From patchwork Sun Mar 1 18:47:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Hebb X-Patchwork-Id: 243158 List-Id: U-Boot discussion From: tommyhebb at gmail.com (Thomas Hebb) Date: Sun, 1 Mar 2020 10:47:53 -0800 Subject: [PATCH] mkimage: fit: don't create image with 0700 permissions Message-ID: <4a28e074b8c2930c133bdc6f7d6d5c2ed30b80bd.1583088459.git.tommyhebb@gmail.com> commit 7298e422504e ("mkimage: fit: add support to encrypt image with aes") added a new copyfile() function as part of the FIT image creation flow. This function as currently written creates the final image with a mode of 0700 (before umask), differing from the old behavior of 0666. Since there doesn't seem to be any reason to make the image executable or non-group, non-other readable, change the mask to 0666 to preserve the old behavior. Fixes: 7298e422504e ("mkimage: fit: add support to encrypt image with aes") Signed-off-by: Thomas Hebb --- tools/fit_image.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/fit_image.c b/tools/fit_image.c index dd61a816c9..4301b5decb 100644 --- a/tools/fit_image.c +++ b/tools/fit_image.c @@ -642,7 +642,7 @@ static int copyfile(const char *src, const char *dst) goto out; } - fd_dst = open(dst, O_WRONLY | O_CREAT, 0700); + fd_dst = open(dst, O_WRONLY | O_CREAT, 0666); if (fd_dst < 0) { printf("Can't open file %s (%s)\n", dst, strerror(errno)); goto out;