{"id":2218917,"url":"http://patchwork.ozlabs.org/api/1.0/covers/2218917/?format=json","project":{"id":18,"url":"http://patchwork.ozlabs.org/api/1.0/projects/18/?format=json","name":"U-Boot","link_name":"uboot","list_id":"u-boot.lists.denx.de","list_email":"u-boot@lists.denx.de","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<cover.1775099118.git.daniel@makrotopia.org>","date":"2026-04-02T03:08:27","name":"[0/4] fit: dm-verity support","submitter":{"id":64091,"url":"http://patchwork.ozlabs.org/api/1.0/people/64091/?format=json","name":"Daniel Golle","email":"daniel@makrotopia.org"},"series":[{"id":498423,"url":"http://patchwork.ozlabs.org/api/1.0/series/498423/?format=json","date":"2026-04-02T03:08:27","name":"fit: dm-verity support","version":1,"mbox":"http://patchwork.ozlabs.org/series/498423/mbox/"}],"headers":{"Return-Path":"<u-boot-bounces@lists.denx.de>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)","phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=makrotopia.org","phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de","phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=makrotopia.org","phobos.denx.de;\n spf=pass smtp.mailfrom=daniel@makrotopia.org"],"Received":["from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fmRdw0zY6z1yFv\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 02 Apr 2026 14:09:08 +1100 (AEDT)","from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 0E3CB83CF5;\n\tThu,  2 Apr 2026 05:08:59 +0200 (CEST)","by phobos.denx.de (Postfix, from userid 109)\n id 55E9483CE3; Thu,  2 Apr 2026 05:08:58 +0200 (CEST)","from pidgin.makrotopia.org (pidgin.makrotopia.org\n [IPv6:2a07:2ec0:3002::65])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id C411C80212\n for <u-boot@lists.denx.de>; Thu,  2 Apr 2026 05:08:54 +0200 (CEST)","from local\n by pidgin.makrotopia.org with esmtpsa (TLS1.3:TLS_AES_256_GCM_SHA384:256)\n (Exim 4.99) (envelope-from <daniel@makrotopia.org>)\n id 1w88Q4-000000007f3-1dcZ; Thu, 02 Apr 2026 03:08:32 +0000"],"X-Spam-Checker-Version":"SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de","X-Spam-Level":"","X-Spam-Status":"No, score=-1.9 required=5.0 tests=BAYES_00,\n RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2","Date":"Thu, 2 Apr 2026 04:08:27 +0100","From":"Daniel Golle <daniel@makrotopia.org>","To":"Tom Rini <trini@konsulko.com>, Quentin Schulz <quentin.schulz@cherry.de>,\n Kory Maincent <kory.maincent@bootlin.com>, Simon Glass <sjg@chromium.org>,\n Mattijs Korpershoek <mkorpershoek@kernel.org>, Peng Fan <peng.fan@nxp.com>,\n Marek Vasut <marek.vasut+renesas@mailbox.org>,\n Daniel Golle <daniel@makrotopia.org>, Martin Schwan <m.schwan@phytec.de>,\n Anshul Dalal <anshuld@ti.com>,\n Ilias Apalodimas <ilias.apalodimas@linaro.org>,\n Sughosh Ganu <sughosh.ganu@arm.com>,\n =?utf-8?b?54mbIOW/l+Wujw==?= <Zone.Niuzh@hotmail.com>,\n Benjamin ROBIN <dev@benjarobin.fr>, Aristo Chen <jj251510319013@gmail.com>,\n James Hilliard <james.hilliard1@gmail.com>,\n Frank Wunderlich <frank-w@public-files.de>,\n Mayuresh Chitale <mchitale@ventanamicro.com>,\n Neil Armstrong <neil.armstrong@linaro.org>,\n Wolfgang Wallner <wolfgang.wallner@at.abb.com>,\n Rasmus Villemoes <ravi@prevas.dk>, Francois Berder <fberder@outlook.fr>,\n Shiji Yang <yangshiji66@outlook.com>, u-boot@lists.denx.de","Subject":"[PATCH 0/4] fit: dm-verity support","Message-ID":"<cover.1775099118.git.daniel@makrotopia.org>","MIME-Version":"1.0","Content-Type":"text/plain; charset=us-ascii","Content-Disposition":"inline","X-BeenThere":"u-boot@lists.denx.de","X-Mailman-Version":"2.1.39","Precedence":"list","List-Id":"U-Boot discussion <u-boot.lists.denx.de>","List-Unsubscribe":"<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>","List-Archive":"<https://lists.denx.de/pipermail/u-boot/>","List-Post":"<mailto:u-boot@lists.denx.de>","List-Help":"<mailto:u-boot-request@lists.denx.de?subject=help>","List-Subscribe":"<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>","Errors-To":"u-boot-bounces@lists.denx.de","Sender":"\"U-Boot\" <u-boot-bounces@lists.denx.de>","X-Virus-Scanned":"clamav-milter 0.103.8 at phobos.denx.de","X-Virus-Status":"Clean"},"content":"Hi,\n\nThis series adds dm-verity support to U-Boot's FIT image infrastructure.\nIt is the first logical subset of the larger OpenWrt boot method series\nposted as an RFC in February 2026 [1], extracted here for independent\nreview and merging.\n\nOpenWrt's firmware model embeds a read-only squashfs or erofs root\nfilesystem directly inside a uImage.FIT container as a FILESYSTEM-type\nloadable FIT image. At boot the kernel maps this sub-image directly from\nthe underlying block device via the fitblk driver (/dev/fit0, /dev/fit1,\n...), the goal is that the bootloader never even copies it to RAM.\n\ndm-verity enables the kernel to verify the integrity of those mapped\nfilesystems at read time, with a Merkle hash tree stored contiguously in\nthe same sub-image just after the data. Two kernel command-line\nparameters are required:\n\n  dm-mod.create=   -- the device-mapper target table for the verity device\n  dm-mod.waitfor=  -- a comma-separated list of block devices to wait for\n                      before dm-init sets up the targets (needed when fitblk\n                      probes late, e.g. because it depends on NVMEM\n                      calibration data)\n\nThe FIT dm-verity node schema was upstreamed into the flat-image-tree\nspecification [2], which this implementation tries to follow exactly.\n\nThe runtime feature is guarded behind CONFIG_FIT_VERITY. If not\nenabled the resulting binary size remains unchanged. If enabled the\nbinary size increases by about 3kB.\n\n[1] RFC/v2: https://www.mail-archive.com/u-boot@lists.denx.de/msg565945.html\n[2] flat-image-tree dm-verity node spec:\n    https://github.com/open-source-firmware/flat-image-tree/commit/795fd5fd7f0121d0cb03efb1900aafc61c704771\n\nDaniel Golle (4):\n  image: fit: add dm-verity property name constants\n  boot: fit: support generating DM verity cmdline parameters\n  tools: mkimage: add dm-verity Merkle-tree generation\n  doc: fit: add dm-verity boot parameter documentation\n\n boot/Kconfig                |  21 ++\n boot/bootm.c                |   7 +\n boot/image-board.c          |   5 +\n boot/image-fit.c            | 336 ++++++++++++++++++++++++++++++++\n doc/usage/fit/dm-verity.rst | 279 +++++++++++++++++++++++++++\n doc/usage/fit/index.rst     |   1 +\n include/image.h             |  97 +++++++++-\n tools/fit_image.c           | 111 ++++++++++-\n tools/image-host.c          | 369 +++++++++++++++++++++++++++++++++++-\n 9 files changed, 1215 insertions(+), 11 deletions(-)\n create mode 100644 doc/usage/fit/dm-verity.rst"}