On 5/7/26 18:39, Simon Glass wrote:
Hi Ludwig,
On 2026-05-07T12:06:22, Ludwig Nussel <[email protected]> wrote:
(optionally) enforce signatures so we can't accidentally boot
unsigned fit images.
Since you are adding a new policy knob (FIT_SIGNATURE_REQUIRED) and a
new verifier path (fit_all_configurations_verify()), please can you
add coverage in test/py/tests/test_vboot.py for both the
required-but-no-keys case and the iminfo signature path? Without tests
it is easy for a future change to silently regress the fail-closed
behaviour.
The function also tests image signing. That's mutually exclusive to
having conf signatures required. Should I adjust the function to not
expect successful image signing tests when
fit_require_config_sigs is on, resp only test the fail-closed mode if
fit_require_config_sigs is actually on?
cu
Ludwig
--
Ludwig Nussel
Siemens AG
www.siemens.com
