mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-12-27 21:43:45 +00:00
7d57485a8a
Add an option to open files in read-only mode in mmap_fdt so that fit_check_sign can be used to inspect files on read-only filesystems. For example, this is useful when a key is shipped in a read-only rootfs or squashfs. Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
96 lines
2 KiB
C
96 lines
2 KiB
C
// SPDX-License-Identifier: GPL-2.0+
|
|
/*
|
|
* (C) Copyright 2014
|
|
* DENX Software Engineering
|
|
* Heiko Schocher <hs@denx.de>
|
|
*
|
|
* Based on:
|
|
* (C) Copyright 2008 Semihalf
|
|
*
|
|
* (C) Copyright 2000-2004
|
|
* DENX Software Engineering
|
|
* Wolfgang Denk, wd@denx.de
|
|
*
|
|
* Updated-by: Prafulla Wadaskar <prafulla@marvell.com>
|
|
* FIT image specific code abstracted from mkimage.c
|
|
* some functions added to address abstraction
|
|
*
|
|
* All rights reserved.
|
|
*/
|
|
|
|
#include "mkimage.h"
|
|
#include "fit_common.h"
|
|
#include <image.h>
|
|
#include <u-boot/crc.h>
|
|
|
|
void usage(char *cmdname)
|
|
{
|
|
fprintf(stderr, "Usage: %s -f fit file -k key file\n"
|
|
" -f ==> set fit file which should be checked'\n"
|
|
" -k ==> set key file which contains the key'\n",
|
|
cmdname);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
int ffd = -1;
|
|
int kfd = -1;
|
|
struct stat fsbuf;
|
|
struct stat ksbuf;
|
|
void *fit_blob;
|
|
char *fdtfile = NULL;
|
|
char *keyfile = NULL;
|
|
char cmdname[256];
|
|
int ret;
|
|
void *key_blob;
|
|
int c;
|
|
|
|
strncpy(cmdname, *argv, sizeof(cmdname) - 1);
|
|
cmdname[sizeof(cmdname) - 1] = '\0';
|
|
while ((c = getopt(argc, argv, "f:k:")) != -1)
|
|
switch (c) {
|
|
case 'f':
|
|
fdtfile = optarg;
|
|
break;
|
|
case 'k':
|
|
keyfile = optarg;
|
|
break;
|
|
default:
|
|
usage(cmdname);
|
|
break;
|
|
}
|
|
|
|
if (!fdtfile) {
|
|
fprintf(stderr, "%s: Missing fdt file\n", *argv);
|
|
usage(*argv);
|
|
}
|
|
if (!keyfile) {
|
|
fprintf(stderr, "%s: Missing key file\n", *argv);
|
|
usage(*argv);
|
|
}
|
|
|
|
ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false, true);
|
|
if (ffd < 0)
|
|
return EXIT_FAILURE;
|
|
kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false, true);
|
|
if (kfd < 0)
|
|
return EXIT_FAILURE;
|
|
|
|
image_set_host_blob(key_blob);
|
|
ret = fit_check_sign(fit_blob, key_blob);
|
|
if (!ret) {
|
|
ret = EXIT_SUCCESS;
|
|
fprintf(stderr, "Signature check OK\n");
|
|
} else {
|
|
ret = EXIT_FAILURE;
|
|
fprintf(stderr, "Signature check Bad (error %d)\n", ret);
|
|
}
|
|
|
|
(void) munmap((void *)fit_blob, fsbuf.st_size);
|
|
(void) munmap((void *)key_blob, ksbuf.st_size);
|
|
|
|
close(ffd);
|
|
close(kfd);
|
|
exit(ret);
|
|
}
|