Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2074540/?format=api
{ "id": 2074540, "url": "http://patchwork.ozlabs.org/api/patches/2074540/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20250418-binman-pubkey-dir-v2-2-b6b90a765ffe@cherry.de/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20250418-binman-pubkey-dir-v2-2-b6b90a765ffe@cherry.de>", "list_archive_url": null, "date": "2025-04-18T11:26:08", "name": "[v2,2/2] binman: etype: u_boot_spl_pubkey_dtb: provide more explicit error for key-name-hint with path", "commit_ref": "4e7e0ebcf59794b97542bb6b3d1e0a0fefa145f2", "pull_url": null, "state": "accepted", "archived": false, "hash": "1b58a5c9aa9e33f0b5045e6b79aaf403b79c100d", "submitter": { "id": 84425, "url": "http://patchwork.ozlabs.org/api/people/84425/?format=api", "name": "Quentin Schulz", "email": "foss+uboot@0leil.net" }, "delegate": { "id": 3184, "url": "http://patchwork.ozlabs.org/api/users/3184/?format=api", "username": "sjg", "first_name": "Simon", "last_name": "Glass", "email": "sjg@chromium.org" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20250418-binman-pubkey-dir-v2-2-b6b90a765ffe@cherry.de/mbox/", "series": [ { "id": 453380, "url": "http://patchwork.ozlabs.org/api/series/453380/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=453380", "date": "2025-04-18T11:26:06", "name": "binman: properly error out if path provided to key-name-hint in signature nodes", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/453380/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2074540/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2074540/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=85.214.62.61; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=0leil.net", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=0leil.net", "phobos.denx.de;\n spf=pass smtp.mailfrom=foss+uboot@0leil.net" ], "Received": [ "from phobos.denx.de (phobos.denx.de [85.214.62.61])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature ECDSA (secp384r1))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4ZfCBm2lg1z1yJW\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 18 Apr 2025 21:26:24 +1000 (AEST)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 1F78883121;\n\tFri, 18 Apr 2025 13:26:28 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id 99938830B4; Fri, 18 Apr 2025 13:26:26 +0200 (CEST)", "from smtp-8fa9.mail.infomaniak.ch (smtp-8fa9.mail.infomaniak.ch\n [83.166.143.169])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 781B382C15\n for <u-boot@lists.denx.de>; Fri, 18 Apr 2025 13:26:24 +0200 (CEST)", "from smtp-4-0001.mail.infomaniak.ch (unknown\n [IPv6:2001:1600:7:10:40ca:feff:fe05:1])\n by smtp-4-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4ZfCBm10P1zndj;\n Fri, 18 Apr 2025 13:26:24 +0200 (CEST)", "from unknown by smtp-4-0001.mail.infomaniak.ch (Postfix) with ESMTPA\n id 4ZfCBl0wyfzS45; Fri, 18 Apr 2025 13:26:23 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,\n RCVD_IN_DNSWL_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,\n RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "From": "Quentin Schulz <foss+uboot@0leil.net>", "Date": "Fri, 18 Apr 2025 13:26:08 +0200", "Subject": "[PATCH v2 2/2] binman: etype: u_boot_spl_pubkey_dtb: provide more\n explicit error for key-name-hint with path", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "7bit", "Message-Id": "<20250418-binman-pubkey-dir-v2-2-b6b90a765ffe@cherry.de>", "References": "<20250418-binman-pubkey-dir-v2-0-b6b90a765ffe@cherry.de>", "In-Reply-To": "<20250418-binman-pubkey-dir-v2-0-b6b90a765ffe@cherry.de>", "To": "Simon Glass <sjg@chromium.org>,\n Alper Nebi Yasak <alpernebiyasak@gmail.com>, Tom Rini <trini@konsulko.com>,\n Alexander Kochetkov <al.kochet@gmail.com>,\n Lukas Funke <lukas.funke@weidmueller.com>", "Cc": "u-boot@lists.denx.de, Quentin Schulz <quentin.schulz@cherry.de>", "X-Mailer": "b4 0.14.2", "X-Infomaniak-Routing": "alpha", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "From: Quentin Schulz <quentin.schulz@cherry.de>\n\nkey-name-hint property in u-boot-spl-pubkey-dtb binman entry may contain\na path instead of a filename due to user mistake.\n\nBecause we currently assume it is a filename instead of a path, binman\nwill find the full path to the key based on that path, and return the\ndirname of the full path but keeps the path in key-name-hint instead of\nstripping the directories from it.\n\nThis means mkimage will fail with the following error message if we have\nkey-name-hint set to keys/dev:\n\nbinman: Error 1 running 'fdt_add_pubkey -a sha256,rsa2048 -k /home/qschulz/work/upstream/u-boot/keys -n keys/dev -r conf /home/qschulz/work/upstream/u-boot/build/ringneck/u-boot-spl-dtbdhsfx3mf': Couldn't open RSA certificate: '/home/qschulz/work/upstream/u-boot/keys/keys/dev.crt': No such file or directory\n\nLet's make it a bit more obvious what the error is by erroring out in\nbinman if a path is provided in key-name-hint (it is named key-name-hint\nand not key-path-hint after all).\n\nFixes: 5609843b57a4 (\"binman: etype: Add u-boot-spl-pubkey-dtb etype\")\nSigned-off-by: Quentin Schulz <quentin.schulz@cherry.de>\n---\n tools/binman/etype/u_boot_spl_pubkey_dtb.py | 2 ++\n tools/binman/ftest.py | 7 +++++++\n .../binman/test/348_key_name_hint_dir_spl_pubkey_dtb.dts | 16 ++++++++++++++++\n 3 files changed, 25 insertions(+)", "diff": "diff --git a/tools/binman/etype/u_boot_spl_pubkey_dtb.py b/tools/binman/etype/u_boot_spl_pubkey_dtb.py\nindex cb196061de28610eb785fb44c887982e3979659f..3061c4bcdc4be5663696ed056ac6a55f30dc8676 100644\n--- a/tools/binman/etype/u_boot_spl_pubkey_dtb.py\n+++ b/tools/binman/etype/u_boot_spl_pubkey_dtb.py\n@@ -87,6 +87,8 @@ class Entry_u_boot_spl_pubkey_dtb(Entry_blob_dtb):\n dir=tools.get_output_dir())\\\n as pubkey_tdb:\n tools.write_file(pubkey_tdb.name, self.GetData())\n+ if '/' in self._key_name_hint:\n+ self.Raise(f\"'{self._key_name_hint}' is a path not a filename\")\n keyname = tools.get_input_filename(self._key_name_hint + \".crt\")\n self.fdt_add_pubkey.run(pubkey_tdb.name,\n os.path.dirname(keyname),\ndiff --git a/tools/binman/ftest.py b/tools/binman/ftest.py\nindex 5ea15b36a717a3bfe8fade3892e4039c046d2102..1b68f4b51cfb257c700abde069cc705d3327ed82 100644\n--- a/tools/binman/ftest.py\n+++ b/tools/binman/ftest.py\n@@ -7274,6 +7274,13 @@ fdt fdtmap Extract the devicetree blob from the fdtmap\n tools.to_bytes(''.join(node.props['key'].value)))\n self.assertNotIn('key-source', node.props)\n \n+ def testKeyNameHintIsPathSplPubkeyDtb(self):\n+ \"\"\"Test that binman errors out on key-name-hint being a path\"\"\"\n+ with self.assertRaises(ValueError) as e:\n+ self._DoReadFile('348_key_name_hint_dir_spl_pubkey_dtb.dts')\n+ self.assertIn(\n+ 'Node \\'/binman/u-boot-spl-pubkey-dtb\\': \\'keys/key\\' is a path not a filename',\n+ str(e.exception))\n \n def testSplPubkeyDtb(self):\n \"\"\"Test u_boot_spl_pubkey_dtb etype\"\"\"\ndiff --git a/tools/binman/test/348_key_name_hint_dir_spl_pubkey_dtb.dts b/tools/binman/test/348_key_name_hint_dir_spl_pubkey_dtb.dts\nnew file mode 100644\nindex 0000000000000000000000000000000000000000..85ebd58b6c0cd18fc385f63dd95da2e414705249\n--- /dev/null\n+++ b/tools/binman/test/348_key_name_hint_dir_spl_pubkey_dtb.dts\n@@ -0,0 +1,16 @@\n+// SPDX-License-Identifier: GPL-2.0+\n+\n+/dts-v1/;\n+\n+/ {\n+\t#address-cells = <1>;\n+\t#size-cells = <1>;\n+\n+\tbinman {\n+\t\tu-boot-spl-pubkey-dtb {\n+\t\t\talgo = \"sha384,rsa4096\";\n+\t\t\trequired = \"conf\";\n+\t\t\tkey-name-hint = \"keys/key\";\n+\t\t};\n+\t};\n+};\n", "prefixes": [ "v2", "2/2" ] }