Hello Simon,
Am 26.01.2014 22:04, schrieb Simon Glass:
Hi Heiko,
On 24 January 2014 23:44, Heiko Schocher<h...@denx.de> wrote:
check if a fdt is correct signed
pass an optional addr value. Contains the addr of the key blob
Signed-off-by: Heiko Schocher<h...@denx.de>
Cc: Simon Glass<s...@chromium.org>
---
common/cmd_fdt.c | 38 +++++++++++++++++++++++++++++++++++++-
1 file changed, 37 insertions(+), 1 deletion(-)
diff --git a/common/cmd_fdt.c b/common/cmd_fdt.c
index 3a9edd6..b8468ea 100644
--- a/common/cmd_fdt.c
+++ b/common/cmd_fdt.c
@@ -243,7 +243,7 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
/*
* Set the value of a property in the working_fdt.
*/
- } else if (argv[1][0] == 's') {
+ } else if (strncmp(argv[1], "se", 2) == 0) {
char *pathp; /* path */
char *prop; /* property */
int nodeoffset; /* node offset from libfdt */
@@ -283,6 +283,37 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
return 1;
}
+#if defined(CONFIG_FIT_SIGNATURE)
+ } else if (strncmp(argv[1], "si", 2) == 0) {
+ int cfg_noffset;
+ int ret;
+ unsigned long addr;
+ struct fdt_header *blob;
+
+ if (!working_fdt)
+ return CMD_RET_FAILURE;
+
+ if (argc> 2) {
+ addr = simple_strtoul(argv[2], NULL, 16);
+ blob = map_sysmem(addr, 0);
+ } else {
+ blob = (struct fdt_header *)gd->fdt_blob;
+ }
+ if (!fdt_valid(&blob))
+ return 1;
+
+ gd->fdt_blob = blob;
+ cfg_noffset = fit_conf_get_node(working_fdt, NULL);
+ if (!cfg_noffset)
+ return CMD_RET_FAILURE;
May need to print an error here, since otherwise it won't be clear
what went wrong.
Hmm... fit_conf_get_node() prints a dedicated error message if debug is
activated... I thought this is enough ... ?
+
+ ret = fit_config_verify(working_fdt, cfg_noffset);
+ if (ret == 1)
+ return CMD_RET_SUCCESS;
+ else
+ return CMD_RET_FAILURE;
+#endif
+
/********************************************************************
* Get the value of a property in the working_fdt.
********************************************************************/
@@ -992,6 +1023,11 @@ static char fdt_help_text[] =
"fdt rsvmem delete<index> - Delete a mem reserves\n"
"fdt chosen [<start> <end>] - Add/update the /chosen branch in
the tree\n"
"<start>/<end> - initrd start/end addr\n"
+#if defined(CONFIG_FIT_SIGNATURE)
+ "fdt sign [<addr>] - check FIT signature\n"
How about checksig instead of sign? 'sign' sounds like you are going to sign it.
Of course, that sounds better!
Change this for v2, thanks!
+ "<start> - addr of key blob\n"
+ " default
gd->fdt_blob\n"
+#endif
"NOTE: Dereference aliases by omiting the leading '/', "
"e.g. fdt print ethernet0.";
#endif
--
1.8.3.1
Regards,
Simon
Thanks for the review.
bye,
Heiko
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
