Patchwork [U-Boot,RFC,37/44] mkimage: Add -K to write public keys to an FDT blob

login
register
mail settings
Submitter Simon Glass
Date Jan. 5, 2013, 1:52 a.m.
Message ID <1357350734-13737-38-git-send-email-sjg@chromium.org>
Download mbox | patch
Permalink /patch/209610/
State Superseded, archived
Headers show

Comments

Simon Glass - Jan. 5, 2013, 1:52 a.m.
FIT image verification requires public keys. Add a convenient option to
mkimage to write the public keys to an FDT blob when it uses then for
signing an image. This allows us to use:

   mkimage -f test.its -K dest.dtb -k keys test.fit

and have the signatures written to test.fit and the corresponding public
keys written to dest.dtb. Then dest.dtb can be used as the control FDT
for U-Boot (CONFIG_OF_CONTROL), thus providing U-Boot with access to the
public keys it needs.

Signed-off-by: Simon Glass <sjg@chromium.org>
---
 doc/mkimage.1     |   16 ++++++++++++++++
 tools/fit_image.c |   21 +++++++++++++++++++--
 tools/mkimage.c   |    7 ++++++-
 tools/mkimage.h   |    1 +
 4 files changed, 42 insertions(+), 3 deletions(-)
Marek Vasut - Jan. 5, 2013, 8:25 a.m.
Dear Simon Glass,

> FIT image verification requires public keys. Add a convenient option to
> mkimage to write the public keys to an FDT blob when it uses then for
> signing an image. This allows us to use:
> 
>    mkimage -f test.its -K dest.dtb -k keys test.fit
> 
> and have the signatures written to test.fit and the corresponding public
> keys written to dest.dtb. Then dest.dtb can be used as the control FDT
> for U-Boot (CONFIG_OF_CONTROL), thus providing U-Boot with access to the
> public keys it needs.
> 
> Signed-off-by: Simon Glass <sjg@chromium.org>

Reviewed-by: Marek Vasut <marex@denx.de>

Best regards,
Marek Vasut

Patch

diff --git a/doc/mkimage.1 b/doc/mkimage.1
index 6740fb1..8185ff5 100644
--- a/doc/mkimage.1
+++ b/doc/mkimage.1
@@ -109,6 +109,14 @@  Specifies the directory containing keys to use for signing. This directory
 should contain a private key file <name>.key for use with signing and a
 certificate <name>.crt (containing the public key) for use with verification.
 
+.TP
+.BI "\-K [" "key_destination" "]"
+Specifies a compiled device tree binary file (typically .dtb) to write
+public key information into. When a private key is used to sign an image,
+the corresponding public key is written into this file for for run-time
+verification. Typically the file here is the device tree binary used by
+CONFIG_OF_CONTROL in U-Boot.
+
 .SH EXAMPLES
 
 List image information:
@@ -127,6 +135,14 @@  Create FIT image with compressed PowerPC Linux kernel:
 .nf
 .B mkimage -f kernel.its kernel.itb
 .fi
+.P
+Create FIT image with compressed kernel and sign it with keys in the
+/public/signing-keys directory. Add corresponding public keys into u-boot.dtb,
+skipping those for which keys cannot be found. Also add a comment.
+.nf
+.B mkimage -f kernel.its -k /public/signing-keys -K u-boot.dtb \\\\
+-c "Kernel 3.8 image for production devices" kernel.itb
+.fi
 
 .SH HOMEPAGE
 http://www.denx.de/wiki/U-Boot/WebHome
diff --git a/tools/fit_image.c b/tools/fit_image.c
index 5d04f96..306298a 100644
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -105,9 +105,11 @@  static int fit_handle_file (struct mkimage_params *params)
 {
 	char tmpfile[MKIMAGE_MAX_TMPFILE_LEN];
 	char cmd[MKIMAGE_MAX_DTC_CMDLINE_LEN];
-	int tfd;
+	int tfd, destfd = 0;
+	void *dest_blob = NULL;
 	struct stat sbuf;
 	void *ptr;
+	off_t destfd_size = 0;
 
 	/* Flattened Image Tree (FIT) format  handling */
 	debug ("FIT format handling\n");
@@ -132,12 +134,20 @@  static int fit_handle_file (struct mkimage_params *params)
 		goto err_system;
 	}
 
+	if (params->keydest) {
+		destfd = mmap_fdt(params, params->keydest, &dest_blob, &sbuf);
+		if (destfd < 0)
+			goto err_keydest;
+		destfd_size = sbuf.st_size;
+	}
+
 	tfd = mmap_fdt(params, tmpfile, &ptr, &sbuf);
 	if (tfd < 0)
 		goto err_mmap;
 
 	/* set hashes for images in the blob */
-	if (fit_add_verification_data(params->keydir, NULL, ptr, NULL, 0)) {
+	if (fit_add_verification_data(params->keydir,
+			dest_blob, ptr, NULL, 0)) {
 		fprintf (stderr, "%s Can't add hashes to FIT blob",
 				params->cmdname);
 		goto err_add_hashes;
@@ -153,6 +163,10 @@  static int fit_handle_file (struct mkimage_params *params)
 
 	munmap ((void *)ptr, sbuf.st_size);
 	close (tfd);
+	if (dest_blob) {
+		munmap(dest_blob, destfd_size);
+		close(destfd);
+	}
 
 	if (rename (tmpfile, params->imagefile) == -1) {
 		fprintf (stderr, "%s: Can't rename %s to %s: %s\n",
@@ -168,6 +182,9 @@  err_add_timestamp:
 err_add_hashes:
 	munmap(ptr, sbuf.st_size);
 err_mmap:
+	if (dest_blob)
+		munmap(dest_blob, destfd_size);
+err_keydest:
 err_system:
 	unlink(tmpfile);
 	return -1;
diff --git a/tools/mkimage.c b/tools/mkimage.c
index 0eae136..30a5a06 100644
--- a/tools/mkimage.c
+++ b/tools/mkimage.c
@@ -253,6 +253,11 @@  main (int argc, char **argv)
 					usage();
 				params.keydir = *++argv;
 				goto NXTARG;
+			case 'K':
+				if (--argc <= 0)
+					usage();
+				params.keydest = *++argv;
+				goto NXTARG;
 			case 'n':
 				if (--argc <= 0)
 					usage ();
@@ -628,7 +633,7 @@  usage ()
 			 "          -d ==> use image data from 'datafile'\n"
 			 "          -x ==> set XIP (execute in place)\n",
 		params.cmdname);
-	fprintf(stderr, "       %s [-k keydir] [-D dtc_options]"
+	fprintf(stderr, "       %s [-k keydir] [-K dtb] [-D dtc_options]"
 			" -f fit-image.its fit-image\n", params.cmdname);
 	fprintf (stderr, "       %s -V ==> print version information and exit\n",
 		params.cmdname);
diff --git a/tools/mkimage.h b/tools/mkimage.h
index 2a5f115..41bec21 100644
--- a/tools/mkimage.h
+++ b/tools/mkimage.h
@@ -76,6 +76,7 @@  struct mkimage_params {
 	char *imagefile;
 	char *cmdname;
 	const char *keydir;	/* Directory holding private keys */
+	const char *keydest;	/* Destination .dtb for public key */
 };
 
 /*