#address-cells = <1>;
images {
- kernel@1 {
+ kernel {
data = /incbin/("Image.lzo");
type = "kernel";
arch = "arm";
compression = "lzo";
load = <0x80008000>;
entry = <0x80008000>;
- hash@1 {
+ hash-1 {
algo = "sha1";
};
};
- fdt@1 {
+ fdt-1 {
description = "beaglebone-black";
data = /incbin/("am335x-boneblack.dtb");
type = "flat_dt";
arch = "arm";
compression = "none";
- hash@1 {
+ hash-1 {
algo = "sha1";
};
};
};
configurations {
- default = "conf@1";
- conf@1 {
- kernel = "kernel@1";
- fdt = "fdt@1";
- signature@1 {
+ default = "conf-1";
+ conf-1 {
+ kernel = "kernel";
+ fdt = "fdt-1";
+ signature-1 {
algo = "sha1,rsa2048";
key-name-hint = "dev";
sign-images = "fdt", "kernel";
FIT description: Beaglebone black
Created: Sun Jun 1 12:50:30 2014
- Image 0 (kernel@1)
+ Image 0 (kernel)
Description: unavailable
Created: Sun Jun 1 12:50:30 2014
Type: Kernel Image
Entry Point: 0x80008000
Hash algo: sha1
Hash value: c94364646427e10f423837e559898ef02c97b988
- Image 1 (fdt@1)
+ Image 1 (fdt-1)
Description: beaglebone-black
Created: Sun Jun 1 12:50:30 2014
Type: Flat Device Tree
Architecture: ARM
Hash algo: sha1
Hash value: cb09202f889d824f23b8e4404b781be5ad38a68d
- Default Configuration: 'conf@1'
- Configuration 0 (conf@1)
+ Default Configuration: 'conf-1'
+ Configuration 0 (conf-1)
Description: unavailable
- Kernel: kernel@1
- FDT: fdt@1
+ Kernel: kernel
+ FDT: fdt-1
Now am335x-boneblack-pubkey.dtb contains the public key and image.fit contains
Verifying Hash Integrity ... sha1,rsa2048:dev+
## Loading kernel from FIT Image at 7fc6ee469000 ...
- Using 'conf@1' configuration
+ Using 'conf-1' configuration
Verifying Hash Integrity ...
sha1,rsa2048:dev+
OK
- Trying 'kernel@1' kernel subimage
+ Trying 'kernel' kernel subimage
Description: unavailable
Created: Sun Jun 1 12:50:30 2014
Type: Kernel Image
Unimplemented compression type 4
## Loading fdt from FIT Image at 7fc6ee469000 ...
- Using 'conf@1' configuration
- Trying 'fdt@1' fdt subimage
+ Using 'conf-1' configuration
+ Trying 'fdt-1' fdt subimage
Description: beaglebone-black
Created: Sun Jun 1 12:50:30 2014
Type: Flat Device Tree
Loading Flat Device Tree ... OK
## Loading ramdisk from FIT Image at 7fc6ee469000 ...
- Using 'conf@1' configuration
+ Using 'conf-1' configuration
Could not find subimage node
Signature check OK
But it is fun to do this by hand, so you can load image.fit into a hex editor
like ghex, and change a byte in the kernel:
- $UOUT/tools/fit_info -f image.fit -n /images/kernel@1 -p data
-NAME: kernel@1
+ $UOUT/tools/fit_info -f image.fit -n /images/kernel -p data
+NAME: kernel
LEN: 7790938
OFF: 168
Verifying Hash Integrity ... sha1,rsa2048:dev+
## Loading kernel from FIT Image at 7f5a39571000 ...
- Using 'conf@1' configuration
+ Using 'conf-1' configuration
Verifying Hash Integrity ...
sha1,rsa2048:dev+
OK
- Trying 'kernel@1' kernel subimage
+ Trying 'kernel' kernel subimage
Description: unavailable
Created: Sun Jun 1 13:09:21 2014
Type: Kernel Image
Hash value: c94364646427e10f423837e559898ef02c97b988
Verifying Hash Integrity ...
sha1 error
-Bad hash value for 'hash@1' hash node in 'kernel@1' image node
+Bad hash value for 'hash-1' hash node in 'kernel' image node
Bad Data Hash
## Loading fdt from FIT Image at 7f5a39571000 ...
- Using 'conf@1' configuration
- Trying 'fdt@1' fdt subimage
+ Using 'conf-1' configuration
+ Trying 'fdt-1' fdt subimage
Description: beaglebone-black
Created: Sun Jun 1 13:09:21 2014
Type: Flat Device Tree
Loading Flat Device Tree ... OK
## Loading ramdisk from FIT Image at 7f5a39571000 ...
- Using 'conf@1' configuration
+ Using 'conf-1' configuration
Could not find subimage node
Signature check Bad (error 1)
configurations
fdtget -l image.fit /configurations
-conf@1
-fdtget -l image.fit /configurations/conf@1
-signature@1
+conf-1
+fdtget -l image.fit /configurations/conf-1
+signature-1
- fdtget -p image.fit /configurations/conf@1/signature@1
+ fdtget -p image.fit /configurations/conf-1/signature-1
hashed-strings
hashed-nodes
timestamp
key-name-hint
sign-images
- fdtget image.fit /configurations/conf@1/signature@1 hashed-nodes
-/ /configurations/conf@1 /images/fdt@1 /images/fdt@1/hash@1 /images/kernel@1 /images/kernel@1/hash@1
+ fdtget image.fit /configurations/conf-1/signature-1 hashed-nodes
+/ /configurations/conf-1 /images/fdt-1 /images/fdt-1/hash /images/kernel /images/kernel/hash-1
This gives us a bit of a look into the signature that mkimage added. Note you
can also use fdtdump to list the entire device tree.
Say we want to change the kernel that this configuration uses
-(/images/kernel@1). We could just put a new kernel in the image, but we will
+(/images/kernel). We could just put a new kernel in the image, but we will
need to change the hash to match. Let's simulate that by changing a byte of
the hash:
- fdtget -tx image.fit /images/kernel@1/hash@1 value
+ fdtget -tx image.fit /images/kernel/hash-1 value
c9436464 6427e10f 423837e5 59898ef0 2c97b988
- fdtput -tx image.fit /images/kernel@1/hash@1 value c9436464 6427e10f 423837e5 59898ef0 2c97b981
+ fdtput -tx image.fit /images/kernel/hash-1 value c9436464 6427e10f 423837e5 59898ef0 2c97b981
Now check it again:
configuration in any way. Try it with a fresh (valid) image if you like by
running the mkimage link again. Then:
- fdtput -p image.fit /configurations/conf@1/signature@2 value fred
+ fdtput -p image.fit /configurations/conf-1/signature-1 value fred
$UOUT/tools/fit_check_sign -f image.fit -k am335x-boneblack-pubkey.dtb
Verifying Hash Integrity ... -
sha1,rsa2048:devrsa_verify_with_keynode: RSA failed to verify: -13
7824930 bytes read in 589 ms (12.7 MiB/s)
U-Boot# bootm 82000000
## Loading kernel from FIT Image at 82000000 ...
- Using 'conf@1' configuration
+ Using 'conf-1' configuration
Verifying Hash Integrity ... sha1,rsa2048:dev+ OK
- Trying 'kernel@1' kernel subimage
+ Trying 'kernel' kernel subimage
Description: unavailable
Created: 2014-06-01 19:32:54 UTC
Type: Kernel Image
Hash value: c94364646427e10f423837e559898ef02c97b988
Verifying Hash Integrity ... sha1+ OK
## Loading fdt from FIT Image at 82000000 ...
- Using 'conf@1' configuration
- Trying 'fdt@1' fdt subimage
+ Using 'conf-1' configuration
+ Trying 'fdt-1' fdt subimage
Description: beaglebone-black
Created: 2014-06-01 19:32:54 UTC
Type: Flat Device Tree
Examples:
-- boot kernel "kernel@1" stored in a new uImage located at 200000:
-bootm 200000:kernel@1
+- boot kernel "kernel-1" stored in a new uImage located at 200000:
+bootm 200000:kernel-1
-- boot configuration "cfg@1" from a new uImage located at 200000:
-bootm 200000#cfg@1
+- boot configuration "cfg-1" from a new uImage located at 200000:
+bootm 200000#cfg-1
-- boot configuration "cfg@1" with extra "cfg@2" from a new uImage located
+- boot configuration "cfg-1" with extra "cfg-2" from a new uImage located
at 200000:
-bootm 200000#cfg@1#cfg@2
+bootm 200000#cfg-1#cfg-2
-- boot "kernel@1" from a new uImage at 200000 with initrd "ramdisk@2" found in
+- boot "kernel-1" from a new uImage at 200000 with initrd "ramdisk-2" found in
some other new uImage stored at address 800000:
-bootm 200000:kernel@1 800000:ramdisk@2
+bootm 200000:kernel-1 800000:ramdisk-2
-- boot "kernel@2" from a new uImage at 200000, with initrd "ramdisk@1" and FDT
- "fdt@1", both stored in some other new uImage located at 800000:
-bootm 200000:kernel@1 800000:ramdisk@1 800000:fdt@1
+- boot "kernel-2" from a new uImage at 200000, with initrd "ramdisk-1" and FDT
+ "fdt-1", both stored in some other new uImage located at 800000:
+bootm 200000:kernel-1 800000:ramdisk-1 800000:fdt-1
-- boot kernel "kernel@2" with initrd "ramdisk@2", both stored in a new uImage
+- boot kernel "kernel-2" with initrd "ramdisk-2", both stored in a new uImage
at address 200000, with a raw FDT blob stored at address 600000:
-bootm 200000:kernel@2 200000:ramdisk@2 600000
+bootm 200000:kernel-2 200000:ramdisk-2 600000
-- boot kernel "kernel@2" from new uImage at 200000 with FDT "fdt@1" from the
+- boot kernel "kernel-2" from new uImage at 200000 with FDT "fdt-1" from the
same new uImage:
-bootm 200000:kernel@2 - 200000:fdt@1
+bootm 200000:kernel-2 - 200000:fdt-1
Note on current image address
commands:
tftp 200000 /tftpboot/uImage
-bootm :kernel@1
+bootm :kernel-1
Last command is equivalent to:
-bootm 200000:kernel@1
+bootm 200000:kernel-1
tftp 200000 /tftpboot/uImage
-bootm 400000:kernel@1 :ramdisk@1
+bootm 400000:kernel-1 :ramdisk-1
Last command is equivalent to:
-bootm 400000:kernel@1 400000:ramdisk@1
+bootm 400000:kernel-1 400000:ramdisk-1
tftp 200000 /tftpboot/uImage
-bootm :kernel@1 400000:ramdisk@1 :fdt@1
+bootm :kernel-1 400000:ramdisk-1 :fdt-1
Last command is equivalent to:
-bootm 200000:kernel@1 400000:ramdisk@1 400000:fdt@1
+bootm 200000:kernel-1 400000:ramdisk-1 400000:fdt-1
$ mkimage -l kernel.itb
FIT description: Simple image with single Linux kernel
Created: Tue Mar 11 17:26:15 2008
- Image 0 (kernel@1)
+ Image 0 (kernel)
Description: Vanilla Linux kernel
Type: Kernel Image
Compression: gzip compressed
Hash value: 2ae2bb40
Hash algo: sha1
Hash value: 3c200f34e2c226ddc789240cca0c59fc54a67cf4
- Default Configuration: 'config@1'
- Configuration 0 (config@1)
+ Default Configuration: 'config-1'
+ Configuration 0 (config-1)
Description: Boot Linux kernel
- Kernel: kernel@1
+ Kernel: kernel
The resulting image file kernel.itb can be now transferred to the target,
FIT image found
FIT description: Simple image with single Linux kernel
Created: 2008-03-11 16:26:15 UTC
- Image 0 (kernel@1)
+ Image 0 (kernel)
Description: Vanilla Linux kernel
Type: Kernel Image
Compression: gzip compressed
Hash value: 2ae2bb40
Hash algo: sha1
Hash value: 3c200f34e2c226ddc789240cca0c59fc54a67cf4
- Default Configuration: 'config@1'
- Configuration 0 (config@1)
+ Default Configuration: 'config-1'
+ Configuration 0 (config-1)
Description: Boot Linux kernel
- Kernel: kernel@1
+ Kernel: kernel
=> bootm
## Booting kernel from FIT Image at 00900000 ...
- Using 'config@1' configuration
- Trying 'kernel@1' kernel subimage
+ Using 'config-1' configuration
+ Trying 'kernel' kernel subimage
Description: Vanilla Linux kernel
Type: Kernel Image
Compression: gzip compressed
$ mkimage -l kernel_fdt.itb
FIT description: Simple image with single Linux kernel and FDT blob
Created: Tue Mar 11 16:29:22 2008
- Image 0 (kernel@1)
+ Image 0 (kernel)
Description: Vanilla Linux kernel
Type: Kernel Image
Compression: gzip compressed
Hash value: 2c0cc807
Hash algo: sha1
Hash value: 264b59935470e42c418744f83935d44cdf59a3bb
- Image 1 (fdt@1)
+ Image 1 (fdt-1)
Description: Flattened Device Tree blob
Type: Flat Device Tree
Compression: uncompressed
Hash value: 0d655d71
Hash algo: sha1
Hash value: 25ab4e15cd4b8a5144610394560d9c318ce52def
- Default Configuration: 'conf@1'
- Configuration 0 (conf@1)
+ Default Configuration: 'conf-1'
+ Configuration 0 (conf-1)
Description: Boot Linux kernel with FDT blob
- Kernel: kernel@1
- FDT: fdt@1
+ Kernel: kernel
+ FDT: fdt-1
The resulting image file kernel_fdt.itb can be now transferred to the target,
FIT image found
FIT description: Simple image with single Linux kernel and FDT blob
Created: 2008-03-11 15:29:22 UTC
- Image 0 (kernel@1)
+ Image 0 (kernel)
Description: Vanilla Linux kernel
Type: Kernel Image
Compression: gzip compressed
Hash value: 2c0cc807
Hash algo: sha1
Hash value: 264b59935470e42c418744f83935d44cdf59a3bb
- Image 1 (fdt@1)
+ Image 1 (fdt-1)
Description: Flattened Device Tree blob
Type: Flat Device Tree
Compression: uncompressed
Hash value: 0d655d71
Hash algo: sha1
Hash value: 25ab4e15cd4b8a5144610394560d9c318ce52def
- Default Configuration: 'conf@1'
- Configuration 0 (conf@1)
+ Default Configuration: 'conf-1'
+ Configuration 0 (conf-1)
Description: Boot Linux kernel with FDT blob
- Kernel: kernel@1
- FDT: fdt@1
+ Kernel: kernel
+ FDT: fdt-1
=> bootm
## Booting kernel from FIT Image at 00900000 ...
- Using 'conf@1' configuration
- Trying 'kernel@1' kernel subimage
+ Using 'conf-1' configuration
+ Trying 'kernel' kernel subimage
Description: Vanilla Linux kernel
Type: Kernel Image
Compression: gzip compressed
Verifying Hash Integrity ... crc32+ sha1+ OK
Uncompressing Kernel Image ... OK
## Flattened Device Tree from FIT Image at 00900000
- Using 'conf@1' configuration
- Trying 'fdt@1' FDT blob subimage
+ Using 'conf-1' configuration
+ Trying 'fdt-1' FDT blob subimage
Description: Flattened Device Tree blob
Type: Flat Device Tree
Compression: uncompressed
/dts-v1/;
/ {
images {
- kernel@1 {
+ kernel {
data = /incbin/("./zImage");
type = "kernel";
arch = "arm";
load = <0x82000000>;
entry = <0x82000000>;
};
- fdt@1 {
+ fdt-1 {
data = /incbin/("./foo-reva.dtb");
type = "flat_dt";
arch = "arm";
};
- fdt@2 {
+ fdt-2 {
data = /incbin/("./foo-revb.dtb");
type = "flat_dt";
arch = "arm";
};
- fdt@3 {
+ fdt-3 {
data = /incbin/("./foo-reva-bar.dtb");
type = "flat_dt";
arch = "arm";
};
- fdt@4 {
+ fdt-4 {
data = /incbin/("./foo-revb-bar.dtb");
type = "flat_dt";
arch = "arm";
};
- fdt@5 {
+ fdt-5 {
data = /incbin/("./foo-revb-baz.dtb");
type = "flat_dt";
arch = "arm";
};
- fdt@6 {
+ fdt-6 {
data = /incbin/("./foo-revb-bar-baz.dtb");
type = "flat_dt";
arch = "arm";
configurations {
default = "foo-reva.dtb;
foo-reva.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1";
+ kernel = "kernel";
+ fdt = "fdt-1";
};
foo-revb.dtb {
- kernel = "kernel@1";
- fdt = "fdt@2";
+ kernel = "kernel";
+ fdt = "fdt-2";
};
foo-reva-bar.dtb {
- kernel = "kernel@1";
- fdt = "fdt@3";
+ kernel = "kernel";
+ fdt = "fdt-3";
};
foo-revb-bar.dtb {
- kernel = "kernel@1";
- fdt = "fdt@4";
+ kernel = "kernel";
+ fdt = "fdt-4";
};
foo-revb-baz.dtb {
- kernel = "kernel@1";
- fdt = "fdt@5";
+ kernel = "kernel";
+ fdt = "fdt-5";
};
foo-revb-bar-baz.dtb {
- kernel = "kernel@1";
- fdt = "fdt@6";
+ kernel = "kernel";
+ fdt = "fdt-6";
};
};
};
/dts-v1/;
/ {
images {
- kernel@1 {
+ kernel {
data = /incbin/("./zImage");
type = "kernel";
arch = "arm";
load = <0x82000000>;
entry = <0x82000000>;
};
- fdt@1 {
+ fdt-1 {
data = /incbin/("./foo.dtb");
type = "flat_dt";
arch = "arm";
load = <0x87f00000>;
};
- fdt@2 {
+ fdt-2 {
data = /incbin/("./reva.dtbo");
type = "flat_dt";
arch = "arm";
load = <0x87fc0000>;
};
- fdt@3 {
+ fdt-3 {
data = /incbin/("./revb.dtbo");
type = "flat_dt";
arch = "arm";
load = <0x87fc0000>;
};
- fdt@4 {
+ fdt-4 {
data = /incbin/("./bar.dtbo");
type = "flat_dt";
arch = "arm";
load = <0x87fc0000>;
};
- fdt@5 {
+ fdt-5 {
data = /incbin/("./baz.dtbo");
type = "flat_dt";
arch = "arm";
configurations {
default = "foo-reva.dtb;
foo-reva.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1", "fdt@2";
+ kernel = "kernel";
+ fdt = "fdt-1", "fdt-2";
};
foo-revb.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1", "fdt@3";
+ kernel = "kernel";
+ fdt = "fdt-1", "fdt-3";
};
foo-reva-bar.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1", "fdt@2", "fdt@4";
+ kernel = "kernel";
+ fdt = "fdt-1", "fdt-2", "fdt-4";
};
foo-revb-bar.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1", "fdt@3", "fdt@4";
+ kernel = "kernel";
+ fdt = "fdt-1", "fdt-3", "fdt-4";
};
foo-revb-baz.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1", "fdt@3", "fdt@5";
+ kernel = "kernel";
+ fdt = "fdt-1", "fdt-3", "fdt-5";
};
foo-revb-bar-baz.dtb {
- kernel = "kernel@1";
- fdt = "fdt@1", "fdt@3", "fdt@4", "fdt@5";
+ kernel = "kernel";
+ fdt = "fdt-1", "fdt-3", "fdt-4", "fdt-5";
};
bar {
- fdt = "fdt@4";
+ fdt = "fdt-4";
};
baz {
- fdt = "fdt@5";
+ fdt = "fdt-5";
};
};
};
The following properties are required in the FIT's signature node(s) to
allow the signer to operate. These should be added to the .its file.
Signature nodes sit at the same level as hash nodes and are called
-signature@1, signature@2, etc.
+signature-1, signature-2, etc.
- algo: Algorithm name (e.g. "sha1,rsa2048")
- hashed-nodes: A list of nodes which were hashed by the signer. Each is
a string - the full path to node. A typical value might be:
- hashed-nodes = "/", "/configurations/conf@1", "/images/kernel@1",
- "/images/kernel@1/hash@1", "/images/fdt@1",
- "/images/fdt@1/hash@1";
+ hashed-nodes = "/", "/configurations/conf-1", "/images/kernel",
+ "/images/kernel/hash-1", "/images/fdt-1",
+ "/images/fdt-1/hash-1";
- hashed-strings: The start and size of the string region of the FIT that
was hashed
/ {
images {
- kernel@1 {
+ kernel-1 {
data = <data for kernel1>
- signature@1 {
+ signature-1 {
algo = "sha1,rsa2048";
value = <...kernel signature 1...>
};
};
- kernel@2 {
+ kernel-2 {
data = <data for kernel2>
- signature@1 {
+ signature-1 {
algo = "sha1,rsa2048";
value = <...kernel signature 2...>
};
};
- fdt@1 {
+ fdt-1 {
data = <data for fdt1>;
- signature@1 {
+ signature-1 {
algo = "sha1,rsa2048";
vaue = <...fdt signature 1...>
};
};
- fdt@2 {
+ fdt-2 {
data = <data for fdt2>;
- signature@1 {
+ signature-1 {
algo = "sha1,rsa2048";
vaue = <...fdt signature 2...>
};
};
};
configurations {
- default = "conf@1";
- conf@1 {
- kernel = "kernel@1";
- fdt = "fdt@1";
+ default = "conf-1";
+ conf-1 {
+ kernel = "kernel-1";
+ fdt = "fdt-1";
};
- conf@1 {
- kernel = "kernel@2";
- fdt = "fdt@2";
+ conf-1 {
+ kernel = "kernel-2";
+ fdt = "fdt-2";
};
};
};
configuration 3 with kernel 1 and fdt 2:
configurations {
- default = "conf@1";
- conf@1 {
- kernel = "kernel@1";
- fdt = "fdt@1";
+ default = "conf-1";
+ conf-1 {
+ kernel = "kernel-1";
+ fdt = "fdt-1";
};
- conf@1 {
- kernel = "kernel@2";
- fdt = "fdt@2";
+ conf-1 {
+ kernel = "kernel-2";
+ fdt = "fdt-2";
};
- conf@3 {
- kernel = "kernel@1";
- fdt = "fdt@2";
+ conf-3 {
+ kernel = "kernel-1";
+ fdt = "fdt-2";
};
};
/ {
images {
- kernel@1 {
+ kernel-1 {
data = <data for kernel1>
- hash@1 {
+ hash-1 {
algo = "sha1";
value = <...kernel hash 1...>
};
};
- kernel@2 {
+ kernel-2 {
data = <data for kernel2>
- hash@1 {
+ hash-1 {
algo = "sha1";
value = <...kernel hash 2...>
};
};
- fdt@1 {
+ fdt-1 {
data = <data for fdt1>;
- hash@1 {
+ hash-1 {
algo = "sha1";
value = <...fdt hash 1...>
};
};
- fdt@2 {
+ fdt-2 {
data = <data for fdt2>;
- hash@1 {
+ hash-1 {
algo = "sha1";
value = <...fdt hash 2...>
};
};
};
configurations {
- default = "conf@1";
- conf@1 {
- kernel = "kernel@1";
- fdt = "fdt@1";
- signature@1 {
+ default = "conf-1";
+ conf-1 {
+ kernel = "kernel-1";
+ fdt = "fdt-1";
+ signature-1 {
algo = "sha1,rsa2048";
value = <...conf 1 signature...>;
};
};
- conf@2 {
- kernel = "kernel@2";
- fdt = "fdt@2";
- signature@1 {
+ conf-2 {
+ kernel = "kernel-2";
+ fdt = "fdt-2";
+ signature-1 {
algo = "sha1,rsa2048";
value = <...conf 1 signature...>;
};
You can see that we have added hashes for all images (since they are no
longer signed), and a signature to each configuration. In the above example,
-mkimage will sign configurations/conf@1, the kernel and fdt that are
-pointed to by the configuration (/images/kernel@1, /images/kernel@1/hash@1,
-/images/fdt@1, /images/fdt@1/hash@1) and the root structure of the image
+mkimage will sign configurations/conf-1, the kernel and fdt that are
+pointed to by the configuration (/images/kernel-1, /images/kernel-1/hash-1,
+/images/fdt-1, /images/fdt-1/hash-1) and the root structure of the image
(so that it isn't possible to add or remove root nodes). The signature is
-written into /configurations/conf@1/signature@1/value. It can easily be
+written into /configurations/conf-1/signature-1/value. It can easily be
verified later even if the FIT has been signed with other keys in the
meantime.
|
o images
| |
- | o image@1 {...}
- | o image@2 {...}
+ | o image-1 {...}
+ | o image-2 {...}
| ...
|
o configurations
- |- default = "conf@1"
+ |- default = "conf-1"
|
- o conf@1 {...}
- o conf@2 {...}
+ o conf-1 {...}
+ o conf-2 {...}
...
This node is a container node for component sub-image nodes. Each sub-node of
the '/images' node should have the following layout:
- o image@1
+ o image-1
|- description = "component sub-image description"
|- data = /incbin/("path/to/data/file.bin")
|- type = "sub-image type name"
|- load = <00000000>
|- entry = <00000000>
|
- o hash@1 {...}
- o hash@2 {...}
+ o hash-1 {...}
+ o hash-2 {...}
...
Mandatory properties:
property of the root node. Mandatory for types: "standalone" and "kernel".
Optional nodes:
- - hash@1 : Each hash sub-node represents separate hash or checksum
+ - hash-1 : Each hash sub-node represents separate hash or checksum
calculated for node's data according to specified algorithm.
5) Hash nodes
-------------
-o hash@1
+o hash-1
|- algo = "hash or checksum algorithm name"
|- value = [hash or checksum value]
o configurations
|- default = "default configuration sub-node unit name"
|
- o config@1 {...}
- o config@2 {...}
+ o config-1 {...}
+ o config-2 {...}
...
Each configuration has the following structure:
-o config@1
+o config-1
|- description = "configuration description"
|- kernel = "kernel sub-node unit name"
|- ramdisk = "ramdisk sub-node unit name"
$ dumpimage -l image.fit
FIT description: Simple image with single Linux kernel on x86
Created: Tue Oct 7 10:57:24 2014
- Image 0 (kernel@1)
+ Image 0 (kernel)
Description: Vanilla Linux kernel
Created: Tue Oct 7 10:57:24 2014
Type: Kernel Image
Entry Point: 0x00000000
Hash algo: sha1
Hash value: 446b5163ebfe0fb6ee20cbb7a8501b263cd92392
- Image 1 (setup@1)
+ Image 1 (setup)
Description: Linux setup.bin
Created: Tue Oct 7 10:57:24 2014
Type: x86 setup.bin
Data Size: 12912 Bytes = 12.61 kB = 0.01 MB
Hash algo: sha1
Hash value: a1f2099cf47ff9816236cd534c77af86e713faad
- Default Configuration: 'config@1'
- Configuration 0 (config@1)
+ Default Configuration: 'config-1'
+ Configuration 0 (config-1)
Description: Boot Linux kernel
- Kernel: kernel@1
+ Kernel: kernel
Booting the FIT
projects / u-boot / commitdiff