[U-Boot] [PATCH v3 2/8] fdt: add "fdt checksign" command

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Heiko Schocher <hs@denx.de>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v3 2/8] fdt: add "fdt checksign" command
Date: Mon,  3 Mar 2014 12:19:24 +0100	[thread overview]
Message-ID: <1393845570-3283-3-git-send-email-hs@denx.de> (raw)
In-Reply-To: <1393845570-3283-1-git-send-email-hs@denx.de>

check if a fdt is correct signed
pass an optional addr value. Contains the addr of the key blob

Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Simon Glass <sjg@chromium.org>

---
changes vor v2:
- add comment from Simon Glass:
  - rename "fdt sign" to "fdt checksign"
    -> rename patch subject from "fdt: add "fdt sign" command"
       to "fdt: add "fdt checksign" command"
  - add error message
changes for v2:
  add Acked-by from Simon Glass
---
 common/cmd_fdt.c | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/common/cmd_fdt.c b/common/cmd_fdt.c
index 3a9edd6..a6744ed 100644
--- a/common/cmd_fdt.c
+++ b/common/cmd_fdt.c
@@ -570,7 +570,7 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 		ft_board_setup(working_fdt, gd->bd);
 #endif
 	/* Create a chosen node */
-	else if (argv[1][0] == 'c') {
+	else if (strncmp(argv[1], "cho", 3) == 0) {
 		unsigned long initrd_start = 0, initrd_end = 0;
 
 		if ((argc != 2) && (argc != 4))
@@ -583,6 +583,41 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 
 		fdt_chosen(working_fdt, 1);
 		fdt_initrd(working_fdt, initrd_start, initrd_end, 1);
+
+#if defined(CONFIG_FIT_SIGNATURE)
+	} else if (strncmp(argv[1], "che", 3) == 0) {
+		int cfg_noffset;
+		int ret;
+		unsigned long addr;
+		struct fdt_header *blob;
+
+		if (!working_fdt)
+			return CMD_RET_FAILURE;
+
+		if (argc > 2) {
+			addr = simple_strtoul(argv[2], NULL, 16);
+			blob = map_sysmem(addr, 0);
+		} else {
+			blob = (struct fdt_header *)gd->fdt_blob;
+		}
+		if (!fdt_valid(&blob))
+			return 1;
+
+		gd->fdt_blob = blob;
+		cfg_noffset = fit_conf_get_node(working_fdt, NULL);
+		if (!cfg_noffset) {
+			printf("Could not find configuration node: %s\n",
+			       fdt_strerror(cfg_noffset));
+			return CMD_RET_FAILURE;
+		}
+
+		ret = fit_config_verify(working_fdt, cfg_noffset);
+		if (ret == 1)
+			return CMD_RET_SUCCESS;
+		else
+			return CMD_RET_FAILURE;
+#endif
+
 	}
 	/* resize the fdt */
 	else if (strncmp(argv[1], "re", 2) == 0) {
@@ -992,6 +1027,11 @@ static char fdt_help_text[] =
 	"fdt rsvmem delete <index>           - Delete a mem reserves\n"
 	"fdt chosen [<start> <end>]          - Add/update the /chosen branch in the tree\n"
 	"                                        <start>/<end> - initrd start/end addr\n"
+#if defined(CONFIG_FIT_SIGNATURE)
+	"fdt checksign [<addr>]              - check FIT signature\n"
+	"                                        <start> - addr of key blob\n"
+	"                                                  default gd->fdt_blob\n"
+#endif
 	"NOTE: Dereference aliases by omiting the leading '/', "
 		"e.g. fdt print ethernet0.";
 #endif
-- 
1.8.3.1

next prev parent reply	other threads:[~2014-03-03 11:19 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-03-03 11:19 [U-Boot] [PATCH v3 0/8] common, fit, rsa: enhancements Heiko Schocher
2014-03-03 11:19 ` [U-Boot] [PATCH v3 1/8] tools/image-host: fix sign-images bug Heiko Schocher
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,1/8] " Tom Rini
2014-03-03 11:19 ` Heiko Schocher [this message]
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,2/8] fdt: add "fdt checksign" command Tom Rini
2014-03-03 11:19 ` [U-Boot] [PATCH v3 3/8] fit: add sha256 support Heiko Schocher
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,3/8] " Tom Rini
2014-03-03 11:19 ` [U-Boot] [PATCH v3 4/8] rsa: add sha256-rsa2048 algorithm Heiko Schocher
2014-03-09  5:33   ` Simon Glass
2014-03-10  6:00     ` Heiko Schocher
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,4/8] " Tom Rini
2014-03-03 11:19 ` [U-Boot] [PATCH v3 5/8] rsa: add sha256,rsa4096 algorithm Heiko Schocher
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,5/8] " Tom Rini
2014-03-03 11:19 ` [U-Boot] [PATCH v3 6/8] gen: Add progressive hash API Heiko Schocher
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,6/8] " Tom Rini
2014-03-03 11:19 ` [U-Boot] [PATCH v3 7/8] tools, fit: add fit_info host command Heiko Schocher
2014-03-09  5:41   ` Simon Glass
2014-03-27 16:58   ` [U-Boot] [U-Boot,v3,7/8] " Tom Rini
2014-03-03 11:19 ` [U-Boot] [PATCH v3 8/8] tools, fit_check_sign: verify a signed fit image Heiko Schocher
2014-03-09  5:47   ` Simon Glass
2014-03-27 16:58   ` [U-Boot] [U-Boot, v3, " Tom Rini

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3a9edd6 dfblob:a6744ed )
 OR (
bs:"[U-Boot] [PATCH v3 2/8] fdt: add "
bs:"fdt checksign"
bs:" command" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1393845570-3283-3-git-send-email-hs@denx.de \
    --to=hs@denx.de \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox