Hi Patrick,
From: Patrick Oppenlander patrick.oppenlander@gmail.com
Previously, mkimage -F could be run multiple times causing already ciphered image data to be ciphered again.
Reviewed-by: Philippe Reynes philippe.reynes@softathome.com
Signed-off-by: Patrick Oppenlander patrick.oppenlander@gmail.com
Regards, Philippe
tools/image-host.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/tools/image-host.c b/tools/image-host.c index b4603c5f01..e5417beee5 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -482,7 +482,7 @@ int fit_image_cipher_data(const char *keydir, void *keydest, const char *image_name; const void *data; size_t size;
- int cipher_node_offset;
- int cipher_node_offset, len;
/* Get image name */ image_name = fit_get_name(fit, image_noffset, NULL); @@ -497,6 +497,19 @@ int fit_image_cipher_data(const char *keydir, void *keydest, return -1; }
- /*
- Don't cipher ciphered data.
- If the data-size-unciphered property is present the data for this
- image is already encrypted. This is important as 'mkimage -F' can be
- run multiple times on a FIT image.
- */
- if (fdt_getprop(fit, image_noffset, "data-size-unciphered", &len))
- return 0;
- if (len != -FDT_ERR_NOTFOUND) {
- printf("Failure testing for data-size-unciphered\n");
- return -1;
- }
/* Process cipher node if present */ cipher_node_offset = fdt_subnode_offset(fit, image_noffset, -- 2.27.0