[PATCH v7 0/8] Improve FIT signature handling

Tom Rini trini at konsulko.com
Tue Jun 30 21:37:37 CEST 2026 

On Thu, Jun 18, 2026 at 02:47:35PM +0200, Ludwig Nussel wrote:

> This patch series tries to improve dealing with FIT
> (configuration-)signatures a bit:
>   - make signatures work with QEMU. QEMU brings it's own device tree at
>     a memory address. U-Boot expects public keys in it's own DT though.
>     So merge both.
>   - (optionally) enforce signatures so we can't accidentally boot
>     unsigned fit images. Quite an easy oversight, esp when qemu
>     previously didn't even use the built in DT.
>   - make iminfo verify configuration signatures, not just image hashes

I missed that CI hadn't completed before sending my previous message.
This doesn't pass CI still, as it breaks the
test_cmd_smbios_sysinfo_verbose test:
https://source.denx.de/u-boot/u-boot/-/jobs/1491333
=================================== FAILURES ===================================
_______________________ test_cmd_smbios_sysinfo_verbose ________________________
test/py/tests/test_smbios.py:52: in test_cmd_smbios_sysinfo_verbose
    assert 'Manufacturer: linux' in output
E   AssertionError: assert 'Manufacturer: linux' in 'SMBIOS 3.7.0 present.\r\r\n13 structures occupying 524 bytes\r\r\nTable at 0x13e474020\r\r\n\r\r\nHandle 0x0000, DMI ...000: 20 0b 0b 00 00 00 00 00 00 00 00\r\r\n\r\r\nHandle 0x000c, DMI type 127, 4 bytes at 0x13e474226\r\r\nEnd Of Table'
----------------------------- Captured stdout call -----------------------------
=> smbios
SMBIOS 3.7.0 present.
13 structures occupying 524 bytes
Table at 0x13e474020
Handle 0x0000, DMI type 0, 26 bytes at 0x13e474020
BIOS Information
	Vendor: U-Boot
	BIOS Version: 2026.07-rc5-00592-g791c9c97114d
	BIOS Release Date: 07/01/2026
	BIOS ROM Size: 0x00
	BIOS Characteristics: 0x0000000000010880
	BIOS Characteristics Extension Byte 1: 0x00
	BIOS Characteristics Extension Byte 2: 0x0c
	System BIOS Major Release: 0x1a
	System BIOS Minor Release: 0x07
	Embedded Controller Firmware Major Release: 0xff
	Embedded Controller Firmware Minor Release: 0xff
	Extended BIOS ROM Size: 0x0000
Handle 0x0001, DMI type 1, 27 bytes at 0x13e47406d
System Information
	Manufacturer: emulation
	Product Name: qemu-arm
	Version: 
	Serial Number: 
	UUID: 00000000-0000-0000-0000-000000000000
	Wake-up Type: Unknown
	SKU Number: 
	Family: armv8
Handle 0x0002, DMI type 2, 15 bytes at 0x13e4740a2
Baseboard Information
	Manufacturer: emulation
	Product Name: qemu-arm
	Version: 
	Serial Number: 
	Asset Tag: 
	Feature Flags: 0x01
	Chassis Location: 
	Chassis Handle: 0x0003
	Board Type: Motherboard
	Number of Contained Object Handles: 0x00
Handle 0x0003, DMI type 3, 22 bytes at 0x13e4740c5
Chassis Information
	Manufacturer: emulation
	Type: 0x03
	Version: 
	Serial Number: 
	Asset Tag: 
	Boot-up State: Safe
	Power Supply State: Safe
	Thermal State: Safe
	Security Status: None
	OEM-defined: 0x00000000
	Height: 0x00
	Number of Power Cords: 0x00
	Contained Element Count: 0x00
	Contained Element Record Length: 0x00
	SKU Number: 
Handle 0x0004, DMI type 7, 27 bytes at 0x13e4740e6
Cache Information:
	Socket Designation: 
	Cache Configuration: 0x0180
	Maximum Cache Size: 0x0028
	Installed Size: 0x0028
	Supported SRAM Type: 0x0002
	Current SRAM Type: 0x0002
	Cache Speed: 0x00
	Error Correction Type: Unknown
	System Cache Type: Other
	Associativity: 4-way Set-Associative
	Maximum Cache Size 2: 0x00000000
	Installed Cache Size 2: 0x00000000
Handle 0x0005, DMI type 7, 27 bytes at 0x13e474103
Cache Information:
	Socket Designation: 
	Cache Configuration: 0x0181
	Maximum Cache Size: 0x0400
	Installed Size: 0x0400
	Supported SRAM Type: 0x0002
	Current SRAM Type: 0x0002
	Cache Speed: 0x00
	Error Correction Type: Unknown
	System Cache Type: Unified
	Associativity: 16-way Set-Associative
	Maximum Cache Size 2: 0x00000000
	Installed Cache Size 2: 0x00000000
Handle 0x0006, DMI type 4, 50 bytes at 0x13e474120
Processor Information:
	Socket Designation: 
	Processor Type: Central Processor
	Processor Family: [00fe]
	Processor Manufacturer: ARM Limited
	Processor ID word 0: 0x00000000
	Processor ID word 1: 0x00000000
	Processor Version: 
	Voltage: 0x00
	External Clock: 0x0000
	Max Speed: 0x0000
	Current Speed: 0x0000
	Status: 0x01
	Processor Upgrade: None
	L1 Cache Handle: 0x0004
	L2 Cache Handle: 0x0005
	L3 Cache Handle: 0xffff
	Serial Number: 
	Asset Tag: 
	Part Number: 
	Core Count: 0x01
	Core Enabled: 0x01
	Thread Count: 0x00
	Processor Characteristics: 0x0204
	Processor Family 2: ARMv8
	Core Count 2: 0x0000
	Core Enabled 2: 0x0000
	Thread Count 2: 0x0000
	Thread Enabled: 0x0000
Handle 0x0007, DMI type 9, 24 bytes at 0x13e47415f
System Slots:
	Socket Designation: 
	Slot Type: PCI Express
	Slot Data Bus Width: 8x or x8
	Current Usage: In use
	Slot Length: Long Length
	Slot ID: 0x0800
	Slot Characteristics 1: 0x0004
	Slot Characteristics 2: 0x0001
	Segment Group Number (Base): 0x0000
	Bus Number (Base): 0x0040
	Device/Function Number (Base): 0x0000
	Data Bus Width (Base): 0x0000
	Peer (S/B/D/F/Width) grouping count: 0x0000
	Peer (S/B/D/F/Width) groups:
	Slot Information: 0x0000
	Slot Physical Width: 0x0000
	Slot Pitch: 0x0000
	Slot Height: 0x0000
Handle 0x0008, DMI type 16, 23 bytes at 0x13e474179
Physical Memory Array:
	Location: System board or motherboard
	Use: System memory
	Memory Error Correction: Unknown
	Maximum Capacity: 0x80000000
	Memory Error Information Handle: 0xfffe
	Number of Memory Devices: 0x0001
	Extended Maximum Capacity: 0x0000000000400000
Handle 0x0009, DMI type 17, 100 bytes at 0x13e474192
Memory Device:
	Physical Memory Array Handle: 0x0008
	Memory Error Information Handle: 0xfffe
	Total Width: 0x0000
	Data Width: 0x0000
	Size: 0x1000
	Form Factor: Unknown
	Device Set: 0x00ff
	Device Locator: 
	Bank Locator: 
	Memory Type: Unknown
	Type Detail: 0x0004
	Speed: 0x0000
	Manufacturer: 
	Serial Number: 
	Asset Tag: 
	Part Number: 
	Attributes: 0x0000
	Extended Size: 0x00000000
	Configured Memory Speed: 0x0000
	Minimum voltage: 0x0000
	Maximum voltage: 0x0000
	Configured voltage: 0x0000
	Memory Technology: Unknown
	Memory Operating Mode Capability: 0x0004
	Firmware Version: 
	Module Manufacturer ID: 0x0000
	Module Product ID: 0x0000
	Memory Subsystem Controller Manufacturer ID: 0x0000
	Memory Subsystem Controller Product ID: 0x0000
	Non-volatile Size: 0xffffffffffffffff
	Volatile Size: 0xffffffffffffffff
	Cache Size: 0xffffffffffffffff
	Logical Size: 0xffffffffffffffff
	Extended Speed: 0x0000
	Extended Configured Memory Speed: 0x0000
	PMIC0 Manufacturer ID: 0x0000
	PMIC0 Revision Number: 0x0000
	RCD Manufacturer ID: 0x0000
	RCD Revision Number: 0x0000
Handle 0x000a, DMI type 19, 31 bytes at 0x13e4741f8
Memory Array Mapped Address:
	Starting Address: 0xffffffff
	Ending Address: 0xffffffff
	Memory Array Handle: 0x0008
	Partition Width: 0x0001
	Extended Starting Address: 0x0000000040000000
	Extended Ending Address: 0x000000013fffffff
Handle 0x000b, DMI type 32, 11 bytes at 0x13e474219
Header and Data:
	00000000: 20 0b 0b 00 00 00 00 00 00 00 00
Handle 0x000c, DMI type 127, 4 bytes at 0x13e474226
End Of Table
=> 

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20260630/5fd01c0d/attachment.sig>

More information about the U-Boot mailing list