From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Brugger Date: Mon, 2 Sep 2019 12:30:17 +0200 Subject: [U-Boot] [PATCH] rpi3: Enable verified boot from FIT image In-Reply-To: References: <1562817337-949-1-git-send-email-jun.nie@linaro.org> <630dc300-b668-d20e-62e5-314fa88e1985@suse.com> Message-ID: <92cf69d9-9cb7-4783-e169-0f83b7086893@gmail.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit To: u-boot@lists.denx.de +Alex, Lukas, Heinrich, Bin and Simon On 31/07/2019 10:16, Jun Nie wrote: > Matthias Brugger 于2019年7月31日周三 下午4:05写道: >> >> >> >> On 11/07/2019 05:55, Jun Nie wrote: >>> Enable verified boot from FIT image with select configs >>> and specify boot script image node in FIT image, the FIT >>> image is verified before it is run. >>> >>> Code that reusing dtb in firmware is disabled, so that >>> the dtb with pubic key packed in u-boot.bin can be used >>> to verify the signature of next stage FIT image. >>> >>> Signed-off-by: Jun Nie >>> --- >>> board/raspberrypi/rpi/rpi.c | 6 ++++++ >>> include/configs/rpi.h | 15 ++++++++++++++- >>> 2 files changed, 20 insertions(+), 1 deletion(-) >>> >>> diff --git a/board/raspberrypi/rpi/rpi.c b/board/raspberrypi/rpi/rpi.c >>> index 617c892..950ee84 100644 >>> --- a/board/raspberrypi/rpi/rpi.c >>> +++ b/board/raspberrypi/rpi/rpi.c >>> @@ -297,6 +297,7 @@ static void set_fdtfile(void) >>> env_set("fdtfile", fdtfile); >>> } >>> >>> +#ifndef CONFIG_FIT_SIGNATURE >>> /* >>> * If the firmware provided a valid FDT at boot time, let's expose it in >>> * ${fdt_addr} so it may be passed unmodified to the kernel. >>> @@ -311,6 +312,7 @@ static void set_fdt_addr(void) >>> >>> env_set_hex("fdt_addr", fw_dtb_pointer); >>> } >>> +#endif >>> >>> /* >>> * Prevent relocation from stomping on a firmware provided FDT blob. >>> @@ -393,7 +395,9 @@ static void set_serial_number(void) >>> >>> int misc_init_r(void) >>> { >>> +#ifndef CONFIG_FIT_SIGNATURE >>> set_fdt_addr(); >>> +#endif >>> set_fdtfile(); >>> set_usbethaddr(); >>> #ifdef CONFIG_ENV_VARS_UBOOT_RUNTIME_CONFIG >>> @@ -470,6 +474,7 @@ int board_init(void) >>> return bcm2835_power_on_module(BCM2835_MBOX_POWER_DEVID_USB_HCD); >>> } >>> >>> +#ifndef CONFIG_FIT_SIGNATURE >>> /* >>> * If the firmware passed a device tree use it for U-Boot. >>> */ >>> @@ -479,6 +484,7 @@ void *board_fdt_blob_setup(void) >>> return NULL; >>> return (void *)fw_dtb_pointer; >>> } >>> +#endif >> >> Just to get this clear we need this because we want to pass the device tree via >> OF_SEPARATE, correct? > > You are right. U-boot need to read he signature from dtb. > >> >>> >>> int ft_board_setup(void *blob, bd_t *bd) >>> { >>> diff --git a/include/configs/rpi.h b/include/configs/rpi.h >>> index f76c7d1..ba91205 100644 >>> --- a/include/configs/rpi.h >>> +++ b/include/configs/rpi.h >>> @@ -180,11 +180,24 @@ >>> >>> #include >>> >>> +#ifdef CONFIG_FIT_SIGNATURE >>> +#define FIT_BOOT_CMD \ >>> + "boot_a_script=" \ >>> + "load ${devtype} ${devnum}:${distro_bootpart} " \ >>> + "${scriptaddr} ${prefix}${script}; " \ >>> + "iminfo ${scriptaddr};" \ >>> + "if test $? -eq 1; then reset; fi;" \ >>> + "source ${scriptaddr}:bootscr\0" >>> +#else >>> +#define FIT_BOOT_CMD "" >>> +#endif >>> + >> >> Doesn't this overwrite the boot_a_script in distro_bootcmd? >> >> Would it make sense to add FIT booting to the distro boot command? >> >> Regards, >> Matthias > > Yes, it overwrite the boot_a_script in distro_bootcmd. It is make > sense to add this to the distro boot command. I can send another patch > to move these lines to common code later. > Question to the people just added, as you have relevant submission to distroboot. Do you think it makes sense to add FIT_BOOT_CMD to that? Regards, Matthias >> >>> #define CONFIG_EXTRA_ENV_SETTINGS \ >>> "dhcpuboot=usb start; dhcp u-boot.uimg; bootm\0" \ >>> ENV_DEVICE_SETTINGS \ >>> ENV_MEM_LAYOUT_SETTINGS \ >>> - BOOTENV >>> + BOOTENV \ >>> + FIT_BOOT_CMD >>> >>> >>> #endif >>> >