[U-Boot] [PATCH] fit: skip signature verification if board request

[Jun Nie]

2018-04-17 3:06 GMT+08:00 Simon Glass <sjg at chromium.org>:
> Hi Jun,
>
> On 13 April 2018 at 04:05, Jun Nie <jun.nie at linaro.org> wrote:
>> 2018-04-13 1:24 GMT+08:00 Simon Glass <sjg at chromium.org>:
>>> Hi,
>>>
>>> On 11 April 2018 at 09:13, Jun Nie <jun.nie at linaro.org> wrote:
>>>> It may be unnecessary to check signature on unlocked board.
>>>> Get the hint from platform specific code to support secure boot
>>>> and non-secure boot with the same binary, so that boot is not
>>>> blocked if board is not locked and has no key for signature
>>>> verification.
>>>>
>>>> Signed-off-by: Jun Nie <jun.nie at linaro.org>
>>>> ---
>>>
>>> Instead of a weak function can you please add a parameter to this
>>> function (perhaps a flags word?) and a add test for this case to the
>>> test?
>>>
>>> Regards,
>>> Simon
>>
>> Sure, I can add a parameter to the function. But not sure what's the
>> usage of it in your mind. Maybe "int flag" is enough for you?
>
> Yes a flag is fine if you define an enum in the header file for that
> function. You will likely need to pass the flag around a few other
> functions.

I am still unclear on what the usage of this flag. I mean what variable
from fit_image_setup_verify() and fit_config_verify_required_sigs()
to be feed to this function as a flag. Maybe a void pointer is better
for different platform to pass context data and cost to specific data
structure. For example, pass data of image that to be verified.
fit_board_skip_sig_verification(const void *data)

>>
>> Do you mean add implementation of this function for a specific platform
>> for "add test"?
>
> See test/py/tests/test_vboot.py which you should be able to modify for
> your case.

Will check this file for more modification and test.

Thank you!

>
> Regards,
> Simon