[U-Boot] rsa_verify calls fdt_next_node with a node offset from different device tree blob
Simon Glass
sjg at chromium.org
Mon Dec 26 06:24:42 CET 2016
Hi Che-Liang,
On 24 December 2016 at 10:09, Che-Liang Chiou <clchiou at gmail.com> wrote:
> Hi Simon,
>
> I notice one thing that I am curious about. At v2016.11, in
> lib/rsa/rsa-verify.c:rsa_verify function:
>
> * The sig_node offset is computed from fdt_blob (at line 180):
> sig_node = fdt_subnode_offset(blob, 0, FIT_SIG_NODENAME);
>
> * At the end of the rsa_verify function, sig_node is applied to
> info->fit to compute next offset (at line 210):
> noffset = fdt_next_node(info->fit, sig_node, &ndepth);
>
> blob (which is an alias of info->fdt_blob) and info->fit are two
> different device tree blobs. And we probably should not call
> fdt_next_node with offset from a different blob? (I'm not so sure
> about fdt_next_node.)
Nice to hear from you again!
Yes that looks wrong. I think we need a test to deal with the case
when the signature hint does not match.
Regards,
Simon
More information about the U-Boot
mailing list