{"id":2223698,"url":"http://patchwork.ozlabs.org/api/1.1/covers/2223698/?format=json","web_url":"http://patchwork.ozlabs.org/project/uboot/cover/cover.1776302805.git.daniel@makrotopia.org/","project":{"id":18,"url":"http://patchwork.ozlabs.org/api/1.1/projects/18/?format=json","name":"U-Boot","link_name":"uboot","list_id":"u-boot.lists.denx.de","list_email":"u-boot@lists.denx.de","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"","date":"2026-04-16T01:46:15","name":"[v2,0/7] fit: dm-verity support","submitter":{"id":64091,"url":"http://patchwork.ozlabs.org/api/1.1/people/64091/?format=json","name":"Daniel Golle","email":"daniel@makrotopia.org"},"mbox":"http://patchwork.ozlabs.org/project/uboot/cover/cover.1776302805.git.daniel@makrotopia.org/mbox/","series":[{"id":500065,"url":"http://patchwork.ozlabs.org/api/1.1/series/500065/?format=json","web_url":"http://patchwork.ozlabs.org/project/uboot/list/?series=500065","date":"2026-04-16T01:46:15","name":"fit: dm-verity support","version":2,"mbox":"http://patchwork.ozlabs.org/series/500065/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/covers/2223698/comments/","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=85.214.62.61; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)","phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=makrotopia.org","phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de","phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=makrotopia.org","phobos.denx.de;\n spf=pass smtp.mailfrom=daniel@makrotopia.org"],"Received":["from phobos.denx.de (phobos.denx.de [85.214.62.61])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fx18f5zZ6z1yG9\n\tfor ; Thu, 16 Apr 2026 11:46:58 +1000 (AEST)","from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id F0A6383EEF;\n\tThu, 16 Apr 2026 03:46:50 +0200 (CEST)","by phobos.denx.de (Postfix, from userid 109)\n id 9C75E84105; Thu, 16 Apr 2026 03:46:50 +0200 (CEST)","from pidgin.makrotopia.org (pidgin.makrotopia.org\n [IPv6:2a07:2ec0:3002::65])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id F354583B99\n for ; Thu, 16 Apr 2026 03:46:47 +0200 (CEST)","from local\n by pidgin.makrotopia.org with esmtpsa (TLS1.3:TLS_AES_256_GCM_SHA384:256)\n (Exim 4.99) (envelope-from )\n id 1wDBoF-000000006cz-1SWR; Thu, 16 Apr 2026 01:46:23 +0000"],"X-Spam-Checker-Version":"SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de","X-Spam-Level":"","X-Spam-Status":"No, score=-1.9 required=5.0 tests=BAYES_00,\n RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2","Date":"Thu, 16 Apr 2026 02:46:15 +0100","From":"Daniel Golle ","To":"Tom Rini , Simon Glass ,\n Quentin Schulz ,\n Kory Maincent ,\n Mattijs Korpershoek , Peng Fan ,\n Heinrich Schuchardt ,\n Martin Schwan ,\n Daniel Golle , Anshul Dalal ,\n Ilias Apalodimas ,\n Sughosh Ganu ,\n Aristo Chen ,\n Ludwig Nussel ,\n Benjamin ROBIN ,\n Marek Vasut ,\n James Hilliard ,\n Wolfgang Wallner ,\n Kunihiko Hayashi ,\n David Lechner ,\n Neil Armstrong ,\n Mayuresh Chitale ,\n Jonas Karlman , Shiji Yang ,\n Rasmus Villemoes ,\n Francois Berder , u-boot@lists.denx.de","Subject":"[PATCH v2 0/7] fit: dm-verity support","Message-ID":"","MIME-Version":"1.0","Content-Type":"text/plain; charset=us-ascii","Content-Disposition":"inline","X-BeenThere":"u-boot@lists.denx.de","X-Mailman-Version":"2.1.39","Precedence":"list","List-Id":"U-Boot discussion ","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Errors-To":"u-boot-bounces@lists.denx.de","Sender":"\"U-Boot\" ","X-Virus-Scanned":"clamav-milter 0.103.8 at phobos.denx.de","X-Virus-Status":"Clean"},"content":"This series adds dm-verity support to U-Boot's FIT image infrastructure.\nIt is the first logical subset of the larger OpenWrt boot method series\nposted as an RFC in February 2026 [1], extracted here for independent\nreview and merging.\n\nOpenWrt's firmware model embeds a read-only squashfs or erofs root\nfilesystem directly inside a uImage.FIT container as a FILESYSTEM-type\nloadable FIT image. At boot the kernel maps this sub-image directly from\nthe underlying block device via the fitblk driver (/dev/fit0, /dev/fit1,\n...), the goal is that the bootloader never even copies it to RAM.\n\ndm-verity enables the kernel to verify the integrity of those mapped\nfilesystems at read time, with a Merkle hash tree stored contiguously in\nthe same sub-image just after the data. Two kernel command-line\nparameters are required:\n\n dm-mod.create= -- the device-mapper target table for the verity device\n dm-mod.waitfor= -- a comma-separated list of block devices to wait for\n before dm-init sets up the targets (needed when fitblk\n probes late, e.g. because it depends on NVMEM\n calibration data)\n\nThe FIT dm-verity node schema was upstreamed into the flat-image-tree\nspecification [2], which this implementation tries to follow exactly.\n\nThe runtime feature is guarded behind CONFIG_FIT_VERITY. If not\nenabled the resulting binary size remains unchanged. If enabled the\nbinary size increases by about 3kB.\n\n[1] RFC/v2: https://www.mail-archive.com/u-boot@lists.denx.de/msg565945.html\n[2] flat-image-tree dm-verity node spec:\n https://github.com/open-source-firmware/flat-image-tree/commit/795fd5fd7f0121d0cb03efb1900aafc61c704771\n\nv2: address comments by Simon Glass\n * use is_power_of_2() for pre-boot sanity check\n * let fit_verity_build_cmdline() return 0 on success\n * add comment explaining why bootm_start() calls fit_verity_free()\n * use existing hex2bin() (and adapt it to be usable for host-tools)\n * fix stale comment still including superblock despite veritysetup\n being called with --no-superblock\n * add power-of-two check for data-block-size and hash-block-size to\n mkimage\n * don't ignore return value of fdt_delprop()\n * various documentation fixes, minimal example\n * add pytest for mkimage part\n * add run-time unit test for cmdline generation part\n\nDaniel Golle (7):\n image: fit: add dm-verity property name constants\n boot: fit: support generating DM verity cmdline parameters\n include: hexdump: make hex2bin() usable from host tools\n tools: mkimage: add dm-verity Merkle-tree generation\n doc: fit: add dm-verity boot parameter documentation\n test: boot: add runtime unit test for fit_verity_build_cmdline()\n test: py: add mkimage dm-verity round-trip test\n\n boot/Kconfig | 20 ++\n boot/bootm.c | 13 ++\n boot/image-board.c | 5 +\n boot/image-fit.c | 337 +++++++++++++++++++++++++++++\n doc/usage/fit/dm-verity.rst | 282 +++++++++++++++++++++++++\n doc/usage/fit/index.rst | 1 +\n include/hexdump.h | 8 +-\n include/image.h | 97 ++++++++-\n test/boot/Makefile | 1 +\n test/boot/fit_verity.c | 298 ++++++++++++++++++++++++++\n test/cmd_ut.c | 2 +\n test/py/tests/test_fit_verity.py | 153 ++++++++++++++\n tools/fit_image.c | 116 +++++++++-\n tools/image-host.c | 349 ++++++++++++++++++++++++++++++-\n 14 files changed, 1669 insertions(+), 13 deletions(-)\n create mode 100644 doc/usage/fit/dm-verity.rst\n create mode 100644 test/boot/fit_verity.c\n create mode 100644 test/py/tests/test_fit_verity.py"}