diff mbox series

[U-Boot] fit: Verify all configuration signatures

Message ID 20180531155907.1869-1-marex@denx.de
State Accepted
Commit 078e558699844bfe5b21a5c9730bba84144ef642
Delegated to: Tom Rini
Headers show
Series [U-Boot] fit: Verify all configuration signatures | expand

Commit Message

Marek Vasut May 31, 2018, 3:59 p.m. UTC 
Rather than verifying configuration signature of the configuration node
containing the kernel image types, verify all configuration nodes, even
those that do not contain kernel images. This is useful when the nodes
contain ie. standalone OSes or U-Boot.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Tom Rini <trini@konsulko.com>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
---
 common/image-fit.c | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

Comments

Simon Glass June 7, 2018, 8:28 p.m. UTC | #1 
Hi Marek,

On 31 May 2018 at 07:59, Marek Vasut <marex@denx.de> wrote:
> Rather than verifying configuration signature of the configuration node
> containing the kernel image types, verify all configuration nodes, even
> those that do not contain kernel images. This is useful when the nodes
> contain ie. standalone OSes or U-Boot.
>
> Signed-off-by: Marek Vasut <marex@denx.de>
> Cc: Tom Rini <trini@konsulko.com>
> Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
> Cc: Simon Glass <sjg@chromium.org>
> ---
>  common/image-fit.c | 26 ++++++++++++++------------
>  1 file changed, 14 insertions(+), 12 deletions(-)
>

I'm a bit unsure of the implications of this. Also you should add
something to the testing to cover this case (test_fit.py).

Reviewed-by: Simon Glass <sjg@chromium.org>
Tom Rini July 11, 2018, 12:41 p.m. UTC | #2 
On Thu, May 31, 2018 at 05:59:07PM +0200, Marek Vasut wrote:

> Rather than verifying configuration signature of the configuration node
> containing the kernel image types, verify all configuration nodes, even
> those that do not contain kernel images. This is useful when the nodes
> contain ie. standalone OSes or U-Boot.
> 
> Signed-off-by: Marek Vasut <marex@denx.de>
> Cc: Tom Rini <trini@konsulko.com>
> Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
> Cc: Simon Glass <sjg@chromium.org>
> Reviewed-by: Simon Glass <sjg@chromium.org>

Applied to u-boot/master, thanks!
diff mbox series

Patch

diff --git a/common/image-fit.c b/common/image-fit.c
index 728187ac88..8d39a243f8 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -1838,24 +1838,26 @@  int fit_image_load(bootm_headers_t *images, ulong addr,
 					BOOTSTAGE_SUB_NO_UNIT_NAME);
 			return -ENOENT;
 		}
+
 		fit_base_uname_config = fdt_get_name(fit, cfg_noffset, NULL);
 		printf("   Using '%s' configuration\n", fit_base_uname_config);
-		if (image_type == IH_TYPE_KERNEL) {
-			/* Remember (and possibly verify) this config */
+		/* Remember this config */
+		if (image_type == IH_TYPE_KERNEL)
 			images->fit_uname_cfg = fit_base_uname_config;
-			if (IMAGE_ENABLE_VERIFY && images->verify) {
-				puts("   Verifying Hash Integrity ... ");
-				if (fit_config_verify(fit, cfg_noffset)) {
-					puts("Bad Data Hash\n");
-					bootstage_error(bootstage_id +
-						BOOTSTAGE_SUB_HASH);
-					return -EACCES;
-				}
-				puts("OK\n");
+
+		if (IMAGE_ENABLE_VERIFY && images->verify) {
+			puts("   Verifying Hash Integrity ... ");
+			if (fit_config_verify(fit, cfg_noffset)) {
+				puts("Bad Data Hash\n");
+				bootstage_error(bootstage_id +
+					BOOTSTAGE_SUB_HASH);
+				return -EACCES;
 			}
-			bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG);
+			puts("OK\n");
 		}
 
+		bootstage_mark(BOOTSTAGE_ID_FIT_CONFIG);
+
 		noffset = fit_conf_get_prop_node(fit, cfg_noffset,
 						 prop_name);
 		fit_uname = fit_get_name(fit, noffset, NULL);