[RFC v2 0/2] Prevent alignment issues with "in place" FIT configurations

Bjørn Mork bjorn at mork.no
Mon Nov 7 14:33:19 CET 2022


So if anyone looked at this, then you've noticed that it fails to
consider signing.

The design makes it hard to support the combination.  Algnment must run
last since signing may inject variable sized nodes before the fdt data
properties.  Signing must run last since it hashes the blob as it is,
inluding FDT_NOP tags and property order.

But we can trick this int working by signing before aligning to create
the signature nodes with their proper size and position, and then
sign again as a final step if we had to inject any FDT_NOP tags.

The attached fix works for me, creating valid signatures with aligned
images no matter how many times I re-sign the FIT with different length
signature comments.

Downsides is the obvious double signing, which we already accept for
resizing, and a build-up of FDT_NOP tags.  The latter is only an issue
if you re-sign with signature node size changes. And there's at most one
tag added per fdt node per signature update, so it's hardly a major
problem.


Bjørn

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fix-re-sign-if-nops-were-added.patch
Type: text/x-diff
Size: 1475 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20221107/636274d3/attachment.patch>


More information about the U-Boot mailing list