Message ID | 20180531155907.1869-1-marex@denx.de |
---|---|
State | Accepted |
Commit | 078e558699844bfe5b21a5c9730bba84144ef642 |
Delegated to: | Tom Rini |
Headers | show |
Series | [U-Boot] fit: Verify all configuration signatures | expand |
Hi Marek, On 31 May 2018 at 07:59, Marek Vasut <marex@denx.de> wrote: > Rather than verifying configuration signature of the configuration node > containing the kernel image types, verify all configuration nodes, even > those that do not contain kernel images. This is useful when the nodes > contain ie. standalone OSes or U-Boot. > > Signed-off-by: Marek Vasut <marex@denx.de> > Cc: Tom Rini <trini@konsulko.com> > Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com> > Cc: Simon Glass <sjg@chromium.org> > --- > common/image-fit.c | 26 ++++++++++++++------------ > 1 file changed, 14 insertions(+), 12 deletions(-) > I'm a bit unsure of the implications of this. Also you should add something to the testing to cover this case (test_fit.py). Reviewed-by: Simon Glass <sjg@chromium.org>
On Thu, May 31, 2018 at 05:59:07PM +0200, Marek Vasut wrote: > Rather than verifying configuration signature of the configuration node > containing the kernel image types, verify all configuration nodes, even > those that do not contain kernel images. This is useful when the nodes > contain ie. standalone OSes or U-Boot. > > Signed-off-by: Marek Vasut <marex@denx.de> > Cc: Tom Rini <trini@konsulko.com> > Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com> > Cc: Simon Glass <sjg@chromium.org> > Reviewed-by: Simon Glass <sjg@chromium.org> Applied to u-boot/master, thanks!
diff --git a/common/image-fit.c b/common/image-fit.c index 728187ac88..8d39a243f8 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1838,24 +1838,26 @@ int fit_image_load(bootm_headers_t *images, ulong addr, BOOTSTAGE_SUB_NO_UNIT_NAME); return -ENOENT; } + fit_base_uname_config = fdt_get_name(fit, cfg_noffset, NULL); printf(" Using '%s' configuration\n", fit_base_uname_config); - if (image_type == IH_TYPE_KERNEL) { - /* Remember (and possibly verify) this config */ + /* Remember this config */ + if (image_type == IH_TYPE_KERNEL) images->fit_uname_cfg = fit_base_uname_config; - if (IMAGE_ENABLE_VERIFY && images->verify) { - puts(" Verifying Hash Integrity ... "); - if (fit_config_verify(fit, cfg_noffset)) { - puts("Bad Data Hash\n"); - bootstage_error(bootstage_id + - BOOTSTAGE_SUB_HASH); - return -EACCES; - } - puts("OK\n"); + + if (IMAGE_ENABLE_VERIFY && images->verify) { + puts(" Verifying Hash Integrity ... "); + if (fit_config_verify(fit, cfg_noffset)) { + puts("Bad Data Hash\n"); + bootstage_error(bootstage_id + + BOOTSTAGE_SUB_HASH); + return -EACCES; } - bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG); + puts("OK\n"); } + bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG); + noffset = fit_conf_get_prop_node(fit, cfg_noffset, prop_name); fit_uname = fit_get_name(fit, noffset, NULL);
Rather than verifying configuration signature of the configuration node containing the kernel image types, verify all configuration nodes, even those that do not contain kernel images. This is useful when the nodes contain ie. standalone OSes or U-Boot. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Tom Rini <trini@konsulko.com> Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com> Cc: Simon Glass <sjg@chromium.org> --- common/image-fit.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-)