointers must already be valid (or NULL) from a prior boot\nattempt. This works because fit_verity_free() checks for NULL\ninternally, and .bss is zeroed. How about a comment explaining the\nordering?\n\nRegards,\nSimon","headers":{"Return-Path":"<u-boot-bounces@lists.denx.de>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256\n header.s=google header.b=QpZgiL6S;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)","phobos.denx.de;\n dmarc=pass (p=none dis=none) header.from=chromium.org","phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de","phobos.denx.de;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=chromium.org header.i=@chromium.org\n header.b=\"QpZgiL6S\";\n\tdkim-atps=neutral","phobos.denx.de;\n dmarc=pass (p=none dis=none) header.from=chromium.org","phobos.denx.de;\n spf=pass smtp.mailfrom=sjg@chromium.org"],"Received":["from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fmnZx1mvJz1xtJ\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 03 Apr 2026 03:37:45 +1100 (AEDT)","from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 1A3A983F8F;\n\tThu,  2 Apr 2026 18:37:43 +0200 (CEST)","by phobos.denx.de (Postfix, from userid 109)\n id 7CFD9840ED; Thu,  2 Apr 2026 18:37:42 +0200 (CEST)","from mail-ej1-x635.google.com (mail-ej1-x635.google.com\n [IPv6:2a00:1450:4864:20::635])\n (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 5D81883F7D\n for <u-boot@lists.denx.de>; Thu,  2 Apr 2026 18:37:40 +0200 (CEST)","by mail-ej1-x635.google.com with SMTP id\n a640c23a62f3a-b8f9568e074so175762266b.0\n for <u-boot@lists.denx.de>; Thu, 02 Apr 2026 09:37:40 -0700 (PDT)"],"X-Spam-Checker-Version":"SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de","X-Spam-Level":"","X-Spam-Status":"No, score=-2.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,\n DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,\n RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2","ARC-Seal":"i=1; a=rsa-sha256; t=1775147860; cv=none;\n d=google.com; s=arc-20240605;\n b=kEJqVle/qj/lYJTwmTSBkCGrJ+jMD8cr77UWuY7IcB0H4DRWhEnoQkeRbnJ2hnIW2R\n ashFsQTbDe12NjJf4qSS6ktkP/UDN/UqeVTDSmzRnS+I7hYze50+N3SQeJhXeQY0blHe\n hwx4+tHeg86ioK5m28HEYgzz1sSle4bqbmkthwglyzKlXr4Cx/4svJxroB8N4k+KhONK\n YlozkVppHod/llWzwWXceCF6iqjcHku66OQn4FvqCw3MudHAn55FGYYISsqa857G3KfR\n 7zX2yEt7VwvmRw/IS3l0tUNwHY19xuJV2l02ClXeoikM+BL42bimUc7zVADO26FuVRo+\n eyvA==","ARC-Message-Signature":"i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;\n s=arc-20240605;\n h=cc:to:subject:message-id:date:from:in-reply-to:references\n :mime-version:dkim-signature;\n bh=Q7BIv8uWIJ8pLDBrK5H4keyMVoV5v32vUSjva8w2rDc=;\n fh=8xV1qIKPo9pas0nqHVH0I79/8Oiv0i7iC4KAr5IsCXA=;\n b=Tf+yFr9t+xlhCAUHV1wHQ5g7ISgpIuUBhjAQzuGa9A019rpfRQJUT4RN1yQ5P8Bfjl\n taQ1ZX5VBMwKmENWE4hB6EyU9QBYkQttjrA1XiulPuWlJlFIL+DFkbL10do02++gj+Ov\n f+qEQKTgtOI7EWEWFuJeBnVDdhRiM8QhHaTo4XTcPBAKD4M7vN3wglRqZ32dsWDyn2ZZ\n BhKomIOrVwmDVp4UCPS0vabwHvLl5mTgwCJ9CRC7iu3/FSMCe+3tTRhSadqob+D9+5Be\n T2EH6QQ0NlbI3eD1GnJgR1oQytWKUCEJdRyX4/7ad7qKY15O9jMA27O6DQe7+MDBqKlD\n yTMQ==; darn=lists.denx.de","ARC-Authentication-Results":"i=1; mx.google.com; arc=none","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=chromium.org; s=google; t=1775147860; x=1775752660; darn=lists.denx.de;\n h=cc:to:subject:message-id:date:from:in-reply-to:references\n :mime-version:from:to:cc:subject:date:message-id:reply-to;\n bh=Q7BIv8uWIJ8pLDBrK5H4keyMVoV5v32vUSjva8w2rDc=;\n b=QpZgiL6SG9IJdYrNYm+A3TFs7CgV7iIDdC1VXxWCNJGkQeagrx9li4pDtgqRTYOqTb\n gj2sP6YZAptw82FuTHJeDLcwSi7g71KOalfXcOaRh4ql/RVGdbMJ344WebJdvJM1so97\n SeFirMCNJFHbv6wWPu06wACwzgqfukh3UsgcM=","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1775147860; x=1775752660;\n h=cc:to:subject:message-id:date:from:in-reply-to:references\n :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=Q7BIv8uWIJ8pLDBrK5H4keyMVoV5v32vUSjva8w2rDc=;\n b=chgZ7yyHTe/QKp3cISjbqCaPIay17LeKaKsZHNr4bQZevbyJv/ZzcvrSSTxioq+1AT\n 3iT1GeiBDXQd0oJ4d5OepT+XgzwOl4D9c061RAe1+/Th8Nm13Gs5nU/b581WySz7EXIY\n 6IYRhiDJ8uXaIp8hKsfGTrJPwrKOliGZM44ewX8I8x6OA8BEVaxryTZCoPrdwmAi1j60\n rqakSDU4eZq5AHvNXZ1RY8+YsRyHY0IvdDZt+Ai0gqImHBzT5PBHUJRROsPOtl0KIULx\n pf4aa2eAz3j0q1BYjAeHCpiAAS6iiu+vqTj8W/YYp51hkW/1i8eu1ZlwGCvlO2rtzxOr\n C9hA==","X-Forwarded-Encrypted":"i=1;\n AJvYcCUFs5h1gIJZyQqRzk31pqF1v2N4tjggTO1NQHFK7utfYfCcFpRGmZ17z9fd6ec5PfEyxkBmQ+A=@lists.denx.de","X-Gm-Message-State":"AOJu0YxQs3ceI0blsYQTxTr1CQXhqKiJ813ziFBfIHSIzKPktaGr3IIP\n igI38wOydo7iIYvJycpXGVNvLKGSpHMVCcuB/6TCycvtgyJNtkKMmW0wE2i5IpxAqeY3fa2iXJt\n S5378NzJCYl/gyuIGDfUocjgb1co7rb24DocWVd42","X-Gm-Gg":"ATEYQzzsnWNISubEA9LqeiA/RlZfnIcBDRrrxC28vHZDeemc0UfB5Q6GxfXoIUezQrz\n RTT7J3MCGgiIgQgzu54XD0RXXjL4MxTp3aRj2Rx4zrJCTRpQmn/UE1iHhzaOxXMt85IBwkoSLfa\n 2ogP1YebBF6SsU7M+oPMcnE4FbEUC0rMQv+aZdVo9N7ReFh94JaOjq0xSs2fzJXJSj1Wl99e4Xf\n u+wm2dURp18osieBKJM9dOIbr5QD2AJdNG+NqtpaB+whkCVAPR5Z/aheDxohz8ilyMHnXisttGt\n SQRO8CkXy9YYrMdv","X-Received":"by 2002:a17:906:2099:b0:b9c:d04:e05f with SMTP id\n a640c23a62f3a-b9c13b2a8bcmr392455866b.32.1775147859621; Thu, 02 Apr 2026\n 09:37:39 -0700 (PDT)","MIME-Version":"1.0","References":"<cover.1775099118.git.daniel@makrotopia.org>\n <6cc0f6ccf692d97dafc073e08195e54b712882b4.1775099118.git.daniel@makrotopia.org>","In-Reply-To":"\n <6cc0f6ccf692d97dafc073e08195e54b712882b4.1775099118.git.daniel@makrotopia.org>","From":"Simon Glass <sjg@chromium.org>","Date":"Thu, 2 Apr 2026 10:37:27 -0600","X-Gm-Features":"AQROBzDG6uR86I9CNH7fALfAmXOE-k-XMPjxAQkPyTsr6jPaFsIzY9daRnmpTrM","Message-ID":"\n <CAFLszTgmb+6UaF5DW6ZmVnosh2HZKkC2xCbGmQ2gHPb5fLAsJA@mail.gmail.com>","Subject":"Re: [2/4] boot: fit: support generating DM verity cmdline parameters","To":"daniel@makrotopia.org","Cc":"Tom Rini <trini@konsulko.com>, Quentin Schulz <quentin.schulz@cherry.de>,\n  Kory Maincent <kory.maincent@bootlin.com>, Simon Glass <sjg@chromium.org>,\n  Mattijs Korpershoek <mkorpershoek@kernel.org>, Peng Fan <peng.fan@nxp.com>,\n Marek Vasut <marek.vasut+renesas@mailbox.org>,\n Martin Schwan <m.schwan@phytec.de>,  Anshul Dalal <anshuld@ti.com>,\n Ilias Apalodimas <ilias.apalodimas@linaro.org>,\n  Sughosh Ganu <sughosh.ganu@arm.com>,\n =?utf-8?b?54mbIOW/l+Wujw==?= <Zone.Niuzh@hotmail.com>,\n  Benjamin ROBIN <dev@benjarobin.fr>, Aristo Chen <jj251510319013@gmail.com>,\n  James Hilliard <james.hilliard1@gmail.com>,\n Frank Wunderlich <frank-w@public-files.de>,\n  Mayuresh Chitale <mchitale@ventanamicro.com>,\n Neil Armstrong <neil.armstrong@linaro.org>,\n  Wolfgang Wallner <wolfgang.wallner@at.abb.com>,\n Rasmus Villemoes <ravi@prevas.dk>,  Francois Berder <fberder@outlook.fr>,\n Shiji Yang <yangshiji66@outlook.com>, u-boot@lists.denx.de","Content-Type":"text/plain; charset=\"UTF-8\"","X-BeenThere":"u-boot@lists.denx.de","X-Mailman-Version":"2.1.39","Precedence":"list","List-Id":"U-Boot discussion <u-boot.lists.denx.de>","List-Unsubscribe":"<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>","List-Archive":"<https://lists.denx.de/pipermail/u-boot/>","List-Post":"<mailto:u-boot@lists.denx.de>","List-Help":"<mailto:u-boot-request@lists.denx.de?subject=help>","List-Subscribe":"<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>","Errors-To":"u-boot-bounces@lists.denx.de","Sender":"\"U-Boot\" <u-boot-bounces@lists.denx.de>","X-Virus-Scanned":"clamav-milter 0.103.8 at phobos.denx.de","X-Virus-Status":"Clean"}}]