Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/1745901/?format=api
{ "id": 1745901, "url": "http://patchwork.ozlabs.org/api/patches/1745901/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20230221201925.9644-44-pali@kernel.org/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20230221201925.9644-44-pali@kernel.org>", "list_archive_url": null, "date": "2023-02-21T20:19:09", "name": "[RFC,u-boot-mvebu,43/59] tools: kwbimage: Fix generating secure boot data image signature", "commit_ref": "bf78a57e9a84ef4c882acd8c8710d364ed90730e", "pull_url": null, "state": "accepted", "archived": false, "hash": "d961888e4eea98ca777f29ebdef7a9f4f80309b1", "submitter": { "id": 78810, "url": "http://patchwork.ozlabs.org/api/people/78810/?format=api", "name": "Pali Rohár", "email": "pali@kernel.org" }, "delegate": { "id": 1696, "url": "http://patchwork.ozlabs.org/api/users/1696/?format=api", "username": "stroese", "first_name": "Stefan", "last_name": "Roese", "email": "sr@denx.de" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20230221201925.9644-44-pali@kernel.org/mbox/", "series": [ { "id": 343058, "url": "http://patchwork.ozlabs.org/api/series/343058/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=343058", "date": "2023-02-21T20:18:27", "name": "arm: mvebu: Various fixes", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/343058/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/1745901/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/1745901/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=<UNKNOWN>)", "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=RVrWKL46;\n\tdkim-atps=neutral", "phobos.denx.de;\n dmarc=pass (p=none dis=none) header.from=kernel.org", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.b=\"RVrWKL46\";\n\tdkim-atps=neutral", "phobos.denx.de;\n dmarc=pass (p=none dis=none) header.from=kernel.org", "phobos.denx.de; spf=pass smtp.mailfrom=pali@kernel.org" ], "Received": [ "from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature ECDSA (P-384))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4PLrZL1YDXz23j7\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 22 Feb 2023 07:32:42 +1100 (AEDT)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 72BD285B7A;\n\tTue, 21 Feb 2023 21:24:36 +0100 (CET)", "by phobos.denx.de (Postfix, from userid 109)\n id 976D785B54; Tue, 21 Feb 2023 21:23:54 +0100 (CET)", "from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])\n (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n bits)) (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 9258785A6B\n for <u-boot@lists.denx.de>; Tue, 21 Feb 2023 21:22:45 +0100 (CET)", "from smtp.kernel.org (relay.kernel.org [52.25.139.140])\n (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n (No client certificate requested)\n by dfw.source.kernel.org (Postfix) with ESMTPS id 7D01A611F3;\n Tue, 21 Feb 2023 20:22:35 +0000 (UTC)", "by smtp.kernel.org (Postfix) with ESMTPSA id 32B1EC433EF;\n Tue, 21 Feb 2023 20:22:35 +0000 (UTC)", "by pali.im (Postfix)\n id E3A3D9E0; Tue, 21 Feb 2023 21:22:34 +0100 (CET)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,\n DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,\n SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n s=k20201202; t=1677010955;\n bh=xtBejRyPjsdX+RDw+vi+R9nVIcjqn5MQLExK/0C7GHs=;\n h=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n b=RVrWKL46CSGiAyox1miaH0vvDs26OIBioqpf36OLtiBYjw4L/BTTQ9EUzvDHeeauR\n 46FgRC78Pete3Ah8sEUDTzDmQy4ocRtfJAT6L1Bq2SU/PvJ8bwQntBCBf+n2KjqymA\n O7OjNLOl3hjXm+tWrmHAz+LzVHBJAeMY6L7cXCQkkKHASrKC9N37RGb6RLhd96tsGg\n Yiir0n7X0SNvDQM6+IUbJ2qRXAXrh1+xqquIgK7IeWdvUMZM4naNXG8cYJRUzCVvUn\n xTgOxrUvsIe+kc5OPezypUimkm+3Avgg3qpuTg6DnoR+1iIEG+90D+wEy4KZkDmVoG\n v2Cx3FIaEGZ0g==", "From": "=?utf-8?q?Pali_Roh=C3=A1r?= <pali@kernel.org>", "To": "u-boot@lists.denx.de", "Cc": "Stefan Roese <sr@denx.de>, Tony Dinh <mibodhi@gmail.com>,\n Josua Mayer <josua@solid-run.com>", "Subject": "[PATCH RFC u-boot-mvebu 43/59] tools: kwbimage: Fix generating secure\n boot data image signature", "Date": "Tue, 21 Feb 2023 21:19:09 +0100", "Message-Id": "<20230221201925.9644-44-pali@kernel.org>", "X-Mailer": "git-send-email 2.20.1", "In-Reply-To": "<20230221201925.9644-1-pali@kernel.org>", "References": "<20230221201925.9644-1-pali@kernel.org>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=UTF-8", "Content-Transfer-Encoding": "8bit", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.6 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "Secure boot data image signature is calculated from the data image without\ntrailing 4-bit checksum. Commit 37cb9c15d70d (\"tools: kwbimage: Simplify\naligning and calculating checksum\") unintentionally broke this calculation\nwhen it increased payloadsz variable by 4 bytes which was propagated also\ninto the add_secure_header_v1() function. Fix this issue by decreasing size\nof buffer by 4 bytes from which is calculated secure boot data image\nsignature.\n\nFixes: 37cb9c15d70d (\"tools: kwbimage: Simplify aligning and calculating checksum\")\nSigned-off-by: Pali Rohár <pali@kernel.org>\n---\n tools/kwbimage.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)", "diff": "diff --git a/tools/kwbimage.c b/tools/kwbimage.c\nindex b32f845b7e2d..a8a59c154b9c 100644\n--- a/tools/kwbimage.c\n+++ b/tools/kwbimage.c\n@@ -1355,7 +1355,7 @@ static int add_secure_header_v1(struct image_tool_params *params, uint8_t *image\n \tif (kwb_sign_csk_with_kak(params, secure_hdr, csk))\n \t\treturn 1;\n \n-\tif (kwb_sign_and_verify(csk, image_ptr, image_size,\n+\tif (kwb_sign_and_verify(csk, image_ptr, image_size - 4,\n \t\t\t\t&secure_hdr->imgsig, \"image\") < 0)\n \t\treturn 1;\n \n", "prefixes": [ "RFC", "u-boot-mvebu", "43/59" ] }