[3/4] tools: mkimage: add dm-verity Merkle-tree generation

Thu Apr 2 18:39:26 CEST 2026

Hi Daniel,

On 2026-04-02T03:08:27, Daniel Golle <daniel at makrotopia.org> wrote:
> tools: mkimage: add dm-verity Merkle-tree generation
> tools: mkimage: add dm-verity Merkle-tree generation
>
> When mkimage encounters a dm-verity subnode inside a component image
> node it now automatically invokes veritysetup(8) with --no-superblock
> to generate the Merkle hash tree, screen-scrapes the Root hash and Salt
> from the tool output, and writes the computed properties back into the
> FIT blob.
>
> The user only needs to specify algorithm, data-block-size, and
> hash-block-size in the ITS; mkimage fills in digest, salt,
> num-data-blocks, and hash-start-block.  Because --no-superblock is
> used, hash-start-block equals num-data-blocks with no off-by-one.
>
> The image data property is replaced with the expanded content (original
> data followed directly by the hash tree) so that subsequent hash and
> signature subnodes operate on the complete image.
>
> fit_image_add_verification_data() is restructured into two passes:
> dm-verity first (may grow data), then hashes and signatures.
> [...]

> diff --git a/tools/image-host.c b/tools/image-host.c
> @@ -626,6 +657,301 @@ int fit_image_cipher_data(...)
> + * The expanded data (original + verity superblock + hash tree) is returned

Since --no-superblock is passed to veritysetup, the output contains no
superblock. The docstring should say "original data + hash tree" to
match the actual behaviour.

> diff --git a/tools/image-host.c b/tools/image-host.c
> @@ -24,6 +26,35 @@
> +static int fit_hex2bin(uint8_t *dst, const char *src, size_t count)
> +{
> +     while (count--) {
> +             int hi, lo;
> +             char c;
> +
> +             c = *src++;
> +             hi = (c >= '0' && c <= '9') ? c - '0' :
> +                  (c >= 'a' && c <= 'f') ? c - 'a' + 10 :
> +                  (c >= 'A' && c <= 'F') ? c - 'A' + 10 : -1;

There is an existing hex2bin() in include/hexdump.h - is that easily
available to host tools?

> diff --git a/tools/image-host.c b/tools/image-host.c
> @@ -626,6 +657,301 @@ int fit_image_cipher_data(...)
> +     int data_block_size, hash_block_size;
> +     size_t num_data_blocks, hash_offset;

num_data_blocks is size_t here but is later passed to
fdt_setprop_u32(). On 64-bit hosts with images larger than 2TB (at
512-byte blocks) this would silently truncate. Please can you either
use uint32_t with an explicit overflow check, or add a check that
(data_size / data_block_size) fits in 32 bits.

> diff --git a/tools/image-host.c b/tools/image-host.c
> @@ -626,6 +657,301 @@ int fit_image_cipher_data(...)
> +     if (data_block_size < 512 || hash_block_size < 512) {
> +             fprintf(stderr,
> +                     "Invalid block sizes in dm-verity node of '%s'\n",
> +                     image_name);
> +             return -EINVAL;
> +     }

dm-verity requires block sizes to be powers of two. veritysetup will
reject non-power-of-two values, but a clearer error from mkimage would
help users. Please can you add a power-of-2 check here, something
like:

    if (data_block_size & (data_block_size - 1))

> diff --git a/tools/fit_image.c b/tools/fit_image.c
> @@ -470,6 +486,62 @@ static int fit_write_images(...)
> +     /* Copy path -- FDT shifts after delprop */
> +     snprintf(vfile_buf, sizeof(vfile_buf), "%s", vfile);
> +     fdt_delprop(fdt, vn, "verity-data-file");

Other uses of fdt_delprop() in this file check the return value -
please do so here too.

Regards,
Simon