Re: [RFC] Kernel command line from FIT image

[Rasmus Villemoes <ravi@prevas.dk>]

On Thu, Jan 29 2026, Olivier Benjamin <olivier.benjamin@bootlin.com> wrote:

> Hello,
>
> While reading section 5.7.3 of the FIT image spec [1], I noticed the
> "cmdline" property:
>
> "cmdline
> Command line passed to the next boot stage, e.g. the operating system
> kernel. The value is an UTF-8 encoded string." 
>
> However, looking at the mkimage sources, more specifically
> include/image.h [2], it looks like this property is unsupported.
>
> If properly implemented so that the cmdline can be signed, this would
> imho be a viable option for passing the dm-verity bootargs in verified boot.
> It could be an alternative to the option of sourcing a script that has
> to be referenced via the configuration, as discussed in [3].
>
> I have not found a discussion regarding supporting this property in
> U-Boot, has it been discussed and rejected, or has it not made it to
> contributor's priority list?

Not really an answer, but IME it is much easier to embed the kernel
command line with the kernel image itself via the CONFIG_BOOT_CONFIG
mechanism. That way the cmdline is automatically verified by whatever
mechanism verifies the kernel image.

Yes, if the purpose is to embed a root hash for use with dm-verity, it's
very annoying to rebuild the entire kernel whenever the rootfs changes,
i.e. all the time. But we don't to that, we boot using an initramfs that
has that root hash embedded, and rebuilding the initramfs (and then the
FIT image) is much less of a hassle. 

Rasmus