[PATCH 0/2] Enable strict signature verification for FIT

FIT load checks the signature on loadable images, but just continues in the case of a failure. This is undesirable behavior because the boot process depends on the authenticity of every loadable part.

Add a check that verifies the FIT's configuration block, and fails if it's not present or the signature doesn't match.

Henry Beberman (1): spl: Add CONFIG_SPL_FIT_SIGNATURE_STRICT

Ricardo Salveti (1): cmd: Add CONFIG_FIT_SIGNATURE_STRICT

cmd/fpga.c | 14 ++++++++++++++ cmd/source.c | 14 ++++++++++++++ cmd/ximg.c | 14 ++++++++++++++ common/Kconfig.boot | 11 +++++++++++ common/spl/spl_fit.c | 21 ++++++++++++++++++++- 5 files changed, 73 insertions(+), 1 deletion(-)