[PATCH v2 4/4] cmd: source: Support specifying config name
Simon Glass
sjg at chromium.org
Fri Oct 21 22:17:07 CEST 2022
On Thu, 20 Oct 2022 at 13:24, Sean Anderson <sean.anderson at seco.com> wrote:
>
> As discussed previously [1,2], the source command is not safe to use with
> verified boot unless there is a key with required = "images" (which has its
> own problems). This is because if such a key is absent, signatures are
> verified but not required. It is assumed that configuration nodes will
> provide the signature. Because the source command does not use
> configurations to determine the image to source, effectively no
> verification takes place.
>
> To address this, allow specifying configuration nodes. We use the same
> syntax as the bootm command (helpfully provided for us by fit_parse_conf).
> By default, we first try the default config and then the default image. To
> force using a config, # must be present in the command (e.g. `source
> $loadaddr#my-conf`). For convenience, the config may be omitted, just like
> the address may be (e.g. `source \#`). This also works for images
> (`source \:` behaves exactly like `source` currently does).
>
> [1] https://lore.kernel.org/u-boot/7d711133-d513-5bcb-52f2-a9dbaa9eeded@prevas.dk/
> [2] https://lore.kernel.org/u-boot/042dcb34-f85f-351e-1b0e-513f89005fdd@gmail.com/
>
> Signed-off-by: Sean Anderson <sean.anderson at seco.com>
> ---
>
> (no changes since v1)
>
> .../cmd_stm32prog/cmd_stm32prog.c | 2 +-
> boot/bootmeth_script.c | 2 +-
> cmd/source.c | 73 +++++++++++++------
> doc/uImage.FIT/source_file_format.txt | 3 +
> drivers/usb/gadget/f_sdp.c | 2 +-
> include/image.h | 19 +++--
> test/py/tests/test_source.py | 11 ++-
> 7 files changed, 82 insertions(+), 30 deletions(-)
Reviewed-by: Simon Glass <sjg at chromium.org>
But please use single quotes in Python. Double quotes should only be
used when the string includes single quotes.
More information about the U-Boot
mailing list