[PATCH v3 1/4] qemu: overlay signature nodes

Fri May 8 00:25:37 CEST 2026

Am 7. Mai 2026 14:06:22 MESZ schrieb Ludwig Nussel <ludwig.nussel at siemens.com>:
>The keys trusted for FIT signature verification are supposed to be
>embedded in the device tree built into u-boot. When running in Qemu it's
>convenient to use the device tree provided by the VM which doesn't know
>about signatures though. So merge both device trees at startup.

This patch only addreses a single architecture. But neither the title, nor the commit mentions this. Please, correct both.

Did you already start work on the missing architectures?

Best regards

Heinrich 

>
>Signed-off-by: Ludwig Nussel <ludwig.nussel at siemens.com>
>
>---
>
>Changes in v3:
>- enable CONFIG_OF_OMIT_DTB=n in defconfig
>- add error returns
>- document decission about dt merging direction
>
> board/emulation/qemu-arm/qemu-arm.c | 50 +++++++++++++++++++++++++++--
> configs/qemu_arm64_defconfig        |  1 +
> 2 files changed, 48 insertions(+), 3 deletions(-)
>
>diff --git a/board/emulation/qemu-arm/qemu-arm.c b/board/emulation/qemu-arm/qemu-arm.c
>index 38f0ec5f2fb..f82bc81f4d5 100644
>--- a/board/emulation/qemu-arm/qemu-arm.c
>+++ b/board/emulation/qemu-arm/qemu-arm.c
>@@ -144,12 +144,56 @@ int dram_init_banksize(void)
> 	return 0;
> }
> 
>+/* QEMU loads a generated DTB for us at the start of RAM.
>+ * When using signatures we may have a built-in FDT that contains our known
>+ * public keys nevertheless. So merge those nodes into QEMU's FDT.
>+ * We cannot merge the other way around (eg in fdtdec_board_setup()
>+ * or board_fix_fdt() at this stage as U-Boot might be started from
>+ * a ROM location.
>+ * At the same time U-Boot needs QEMU's FDT to initialize serial
>+ * devices even before relocation.
>+ */
> int board_fdt_blob_setup(void **fdtp)
> {
>-	/* QEMU loads a generated DTB for us at the start of RAM. */
>-	*fdtp = (void *)CFG_SYS_SDRAM_BASE;
>+	void *qemu_fdt = (void *)CFG_SYS_SDRAM_BASE;
>+	int ret = -EINVAL;
> 
>-	return 0;
>+	if (fdt_check_header(qemu_fdt) != 0) {
>+		log_err("Invalid QEMU FDT at %p\n", qemu_fdt);
>+		goto out;
>+	}
>+
>+	if (fdt_check_header(*fdtp) != 0) {
>+		/* this was a perfectly normal condition before
>+		 * (CONFIG_OF_OMIT_DTB was set for qemu). So to avoid
>+		 * breaking existing configs don't error out. This
>+		 * might mean that we don't have keys in case
>+		 * FIT_SIGNATURE is on. We can't know though as
>+		 * existing setups might have injected them into
>+		 * QEMUS's FDT already.
>+		 */
>+		ret = 0;
>+		goto out;
>+	}
>+
>+	log_debug("Found built-in FDT at %p. Merging into %p...\n", *fdtp, qemu_fdt);
>+
>+	ret = fdt_increase_size(qemu_fdt, 1024 + fdt_totalsize(*fdtp));
>+	if (ret) {
>+		log_err("Failed to resize FDT overlay: %s", fdt_strerror(ret));
>+		goto out;
>+	}
>+
>+	ret = fdt_overlay_apply_node(qemu_fdt, 0, (void *)*fdtp, 0);
>+	if (ret) {
>+		log_err("Failed to apply FDT overlay: %s\n", fdt_strerror(ret));
>+		goto out;
>+	}
>+
>+out:
>+	*fdtp = qemu_fdt;
>+
>+	return ret;
> }
> 
> void enable_caches(void)
>diff --git a/configs/qemu_arm64_defconfig b/configs/qemu_arm64_defconfig
>index 68b80e28746..0edf80b7aaa 100644
>--- a/configs/qemu_arm64_defconfig
>+++ b/configs/qemu_arm64_defconfig
>@@ -7,6 +7,7 @@ CONFIG_ENV_SIZE=0x40000
> CONFIG_ENV_SECT_SIZE=0x40000
> CONFIG_DEFAULT_DEVICE_TREE="qemu-arm64"
> CONFIG_OF_LIBFDT_OVERLAY=y
>+CONFIG_OF_OMIT_DTB=n
> CONFIG_SYS_LOAD_ADDR=0x40200000
> CONFIG_DEBUG_UART_BASE=0x9000000
> CONFIG_DEBUG_UART_CLOCK=0