| Message ID | 4a28e074b8c2930c133bdc6f7d6d5c2ed30b80bd.1583088459.git.tommyhebb@gmail.com |
|---|---|
| State | Accepted |
| Commit | ab5a2b0f7927196143d762b2ad9cdc51b84249b3 |
| Delegated to: | Tom Rini |
| Headers | show |
| Series | mkimage: fit: don't create image with 0700 permissions | expand |
On Sun, Mar 01, 2020 at 10:47:53AM -0800, Thomas Hebb wrote: > commit 7298e422504e ("mkimage: fit: add support to encrypt image with > aes") added a new copyfile() function as part of the FIT image creation > flow. This function as currently written creates the final image with a > mode of 0700 (before umask), differing from the old behavior of 0666. > Since there doesn't seem to be any reason to make the image executable > or non-group, non-other readable, change the mask to 0666 to preserve > the old behavior. > > Fixes: 7298e422504e ("mkimage: fit: add support to encrypt image with aes") > Signed-off-by: Thomas Hebb <tommyhebb@gmail.com> Applied to u-boot/master, thanks!
diff --git a/tools/fit_image.c b/tools/fit_image.c index dd61a816c9..4301b5decb 100644 --- a/tools/fit_image.c +++ b/tools/fit_image.c @@ -642,7 +642,7 @@ static int copyfile(const char *src, const char *dst) goto out; } - fd_dst = open(dst, O_WRONLY | O_CREAT, 0700); + fd_dst = open(dst, O_WRONLY | O_CREAT, 0666); if (fd_dst < 0) { printf("Can't open file %s (%s)\n", dst, strerror(errno)); goto out;
commit 7298e422504e ("mkimage: fit: add support to encrypt image with aes") added a new copyfile() function as part of the FIT image creation flow. This function as currently written creates the final image with a mode of 0700 (before umask), differing from the old behavior of 0666. Since there doesn't seem to be any reason to make the image executable or non-group, non-other readable, change the mask to 0666 to preserve the old behavior. Fixes: 7298e422504e ("mkimage: fit: add support to encrypt image with aes") Signed-off-by: Thomas Hebb <tommyhebb@gmail.com> --- tools/fit_image.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)