aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/mkimage.16
-rw-r--r--tools/fit_image.c9
-rw-r--r--tools/mkimage.c8
-rw-r--r--tools/mkimage.h1
4 files changed, 18 insertions, 6 deletions
diff --git a/doc/mkimage.1 b/doc/mkimage.1
index b67a35178a..14374da88a 100644
--- a/doc/mkimage.1
+++ b/doc/mkimage.1
@@ -133,6 +133,12 @@ the corresponding public key is written into this file for for run-time
verification. Typically the file here is the device tree binary used by
CONFIG_OF_CONTROL in U-Boot.
+.TP
+.BI "\-r
+Specifies that keys used to sign the FIT are required. This means that they
+must be verified for the image to boot. Without this option, the verification
+will be optional (useful for testing but not for release).
+
.SH EXAMPLES
List image information:
diff --git a/tools/fit_image.c b/tools/fit_image.c
index d48f571b0f..281c2bda13 100644
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -152,10 +152,11 @@ static int fit_handle_file (struct mkimage_params *params)
goto err_mmap;
/* set hashes for images in the blob */
- if (fit_add_verification_data(params->keydir, dest_blob, ptr,
- params->comment, 0)) {
- fprintf (stderr, "%s Can't add hashes to FIT blob",
- params->cmdname);
+ if (fit_add_verification_data(params->keydir,
+ dest_blob, ptr, params->comment,
+ params->require_keys)) {
+ fprintf(stderr, "%s Can't add hashes to FIT blob\n",
+ params->cmdname);
goto err_add_hashes;
}
diff --git a/tools/mkimage.c b/tools/mkimage.c
index b3b45a47a3..d312844e9c 100644
--- a/tools/mkimage.c
+++ b/tools/mkimage.c
@@ -270,6 +270,9 @@ main (int argc, char **argv)
usage ();
params.imagename = *++argv;
goto NXTARG;
+ case 'r':
+ params.require_keys = 1;
+ break;
case 'R':
if (--argc <= 0)
usage();
@@ -645,11 +648,12 @@ usage ()
fprintf(stderr, " -D => set options for device tree compiler\n"
" -f => input filename for FIT source\n");
#ifdef CONFIG_FIT_SIGNATURE
- fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>]\n"
+ fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>] [-r]\n"
" -k => set directory containing private keys\n"
" -K => write public keys to this .dtb file\n"
" -c => add comment in signature node\n"
- " -F => re-sign existing FIT image\n");
+ " -F => re-sign existing FIT image\n"
+ " -r => mark keys used as 'required' in dtb\n");
#else
fprintf(stderr, "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n");
#endif
diff --git a/tools/mkimage.h b/tools/mkimage.h
index ab8baf8f05..1d9984e1a3 100644
--- a/tools/mkimage.h
+++ b/tools/mkimage.h
@@ -90,6 +90,7 @@ struct mkimage_params {
const char *keydir; /* Directory holding private keys */
const char *keydest; /* Destination .dtb for public key */
const char *comment; /* Comment to add to signature node */
+ int require_keys; /* 1 to mark signing keys as 'required' */
};
/*