meta/meta-mediatek-gpl/recipes-bsp/u-boot/u-boot-mkimage-2018.07/0001-tools-image-add-configurations-node-to-hashed-node.patch - T103 - Gitiles

 From 46017bf4b1c21a301cf2640051d2cc3df8b899dd Mon Sep 17 00:00:00 2001
 From: Jimmy Huang <jimmy.huang@mediatek.com>
 Date: Wed, 27 May 2020 13:39:27 +0800
 Subject: [PATCH] tools: image: add /configurations node to hashed-node

 To fix fit signature bypass problem.
 ---
  tools/image-host.c | 12 ++++++++----
  tools/imagetool.h  |  1 +
  tools/mkimage.c    | 23 +++++++++++++++++++++++
  3 files changed, 32 insertions(+), 4 deletions(-)

 diff --git a/tools/image-host.c b/tools/image-host.c
 index c5a651e2c1..f9f11b2730 100644
 --- a/tools/image-host.c
 +++ b/tools/image-host.c
 @@ -400,7 +400,8 @@ static const char *fit_config_get_image_list(void *fit, int noffset,
  }

  static int fit_config_get_hash_list(void *fit, int conf_noffset,
 -				    int sig_offset, struct strlist *node_inc)
 +				    int sig_offset, struct strlist *node_inc,
 +				    const struct image_tool_params *params)
  {
  	int allow_missing;
  	const char *prop, *iname, *end;
 @@ -419,6 +420,7 @@ static int fit_config_get_hash_list(void *fit, int conf_noffset,
  	strlist_init(node_inc);
  	snprintf(name, sizeof(name), "%s/%s", FIT_CONFS_PATH, conf_name);
  	if (strlist_add(node_inc, "/") ||
 +	    (params->brom_flag && strlist_add(node_inc, FIT_CONFS_PATH)) ||
  	    strlist_add(node_inc, name))
  		goto err_mem;

 @@ -504,7 +506,8 @@ err_path:

  static int fit_config_get_data(void *fit, int conf_noffset, int noffset,
  		struct image_region **regionp, int *region_countp,
 -		char **region_propp, int *region_proplen)
 +		char **region_propp, int *region_proplen,
 +		const struct image_tool_params *params)
  {
  	char * const exc_prop[] = {"data"};
  	struct strlist node_inc;
 @@ -521,7 +524,8 @@ static int fit_config_get_data(void *fit, int conf_noffset, int noffset,
  	debug("%s: conf='%s', sig='%s'\n", __func__, conf_name, sig_name);

  	/* Get a list of nodes we want to hash */
 -	ret = fit_config_get_hash_list(fit, conf_noffset, noffset, &node_inc);
 +	ret = fit_config_get_hash_list(fit, conf_noffset, noffset, &node_inc,
 +			params);
  	if (ret)
  		return ret;

 @@ -591,7 +595,7 @@ static int fit_config_process_sig(const char *keydir, void *keydest,

  	node_name = fit_get_name(fit, noffset, NULL);
  	if (fit_config_get_data(fit, conf_noffset, noffset, &region,
 -				&region_count, &region_prop, &region_proplen))
 +				&region_count, &region_prop, &region_proplen, params))
  		return -1;

  	if (fit_image_setup_sig(&info, keydir, fit, conf_name, noffset,
 diff --git a/tools/imagetool.h b/tools/imagetool.h
 index f99aa02313..265279dd16 100644
 --- a/tools/imagetool.h
 +++ b/tools/imagetool.h
 @@ -75,6 +75,7 @@ struct image_tool_params {
  	struct content_info *content_tail;
  	bool external_data;	/* Store data outside the FIT */
  	bool quiet;		/* Don't output text in normal operation */
 +	bool brom_flag;	/* Make FIT for bootrom */
  	unsigned int external_offset;	/* Add padding to external data */
  	const char *engine_id;	/* Engine to use for signing */
  	int tkc_oem_flag;           /* Handle in OEM part */
 diff --git a/tools/mkimage.c b/tools/mkimage.c
 index 1d15adb2a1..fc517ff7ac 100644
 --- a/tools/mkimage.c
 +++ b/tools/mkimage.c
 @@ -10,8 +10,12 @@
  #include "mkimage.h"
  #include "imximage.h"
  #include <image.h>
 +#include <libgen.h>
 +#include <string.h>
  #include <version.h>

 +const char *brom_mkimage_basename = "brom-mkimage";
 +
  static void copy_file(int, const char *, int);

  /* parameters initialized by core will be used by the image type code */
 @@ -144,6 +148,23 @@ static void process_args(int argc, char **argv)
  	char *datafile = NULL;
  	int opt;

 +	/*
 +	 * If the base name of the program is "brom-mkimage", set brom_flag to
 +	 * indicate special handling is needed for the fit image
 +	 */
 +	ptr = strdup(params.cmdname);
 +	if (ptr) {
 +		char *bname = basename(ptr);
 +		if (strncmp(brom_mkimage_basename, bname, strlen(bname)) == 0)
 +			params.brom_flag = true;
 +		free(ptr);
 +		ptr = NULL;
 +	} else {
 +		fprintf(stderr, "%s: not enough memory for strdup '%s'\n",
 +			params.cmdname, params.cmdname);
 +		exit(EXIT_FAILURE);
 +	}
 +
  	while ((opt = getopt(argc, argv,
  			     "a:A:b:c:C:d:D:e:Ef:Fk:g:i:K:ln:N:p:O:rR:qsT:u:vVx")) != -1) {
  		switch (opt) {
 @@ -283,6 +304,8 @@ static void process_args(int argc, char **argv)
  			params.vflag++;
  			break;
  		case 'V':
 +			if (params.brom_flag)
 +				printf("Image tool for BL2 FIT construction\n");
  			printf("mkimage version %s\n", PLAIN_VERSION);
  			exit(EXIT_SUCCESS);
  		case 'x':
 --
 2.18.0
	From 46017bf4b1c21a301cf2640051d2cc3df8b899dd Mon Sep 17 00:00:00 2001
	From: Jimmy Huang <jimmy.huang@mediatek.com>
	Date: Wed, 27 May 2020 13:39:27 +0800
	Subject: [PATCH] tools: image: add /configurations node to hashed-node

	To fix fit signature bypass problem.
	---
	tools/image-host.c \| 12 ++++++++----
	tools/imagetool.h \| 1 +
	tools/mkimage.c \| 23 +++++++++++++++++++++++
	3 files changed, 32 insertions(+), 4 deletions(-)

	diff --git a/tools/image-host.c b/tools/image-host.c
	index c5a651e2c1..f9f11b2730 100644
	--- a/tools/image-host.c
	+++ b/tools/image-host.c
	@@ -400,7 +400,8 @@ static const char fit_config_get_image_list(void fit, int noffset,
	}

	static int fit_config_get_hash_list(void *fit, int conf_noffset,
	- int sig_offset, struct strlist *node_inc)
	+ int sig_offset, struct strlist *node_inc,
	+ const struct image_tool_params *params)
	{
	int allow_missing;
	const char prop, iname, *end;
	@@ -419,6 +420,7 @@ static int fit_config_get_hash_list(void *fit, int conf_noffset,
	strlist_init(node_inc);
	snprintf(name, sizeof(name), "%s/%s", FIT_CONFS_PATH, conf_name);
	if (strlist_add(node_inc, "/") \|\|
	+ (params->brom_flag && strlist_add(node_inc, FIT_CONFS_PATH)) \|\|
	strlist_add(node_inc, name))
	goto err_mem;

	@@ -504,7 +506,8 @@ err_path:

	static int fit_config_get_data(void *fit, int conf_noffset, int noffset,
	struct image_region *regionp, int region_countp,
	- char *region_propp, int region_proplen)
	+ char *region_propp, int region_proplen,
	+ const struct image_tool_params *params)
	{
	char * const exc_prop[] = {"data"};
	struct strlist node_inc;
	@@ -521,7 +524,8 @@ static int fit_config_get_data(void *fit, int conf_noffset, int noffset,
	debug("%s: conf='%s', sig='%s'\n", __func__, conf_name, sig_name);

	/* Get a list of nodes we want to hash */
	- ret = fit_config_get_hash_list(fit, conf_noffset, noffset, &node_inc);
	+ ret = fit_config_get_hash_list(fit, conf_noffset, noffset, &node_inc,
	+ params);
	if (ret)
	return ret;

	@@ -591,7 +595,7 @@ static int fit_config_process_sig(const char keydir, void keydest,

	node_name = fit_get_name(fit, noffset, NULL);
	if (fit_config_get_data(fit, conf_noffset, noffset, &region,
	- &region_count, &region_prop, &region_proplen))
	+ &region_count, &region_prop, &region_proplen, params))
	return -1;

	if (fit_image_setup_sig(&info, keydir, fit, conf_name, noffset,
	diff --git a/tools/imagetool.h b/tools/imagetool.h
	index f99aa02313..265279dd16 100644
	--- a/tools/imagetool.h
	+++ b/tools/imagetool.h
	@@ -75,6 +75,7 @@ struct image_tool_params {
	struct content_info *content_tail;
	bool external_data; /* Store data outside the FIT */
	bool quiet; /* Don't output text in normal operation */
	+ bool brom_flag; /* Make FIT for bootrom */
	unsigned int external_offset; /* Add padding to external data */
	const char engine_id; / Engine to use for signing */
	int tkc_oem_flag; /* Handle in OEM part */
	diff --git a/tools/mkimage.c b/tools/mkimage.c
	index 1d15adb2a1..fc517ff7ac 100644
	--- a/tools/mkimage.c
	+++ b/tools/mkimage.c
	@@ -10,8 +10,12 @@
	#include "mkimage.h"
	#include "imximage.h"
	#include <image.h>
	+#include <libgen.h>
	+#include <string.h>
	#include <version.h>

	+const char *brom_mkimage_basename = "brom-mkimage";
	+
	static void copy_file(int, const char *, int);

	/* parameters initialized by core will be used by the image type code */
	@@ -144,6 +148,23 @@ static void process_args(int argc, char **argv)
	char *datafile = NULL;
	int opt;

	+ /*
	+ * If the base name of the program is "brom-mkimage", set brom_flag to
	+ * indicate special handling is needed for the fit image
	+ */
	+ ptr = strdup(params.cmdname);
	+ if (ptr) {
	+ char *bname = basename(ptr);
	+ if (strncmp(brom_mkimage_basename, bname, strlen(bname)) == 0)
	+ params.brom_flag = true;
	+ free(ptr);
	+ ptr = NULL;
	+ } else {
	+ fprintf(stderr, "%s: not enough memory for strdup '%s'\n",
	+ params.cmdname, params.cmdname);
	+ exit(EXIT_FAILURE);
	+ }
	+
	while ((opt = getopt(argc, argv,
	"a:A:b:c:C:d:D:e:Ef:Fk:g:i:K:ln:N:p:O:rR:qsT:u:vVx")) != -1) {
	switch (opt) {
	@@ -283,6 +304,8 @@ static void process_args(int argc, char **argv)
	params.vflag++;
	break;
	case 'V':
	+ if (params.brom_flag)
	+ printf("Image tool for BL2 FIT construction\n");
	printf("mkimage version %s\n", PLAIN_VERSION);
	exit(EXIT_SUCCESS);
	case 'x':
	--
	2.18.0