check if a fdt is correct signed
pass an optional addr value. Contains the addr of the key blob

Signed-off-by: Heiko Schocher <h...@denx.de>
Acked-by: Simon Glass <s...@chromium.org>

---
changes vor v2:
- add comment from Simon Glass:
  - rename "fdt sign" to "fdt checksign"
    -> rename patch subject from "fdt: add "fdt sign" command"
       to "fdt: add "fdt checksign" command"
  - add error message
changes for v2:
  add Acked-by from Simon Glass
---
 common/cmd_fdt.c | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/common/cmd_fdt.c b/common/cmd_fdt.c
index 3a9edd6..a6744ed 100644
--- a/common/cmd_fdt.c
+++ b/common/cmd_fdt.c
@@ -570,7 +570,7 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc, 
char * const argv[])
                ft_board_setup(working_fdt, gd->bd);
 #endif
        /* Create a chosen node */
-       else if (argv[1][0] == 'c') {
+       else if (strncmp(argv[1], "cho", 3) == 0) {
                unsigned long initrd_start = 0, initrd_end = 0;
 
                if ((argc != 2) && (argc != 4))
@@ -583,6 +583,41 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc, 
char * const argv[])
 
                fdt_chosen(working_fdt, 1);
                fdt_initrd(working_fdt, initrd_start, initrd_end, 1);
+
+#if defined(CONFIG_FIT_SIGNATURE)
+       } else if (strncmp(argv[1], "che", 3) == 0) {
+               int cfg_noffset;
+               int ret;
+               unsigned long addr;
+               struct fdt_header *blob;
+
+               if (!working_fdt)
+                       return CMD_RET_FAILURE;
+
+               if (argc > 2) {
+                       addr = simple_strtoul(argv[2], NULL, 16);
+                       blob = map_sysmem(addr, 0);
+               } else {
+                       blob = (struct fdt_header *)gd->fdt_blob;
+               }
+               if (!fdt_valid(&blob))
+                       return 1;
+
+               gd->fdt_blob = blob;
+               cfg_noffset = fit_conf_get_node(working_fdt, NULL);
+               if (!cfg_noffset) {
+                       printf("Could not find configuration node: %s\n",
+                              fdt_strerror(cfg_noffset));
+                       return CMD_RET_FAILURE;
+               }
+
+               ret = fit_config_verify(working_fdt, cfg_noffset);
+               if (ret == 1)
+                       return CMD_RET_SUCCESS;
+               else
+                       return CMD_RET_FAILURE;
+#endif
+
        }
        /* resize the fdt */
        else if (strncmp(argv[1], "re", 2) == 0) {
@@ -992,6 +1027,11 @@ static char fdt_help_text[] =
        "fdt rsvmem delete <index>           - Delete a mem reserves\n"
        "fdt chosen [<start> <end>]          - Add/update the /chosen branch in 
the tree\n"
        "                                        <start>/<end> - initrd 
start/end addr\n"
+#if defined(CONFIG_FIT_SIGNATURE)
+       "fdt checksign [<addr>]              - check FIT signature\n"
+       "                                        <start> - addr of key blob\n"
+       "                                                  default 
gd->fdt_blob\n"
+#endif
        "NOTE: Dereference aliases by omiting the leading '/', "
                "e.g. fdt print ethernet0.";
 #endif
-- 
1.8.3.1

_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot

Reply via email to