From patchwork Mon Mar 18 23:51:32 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 228850 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 4DD4D2C00B1 for ; Tue, 19 Mar 2013 10:57:03 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 089B84A1DF; Tue, 19 Mar 2013 00:55:59 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R2LvWmvLouuP; Tue, 19 Mar 2013 00:55:58 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id F26D54A0F0; Tue, 19 Mar 2013 00:54:04 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 59D924A044 for ; Tue, 19 Mar 2013 00:53:32 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q7vNfV48R0KK for ; Tue, 19 Mar 2013 00:53:31 +0100 (CET) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from mail-qa0-f74.google.com (mail-qa0-f74.google.com [209.85.216.74]) by theia.denx.de (Postfix) with ESMTPS id 4E0864A03F for ; Tue, 19 Mar 2013 00:53:20 +0100 (CET) Received: by mail-qa0-f74.google.com with SMTP id o13so355619qaj.1 for ; Mon, 18 Mar 2013 16:53:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references:x-gm-message-state; bh=0fF4+z+J8H7n87LhKptFcfx6soQed25geny+kfLZWjs=; b=ct/pwIOnPsaa+5fTaC+jRrcJ84Mg0iYv+9TVdPeOBwZmPMqQ6CSZMmAwxqhBG6eoMR HhdgYkDoyI7x9C/JdRI0fp6L3+//zEyeBIvR+t3YLzebkrwBaoCY/f6HRr0mtQMZNEfk zT6rhHsp2i8DVNhewhesXq1F2TwYtignw46MOL8yVnUhMD0cThQFEcHd2JeYHyfhGtnR dahd6+sAqinF9LwJ2+mdO485GAOZ5jPbw/4E9IMIEDJKnkbcW+kzX+RyHjoHbhcwzpDC JqmPeRokqsh1fs+JyraUo5iz3a65XDi1KeuCxjBImx4IlNMaDa8TPg15twjzmRJ0R8ci aKYg== X-Received: by 10.58.88.7 with SMTP id bc7mr15903833veb.40.1363650799262; Mon, 18 Mar 2013 16:53:19 -0700 (PDT) Received: from corp2gmr1-1.hot.corp.google.com (corp2gmr1-1.hot.corp.google.com [172.24.189.92]) by gmr-mx.google.com with ESMTPS id u21si2190286yhj.0.2013.03.18.16.53.19 (version=TLSv1.1 cipher=AES128-SHA bits=128/128); Mon, 18 Mar 2013 16:53:19 -0700 (PDT) Received: from kaka.mtv.corp.google.com (kaka.mtv.corp.google.com [172.22.73.79]) by corp2gmr1-1.hot.corp.google.com (Postfix) with ESMTP id 0526131C00F; Mon, 18 Mar 2013 16:53:19 -0700 (PDT) Received: by kaka.mtv.corp.google.com (Postfix, from userid 121222) id D8658160341; Mon, 18 Mar 2013 16:53:18 -0700 (PDT) From: Simon Glass To: U-Boot Mailing List Date: Mon, 18 Mar 2013 16:51:32 -0700 Message-Id: <1363650725-30459-13-git-send-email-sjg@chromium.org> X-Mailer: git-send-email 1.8.1.3 In-Reply-To: <1363650725-30459-1-git-send-email-sjg@chromium.org> References: <1363650725-30459-1-git-send-email-sjg@chromium.org> X-Gm-Message-State: ALoCoQlCotTflOitiud8QJw2bGyQBmPevG0CtX+0GWV5358MLRunm4mU0EuAa5gpxuuzTbV9EeaIEgdXSGc0V64timsfw0eXXRX2OPcEcPczfzWNJz5O4HOuNexHEEmswh0r48S6jqUzWjjl8GcRPUxaWhADa2YMMeCe1bVPOclqUhze7SSHhAqCsqWJ2SDS22jdRRFvn9ak Cc: Joel A Fernandes , Will Drewry , Joe Hershberger , u-boot-review@google.com, Bill Richardson , Randall Spangler , Tom Rini , Vadim Bendebury , =?UTF-8?q?Andreas=20B=C3=A4ck?= , Kees Cook Subject: [U-Boot] [PATCH v2 12/45] image: Move hash checking into its own function X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.11 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: u-boot-bounces@lists.denx.de Errors-To: u-boot-bounces@lists.denx.de The existing function is long and most of the code is indented a long way. Before adding yet more code, split this out into its own function. Signed-off-by: Simon Glass Reviewed-by: Marek Vasut (v1) --- Changes in v2: - Add IMAGE_ENABLE_IGNORE to avoid #ifdef around ignore property handling - Rebase on previous patches - Rename commit message to say "function" instead of "function" common/image-fit.c | 128 ++++++++++++++++++++++++++++------------------------- include/image.h | 8 ++-- 2 files changed, 72 insertions(+), 64 deletions(-) diff --git a/common/image-fit.c b/common/image-fit.c index 9360af2..fa21f18 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -748,7 +748,6 @@ int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, return 0; } -#ifndef USE_HOSTCC /** * fit_image_hash_get_ignore - get hash ignore flag * @fit: pointer to the FIT format image header @@ -763,7 +762,7 @@ int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, * 0, on ignore not found * value, on ignore found */ -int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore) +static int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore) { int len; int *value; @@ -776,7 +775,6 @@ int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore) return 0; } -#endif /** * fit_set_timestamp - set node timestamp property @@ -849,6 +847,57 @@ int calculate_hash(const void *data, int data_len, const char *algo, return 0; } +static int fit_image_check_hash(const void *fit, int noffset, const void *data, + size_t size, char **err_msgp) +{ + uint8_t value[FIT_MAX_HASH_LEN]; + int value_len; + char *algo; + uint8_t *fit_value; + int fit_value_len; + int ignore; + + *err_msgp = NULL; + + if (fit_image_hash_get_algo(fit, noffset, &algo)) { + *err_msgp = " error!\nCan't get hash algo " + "property"; + return -1; + } + printf("%s", algo); + + if (IMAGE_ENABLE_IGNORE) { + fit_image_hash_get_ignore(fit, noffset, &ignore); + if (ignore) { + printf("-skipped "); + return 0; + } + } + + if (fit_image_hash_get_value(fit, noffset, &fit_value, + &fit_value_len)) { + *err_msgp = " error!\nCan't get hash value " + "property"; + return -1; + } + + if (calculate_hash(data, size, algo, value, &value_len)) { + *err_msgp = " error!\n" + "Unsupported hash algorithm"; + return -1; + } + + if (value_len != fit_value_len) { + *err_msgp = " error !\nBad hash value len"; + return -1; + } else if (memcmp(value, fit_value, value_len) != 0) { + *err_msgp = " error!\nBad hash value"; + return -1; + } + + return 0; +} + /** * fit_image_verify - verify data intergity * @fit: pointer to the FIT format image header @@ -866,14 +915,6 @@ int fit_image_verify(const void *fit, int image_noffset) { const void *data; size_t size; - char *algo; - uint8_t *fit_value; - int fit_value_len; -#ifndef USE_HOSTCC - int ignore; -#endif - uint8_t value[FIT_MAX_HASH_LEN]; - int value_len; int noffset; int ndepth; char *err_msg = ""; @@ -885,58 +926,23 @@ int fit_image_verify(const void *fit, int image_noffset) } /* Process all hash subnodes of the component image node */ - for (ndepth = 0, noffset = fdt_next_node(fit, image_noffset, &ndepth); - (noffset >= 0) && (ndepth > 0); - noffset = fdt_next_node(fit, noffset, &ndepth)) { - if (ndepth == 1) { - /* Direct child node of the component image node */ + for (ndepth = 0, + noffset = fdt_next_subnode(fit, image_noffset, &ndepth); + noffset >= 0; + noffset = fdt_next_subnode(fit, noffset, &ndepth)) { + const char *name = fit_get_name(fit, noffset, NULL); - /* - * Check subnode name, must be equal to "hash". - * Multiple hash nodes require unique unit node - * names, e.g. hash@1, hash@2, etc. - */ - if (strncmp(fit_get_name(fit, noffset, NULL), - FIT_HASH_NODENAME, - strlen(FIT_HASH_NODENAME)) != 0) - continue; - - if (fit_image_hash_get_algo(fit, noffset, &algo)) { - err_msg = " error!\nCan't get hash algo property"; - goto error; - } - printf("%s", algo); - -#ifndef USE_HOSTCC - fit_image_hash_get_ignore(fit, noffset, &ignore); - if (ignore) { - printf("-skipped "); - continue; - } -#endif - - if (fit_image_hash_get_value(fit, noffset, &fit_value, - &fit_value_len)) { - err_msg = " error!\nCan't get hash value " - "property"; - goto error; - } - - if (calculate_hash(data, size, algo, value, - &value_len)) { - err_msg = " error!\n" - "Unsupported hash algorithm"; - goto error; - } - - if (value_len != fit_value_len) { - err_msg = " error !\nBad hash value len"; - goto error; - } else if (memcmp(value, fit_value, value_len) != 0) { - err_msg = " error!\nBad hash value"; + /* + * Check subnode name, must be equal to "hash". + * Multiple hash nodes require unique unit node + * names, e.g. hash@1, hash@2, etc. + */ + if (!strncmp(name, FIT_HASH_NODENAME, + strlen(FIT_HASH_NODENAME))) { + if (fit_image_check_hash(fit, noffset, data, size, + &err_msg)) goto error; - } - printf("+ "); + puts("+ "); } } diff --git a/include/image.h b/include/image.h index c09325c..0d3d1db 100644 --- a/include/image.h +++ b/include/image.h @@ -43,12 +43,17 @@ #define CONFIG_OF_LIBFDT 1 #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ +#define IMAGE_ENABLE_IGNORE 0 + #else #include #include #include +/* Take notice of the 'ignore' property for hashes */ +#define IMAGE_ENABLE_IGNORE 1 + #endif /* USE_HOSTCC */ #if defined(CONFIG_FIT) @@ -606,9 +611,6 @@ int fit_image_get_data(const void *fit, int noffset, int fit_image_hash_get_algo(const void *fit, int noffset, char **algo); int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value, int *value_len); -#ifndef USE_HOSTCC -int fit_image_hash_get_ignore(const void *fit, int noffset, int *ignore); -#endif int fit_set_timestamp(void *fit, int noffset, time_t timestamp); int fit_set_hashes(void *fit);