| Message ID | 1588166777-9610-3-git-send-email-philippe.reynes@softathome.com |
|---|---|
| State | Accepted |
| Commit | c522949a29d44d728517cc2579ed719747da3e5d |
| Headers | show |
| Series | test/py: vboot: fix signature check on config node | expand |
On Wed, Apr 29, 2020 at 03:26:17PM +0200, Philippe Reynes wrote: > The signature check on config node is broken on fit with padding. > To compute the signature for config node, U-Boot compute the > signature on all properties of requested node for this config, > except for the property "data". But, when padding is used for > binary in a fit, there isn't a property "data" but two properties: > "data-offset" and "data-size". So to fix the check of signature, > we also don't use the properties "data-offset" and "data-size" > when checking the signature on config node. > > Reviewed-by: Simon Glass <sjg at chromium.org> > Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com> Applied to u-boot/master, thanks!
diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c index 3e73578..a3a0c61 100644 --- a/common/image-fit-sig.c +++ b/common/image-fit-sig.c @@ -249,7 +249,7 @@ static int fit_config_check_sig(const void *fit, int noffset, int required_keynode, int conf_noffset, char **err_msgp) { - char * const exc_prop[] = {"data"}; + char * const exc_prop[] = {"data", "data-size", "data-position"}; const char *prop, *end, *name; struct image_sign_info info; const uint32_t *strings;