| Message ID | 20200424101900.156281-1-marex@denx.de |
|---|---|
| State | New |
| Headers | show |
| Series | [RFC] mkimage: fit: Do not tail-pad fitImage with external data | expand |
On Fri, 24 Apr 2020 at 04:19, Marek Vasut <marex at denx.de> wrote: > > There is no reason to tail-pad fitImage with external data to 4-bytes, > while fitImage without external data does not have any such padding and > is often unaligned. DT spec also does not mandate any such padding. > > Moreover, the tail-pad fills the last few bytes with uninitialized data, > which could lead to a potential information leak. > > Test: > echo -n x > /tmp/data ; ./tools/mkimage -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage > echo -n x > /tmp/data ; ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage > > Signed-off-by: Marek Vasut <marex at denx.de> > Cc: Heinrich Schuchardt <xypron.glpk at gmx.de> > Cc: Simon Glass <sjg at chromium.org> > Cc: Tom Rini <trini at konsulko.com> > --- > tools/fit_image.c | 1 - > 1 file changed, 1 deletion(-) Reviewed-by: Simon Glass <sjg at chromium.org> Would be good to get this in early for testing.
On 4/24/20 6:02 PM, Simon Glass wrote: > On Fri, 24 Apr 2020 at 04:19, Marek Vasut <marex at denx.de> wrote: >> >> There is no reason to tail-pad fitImage with external data to 4-bytes, >> while fitImage without external data does not have any such padding and >> is often unaligned. DT spec also does not mandate any such padding. >> >> Moreover, the tail-pad fills the last few bytes with uninitialized data, >> which could lead to a potential information leak. >> >> Test: >> echo -n x > /tmp/data ; ./tools/mkimage -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage >> echo -n x > /tmp/data ; ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage >> >> Signed-off-by: Marek Vasut <marex at denx.de> >> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de> >> Cc: Simon Glass <sjg at chromium.org> >> Cc: Tom Rini <trini at konsulko.com> >> --- >> tools/fit_image.c | 1 - >> 1 file changed, 1 deletion(-) > > Reviewed-by: Simon Glass <sjg at chromium.org> > > Would be good to get this in early for testing. Tom ? This missed rc1 ...
On Fri, Apr 24, 2020 at 12:19:00PM +0200, Marek Vasut wrote: > There is no reason to tail-pad fitImage with external data to 4-bytes, > while fitImage without external data does not have any such padding and > is often unaligned. DT spec also does not mandate any such padding. > > Moreover, the tail-pad fills the last few bytes with uninitialized data, > which could lead to a potential information leak. > > Test: > echo -n x > /tmp/data ; ./tools/mkimage -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage > echo -n x > /tmp/data ; ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage > > Signed-off-by: Marek Vasut <marex at denx.de> > Cc: Heinrich Schuchardt <xypron.glpk at gmx.de> > Cc: Simon Glass <sjg at chromium.org> > Cc: Tom Rini <trini at konsulko.com> > Reviewed-by: Simon Glass <sjg at chromium.org> > --- > tools/fit_image.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/tools/fit_image.c b/tools/fit_image.c > index dd61a816c9..2fc4c3630d 100644 > --- a/tools/fit_image.c > +++ b/tools/fit_image.c > @@ -488,7 +488,6 @@ static int fit_extract_data(struct image_tool_params *params, const char *fname) > debug("Size reduced from %x to %x\n", fit_size, fdt_totalsize(fdt)); > debug("External data size %x\n", buf_ptr); > new_size = fdt_totalsize(fdt); > - new_size = (new_size + 3) & ~3; > munmap(fdt, sbuf.st_size); > > if (ftruncate(fd, new_size)) { As of: commit ebfe611be91e0075c040588a30a9996519d30aa6 Author: Kever Yang <kever.yang at rock-chips.com> Date: Mon Mar 30 11:56:24 2020 +0800 mkimage: fit_image: Add option to make fit header align this doesn't apply and the area in question has changed. Can you please see if your use-case is supported correctly now? Or v2 this, thanks!
diff --git a/tools/fit_image.c b/tools/fit_image.c index dd61a816c9..2fc4c3630d 100644 --- a/tools/fit_image.c +++ b/tools/fit_image.c @@ -488,7 +488,6 @@ static int fit_extract_data(struct image_tool_params *params, const char *fname) debug("Size reduced from %x to %x\n", fit_size, fdt_totalsize(fdt)); debug("External data size %x\n", buf_ptr); new_size = fdt_totalsize(fdt); - new_size = (new_size + 3) & ~3; munmap(fdt, sbuf.st_size); if (ftruncate(fd, new_size)) {
There is no reason to tail-pad fitImage with external data to 4-bytes, while fitImage without external data does not have any such padding and is often unaligned. DT spec also does not mandate any such padding. Moreover, the tail-pad fills the last few bytes with uninitialized data, which could lead to a potential information leak. Test: echo -n x > /tmp/data ; ./tools/mkimage -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage echo -n x > /tmp/data ; ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage Signed-off-by: Marek Vasut <marex at denx.de> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de> Cc: Simon Glass <sjg at chromium.org> Cc: Tom Rini <trini at konsulko.com> --- tools/fit_image.c | 1 - 1 file changed, 1 deletion(-)