On Thu, Mar 05, 2026 at 06:22:15PM -0700, Simon Glass wrote: > Hi Tom, > > On Thu, 5 Mar 2026 at 12:38, Tom Rini <[email protected]> wrote: > > > > On Wed, Mar 04, 2026 at 06:51:48AM -0700, Simon Glass wrote: > > > > > From: Simon Glass <[email protected]> > > > > > > The hashed-nodes property in a FIT signature node lists which FDT paths > > > are included in the signature hash. It is intended as a hint so should > > > not be used for verification. > > > > > > Add a function to build the node list from scratch by iterating the > > > configuration's image references. Skip properties known not to be image > > > references. For each image, collect the path plus all hash and cipher > > > subnodes. > > > > > > Use the new function in fit_config_check_sig() instead of reading > > > 'hashed-nodes'. > > > > > > Update the docs to cover this. The FIT spec can be updated separately. > > > > > > Signed-off-by: Simon Glass <[email protected]> > > > > This breaks: > > FAILED > > test/py/tests/test_vboot.py::test_vboot[sha1-basic-sha1--None-False-True-False-False] > > - AssertionError > > unfortunately. > > Yes, as the messages change. I'll send a v2.
Thanks. > What do you think about the 'No images in config' message? I doubt it > would happen in practice so we could perhaps drop it. I think it's best to inform the user whenever possible, so might as well keep it. -- Tom
signature.asc
Description: PGP signature
