Hi Oleksandr, On Thu, Sep 16, 2021 at 4:10 PM Oleksandr Suvorov <oleksandr.suvo...@foundries.io> wrote: > > From: Ricardo Salveti <rica...@foundries.io> > > Add CONFIG_FIT_SIGNATURE_STRICT to require a valid FIT configuration > signature for each command that is able to manipulate FIT images. > > Signed-off-by: Ricardo Salveti <rica...@foundries.io> > Co-developed-by: Oleksandr Suvorov <oleksandr.suvo...@foundries.io> > Signed-off-by: Oleksandr Suvorov <oleksandr.suvo...@foundries.io> > --- > > cmd/fpga.c | 14 ++++++++++++++ > cmd/source.c | 14 ++++++++++++++ > cmd/ximg.c | 14 ++++++++++++++ > common/Kconfig.boot | 4 ++++ > 4 files changed, 46 insertions(+) > > diff --git a/cmd/fpga.c b/cmd/fpga.c > index 3fdd0b35e80..16d329590fa 100644 > --- a/cmd/fpga.c > +++ b/cmd/fpga.c > @@ -335,6 +335,20 @@ static int do_fpga_loadmk(struct cmd_tbl *cmdtp, int > flag, int argc, > return CMD_RET_FAILURE; > } > > + if (CONFIG_IS_ENABLED(FIT_SIGNATURE_STRICT)) { > + /* validate required fit config entry */ > + noffset = fit_conf_get_node(fit_hdr, NULL); > + if (noffset >= 0) { > + if (fit_config_verify(fit_hdr, noffset)) { > + puts("Cannot verify FIT config > node\n"); > + return CMD_RET_FAILURE; > + } > + } else { > + puts("FIT_SIGNATURE_STRICT requires a config > node\n"); > + return CMD_RET_FAILURE; > + } > + } > + > /* get fpga component image node offset */ > noffset = fit_image_get_node(fit_hdr, fit_uname); > if (noffset < 0) { > diff --git a/cmd/source.c b/cmd/source.c > index 81e015b64ef..b08406dfcbf 100644 > --- a/cmd/source.c > +++ b/cmd/source.c > @@ -112,6 +112,20 @@ int image_source_script(ulong addr, const char > *fit_uname) > return 1; > } > > + if (CONFIG_IS_ENABLED(FIT_SIGNATURE_STRICT)) { > + /* validate required fit config entry */ > + noffset = fit_conf_get_node(fit_hdr, NULL); > + if (noffset >= 0) { > + if (fit_config_verify(fit_hdr, noffset)) { > + puts("Cannot verify FIT config > node\n"); > + return 1; > + } > + } else { > + puts("FIT_SIGNATURE_STRICT requires a config > node\n"); > + return 1; > + } > + } > + > if (!fit_uname) > fit_uname = get_default_image(fit_hdr); > > diff --git a/cmd/ximg.c b/cmd/ximg.c > index 65ba41320a0..39fccd8179c 100644 > --- a/cmd/ximg.c > +++ b/cmd/ximg.c > @@ -141,6 +141,20 @@ do_imgextract(struct cmd_tbl *cmdtp, int flag, int argc, > char *const argv[]) > return 1; > } > > + if (CONFIG_IS_ENABLED(FIT_SIGNATURE_STRICT)) { > + /* validate required fit config entry */ > + noffset = fit_conf_get_node(fit_hdr, NULL); > + if (noffset >= 0) { > + if (fit_config_verify(fit_hdr, noffset)) { > + puts("Cannot verify FIT config > node\n"); > + return 1; > + } > + } else { > + puts("FIT_SIGNATURE_STRICT requires a config > node\n"); > + return 1; > + } > + } > + > /* get subimage node offset */ > noffset = fit_image_get_node(fit_hdr, uname); > if (noffset < 0) { > diff --git a/common/Kconfig.boot b/common/Kconfig.boot > index 6f95d009dfa..ca7d9a8d971 100644 > --- a/common/Kconfig.boot > +++ b/common/Kconfig.boot > @@ -77,6 +77,10 @@ config FIT_SIGNATURE_MAX_SIZE > device memory. Assure this size does not extend past expected > storage > space. > > +config FIT_SIGNATURE_STRICT > + bool "Requires a valid FIT configuration signature for every image" > + select FIT_SIGNATURE > + > config FIT_RSASSA_PSS > bool "Support rsassa-pss signature scheme of FIT image contents" > depends on FIT_SIGNATURE > -- > 2.31.1 >
There is duplication of the same piece of code in 3 different files, maybe you could rework that and move to some common function? -- Best regards - Freundliche GrĂ¼sse - Meilleures salutations Igor Opaniuk Embedded Software Engineer T: +380 938364067 E: igor.opan...@foundries.io W: www.foundries.io