[PATCH v3 4/4] cmd: source: Support specifying config name

[Tom Rini]

On Thu, Nov 03, 2022 at 05:35:33PM -0400, Sean Anderson wrote:

> As discussed previously [1,2], the source command is not safe to use with
> verified boot unless there is a key with required = "images" (which has its
> own problems). This is because if such a key is absent, signatures are
> verified but not required. It is assumed that configuration nodes will
> provide the signature. Because the source command does not use
> configurations to determine the image to source, effectively no
> verification takes place.
> 
> To address this, allow specifying configuration nodes. We use the same
> syntax as the bootm command (helpfully provided for us by fit_parse_conf).
> By default, we first try the default config and then the default image. To
> force using a config, # must be present in the command (e.g. `source
> $loadaddr#my-conf`). For convenience, the config may be omitted, just like
> the address may be (e.g. `source \#`). This also works for images
> (`source \:` behaves exactly like `source` currently does).
> 
> [1] https://lore.kernel.org/u-boot/7d711133-d513-5bcb-52f2-a9dbaa9eeded@prevas.dk/
> [2] https://lore.kernel.org/u-boot/042dcb34-f85f-351e-1b0e-513f89005fdd@gmail.com/
> 
> Signed-off-by: Sean Anderson <sean.anderson at seco.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>

Currently, there's two problems.  One, fit_conf_get_prop_node() should
be called (I believe) with IH_PHASE_NONE, which I can do when applying.
However, two, fit_config_verify() depends on
CONFIG_IS_ENABLED(FIT_SIGNATURE) and I'm less immediately sure how to
rework that in to this patch. Can you please rebase on top of current
next? Thanks.

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20221212/8a7649d4/attachment.sig>