[PATCH v2 2/7] boot: fit: support generating DM verity cmdline parameters

Simon Glass sjg at chromium.org
Thu Apr 16 21:37:24 CEST 2026 

Hi Daniel,

On 2026-04-16T01:46:15, Daniel Golle <daniel at makrotopia.org> wrote:
> boot: fit: support generating DM verity cmdline parameters
>
> Add fit_verity_build_cmdline(): when a FILESYSTEM loadable carries a
> dm-verity subnode, construct the dm-mod.create= kernel cmdline parameter
> from the verity metadata (block-size, data-blocks, algo, root-hash,
> salt) and append it to bootargs.
>
> Also add dm-mod.waitfor=/dev/fit0[,/dev/fitN] for each dm-verity device
> so the kernel waits for the underlying FIT block device to appear before
> setting up device-mapper targets. This is needed when the block driver
> probes late, e.g. because it depends on NVMEM calibration data.
>
> The dm-verity target references /dev/fitN where N is the loadable's
> index in the configuration -- matching the order Linux's FIT block
> driver assigns block devices.  hash-start-block is read directly from
> the FIT dm-verity node; mkimage ensures its value equals num-data-blocks
> by invoking veritysetup with --no-superblock.
>
> Signed-off-by: Daniel Golle <daniel at makrotopia.org>
>
> boot/Kconfig       |  20 ++++
>  boot/bootm.c       |  13 +++
>  boot/image-board.c |   5 +
>  boot/image-fit.c   | 337 +++++++++++++++++++++++++++++++++++++++++++++++++++++
>  include/image.h    |  80 ++++++++++++-
>  5 files changed, 454 insertions(+), 1 deletion(-)

> diff --git a/boot/image-fit.c b/boot/image-fit.c
> @@ -2642,3 +2683,299 @@ out:
> +     /* Mandatory u32 properties */
> +     val = fdt_getprop(fit, verity_node, FIT_VERITY_DBS_PROP, NULL);
> +     if (!val)
> +             return -EINVAL;
> +     data_block_size = fdt32_to_cpu(*val);

This reads an fdt32_t into a signed int

data_block_size and hash_block_size are never negative, so could you
use uint instead?

> diff --git a/boot/image-fit.c b/boot/image-fit.c
> @@ -2642,3 +2683,299 @@ out:
> +             printf("FIT: broken dm-verity metadata in '%s'\n",
> +                    uname);

This file defines LOG_CATEGORY as LOGC_BOOT and includes log.h - how
about log_err() instead of printf() ?

Reviewed-by: Simon Glass <sjg at chromium.org>

Regards,
Simon

More information about the U-Boot mailing list