On Thu, Jan 29 2026, Olivier Benjamin <[email protected]> wrote:
> Hello, > > While reading section 5.7.3 of the FIT image spec [1], I noticed the > "cmdline" property: > > "cmdline > Command line passed to the next boot stage, e.g. the operating system > kernel. The value is an UTF-8 encoded string." > > However, looking at the mkimage sources, more specifically > include/image.h [2], it looks like this property is unsupported. > > If properly implemented so that the cmdline can be signed, this would > imho be a viable option for passing the dm-verity bootargs in verified boot. > It could be an alternative to the option of sourcing a script that has > to be referenced via the configuration, as discussed in [3]. > > I have not found a discussion regarding supporting this property in > U-Boot, has it been discussed and rejected, or has it not made it to > contributor's priority list? Not really an answer, but IME it is much easier to embed the kernel command line with the kernel image itself via the CONFIG_BOOT_CONFIG mechanism. That way the cmdline is automatically verified by whatever mechanism verifies the kernel image. Yes, if the purpose is to embed a root hash for use with dm-verity, it's very annoying to rebuild the entire kernel whenever the rootfs changes, i.e. all the time. But we don't to that, we boot using an initramfs that has that root hash embedded, and rebuilding the initramfs (and then the FIT image) is much less of a hassle. Rasmus
