[PATCH 14/14] bootm: Add option to force booting signed images

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



With CONFIG_BOOTM_FORCE_SIGNED_IMAGES the bootm code will refuse to boot
unsigned images. Since currently FIT is the only image type which
supports signing, this means with this option we enforce using FIT
images. All additionally passed in device trees and initrds will be
ignored, so that only the ones from the FIT image can be used.

Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
---
 common/bootm.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/common/bootm.c b/common/bootm.c
index d8acff8..3efc17e 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -68,8 +68,10 @@ enum bootm_verify bootm_get_verify_mode(void)
 }
 
 static const char * const bootm_verify_names[] = {
+#ifndef CONFIG_BOOTM_FORCE_SIGNED_IMAGES
 	[BOOTM_VERIFY_NONE] = "none",
 	[BOOTM_VERIFY_HASH] = "hash",
+#endif
 	[BOOTM_VERIFY_SIGNATURE] = "signature",
 };
 
@@ -526,6 +528,23 @@ int bootm_boot(struct bootm_data *bootm_data)
 		goto err_out;
 	}
 
+	if (IS_ENABLED(CONFIG_BOOTM_FORCE_SIGNED_IMAGES))
+		data->verify = BOOTM_VERIFY_SIGNATURE;
+
+		/*
+		 * When we only allow booting signed images make sure everything
+		 * we boot is in the OS image and not given separately.
+		 */
+		data->oftree = NULL;
+		data->oftree_file = NULL;
+		data->initrd_file = NULL;
+		if (os_type != filetype_oftree) {
+			printf("Signed boot and image is no FIT image, aborting\n");
+			ret = -EINVAL;
+			goto err_out;
+		}
+	}
+
 	if (IS_ENABLED(CONFIG_FITIMAGE) && os_type == filetype_oftree) {
 		struct fit_handle *fit;
 
-- 
2.7.0.rc3


_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox



[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux