On Sun, Jul 12, 2026 at 01:33:21AM +0100, Daniel Golle wrote: > A dm-verity protected filesystem image is not hashed by U-Boot when it > is loaded; its integrity is delegated to the kernel, which validates the > filesystem on the fly against the roothash taken from the FIT dm-verity > subnode. The roothash is therefore the sole integrity anchor for the > filesystem, yet fit_config_add_hash() only added the image node, its > hash subnodes and its cipher subnode to the signed region, leaving the > dm-verity subnode (roothash, salt and block parameters) unsigned. > > An attacker able to rewrite the boot medium could then replace both the > filesystem and the roothash, recompute a matching dm-verity tree and > keep the configuration signature valid, defeating verified boot for the > root filesystem. > > Add the dm-verity subnode to the list of nodes covered by the > configuration signature, both when signing (tools/image-host.c) and when > verifying (boot/image-fit-sig.c), so the roothash and salt are > authenticated together with the rest of the configuration. > > Signed-off-by: Daniel Golle <[email protected]>
Reviewed-by: Tom Rini <[email protected]> -- Tom
signature.asc
Description: PGP signature

