[PATCH 2/3] mkimage: fit: handle FDT_ERR_NOSPACE when ciphering
Patrick Oppenlander
patrick.oppenlander at gmail.com
Thu Jul 30 03:19:03 CEST 2020
On Thu, Jul 30, 2020 at 1:02 AM Philippe REYNES
<philippe.reynes at softathome.com> wrote:
>
> Hi Patrick
>
> > From: Patrick Oppenlander <patrick.oppenlander at gmail.com>
> >
> > This meant that the order of operations had to change. If we replace the
> > data property first then fail to add the data-size-unciphered property
> > the data will be ciphered again when retrying.
>
>
> This patch is good, but I disagree with the comment. It is not mandatory
> to change the order of operation because when signing/ciphering we always
> start from "fresh" file.
>
> This "trick" is done in the function fit_handle_file(...)
>
> Just before the loop, the tmpfile is rename in bakfile
>
> sprintf(bakfile, "%s%s", tmpfile, ".bak");
> rename(tmpfile, bakfile);
>
> And in the loop, the first operation is to copy bakfile to tmpfile:
>
> for (size_inc = 0; size_inc < 64 * 1024; size_inc += 1024) {
> if (copyfile(bakfile, tmpfile) < 0) {
> printf("Can't copy %s to %s\n", bakfile, tmpfile);
> ret = -EIO;
> break;
> }
> ret = fit_add_file_data(params, size_inc, tmpfile);
> if (!ret || ret != -ENOSPC)
> break;
> }
>
> So I think that we always cipher with unciphered data.
>
Hi Philip,
I don't think that is the case if you use "mkimage -F". The input can
already be ciphered.
Patrick
More information about the U-Boot
mailing list