[RFC][PATCH] mkimage: fit: Do not tail-pad fitImage with external data

Tom Rini trini at konsulko.com
Fri May 1 17:06:33 CEST 2020


On Fri, Apr 24, 2020 at 12:19:00PM +0200, Marek Vasut wrote:

> There is no reason to tail-pad fitImage with external data to 4-bytes,
> while fitImage without external data does not have any such padding and
> is often unaligned. DT spec also does not mandate any such padding.
> 
> Moreover, the tail-pad fills the last few bytes with uninitialized data,
> which could lead to a potential information leak.
> 
> Test:
> echo -n x > /tmp/data ; ./tools/mkimage -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage
> echo -n x > /tmp/data ; ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; hexdump -vC /tmp/fitImage
> 
> Signed-off-by: Marek Vasut <marex at denx.de>
> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de>
> Cc: Simon Glass <sjg at chromium.org>
> Cc: Tom Rini <trini at konsulko.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>
> ---
>  tools/fit_image.c | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/tools/fit_image.c b/tools/fit_image.c
> index dd61a816c9..2fc4c3630d 100644
> --- a/tools/fit_image.c
> +++ b/tools/fit_image.c
> @@ -488,7 +488,6 @@ static int fit_extract_data(struct image_tool_params *params, const char *fname)
>  	debug("Size reduced from %x to %x\n", fit_size, fdt_totalsize(fdt));
>  	debug("External data size %x\n", buf_ptr);
>  	new_size = fdt_totalsize(fdt);
> -	new_size = (new_size + 3) & ~3;
>  	munmap(fdt, sbuf.st_size);
>  
>  	if (ftruncate(fd, new_size)) {

As of:
commit ebfe611be91e0075c040588a30a9996519d30aa6
Author: Kever Yang <kever.yang at rock-chips.com>
Date:   Mon Mar 30 11:56:24 2020 +0800

    mkimage: fit_image: Add option to make fit header align

this doesn't apply and the area in question has changed.  Can you please
see if your use-case is supported correctly now?  Or v2 this, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200501/8a7a8498/attachment.sig>


More information about the U-Boot mailing list