How can i check the contents of a FIT image against data corruption in linux userland?
Use case: In an embedded application, I have a FIT image in a NAND partition and I want to know if it would be able to boot (without actually booting it).
Ideally, I'd like to do that without the need to dump that whole partition into a file (since this would eat too much ram or flash respectively).
Let's say the image is available as /dev/flash/bootimage (or as some mtd block). I have tried to dd that flash device into a /tmp/bootimage file and run mkimage -lon that which verifies the header but not the data.
I could use dumpimage to dump a specific part of the whole fit image and run crc32 on that. This would technically work but also it requires me to have the image available as a file somewhere (seems, it cannot read from /dev/flash/bootimage or from stdin directly).
My goal would actually be something like this:
nice -19 dd if=/dev/flash/bootimage | verifybootimage
... which means i could make that somewhat a background task which is scheduled once a day with very low priority and the output stream of dd is checksummed (nice -19 dd if=/dev/flash/bootimage | cksum would work like that but i cannot tell whether the cksum output is correct since the header itself counts into the cksum)
U-Boot comes with a tool fit_check_sign. You can check the integrity of your RSA signed FIT image like this:
You have to provide the signed fit image and a binary device tree containing the public key.
The public key is added to the device tree when you create a FIT image and provide the device-tree as parameter -K of command tools/mkimage.