From: Daniel Golle <daniel@makrotopia.org>
To: "Tom Rini" <trini@konsulko.com>,
"Quentin Schulz" <quentin.schulz@cherry.de>,
"Kory Maincent" <kory.maincent@bootlin.com>,
"Simon Glass" <sjg@chromium.org>,
"Mattijs Korpershoek" <mkorpershoek@kernel.org>,
"Peng Fan" <peng.fan@nxp.com>,
"Marek Vasut" <marek.vasut+renesas@mailbox.org>,
"Daniel Golle" <daniel@makrotopia.org>,
"Martin Schwan" <m.schwan@phytec.de>,
"Anshul Dalal" <anshuld@ti.com>,
"Ilias Apalodimas" <ilias.apalodimas@linaro.org>,
"Sughosh Ganu" <sughosh.ganu@arm.com>,
"牛 志宏" <Zone.Niuzh@hotmail.com>,
"Benjamin ROBIN" <dev@benjarobin.fr>,
"Aristo Chen" <jj251510319013@gmail.com>,
"James Hilliard" <james.hilliard1@gmail.com>,
"Frank Wunderlich" <frank-w@public-files.de>,
"Mayuresh Chitale" <mchitale@ventanamicro.com>,
"Neil Armstrong" <neil.armstrong@linaro.org>,
"Wolfgang Wallner" <wolfgang.wallner@at.abb.com>,
"Rasmus Villemoes" <ravi@prevas.dk>,
"Francois Berder" <fberder@outlook.fr>,
"Shiji Yang" <yangshiji66@outlook.com>,
u-boot@lists.denx.de
Subject: [PATCH 0/4] fit: dm-verity support
Date: Thu, 2 Apr 2026 04:08:27 +0100 [thread overview]
Message-ID: <cover.1775099118.git.daniel@makrotopia.org> (raw)
Hi,
This series adds dm-verity support to U-Boot's FIT image infrastructure.
It is the first logical subset of the larger OpenWrt boot method series
posted as an RFC in February 2026 [1], extracted here for independent
review and merging.
OpenWrt's firmware model embeds a read-only squashfs or erofs root
filesystem directly inside a uImage.FIT container as a FILESYSTEM-type
loadable FIT image. At boot the kernel maps this sub-image directly from
the underlying block device via the fitblk driver (/dev/fit0, /dev/fit1,
...), the goal is that the bootloader never even copies it to RAM.
dm-verity enables the kernel to verify the integrity of those mapped
filesystems at read time, with a Merkle hash tree stored contiguously in
the same sub-image just after the data. Two kernel command-line
parameters are required:
dm-mod.create= -- the device-mapper target table for the verity device
dm-mod.waitfor= -- a comma-separated list of block devices to wait for
before dm-init sets up the targets (needed when fitblk
probes late, e.g. because it depends on NVMEM
calibration data)
The FIT dm-verity node schema was upstreamed into the flat-image-tree
specification [2], which this implementation tries to follow exactly.
The runtime feature is guarded behind CONFIG_FIT_VERITY. If not
enabled the resulting binary size remains unchanged. If enabled the
binary size increases by about 3kB.
[1] RFC/v2: https://www.mail-archive.com/u-boot@lists.denx.de/msg565945.html
[2] flat-image-tree dm-verity node spec:
https://github.com/open-source-firmware/flat-image-tree/commit/795fd5fd7f0121d0cb03efb1900aafc61c704771
Daniel Golle (4):
image: fit: add dm-verity property name constants
boot: fit: support generating DM verity cmdline parameters
tools: mkimage: add dm-verity Merkle-tree generation
doc: fit: add dm-verity boot parameter documentation
boot/Kconfig | 21 ++
boot/bootm.c | 7 +
boot/image-board.c | 5 +
boot/image-fit.c | 336 ++++++++++++++++++++++++++++++++
doc/usage/fit/dm-verity.rst | 279 +++++++++++++++++++++++++++
doc/usage/fit/index.rst | 1 +
include/image.h | 97 +++++++++-
tools/fit_image.c | 111 ++++++++++-
tools/image-host.c | 369 +++++++++++++++++++++++++++++++++++-
9 files changed, 1215 insertions(+), 11 deletions(-)
create mode 100644 doc/usage/fit/dm-verity.rst
--
2.53.0
next reply other threads:[~2026-04-02 3:09 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-02 3:08 Daniel Golle [this message]
2026-04-02 3:08 ` [PATCH 1/4] image: fit: add dm-verity property name constants Daniel Golle
2026-04-02 16:32 ` [1/4] " Simon Glass
2026-04-02 3:08 ` [PATCH 2/4] boot: fit: support generating DM verity cmdline parameters Daniel Golle
2026-04-02 16:37 ` [2/4] " Simon Glass
2026-04-02 3:09 ` [PATCH 3/4] tools: mkimage: add dm-verity Merkle-tree generation Daniel Golle
2026-04-02 3:09 ` [PATCH 4/4] doc: fit: add dm-verity boot parameter documentation Daniel Golle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1775099118.git.daniel@makrotopia.org \
--to=daniel@makrotopia.org \
--cc=Zone.Niuzh@hotmail.com \
--cc=anshuld@ti.com \
--cc=dev@benjarobin.fr \
--cc=fberder@outlook.fr \
--cc=frank-w@public-files.de \
--cc=ilias.apalodimas@linaro.org \
--cc=james.hilliard1@gmail.com \
--cc=jj251510319013@gmail.com \
--cc=kory.maincent@bootlin.com \
--cc=m.schwan@phytec.de \
--cc=marek.vasut+renesas@mailbox.org \
--cc=mchitale@ventanamicro.com \
--cc=mkorpershoek@kernel.org \
--cc=neil.armstrong@linaro.org \
--cc=peng.fan@nxp.com \
--cc=quentin.schulz@cherry.de \
--cc=ravi@prevas.dk \
--cc=sjg@chromium.org \
--cc=sughosh.ganu@arm.com \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
--cc=wolfgang.wallner@at.abb.com \
--cc=yangshiji66@outlook.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.