u-boot.git/tools, branch v2020.10-rc2 Unnamed repository; edit this file 'description' to name the repository. mkimage: fit: fix import of external data 2020-08-07T15:47:18+00:00 Patrick Oppenlander patrick.oppenlander@gmail.com 2020-07-30T04:31:48+00:00 c995d854efcbf54ebd99a41f9a3c918340f16376 The external data is located after the mmapped FDT pointed to by 'old_fdt', not in the newly created FDT we are importing into at 'fdt'. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> 
The external data is located after the mmapped FDT pointed to by
'old_fdt', not in the newly created FDT we are importing into at 'fdt'.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
mkimage: fit: include image cipher in configuration signature 2020-08-07T15:47:18+00:00 Patrick Oppenlander patrick.oppenlander@gmail.com 2020-07-30T04:30:47+00:00 ef40129c33396d90a42e10f4a772390ac5b2ba05 This patch addresses issue #2 for signed configurations. -----8<----- Including the image cipher properties in the configuration signature prevents an attacker from modifying cipher, key or iv properties. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com> 
This patch addresses issue #2 for signed configurations.

-----8<-----

Including the image cipher properties in the configuration signature
prevents an attacker from modifying cipher, key or iv properties.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
mkimage: fit: don't cipher ciphered data 2020-08-07T15:47:18+00:00 Patrick Oppenlander patrick.oppenlander@gmail.com 2020-07-30T04:22:15+00:00 b33e5cc18263d438d11bb9a728b4117cc560cae4 Previously, mkimage -F could be run multiple times causing already ciphered image data to be ciphered again. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com> 
Previously, mkimage -F could be run multiple times causing already
ciphered image data to be ciphered again.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
mkimage: fit: handle FDT_ERR_NOSPACE when ciphering 2020-08-07T15:47:18+00:00 Patrick Oppenlander patrick.oppenlander@gmail.com 2020-07-30T04:22:14+00:00 04aeebb131081698204ad38bd8aba7140cd3ba22 Also replace fdt_delprop/fdt_setprop with fdt_setprop as fdt_setprop can replace an existing property value. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com> 
Also replace fdt_delprop/fdt_setprop with fdt_setprop as fdt_setprop can
replace an existing property value.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
mkimage: fit: only process one cipher node 2020-08-07T15:47:18+00:00 Patrick Oppenlander patrick.oppenlander@gmail.com 2020-07-30T04:22:13+00:00 c520266f9a796f5f447f5e3b1da04a874500290a Previously mkimage would process any node matching the regex cipher.* and apply the ciphers to the image data in the order they appeared in the FDT. This meant that data could be inadvertently ciphered multiple times. Switch to processing a single cipher node which exactly matches FIT_CIPHER_NODENAME. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com> 
Previously mkimage would process any node matching the regex cipher.*
and apply the ciphers to the image data in the order they appeared in
the FDT. This meant that data could be inadvertently ciphered multiple
times.

Switch to processing a single cipher node which exactly matches
FIT_CIPHER_NODENAME.

Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
tools: env: Avoid an uninited warning with was_locked 2020-08-05T12:18:34+00:00 Simon Glass sjg@chromium.org 2020-08-01T16:30:39+00:00 7b27e0fe13d8d44da6cd357a69668a726b852502 Set this variable to 0 to avoid a warning about an unused variable. This happens on gcc 7.5.0 for me. Signed-off-by: Simon Glass <sjg@chromium.org> 
Set this variable to 0 to avoid a warning about an unused variable. This
happens on gcc 7.5.0 for me.

Signed-off-by: Simon Glass <sjg@chromium.org>
tools: env: Fix printf() warning in fw_env 2020-08-05T12:18:34+00:00 Simon Glass sjg@chromium.org 2020-08-01T16:30:38+00:00 d9cd4d2a8d429068a6a5061a33459ae3ae113ef8 The printf() string produces a warning about %d not matching size_t. Fix it and put the format string on one line to avoid a checkpatch warning. Signed-off-by: Simon Glass <sjg@chromium.org> 
The printf() string produces a warning about %d not matching size_t. Fix
it and put the format string on one line to avoid a checkpatch warning.

Signed-off-by: Simon Glass <sjg@chromium.org>
fit_image: Use calloc() to fix reproducibility issue 2020-08-05T12:18:34+00:00 Fabio Estevam festevam@gmail.com 2020-07-28T00:03:13+00:00 aaa91a4e4b8a5d74f1317e18aa47d2a7a72e0c43 Vagrant Cascadian reported that mx6cuboxi target no longer builds reproducibility on Debian. One example of builds mismatches: 00096680: 696e 6700 736f 756e 642d 6461 6900 6465 ing.sound-dai.de -00096690: 7465 6374 2d67 7069 6f73 0000 tect-gpios.. +00096690: 7465 6374 2d67 7069 6f73 0061 tect-gpios.a This problem happens because all the buffers in fit_image.c are allocated via malloc(), which does not zero out the allocated buffer. Using calloc() fixes this unpredictable behaviour as it guarantees that the allocated buffer are zero initialized. Reported-by: Vagrant Cascadian <vagrant@reproducible-builds.org> Suggested-by: Tom Rini <trini@konsulko.com> Signed-off-by: Fabio Estevam <festevam@gmail.com> Tested-by: Vagrant Cascadian <vagrant@reproducible-builds.org> 
Vagrant Cascadian reported that mx6cuboxi target no longer builds
reproducibility on Debian.

One example of builds mismatches:

00096680: 696e 6700 736f 756e 642d 6461 6900 6465  ing.sound-dai.de
-00096690: 7465 6374 2d67 7069 6f73 0000            tect-gpios..
+00096690: 7465 6374 2d67 7069 6f73 0061            tect-gpios.a

This problem happens because all the buffers in fit_image.c are
allocated via malloc(), which does not zero out the allocated buffer.

Using calloc() fixes this unpredictable behaviour as it guarantees
that the allocated buffer are zero initialized.

Reported-by: Vagrant Cascadian <vagrant@reproducible-builds.org>
Suggested-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Tested-by: Vagrant Cascadian <vagrant@reproducible-builds.org>
checkpatch: Don't allow common.h and dm.h in headers 2020-08-04T02:19:54+00:00 Simon Glass sjg@chromium.org 2020-07-19T16:16:01+00:00 23552ba142860205c4ddec414417cdc251f8cb79 These headers should not be included in other header files. Add a checkpatch rule and test for this. Signed-off-by: Simon Glass <sjg@chromium.org> 
These headers should not be included in other header files. Add a
checkpatch rule and test for this.

Signed-off-by: Simon Glass <sjg@chromium.org>
patman: Fix up the test comments 2020-08-04T02:19:54+00:00 Simon Glass sjg@chromium.org 2020-07-19T16:16:00+00:00 4620d46bf0aa00df3857a5883b790da3d12995dd Many of the tests have the same comment and two have the same name. Fix this. Signed-off-by: Simon Glass <sjg@chromium.org> 
Many of the tests have the same comment and two have the same name. Fix
this.

Signed-off-by: Simon Glass <sjg@chromium.org>