[PATCH v2 12/14] image: Use constants for 'required' and 'key-name-hint'

Philippe REYNES philippe.reynes at softathome.com
Wed Mar 18 19:28:56 CET 2020



> Objet: [PATCH v2 12/14] image: Use constants for 'required' and 'key-name-hint'

> These are used in multiple places so update them to use a shared #define.
> 
> Signed-off-by: Simon Glass <sjg at chromium.org>

Reviewed-by: Philippe Reynes <philippe.reynes at softathome.com>

> ---
> 
> Changes in v2: None
> 
> common/image-cipher.c | 2 +-
> common/image-fit.c | 6 +++---
> common/image-sig.c | 8 +++++---
> include/image.h | 4 +++-
> lib/rsa/rsa-sign.c | 6 +++---
> tools/image-host.c | 8 ++++----
> 6 files changed, 19 insertions(+), 15 deletions(-)
> 
> diff --git a/common/image-cipher.c b/common/image-cipher.c
> index cee3b03ee5..f50c3d31bd 100644
> --- a/common/image-cipher.c
> +++ b/common/image-cipher.c
> @@ -88,7 +88,7 @@ static int fit_image_setup_decrypt(struct image_cipher_info
> *info,
> return -1;
> }
> 
> - info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL);
> + info->keyname = fdt_getprop(fit, cipher_noffset, FIT_KEY_HINT, NULL);
> if (!info->keyname) {
> printf("Can't get key name\n");
> return -1;
> diff --git a/common/image-fit.c b/common/image-fit.c
> index a5c85ede8d..c8ff77526c 100644
> --- a/common/image-fit.c
> +++ b/common/image-fit.c
> @@ -168,7 +168,7 @@ static void fit_image_print_data(const void *fit, int
> noffset, const char *p,
> int value_len;
> char *algo;
> const char *padding;
> - int required;
> + bool required;
> int ret, i;
> 
> debug("%s %s node: '%s'\n", p, type,
> @@ -179,8 +179,8 @@ static void fit_image_print_data(const void *fit, int
> noffset, const char *p,
> return;
> }
> printf("%s", algo);
> - keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
> - required = fdt_getprop(fit, noffset, "required", NULL) != NULL;
> + keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
> + required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL;
> if (keyname)
> printf(":%s", keyname);
> if (required)
> diff --git a/common/image-sig.c b/common/image-sig.c
> index 03143a4040..6563effcf3 100644
> --- a/common/image-sig.c
> +++ b/common/image-sig.c
> @@ -229,7 +229,7 @@ static int fit_image_setup_verify(struct image_sign_info
> *info,
> padding_name = RSA_DEFAULT_PADDING_NAME;
> 
> memset(info, '\0', sizeof(*info));
> - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
> + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
> info->fit = (void *)fit;
> info->node_offset = noffset;
> info->name = algo_name;
> @@ -340,7 +340,8 @@ int fit_image_verify_required_sigs(const void *fit, int
> image_noffset,
> const char *required;
> int ret;
> 
> - required = fdt_getprop(sig_blob, noffset, "required", NULL);
> + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED,
> + NULL);
> if (!required || strcmp(required, "image"))
> continue;
> ret = fit_image_verify_sig(fit, image_noffset, data, size,
> @@ -557,7 +558,8 @@ int fit_config_verify_required_sigs(const void *fit, int
> conf_noffset,
> const char *required;
> int ret;
> 
> - required = fdt_getprop(sig_blob, noffset, "required", NULL);
> + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED,
> + NULL);
> if (!required || strcmp(required, "conf"))
> continue;
> ret = fit_config_verify_sig(fit, conf_noffset, sig_blob,
> diff --git a/include/image.h b/include/image.h
> index 512243f159..3ffc0fdd68 100644
> --- a/include/image.h
> +++ b/include/image.h
> @@ -939,12 +939,14 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong
> *size,
> #define FIT_IMAGES_PATH "/images"
> #define FIT_CONFS_PATH "/configurations"
> 
> -/* hash/signature node */
> +/* hash/signature/key node */
> #define FIT_HASH_NODENAME "hash"
> #define FIT_ALGO_PROP "algo"
> #define FIT_VALUE_PROP "value"
> #define FIT_IGNORE_PROP "uboot-ignore"
> #define FIT_SIG_NODENAME "signature"
> +#define FIT_KEY_REQUIRED "required"
> +#define FIT_KEY_HINT "key-name-hint"
> 
> /* cipher node */
> #define FIT_CIPHER_NODENAME "cipher"
> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> index 6400ef63d6..580c744709 100644
> --- a/lib/rsa/rsa-sign.c
> +++ b/lib/rsa/rsa-sign.c
> @@ -792,8 +792,8 @@ int rsa_add_verify_data(struct image_sign_info *info, void
> *keydest)
> }
> 
> if (!ret) {
> - ret = fdt_setprop_string(keydest, node, "key-name-hint",
> - info->keyname);
> + ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT,
> + info->keyname);
> }
> if (!ret)
> ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits);
> @@ -815,7 +815,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void
> *keydest)
> info->name);
> }
> if (!ret && info->require_keys) {
> - ret = fdt_setprop_string(keydest, node, "required",
> + ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED,
> info->require_keys);
> }
> done:
> diff --git a/tools/image-host.c b/tools/image-host.c
> index dfea48e894..4e57ddea96 100644
> --- a/tools/image-host.c
> +++ b/tools/image-host.c
> @@ -170,7 +170,7 @@ static int fit_image_setup_sig(struct image_sign_info *info,
> 
> memset(info, '\0', sizeof(*info));
> info->keydir = keydir;
> - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
> + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
> info->fit = fit;
> info->node_offset = noffset;
> info->name = strdup(algo_name);
> @@ -249,7 +249,7 @@ static int fit_image_process_sig(const char *keydir, void
> *keydest,
> free(value);
> 
> /* Get keyname again, as FDT has changed and invalidated our pointer */
> - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
> + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
> 
> /*
> * Write the public key into the supplied FDT file; this might fail
> @@ -337,7 +337,7 @@ static int fit_image_setup_cipher(struct image_cipher_info
> *info,
> info->keydir = keydir;
> 
> /* Read the key name */
> - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
> + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
> if (!info->keyname) {
> printf("Can't get key name for cipher '%s' in image '%s'\n",
> node_name, image_name);
> @@ -886,7 +886,7 @@ static int fit_config_process_sig(const char *keydir, void
> *keydest,
> free(region_prop);
> 
> /* Get keyname again, as FDT has changed and invalidated our pointer */
> - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
> + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
> 
> /* Write the public key into the supplied FDT file */
> if (keydest) {
> --
> 2.25.1.481.gfbce0eb801-goog


More information about the U-Boot mailing list