Add a description of how to implement verified boot using signed FIT images,
and a simple test which verifies operation on sandbox.
The test signs a FIT image and verifies it, then signs a FIT configuration
and verifies it. Then it corrupts the signature to check that this is
detected.
Signed-off-by: Simon Glass <sjg@chromium.org>
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).
Add support for signing of FIT configurations using the libfdt's region
support.
Please see doc/uImage.FIT/signature.txt for more information.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.
Signed-off-by: Simon Glass <sjg@chromium.org>
since commit 1384f3bb8a ethernet names
with spaces drop a
Warning: eth device name has a space!
message. This patch fix it for:
- "FEC ETHERNET" devices found on
mpc512x, mpc5xxx, mpc8xx and mpc8220 boards.
renamed to "FEC".
- "SCC ETHERNET" devices found on
mpc8xx, mpc82xx based boards. Renamed to "SCC".
- "HDLC ETHERNET" devices found on mpc8xx boards
Renamed to "HDLC"
- "FCC ETHERNET" devices found on mpc8260 and mpc85xx based
boards. Renamed to "FCC"
Tested on the kup4k board.
Signed-off-by: Heiko Schocher <hs@denx.de>
Signed-off-by: Ben Warren <biggerbadderben@gmail.com>
The ramdisk sections in doc/uImage.FIT/multi.its lack
load address and entry point properties. Using examples
from this file will result in unbootable image, u-boot
will issue the following error messages:
Can't get ramdisk subimage load address!
Ramdisk image is corrupt or invalid
This patch adds missing properties to ramdisk sections.
Signed-off-by: Felix Radensky <felix@embedded-sol.com>
The example FIT image source files do not compile with the latest dtc and
mkimage. The following error message is produced:
DTC: dts->dtb on file "kernel.its"
Error: kernel.its 7:0 - 1:0 syntax error
FATAL ERROR: Unable to parse input tree
./mkimage: Can't read kernel.itb.tmp: Invalid argument
The FIT image source files are missing the "/dts-v1/;" directive at the
beginning of the file. Add the directive to the examples.
Signed-off-by: Ira W. Snyder <iws@ovro.caltech.edu>
The auto-update feature allows to automatically download software updates
from a TFTP server and store them in Flash memory during boot. Updates are
contained in a FIT file and protected with SHA-1 checksum.
More detailed description can be found in doc/README.update.
Signed-off-by: Rafal Czubak <rcz@semihalf.com>
Signed-off-by: Bartlomiej Sieka <tur@semihalf.com>
Pantelis Antoniou stated:
AFAIK, it is still used but the products using PPC are long gone.
Nuke it plz (from orbit).
So remove it since it cleans up a usage of env_get_char outside of
the environment code.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
