[ptxdist] [PATCH v1 0/2] u-boot: Add verified boot support

[ptxdist] [PATCH v1 0/2] u-boot: Add verified boot support

[Alexander Dahl via ptxdist]

Hello everyone,

the concept widely known as Secure Boot is called "Verified Boot" in
U-Boot and it does the same as you would expect: load a signed kernel
image (configuration), verify the signature, abort if verification
fails.  (Other steps of the verification chain are not covered by this
series.)

Some foundational work like support for U-Boot loading FIT images was
merged last year already.  I had the remaining parts lying around
working, but some necessary patches were not in mainline U-Boot back
then.  With u-boot-tools 2024.10 or later it's finally possible to
upstream this.

See commit messages for details.  Let me know if Kconfig help is
sufficient or if the documentation should be extended.

Greets
Alex

Alexander Dahl (2):
  u-boot-tools: Version bump 2020.07 -> 2025.04
  u-boot: Add option to load signed kernel FIT images

 platforms/u-boot.in                | 30 +++++++++++++++++++++++++++---
 rules/host-u-boot-tools.in         |  1 +
 rules/u-boot-tools.make            |  6 +++---
 rules/u-boot.make                  | 13 +++++++++++++
 scripts/lib/ptxd_make_fit_image.sh |  7 -------
 5 files changed, 44 insertions(+), 13 deletions(-)

-- 
2.39.5

[ptxdist] [PATCH v1 1/2] u-boot-tools: Version bump 2020.07 -> 2025.04

[Alexander Dahl via ptxdist]

Apart from bugfixes this is mostly interesting for mkimage ability to
image signing.  Option -o for specifying the signing algorithm was added
with v2022.04.  Signing 'auto' FITs was added with v2022.10, support for
signed configurations in 'auto' FIT was added in v2023.04, proper pkcs11
uri support was added with v2024.01 and fixed with v2024.04, and finally
ability to auto sign scripts in fit images came with v2024.10.

Note, without the fix to ptxd_make_fit_image we would get a lot of
warnings like this:

    WARNING: Legacy URI specified. Please add 'pkcs11:'.
    WARNING: Legacy URI specified. Please add 'pkcs11:'.
    WARNING: Legacy URI specified. Please add 'pkcs11:'.

Noteworthy changes:

- v2021.10-rc1-59-g62b27a561c2 ("mkimage: use environment variable MKIMAGE_SIGN_PIN to set pin for OpenSSL Engine")
- v2021.10-730-g6b7b9ff14da ("configs: add mkeficapsule to tools-only_defconfig")
- v2022.01-705-g5902a397d02 ("mkimage: Allow to specify the signature algorithm on the command line")
- v2022.01-818-g2d2384bbaff ("tools: mkimage: Show where signatures/keys are written")
- v2022.04-rc1-326-g9af16cc8f1a ("tools: build mkeficapsule with tools-only_defconfig")
- v2022.04-rc3-43-g5017f9b595d ("mkimage: error handling for FIT image")
- v2022.07-rc1-294-gdeb2638aa09 ("mkimage: Document misc options")
- v2022.07-rc4-74-g87b0af9317c ("mkimage: Support signing 'auto' FITs")
- v2023.01-892-gb93a65209c4 ("mkimage: fit: Support signed configurations in 'auto' FITs")
- v2024.01-rc5-560-gece85cc0202 ("rsa: use pkcs11 uri as defined in rfc7512")
- v2024.01-806-g03e598263e3 ("tools: fix build without LIBCRYPTO support")
- v2024.01-958-g11ad2bbfa2d ("lib: rsa: Fix PKCS11 URI if one is not given in `keydir`)
- v2024.01-959-gf055d6e8f0d ("lib: rsa: Allow legacy URI specification without "pkcs11:"")
- v2024.07-677-g6074f6e8578 ("mkimage: Allow 'auto-conf' signing of scripts")

(zlib license text had one duplicate empty line remove with 2024.10.)

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/host-u-boot-tools.in         | 1 +
 rules/u-boot-tools.make            | 6 +++---
 scripts/lib/ptxd_make_fit_image.sh | 7 -------
 3 files changed, 4 insertions(+), 10 deletions(-)

diff --git a/rules/host-u-boot-tools.in b/rules/host-u-boot-tools.in
index 55fc9f56e..0cf37ed66 100644
--- a/rules/host-u-boot-tools.in
+++ b/rules/host-u-boot-tools.in
@@ -2,5 +2,6 @@
 
 config HOST_U_BOOT_TOOLS
 	tristate
+	select HOST_GNUTLS
 	select HOST_OPENSSL
 	default y if ALLYES
diff --git a/rules/u-boot-tools.make b/rules/u-boot-tools.make
index 597ea5e30..f71219d88 100644
--- a/rules/u-boot-tools.make
+++ b/rules/u-boot-tools.make
@@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_U_BOOT_TOOLS) += u-boot-tools
 #
 # Paths and names
 #
-U_BOOT_TOOLS_VERSION	:= 2020.07
-U_BOOT_TOOLS_MD5	:= 86e51eeccd15e658ad1df943a0edf622
+U_BOOT_TOOLS_VERSION	:= 2025.04
+U_BOOT_TOOLS_MD5	:= da2cd684d4aa6195015fecd3efb1d0f0
 U_BOOT_TOOLS		:= u-boot-$(U_BOOT_TOOLS_VERSION)
 U_BOOT_TOOLS_SUFFIX	:= tar.bz2
 U_BOOT_TOOLS_URL	:= https://ftp.denx.de/pub/u-boot/$(U_BOOT_TOOLS).$(U_BOOT_TOOLS_SUFFIX)
@@ -25,7 +25,7 @@ U_BOOT_TOOLS_PKGDIR	:= $(PKGDIR)/u-boot-tools-$(U_BOOT_TOOLS_VERSION)
 U_BOOT_TOOLS_LICENSE	:= GPL-2.0-or-later AND Zlib
 U_BOOT_TOOLS_LICENSE_FILES := \
 	file://Licenses/gpl-2.0.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
-	file://include/u-boot/zlib.h;startline=15;endline=43;md5=7c27ae0384929249664da410d539a1dc
+	file://include/u-boot/zlib.h;startline=15;endline=42;md5=0ce30a522a630f7e637ea6d74422b320
 
 # ----------------------------------------------------------------------------
 # Prepare
diff --git a/scripts/lib/ptxd_make_fit_image.sh b/scripts/lib/ptxd_make_fit_image.sh
index 4b99e6fbf..ad9e5bdd3 100644
--- a/scripts/lib/ptxd_make_fit_image.sh
+++ b/scripts/lib/ptxd_make_fit_image.sh
@@ -126,13 +126,6 @@ ptxd_make_image_fit() {
 
     if [ -n "${image_sign_role}" ]; then
 	pkcs11_uri=$(cs_get_uri "${image_sign_role}")
-
-	#
-	# It would have been too simple for mkimage to just take a
-	# PKCS#11 URI. We must drop the "pkcs11:" prefix which U-Boot
-	# then adds again.
-	#
-	pkcs11_uri=$(echo "${pkcs11_uri}" | sed "s/pkcs11://")
 	sign_args=( -k "${pkcs11_uri}" )
     fi
 
-- 
2.39.5

[ptxdist] [PATCH v1 2/2] u-boot: Add option to load signed kernel FIT images

[Alexander Dahl via ptxdist]

Requires U-Boot v2023.04 or later, certain options set in board config,
and KERNEL_FIT_SIGNED enabled.  Algorithm "sha256,rsa4096" is hardcoded
to the same value as harcoded in ptxd_make_image_fit_its() which is used
by the kernel-fit package.

With those premises met, U-Boot Verified Boot is possible.  Tested with
U-Boot v2024.04 on Microchip SAM9X60-Curiosity in custom layer on top of
DistroKit-2024.06.0.

    Hit any key to stop autoboot:  0
    8787737 bytes read in 391 ms (21.4 MiB/s)
    ## Loading kernel from FIT Image at 22000000 ...
       Using 'conf-microchip,sam9x60-curiosity' configuration
       Verifying Hash Integrity ... sha256,rsa4096:image-kernel-fit+ OK
       Trying 'kernel' kernel subimage
         Description:  kernel
         Type:         Kernel Image (no loading done)
         Compression:  uncompressed
         Data Start:   0x220000b4
         Data Size:    8757936 Bytes = 8.4 MiB
         Hash algo:    sha256
         Hash value:   8c109fc75263329402c7ae63e3d47c18aabf67307ebc0023e88921227abc7cf3
       Verifying Hash Integrity ... sha256+ OK
    ## Loading fdt from FIT Image at 22000000 ...
       Using 'conf-microchip,sam9x60-curiosity' configuration
       Verifying Hash Integrity ... sha256,rsa4096:image-kernel-fit+ OK
       Trying 'fdt-microchip,sam9x60-curiosity' fdt subimage
         Description:  unavailable
         Type:         Flat Device Tree
         Compression:  uncompressed
         Data Start:   0x2285a45c
         Data Size:    27903 Bytes = 27.2 KiB
         Architecture: ARM
         Hash algo:    sha256
         Hash value:   db2e8047b404f92cc7ca4f7b918be1191aab3ce33d574f046c0f1da959d3cbb2
       Verifying Hash Integrity ... sha256+ OK
       Booting using the fdt blob at 0x2285a45c
    Working FDT set to 2285a45c
       XIP Kernel Image (no loading done) to 220000b4
       Loading Device Tree to 27b31000, end 27b3acfe ... OK
    Working FDT set to 27b31000

    Starting kernel ...

    [    0.000000] Booting Linux on physical CPU 0x0
    [    0.000000] Linux version 6.6.0-tt (ptxdist@ptxdist) (arm-v5te-linux-gnueabi-gcc (OSELAS.Toolchain-2023.07.1 13-20231118) 13.2.1 20231118, GNU ld (GNU Binutils) 2.40) #2 PREEMPT 2024-06-07T12:29:46+00:00

Link: https://docs.u-boot.org/en/latest/usage/fit/verified-boot.html
Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 platforms/u-boot.in | 30 +++++++++++++++++++++++++++---
 rules/u-boot.make   | 13 +++++++++++++
 2 files changed, 40 insertions(+), 3 deletions(-)

diff --git a/platforms/u-boot.in b/platforms/u-boot.in
index 5ce7387e4..d263135ca 100644
--- a/platforms/u-boot.in
+++ b/platforms/u-boot.in
@@ -7,6 +7,7 @@ config U_BOOT_DEPENDENCIES
 menuconfig U_BOOT
 	select U_BOOT_DEPENDENCIES
 	select BOOTLOADER
+	select CODE_SIGNING		if U_BOOT_VERIFY_SIGNATURE
 	select HOST_SYSTEM_PYTHON3
 	select HOST_OPENSSL		if U_BOOT_NEEDS_HOST_OPENSSL
 	select HOST_GNUTLS		if U_BOOT_NEEDS_HOST_GNUTLS
@@ -18,11 +19,11 @@ if U_BOOT
 
 config U_BOOT_VERSION
 	string
-	default "2019.01"
+	default "2023.04"
 	prompt "U-Boot version"
 	help
-	  Enter the U-Boot version you want to build. Usually something like
-	  "2019.01".
+	  Enter the U-Boot version you want to build.
+	  Usually something like "2019.01".
 
 config U_BOOT_MD5
 	string
@@ -193,6 +194,29 @@ config U_BOOT_BOOT_SCRIPT_ROOTFS_PATH
 
 endif
 
+config U_BOOT_VERIFY_SIGNATURE
+	bool
+	prompt "Verify FIT image signature"
+	select U_BOOT_NEEDS_HOST_OPENSSL
+	imply KERNEL_FIT_SIGNED
+	help
+	  For U-Boot Verified Boot [1] a public key has to be put into
+	  the control dtb built with U-Boot.
+	  The loaded image (most probably a Linux Kernel image) must be
+	  signed with the matching private key.
+	  Uses the PTXdist Code Signing Infrastructure.
+
+	  Note: You need U-Boot 2023.04 or later.
+
+	  Note: You must enable CONFIG_TOOLS_FIT_SIGNATURE in U-Boot
+		Kconfig for the necessary host mkimage features, and
+		enable CONFIG_FIT_SIGNATURE, CONFIG_RSA, and
+		CONFIG_ECDSA for runtime verification.
+		Ensure you have _disabled_ CONFIG_LEGACY_IMAGE_FORMAT to
+		not accidentally allow running unsigned images.
+
+	  [1] https://docs.u-boot.org/en/latest/usage/fit/verified-boot.html
+
 comment "target install"
 
 config U_BOOT_INSTALL_U_BOOT_BIN
diff --git a/rules/u-boot.make b/rules/u-boot.make
index 204475b78..d3ea65cf2 100644
--- a/rules/u-boot.make
+++ b/rules/u-boot.make
@@ -120,6 +120,19 @@ endif
 $(STATEDIR)/u-boot.compile:
 	@$(call targetinfo)
 	@$(call world/compile, U_BOOT)
+ifdef PTXCONF_U_BOOT_VERIFY_SIGNATURE
+	@mv $(U_BOOT_BUILD_DIR)/u-boot.dtb $(U_BOOT_BUILD_DIR)/u-boot-pubkey.dtb
+	@$(CODE_SIGNING_ENV) $(U_BOOT_BUILD_DIR)/tools/mkimage \
+		-f auto-conf -d /dev/null -r \
+		-g image-kernel-fit -N pkcs11 -o "sha256,rsa4096" \
+		-k "$(shell cs_get_uri image-kernel-fit)" \
+		-K "$(U_BOOT_BUILD_DIR)/u-boot-pubkey.dtb" \
+		$(U_BOOT_BUILD_DIR)/unused.itb
+#	# retrigger building dts/dt.dtb to use EXT_DTB, might stay as is otherwise
+	@rm $(U_BOOT_BUILD_DIR)/dts/dt.dtb
+	@$(call compile, U_BOOT, $(U_BOOT_MAKE_OPT) EXT_DTB=$(U_BOOT_BUILD_DIR)/u-boot-pubkey.dtb)
+endif
+
 ifdef PTXCONF_U_BOOT_BOOT_SCRIPT
 	@$(U_BOOT_BUILD_DIR)/tools/mkimage -T script -C none \
 		-d $(U_BOOT_BOOT_SCRIPT_TXT) \
-- 
2.39.5