Re: 8e35bb07eb mkimage: Support automatic creating of a FIT without a .its

[Simon Glass]

Hi Wolfgang,

On Mon, 25 May 2020 at 05:38, Wolfgang Denk  wrote:
>
> Hi Simon,
>
> your commit 8e35bb07eb (2016-03-14) "mkimage: Support automatic
> creating of a FIT without a .its" added the "-f auto" option to
> mkimage.  While convenient in many situation, I had to notice that
> with "-f auto" there is no checksum information included with any of
> the blobs stored in the FIT image.
>
> I guess the rationale was that the primary use case for this was to
> generate combinations of a U-Boot image with several device tree
> blobs to be used / selected by the SPL, as one can see for example
> in scripts/Makefile.spl :
>
> MKIMAGEFLAGS_$(SPL_BIN).multidtb.fit = -f auto -A $(ARCH) -T firmware -C none 
> -O u-boot \
> -n "Multi DTB fit image for $(SPL_BIN)" -E \
> $(patsubst %,-b %,$(SHRUNK_ARCH_DTB))
>
> And - at least at that time - most implementations of the SPL did
> not need/want checksum verification.
>
>
> However I'm asking myself if this is not an unfortunate choice.
> It is trivial for a not-checksum-enabled SPL to ignore any checksum
> in the image, but not the other way round: if there is no checksum
> in the images, the SPL will never be able to verify one.
>
>
> Would it not be a more reasonable default for operation unter the
> "-f auto" flag to enable at least simple checksumming, say by
> auto-adding something like
>
> hash-1 {
> algo = "crc32";
> };
>
> to the generated descriptions?

Yes it should be easy to add that. I'll take a look.

Regards,
Simon

8e35bb07eb mkimage: Support automatic creating of a FIT without a .its

[Wolfgang Denk]

Hi Simon,

your commit 8e35bb07eb (2016-03-14) "mkimage: Support automatic
creating of a FIT without a .its" added the "-f auto" option to
mkimage.  While convenient in many situation, I had to notice that
with "-f auto" there is no checksum information included with any of
the blobs stored in the FIT image.

I guess the rationale was that the primary use case for this was to
generate combinations of a U-Boot image with several device tree
blobs to be used / selected by the SPL, as one can see for example
in scripts/Makefile.spl :

MKIMAGEFLAGS_$(SPL_BIN).multidtb.fit = -f auto -A $(ARCH) -T firmware -C none 
-O u-boot \
-n "Multi DTB fit image for $(SPL_BIN)" -E \
$(patsubst %,-b %,$(SHRUNK_ARCH_DTB))

And - at least at that time - most implementations of the SPL did
not need/want checksum verification.


However I'm asking myself if this is not an unfortunate choice.
It is trivial for a not-checksum-enabled SPL to ignore any checksum
in the image, but not the other way round: if there is no checksum
in the images, the SPL will never be able to verify one.


Would it not be a more reasonable default for operation unter the
"-f auto" flag to enable at least simple checksumming, say by
auto-adding something like

hash-1 {
algo = "crc32";
};

to the generated descriptions?

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,  Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: w...@denx.de
"It is better to have tried and failed than to have  failed  to  try,
but the result's the same."   - Mike Dennison