@@ -182,9 +182,6 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector,
uint8_t image_comp = -1, type = -1;
const void *data;
bool external_data = false;
-#ifdef CONFIG_SPL_FIT_SIGNATURE
- int ret;
-#endif
if (IS_ENABLED(CONFIG_SPL_OS_BOOT) && IS_ENABLED(CONFIG_SPL_GZIP)) {
if (fit_image_get_comp(fit, node, &image_comp))
@@ -245,6 +242,15 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector,
src = (void *)data;
}
+#ifdef CONFIG_SPL_FIT_SIGNATURE
+ printf("## Checking hash(es) for Image %s ... ",
+ fit_get_name(fit, node, NULL));
+ if (!fit_image_verify_with_data(fit, node,
+ src, length))
+ return -EPERM;
+ puts("OK\n");
+#endif
+
#ifdef CONFIG_SPL_FIT_IMAGE_POST_PROCESS
board_fit_image_post_process(&src, &length);
#endif
@@ -270,16 +276,7 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector,
image_info->entry_point = fdt_getprop_u32(fit, node, "entry");
}
-#ifdef CONFIG_SPL_FIT_SIGNATURE
- printf("## Checking hash(es) for Image %s ...\n",
- fit_get_name(fit, node, NULL));
- ret = fit_image_verify_with_data(fit, node,
- (const void *)load_addr, length);
- printf("\n");
- return !ret;
-#else
return 0;
-#endif
}
static int spl_fit_append_fdt(struct spl_image_info *spl_image,
Verification of hashes needs to take place before any image post processing, thus matching full FIT image processing. This allows mechanisms such as encryption be applied to images prior to fit generation at the spl level. Signed-off-by: Ben Whitten <ben.whitten@lairdtech.com> --- common/spl/spl_fit.c | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-)