Mirrors/u-boot
2
0
Fork 0
mirror of https://github.com/AsahiLinux/u-boot synced 2024-11-10 07:04:28 +00:00
Code Issues Projects Releases Packages Wiki Activity

mkimage: fit: don't cipher ciphered data

Browse source 
Previously, mkimage -F could be run multiple times causing already
ciphered image data to be ciphered again.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit is contained in:
Patrick Oppenlander 2020-07-30 14:22:15 +10:00 committed by Tom Rini
parent 04aeebb131
commit b33e5cc182
1 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
tools/image-host.c
View file

@ -482,7 +482,7 @@ int fit_image_cipher_data(const char *keydir, void *keydest,
const char *image_name;
const void *data;
size_t size;
int cipher_node_offset;
int cipher_node_offset, len;
/* Get image name */
image_name = fit_get_name(fit, image_noffset, NULL);
@ -497,6 +497,19 @@ int fit_image_cipher_data(const char *keydir, void *keydest,
return -1;
}
/*
* Don't cipher ciphered data.
*
* If the data-size-unciphered property is present the data for this
* image is already encrypted. This is important as 'mkimage -F' can be
* run multiple times on a FIT image.
*/
if (fdt_getprop(fit, image_noffset, "data-size-unciphered", &len))
return 0;
if (len != -FDT_ERR_NOTFOUND) {
printf("Failure testing for data-size-unciphered\n");
return -1;
}
/* Process cipher node if present */
cipher_node_offset = fdt_subnode_offset(fit, image_noffset,