Hi,
I have been trying to work out how to achieve booting an ELF image after I have
successfully verified the signature using verified boot.
I have successfully managed to boot the ELF image on its own using the bootelf
command from the U-Boot command line, and I have also managed to get a normal
linux kernel and DTB verified and booted using a FIT image. I have not however
managed to get my ELF image to boot from a FIT image.
My .its file is as follows:
/dts-v1/;
/ {
Description = "My image";
#address-cells = <0x1>;
images {
app@1 {
description = "My app";
data = /incbin/("uImage");
type = "kernel";
os = "linux";
arch = "arm";
compression = "none";
load = <0x42000000>;
entry = <0x42000000>;
signature {
algo = "sha1,rsa4096";
key-name-hint = "my-key";
};
};
};
configurations {
default = "conf@1";
conf@1 {
kernel = "app@1";
};
};
};
This created a FIT image without complaining, however when I attempt to boot
this U-Boot complains: "Could not find configuration node".
After some trial and error, and converting the ELF image to a uImage, it seems
that U-Boot doesn't like it if there is not a DTB included when the FIT image
is created:
/dts-v1/;
/ {
Description = "My image";
#address-cells = <0x1>;
images {
app@1 {
description = "My app";
data = /incbin/("uImage");
type = "kernel";
os = "linux";
arch = "arm";
compression = "none";
load = <0x42000000>;
entry = <0x42000000>;
signature {
algo = "sha1,rsa4096";
key-name-hint = "my-key";
};
};
fdt@1 {
description = "My DTB";
data = /incbin/("device.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
signature {
algo = "sha1,rsa4096";
key-name-hint = "my-key";
};
};
};
configurations {
default = "conf@1";
conf@1 {
kernel = "app@1";
fdt = "fdt@1";
};
};
};
This file generates an image that does not produce an error. It states that it
has been successfully verified and is "Starting kernel..." however I get no
further output to the terminal after that point (unlike when booting the image
on its own). I am unsure if this is just because the image is not being run, or
if I have missed some setting which means the output is not being directed
correctly so is not displaying.
My concern about this second file is also that my ELF image requires no DTB
file. It has all the information it needs in order to operate on the device
(the DTB is baked into the ELF). So I don't understand why I need to provide a
DTB in order to make U-Boot happy - especially when the documentation states
that the `fdt` field in the configuration is optional?
I have tried several iterations of various different image types (kernel,
standalone etc) as well as different os types (linux, qnx etc) and nothing
seems to work.
What am I doing wrong?
Thanks,
Ben Turner
________________________________________
Roke Manor Research Limited, Romsey, Hampshire, SO51 0ZN, United Kingdom.Part
of the Chemring Group.
Registered in England & Wales. Registered No: 00267550
http://www.roke.co.uk
_______________________________________
The information contained in this e-mail and any attachments is proprietary to
Roke Manor Research Limited and
must not be passed to any third party without permission. This communication is
for information only and shall
not create or change any contractual relationship.
________________________________________
