Fit Signature booting without public key

Manorit Chawdhry m-chawdhry at
Thu May 25 07:51:44 CEST 2023

Hi Tom,

On 11:30-20230516, Tom Rini wrote:
> On Tue, May 16, 2023 at 12:11:24PM +0530, Manorit Chawdhry wrote:
> > Hi All,
> > 
> > I recently came upon a discussion that had happened a while back [0].
> > I want to continue the discussion as I believe the issue still persists
> > and the checks around fit signature booting are still the same, that
> > allows booting the fit without changing the uboot dtb.
> > 
> > Allowing the signed fit image without this seems to be a bypass that is
> > available and should not be allowed without any gate to it for people
> > who'd like to enforce these signing checks. Let me know if there is a
> > config already available for it and if not, are there any plans to
> > enable such a config in future. Would like to hear your opinions on
> > this as I believe this should be fixed as soon as possible.
> > 
> > [0]:
> Yes, can you please reproduce the issue in question on the current tree,
> with a supported platform and provide the defconfig and steps you used
> for this issue? Thanks.
> -- 

I've created a branch with some custom patches to make the fitimage
booting currently, please try with the branch and the fitimage that are
also committed [0].

The devices that I've tested this with is j721e-hs-evm, the defconfig to
use for the builds are j721e_evm_r5_defconfig and
j721e_evm_a72_defconfig. Although not synced up with the latest changes
but for reference the SDK documentation can help if required [1].

Attached the logs for reference with the signed fitimage and an unsigned
uboot without any modifications[2].



> Tom

More information about the U-Boot mailing list