fit: support board sig verify require

Not allow non-signature image to boot if board requires signature verify. The board signature verify usually depends on otp/efuse key is enabled or disabled. Signed-off-by: Joseph Chen <chenjh@rock-chips.com> Change-Id: I4e4dd201e74712a53cb0f481463b48532e30bb40
2020-04-16 10:42:37 +08:00 · 2020-04-16 10:42:37 +08:00 · 1f452cbf59
parent d300a21655
commit 1f452cbf59
3 changed files with 25 additions and 0 deletions
--- a/common/image-fit.c
+++ b/common/image-fit.c
@ -1925,6 +1925,13 @@ static const char *fit_get_image_type_property(int type)
 	return "unknown";
 }

+#ifndef USE_HOSTCC
+__weak int fit_board_verify_required_sigs(void)
+{
+	return 0;
+}
+#endif
+
 int fit_image_load_index(bootm_headers_t *images, ulong addr,
 			 const char **fit_unamep, const char **fit_uname_configp,
 			 int arch, int image_type, int image_index, int bootstage_id,
@ -1946,6 +1953,15 @@ int fit_image_load_index(bootm_headers_t *images, ulong addr,
 	const char *prop_name;
 	int ret;

+#ifndef USE_HOSTCC
+	/* If board required sigs, check self */
+	if (fit_board_verify_required_sigs() &&
+	    !IS_ENABLED(CONFIG_FIT_SIGNATURE)) {
+		printf("Verified-boot requires CONFIG_FIT_SIGNATURE enabled\n");
+		hang();
+	}
+#endif
+
 	fit = map_sysmem(addr, 0);
 	fit_uname = fit_unamep ? *fit_unamep : NULL;
 	fit_uname_config = fit_uname_configp ? *fit_uname_configp : NULL;
--- a/common/spl/spl_fit.c
+++ b/common/spl/spl_fit.c
@ -401,6 +401,13 @@ static int spl_internal_load_simple_fit(struct spl_image_info *spl_image,
 		return -1;
 	}

+	/* if board sigs verify required, check self */
+	if (fit_board_verify_required_sigs() &&
+	    !IS_ENABLED(CONFIG_SPL_FIT_SIGNATURE)) {
+		printf("Verified-boot requires CONFIG_SPL_FIT_SIGNATURE enabled\n");
+		hang();
+	}
+
 	/* verify the configure node by keys, if required */
 #ifdef CONFIG_SPL_FIT_SIGNATURE
 	int conf_noffset;
--- a/include/image.h
+++ b/include/image.h
@ -1056,6 +1056,8 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
 int fit_image_verify(const void *fit, int noffset);
 int fit_config_verify(const void *fit, int conf_noffset);
 int fit_all_image_verify(const void *fit);
+int fit_board_verify_required_sigs(void);
+
 int fit_image_check_os(const void *fit, int noffset, uint8_t os);
 int fit_image_check_arch(const void *fit, int noffset, uint8_t arch);
 int fit_image_check_type(const void *fit, int noffset, uint8_t type);