[U-Boot] [PATCH] common: image: Add support for post-processing of images

Andreas Dannenberg dannenberg at ti.com
Wed Jul 27 19:12:39 CEST 2016 

This commit allows injecting a board/platform/device-specific post-
processing function into the FIT image data loading process, which can
include modifying the size and altering the starting source address of
an image data artifact. This might be desired to do things like strip
headers or footers attached to the images before they were packaged into
the FIT, or to perform operations such as decryption or authentication.
Introduce new configuration option CONFIG_FIT_IMAGE_POST_PROCESS to
allow controlling this feature. If enabled, a platform-specific post-
process function must be provided.

Signed-off-by: Andreas Dannenberg <dannenberg at ti.com>
---

While not limited to this use case this commit allows for example on TI
high-security (HS) device variants to extend the secure boot chain to
Kernel, DTB, and initramfs (and anything else really that can be bundled
into a FIT image) by injecting calls to a TI-specific ROM API to perform
authentication (and optionally decryption) of blobs.

At this stage of the boot process one is also free to use the FIT/
RSA/SHA-based verified boot scheme already built-into U-Boot to perform
authentication on TI HS devices, providing a choice between a completely
open solution or continuing to perform ROM-based calls (which would have
the added benefit of supporting decryption, amongst other reasons such
as faster performance due to inherent crypto accelerator usage).

This commit works in analogy to
da74d1f "spl: fit: add support for post-processing of images"
which introduced the CONFIG_SPL_FIT_IMAGE_POST_PROCESS option.


On a related note Andrew (on copy) will be taking over the work on this
patch to address any feedback there might be since my last day at TI will
be 07/29. I will still be monitoring the mailing list but might not be
able to respond in the current capacity.

Thanks and Regards,
Andreas

 Kconfig            | 14 ++++++++++++++
 common/image-fit.c | 26 +++++++++++++++++++++++++-
 2 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/Kconfig b/Kconfig
index ef12f9f..c5489dc 100644
--- a/Kconfig
+++ b/Kconfig
@@ -336,6 +336,20 @@ config SPL_FIT_IMAGE_POST_PROCESS
 	  injected into the FIT creation (i.e. the blobs would have been pre-
 	  processed before being added to the FIT image).
 
+config FIT_IMAGE_POST_PROCESS
+	bool "Enable post-processing of FIT artifacts after loading by U-Boot"
+	depends on FIT && TI_SECURE_DEVICE
+	help
+	  Allows doing any sort of manipulation to blobs after they got extracted
+	  from FIT images like stripping off headers or modifying the size of the
+	  blob, verification, authentication, decryption etc. in a platform or
+	  board specific way. In order to use this feature a platform or board-
+	  specific implementation of board_fit_image_post_process() must be
+	  provided. Also, anything done during this post-processing step would
+	  need to be comprehended in how the images were prepared before being
+	  injected into the FIT creation (i.e. the blobs would have been pre-
+	  processed before being added to the FIT image).
+
 config SYS_CLK_FREQ
 	depends on ARC || ARCH_SUNXI
 	int "CPU clock frequency"
diff --git a/common/image-fit.c b/common/image-fit.c
index 73ad34e..d8d4e95 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -11,9 +11,9 @@
 
 #ifdef USE_HOSTCC
 #include "mkimage.h"
-#include <image.h>
 #include <time.h>
 #else
+#include <linux/compiler.h>
 #include <common.h>
 #include <errno.h>
 #include <mapmem.h>
@@ -21,6 +21,7 @@
 DECLARE_GLOBAL_DATA_PTR;
 #endif /* !USE_HOSTCC*/
 
+#include <image.h>
 #include <bootstage.h>
 #include <u-boot/crc.h>
 #include <u-boot/md5.h>
@@ -1507,6 +1508,12 @@ void fit_conf_print(const void *fit, int noffset, const char *p)
 
 static int fit_image_select(const void *fit, int rd_noffset, int verify)
 {
+#if !defined(USE_HOSTCC) && defined(CONFIG_FIT_IMAGE_POST_PROCESS)
+	const void *data;
+	size_t size;
+	int ret;
+#endif
+
 	fit_image_print(fit, rd_noffset, "   ");
 
 	if (verify) {
@@ -1518,6 +1525,23 @@ static int fit_image_select(const void *fit, int rd_noffset, int verify)
 		puts("OK\n");
 	}
 
+#if !defined(USE_HOSTCC) && defined(CONFIG_FIT_IMAGE_POST_PROCESS)
+	ret = fit_image_get_data(fit, rd_noffset, &data, &size);
+	if (ret)
+		return ret;
+
+	/* perform any post-processing on the image data */
+	board_fit_image_post_process((void **)&data, &size);
+
+	/*
+	 * update U-Boot's understanding of the "data" property start address
+	 * and size according to the performed post-processing
+	 */
+	ret = fdt_setprop((void *)fit, rd_noffset, FIT_DATA_PROP, data, size);
+	if (ret)
+		return ret;
+#endif
+
 	return 0;
 }
 
-- 
2.7.2

More information about the U-Boot mailing list