Merge branch '2022-06-07-assorted-improvements' into next

- A wide ranging set of minor clean-ups and improvements

3 files changed, 39 insertions, 8 deletions

diff --git a/tools/fit_image.c b/tools/fit_image.c
index 1884a2eb0b9..979f2411ee0 100644
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -199,15 +199,36 @@ static void get_basename(char *str, int size, const char *fname)
 }
 
 /**
- * add_crc_node() - Add a hash node to request a CRC checksum for an image
+ * add_hash_node() - Add a hash or signature node
  *
+ * @params: Image parameters
  * @fdt: Device tree to add to (in sequential-write mode)
+ *
+ * If there is a key name hint, try to sign the images. Otherwise, just add a
+ * CRC.
+ *
+ * Return: 0 on success, or -1 on failure
  */
-static void add_crc_node(void *fdt)
+static int add_hash_node(struct image_tool_params *params, void *fdt)
 {
-	fdt_begin_node(fdt, "hash-1");
-	fdt_property_string(fdt, FIT_ALGO_PROP, "crc32");
+	if (params->keyname) {
+		if (!params->algo_name) {
+			fprintf(stderr,
+				"%s: Algorithm name must be specified\n",
+				params->cmdname);
+			return -1;
+		}
+
+		fdt_begin_node(fdt, "signature-1");
+		fdt_property_string(fdt, FIT_ALGO_PROP, params->algo_name);
+		fdt_property_string(fdt, FIT_KEY_HINT, params->keyname);
+	} else {
+		fdt_begin_node(fdt, "hash-1");
+		fdt_property_string(fdt, FIT_ALGO_PROP, "crc32");
+	}
+
 	fdt_end_node(fdt);
+	return 0;
 }
 
 /**
@@ -248,7 +269,9 @@ static int fit_write_images(struct image_tool_params *params, char *fdt)
 	ret = fdt_property_file(params, fdt, FIT_DATA_PROP, params->datafile);
 	if (ret)
 		return ret;
-	add_crc_node(fdt);
+	ret = add_hash_node(params, fdt);
+	if (ret)
+		return ret;
 	fdt_end_node(fdt);
 
 	/* Now the device tree files if available */
@@ -271,7 +294,9 @@ static int fit_write_images(struct image_tool_params *params, char *fdt)
 				    genimg_get_arch_short_name(params->arch));
 		fdt_property_string(fdt, FIT_COMP_PROP,
 				    genimg_get_comp_short_name(IH_COMP_NONE));
-		add_crc_node(fdt);
+		ret = add_hash_node(params, fdt);
+		if (ret)
+			return ret;
 		fdt_end_node(fdt);
 	}
 
@@ -289,7 +314,9 @@ static int fit_write_images(struct image_tool_params *params, char *fdt)
 					params->fit_ramdisk);
 		if (ret)
 			return ret;
-		add_crc_node(fdt);
+		ret = add_hash_node(params, fdt);
+		if (ret)
+			return ret;
 		fdt_end_node(fdt);
 	}
 
diff --git a/tools/imagetool.h b/tools/imagetool.h
index 05dd94d1084..ca7c2e48ba9 100644
--- a/tools/imagetool.h
+++ b/tools/imagetool.h
@@ -71,6 +71,7 @@ struct image_tool_params {
 	const char *keydir;	/* Directory holding private keys */
 	const char *keydest;	/* Destination .dtb for public key */
 	const char *keyfile;	/* Filename of private or public key */
+	const char *keyname;	/* Key name "hint" */
 	const char *comment;	/* Comment to add to signature node */
 	/* Algorithm name to use for hashing/signing or NULL to use the one
 	 * specified in the its */
diff --git a/tools/mkimage.c b/tools/mkimage.c
index 5c6a60e8513..0e1198b4113 100644
--- a/tools/mkimage.c
+++ b/tools/mkimage.c
@@ -119,6 +119,7 @@ static void usage(const char *msg)
 		"Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>] [-p addr] [-r] [-N engine]\n"
 		"          -k => set directory containing private keys\n"
 		"          -K => write public keys to this .dtb file\n"
+		"          -g => set key name hint\n"
 		"          -G => use this signing key (in lieu of -k)\n"
 		"          -c => add comment in signature node\n"
 		"          -F => re-sign existing FIT image\n"
@@ -163,7 +164,7 @@ static void process_args(int argc, char **argv)
 	int opt;
 
 	while ((opt = getopt(argc, argv,
-		   "a:A:b:B:c:C:d:D:e:Ef:FG:k:i:K:ln:N:p:o:O:rR:qstT:vVx")) != -1) {
+		   "a:A:b:B:c:C:d:D:e:Ef:Fg:G:k:i:K:ln:N:p:o:O:rR:qstT:vVx")) != -1) {
 		switch (opt) {
 		case 'a':
 			params.addr = strtoull(optarg, &ptr, 16);
@@ -239,6 +240,8 @@ static void process_args(int argc, char **argv)
 			params.type = IH_TYPE_FLATDT;
 			params.fflag = 1;
 			break;
+		case 'g':
+			params.keyname = optarg;
 		case 'G':
 			params.keyfile = optarg;
 			break;