meta-google: distro: Relax FIT_HASH_ALG

u-boot hashing does not confer any additional security in gBMC (we don't sign the kernel and hashes live with the image). We can use a much faster, but bus verifying algorithm instead. Ideally this would be xxhash, but our u-boot is currently too old. Change-Id: I796a4ed2db380eb86a9acbeae1f8a5e56cc8cb62 Signed-off-by: William A. Kennington III <wak@google.com>
author: William A. Kennington III <wak@google.com> 2021-11-17 04:32:12 +0300
committer: William A. Kennington III <wak@google.com> 2021-11-17 05:37:04 +0300
commit: 1b437c26859fcd29e6b8443f4c776b19b889570e (patch)
tree: 7f9f937133e5c0d3c9f447ee196528a856c525ab
parent: 0b7b7601123d7d137276f213e9b9ba39b58b1f49 (diff)
download: openbmc-1b437c26859fcd29e6b8443f4c776b19b889570e.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta-google/conf/distro/gbmc.conf b/meta-google/conf/distro/gbmc.conf
index bbba7efed..69fdda421 100644
--- a/meta-google/conf/distro/gbmc.conf
+++ b/meta-google/conf/distro/gbmc.conf
@@ -25,3 +25,6 @@ WATCHDOG_PKG ?= "watchdog"
 SANITY_TESTED_DISTROS:append = " Debian-rodete \n debian-rodete \n "
 
 PREFERRED_PROVIDER_virtual/bmc-update ?= "inplace-gbmc-update"
+
+# Provides reasonable data integrity and faster than sha*
+FIT_HASH_ALG = "crc32"
author	William A. Kennington III <wak@google.com>	2021-11-17 04:32:12 +0300
committer	William A. Kennington III <wak@google.com>	2021-11-17 05:37:04 +0300
commit	1b437c26859fcd29e6b8443f4c776b19b889570e (patch)
tree	7f9f937133e5c0d3c9f447ee196528a856c525ab
parent	0b7b7601123d7d137276f213e9b9ba39b58b1f49 (diff)
download	openbmc-1b437c26859fcd29e6b8443f4c776b19b889570e.tar.xz