mirror/u-boot-2016
1
0
Fork 0
mirror of https://git.codelinaro.org/clo/qsdk/oss/boot/u-boot-2016.git synced 2025-12-10 07:44:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fit_check_sign: Allow selecting the configuration to verify

Browse source 
This tool always verifies the default configuration. It is useful to be
able to verify a specific one. Add a command-line flag for this and plumb
the logic through.

Change-Id: I6022af77965aa107e4693119ac1a0ab750d3fe24
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Md Sadre Alam <quic_mdalam@quicinc.com>
This commit is contained in:
Simon Glass 2020-03-18 11:44:03 -06:00 committed by Gerrit - the friendly Code Review server
parent 0694be0b11
commit f9b8402471
3 changed files with 12 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
tools/fdt_host.h
View file

@ -11,6 +11,7 @@
#include "../include/libfdt.h"
#include "../include/fdt_support.h"
int fit_check_sign(const void *working_fdt, const void *key);
int fit_check_sign(const void *fit, const void *key,
const char *fit_uname_config);
#endif /* __FDT_HOST_H__ */

8
tools/fit_check_sign.c
View file

@ -42,6 +42,7 @@ int main(int argc, char **argv)
void *fit_blob;
char *fdtfile = NULL;
char *keyfile = NULL;
char *config_name = NULL;
char cmdname[256];
int ret;
void *key_blob;
@ -49,7 +50,7 @@ int main(int argc, char **argv)
strncpy(cmdname, *argv, sizeof(cmdname) - 1);
cmdname[sizeof(cmdname) - 1] = '\0';
while ((c = getopt(argc, argv, "f:k:")) != -1)
while ((c = getopt(argc, argv, "f:k:c")) != -1)
switch (c) {
case 'f':
fdtfile = optarg;
@ -57,6 +58,9 @@ int main(int argc, char **argv)
case 'k':
keyfile = optarg;
break;
case 'c':
config_name = optarg;
break;
default:
usage(cmdname);
break;
@ -79,7 +83,7 @@ int main(int argc, char **argv)
return EXIT_FAILURE;
image_set_host_blob(key_blob);
ret = fit_check_sign(fit_blob, key_blob);
ret = fit_check_sign(fit_blob, key_blob, config_name);
if (!ret) {
ret = EXIT_SUCCESS;
fprintf(stderr, "Signature check OK\n");

6
tools/image-host.c
View file

@ -708,12 +708,13 @@ int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
}
#ifdef CONFIG_FIT_SIGNATURE
int fit_check_sign(const void *fit, const void *key)
int fit_check_sign(const void *fit, const void *key,
const char *fit_uname_config)
{
int cfg_noffset;
int ret;
cfg_noffset = fit_conf_get_node(fit, NULL);
cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
if (!cfg_noffset)
return -1;
@ -721,6 +722,7 @@ int fit_check_sign(const void *fit, const void *key)
ret = fit_config_verify(fit, cfg_noffset);
if (ret)
return ret;
printf("Verified OK, loading images\n");
ret = bootm_host_load_images(fit, cfg_noffset);
return ret;