[U-Boot] [PATCH 2/7] fdt: add "fdt sign" command
Heiko Schocher
hs at denx.de
Fri Feb 14 06:06:34 CET 2014
Hello Marek,
Am 13.02.2014 21:26, schrieb Marek Vasut:
> On Wednesday, February 12, 2014 at 04:31:50 PM, Heiko Schocher wrote:
>> Hello Marek,
>>
>> Am 12.02.2014 11:46, schrieb Marek Vasut:
>>> On Monday, February 10, 2014 at 07:15:09 AM, Heiko Schocher wrote:
>>>> Hello Marek,
>>>>
>>>> Am 08.02.2014 15:09, schrieb Marek Vasut:
>>>>> On Saturday, January 25, 2014 at 07:44:24 AM, Heiko Schocher wrote:
>>>>>> check if a fdt is correct signed
>>>>>> pass an optional addr value. Contains the addr of the key blob
>>>>>>
>>>>>> Signed-off-by: Heiko Schocher<hs at denx.de>
>>>>>> Cc: Simon Glass<sjg at chromium.org>
>>>>>
>>>>> Should the FIT signature checking really be part of the 'fdt' command ?
>>>>> Shouldn't 'bootm' check the signature (well, 'bootm prep' or such does)
>>>>> or somesuch command ?
>>>>
>>>> Why not? I use this "fdt check" command for example in a script, for
>>>> checking if the FIT image is correct signed, and if so, update with
>>>> the binaries in it some UBI Volumes (not only kernel, dt and/or
>>>> rootfs) ... but if this is not accepted, I can look into the bootm
>>>> command if I can use it ... but I do not want boot the FIT image ...
>>>
>>> But doesn't 'bootm prep' (aka. prepare the image for booting, but do not
>>> actually boot) do the same thing ? It does verify the image etc., right ?
>>
>> Yes, but maybe do "etc" things I do not need?
>>
>> From the "bootm prep" help text:
>> "prep - OS specific prep before relocation or go"
>>
>> "OS specific prep or go" ... Hmm...
>>
>> - The "fdt checksign" command (as I renamed it in v2) does no "OS
>> specific" things, only check the signature of the FIT image.
>> There is no OS dependency ... With "bootm prep" there are maybe
>> done OS specific things with the FIT Image ...
>> maybe in my case it would work, but is this true for all boards?
>>
>> - "or go" ... I definitely do not want to boot the FIT Image!
>
> CC Simon, he might clear this up. I'm sick (flu?) and I don't want to leave this
Simon is on Cc, and he remarked to rename this "fdt sign" into "fdt
checksign", I did in the "v2" of this patch ...
> thread hanging , sorry.
Bad news. I hope you get well soon!
bye,
Heiko
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
More information about the U-Boot
mailing list