From patchwork Wed Mar 18 17:44:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 243864 List-Id: U-Boot discussion From: sjg at chromium.org (Simon Glass) Date: Wed, 18 Mar 2020 11:44:06 -0600 Subject: [PATCH v2 12/14] image: Use constants for 'required' and 'key-name-hint' In-Reply-To: <20200318174408.77473-1-sjg@chromium.org> References: <20200318174408.77473-1-sjg@chromium.org> Message-ID: <20200318174408.77473-13-sjg@chromium.org> These are used in multiple places so update them to use a shared #define. Signed-off-by: Simon Glass Reviewed-by: Philippe Reynes --- Changes in v2: None common/image-cipher.c | 2 +- common/image-fit.c | 6 +++--- common/image-sig.c | 8 +++++--- include/image.h | 4 +++- lib/rsa/rsa-sign.c | 6 +++--- tools/image-host.c | 8 ++++---- 6 files changed, 19 insertions(+), 15 deletions(-) diff --git a/common/image-cipher.c b/common/image-cipher.c index cee3b03ee5..f50c3d31bd 100644 --- a/common/image-cipher.c +++ b/common/image-cipher.c @@ -88,7 +88,7 @@ static int fit_image_setup_decrypt(struct image_cipher_info *info, return -1; } - info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, cipher_noffset, FIT_KEY_HINT, NULL); if (!info->keyname) { printf("Can't get key name\n"); return -1; diff --git a/common/image-fit.c b/common/image-fit.c index a5c85ede8d..c8ff77526c 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -168,7 +168,7 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p, int value_len; char *algo; const char *padding; - int required; + bool required; int ret, i; debug("%s %s node: '%s'\n", p, type, @@ -179,8 +179,8 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p, return; } printf("%s", algo); - keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); - required = fdt_getprop(fit, noffset, "required", NULL) != NULL; + keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); + required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL; if (keyname) printf(":%s", keyname); if (required) diff --git a/common/image-sig.c b/common/image-sig.c index 03143a4040..6563effcf3 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -229,7 +229,7 @@ static int fit_image_setup_verify(struct image_sign_info *info, padding_name = RSA_DEFAULT_PADDING_NAME; memset(info, '\0', sizeof(*info)); - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); info->fit = (void *)fit; info->node_offset = noffset; info->name = algo_name; @@ -340,7 +340,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, const char *required; int ret; - required = fdt_getprop(sig_blob, noffset, "required", NULL); + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, + NULL); if (!required || strcmp(required, "image")) continue; ret = fit_image_verify_sig(fit, image_noffset, data, size, @@ -557,7 +558,8 @@ int fit_config_verify_required_sigs(const void *fit, int conf_noffset, const char *required; int ret; - required = fdt_getprop(sig_blob, noffset, "required", NULL); + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, + NULL); if (!required || strcmp(required, "conf")) continue; ret = fit_config_verify_sig(fit, conf_noffset, sig_blob, diff --git a/include/image.h b/include/image.h index 512243f159..3ffc0fdd68 100644 --- a/include/image.h +++ b/include/image.h @@ -939,12 +939,14 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong *size, #define FIT_IMAGES_PATH "/images" #define FIT_CONFS_PATH "/configurations" -/* hash/signature node */ +/* hash/signature/key node */ #define FIT_HASH_NODENAME "hash" #define FIT_ALGO_PROP "algo" #define FIT_VALUE_PROP "value" #define FIT_IGNORE_PROP "uboot-ignore" #define FIT_SIG_NODENAME "signature" +#define FIT_KEY_REQUIRED "required" +#define FIT_KEY_HINT "key-name-hint" /* cipher node */ #define FIT_CIPHER_NODENAME "cipher" diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 6400ef63d6..580c744709 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -792,8 +792,8 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) } if (!ret) { - ret = fdt_setprop_string(keydest, node, "key-name-hint", - info->keyname); + ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT, + info->keyname); } if (!ret) ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); @@ -815,7 +815,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) info->name); } if (!ret && info->require_keys) { - ret = fdt_setprop_string(keydest, node, "required", + ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED, info->require_keys); } done: diff --git a/tools/image-host.c b/tools/image-host.c index dfea48e894..4e57ddea96 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -170,7 +170,7 @@ static int fit_image_setup_sig(struct image_sign_info *info, memset(info, '\0', sizeof(*info)); info->keydir = keydir; - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); info->fit = fit; info->node_offset = noffset; info->name = strdup(algo_name); @@ -249,7 +249,7 @@ static int fit_image_process_sig(const char *keydir, void *keydest, free(value); /* Get keyname again, as FDT has changed and invalidated our pointer */ - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); /* * Write the public key into the supplied FDT file; this might fail @@ -337,7 +337,7 @@ static int fit_image_setup_cipher(struct image_cipher_info *info, info->keydir = keydir; /* Read the key name */ - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); if (!info->keyname) { printf("Can't get key name for cipher '%s' in image '%s'\n", node_name, image_name); @@ -886,7 +886,7 @@ static int fit_config_process_sig(const char *keydir, void *keydest, free(region_prop); /* Get keyname again, as FDT has changed and invalidated our pointer */ - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); /* Write the public key into the supplied FDT file */ if (keydest) {