* [RFC] Kernel command line from FIT image
@ 2026-01-29 9:40 Olivier Benjamin
2026-01-29 12:34 ` Rasmus Villemoes
0 siblings, 1 reply; 2+ messages in thread
From: Olivier Benjamin @ 2026-01-29 9:40 UTC (permalink / raw)
To: u-boot@lists.denx.de
Hello,
While reading section 5.7.3 of the FIT image spec [1], I noticed the
"cmdline" property:
"cmdline
Command line passed to the next boot stage, e.g. the operating system
kernel. The value is an UTF-8 encoded string."
However, looking at the mkimage sources, more specifically
include/image.h [2], it looks like this property is unsupported.
If properly implemented so that the cmdline can be signed, this would
imho be a viable option for passing the dm-verity bootargs in verified boot.
It could be an alternative to the option of sourcing a script that has
to be referenced via the configuration, as discussed in [3].
I have not found a discussion regarding supporting this property in
U-Boot, has it been discussed and rejected, or has it not made it to
contributor's priority list?
Kind regards,
Olivier
[1]: https://fitspec.osfw.foundation/#optional-properties
[2]: https://elixir.bootlin.com/u-boot/v2026.01/source/include/image.h#L1095
[3]:
https://source.denx.de/u-boot/u-boot/-/commit/bcc85b96b5ffbbce19a89747138feb873d918915
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [RFC] Kernel command line from FIT image
2026-01-29 9:40 [RFC] Kernel command line from FIT image Olivier Benjamin
@ 2026-01-29 12:34 ` Rasmus Villemoes
0 siblings, 0 replies; 2+ messages in thread
From: Rasmus Villemoes @ 2026-01-29 12:34 UTC (permalink / raw)
To: Olivier Benjamin; +Cc: u-boot@lists.denx.de
On Thu, Jan 29 2026, Olivier Benjamin <olivier.benjamin@bootlin.com> wrote:
> Hello,
>
> While reading section 5.7.3 of the FIT image spec [1], I noticed the
> "cmdline" property:
>
> "cmdline
> Command line passed to the next boot stage, e.g. the operating system
> kernel. The value is an UTF-8 encoded string."
>
> However, looking at the mkimage sources, more specifically
> include/image.h [2], it looks like this property is unsupported.
>
> If properly implemented so that the cmdline can be signed, this would
> imho be a viable option for passing the dm-verity bootargs in verified boot.
> It could be an alternative to the option of sourcing a script that has
> to be referenced via the configuration, as discussed in [3].
>
> I have not found a discussion regarding supporting this property in
> U-Boot, has it been discussed and rejected, or has it not made it to
> contributor's priority list?
Not really an answer, but IME it is much easier to embed the kernel
command line with the kernel image itself via the CONFIG_BOOT_CONFIG
mechanism. That way the cmdline is automatically verified by whatever
mechanism verifies the kernel image.
Yes, if the purpose is to embed a root hash for use with dm-verity, it's
very annoying to rebuild the entire kernel whenever the rootfs changes,
i.e. all the time. But we don't to that, we boot using an initramfs that
has that root hash embedded, and rebuilding the initramfs (and then the
FIT image) is much less of a hassle.
Rasmus
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-01-29 12:34 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-29 9:40 [RFC] Kernel command line from FIT image Olivier Benjamin
2026-01-29 12:34 ` Rasmus Villemoes
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox