[PATCH v6 15/16] cmd: verify: initial import
sjg at chromium.org
Mon Mar 28 08:35:07 CEST 2022
On Thu, 10 Mar 2022 at 09:53, Philippe REYNES
<philippe.reynes at softathome.com> wrote:
> Hi Simon,
> Le 03/03/2022 à 04:37, Simon Glass a écrit :
> > Hi Philippe,
> > On Fri, 25 Feb 2022 at 07:58, Philippe Reynes
> > <philippe.reynes at softathome.com> wrote:
> >> Add the command verify that check the signature of
> >> an image with the pre-load header. If the check
> >> succeed, the u-boot env variable 'loadaddr_verified'
> >> is set to the address of the image (without the header).
> >> It allows to run such commands:
> >> tftp script.img && verify $loadaddr && source $loadaddr_verified
> >> Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
> >> ---
> >> cmd/Kconfig | 7 +++++++
> >> cmd/Makefile | 1 +
> >> cmd/verify.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++++
> >> 3 files changed, 61 insertions(+)
> >> create mode 100644 cmd/verify.c
> > Using the 'verify' command seems a bit vague. Could it be a
> > sub-command of bootm perhaps?
> The command verify may be used with any binary (script, video firmware,
> So a lot of binaries that are not launched by bootm.
> I think that it is not "logic" to used a bootm subcommand.
> But we could use another name if you want.
> For example : pre_load_verify ?
I see. Well, I suppose this is a boot loader, so 'verify' would be
expected to mean verifying an image or something to boot, so this
seems reasonable to me. But I do like the idea of putting pre_load in
there somewhere if you can, since we do most other verification as
part of the 'bootm' command. Up to you.
Reviewed-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot