Re: [PATCH 2/3] mkimage: fit: handle FDT_ERR_NOSPACE when ciphering

Hi Patrick

From: Patrick Oppenlander patrick.oppenlander@gmail.com

This meant that the order of operations had to change. If we replace the data property first then fail to add the data-size-unciphered property the data will be ciphered again when retrying.

This patch is good, but I disagree with the comment. It is not mandatory to change the order of operation because when signing/ciphering we always start from "fresh" file.

This "trick" is done in the function fit_handle_file(...)

Just before the loop, the tmpfile is rename in bakfile

sprintf(bakfile, "%s%s", tmpfile, ".bak"); rename(tmpfile, bakfile);

And in the loop, the first operation is to copy bakfile to tmpfile:

for (size_inc = 0; size_inc < 64 * 1024; size_inc += 1024) { if (copyfile(bakfile, tmpfile) < 0) { printf("Can't copy %s to %s\n", bakfile, tmpfile); ret = -EIO; break; } ret = fit_add_file_data(params, size_inc, tmpfile); if (!ret || ret != -ENOSPC) break; }

So I think that we always cipher with unciphered data.

Signed-off-by: Patrick Oppenlander patrick.oppenlander@gmail.com

tools/image-host.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/tools/image-host.c b/tools/image-host.c index 8fa1b9aba7..87ef79ef53 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -399,25 +399,26 @@ int fit_image_write_cipher(void *fit, int image_noffset, int noffset, { int ret = -1;

• /* Remove unciphered data */
• ret = fdt_delprop(fit, image_noffset, FIT_DATA_PROP);

• /* add non ciphered data size */
• ret = fdt_setprop_u32(fit, image_noffset, "data-size-unciphered", size);
• if (ret == -FDT_ERR_NOSPACE) {
• ret = -ENOSPC;
• goto out;
• }

if (ret) {

• printf("Can't remove data (err = %d)\n", ret);

• printf("Can't add unciphered data size (err = %d)\n", ret);

goto out; }

/* Add ciphered data */ ret = fdt_setprop(fit, image_noffset, FIT_DATA_PROP, data_ciphered, data_ciphered_len);

• if (ret) {
• printf("Can't add ciphered data (err = %d)\n", ret);

• if (ret == -FDT_ERR_NOSPACE) {
• ret = -ENOSPC;

goto out; }

• /* add non ciphered data size */
• ret = fdt_setprop_u32(fit, image_noffset, "data-size-unciphered", size);

if (ret) {

• printf("Can't add unciphered data size (err = %d)\n", ret);

• printf("Can't add ciphered data (err = %d)\n", ret);

goto out; }

-- 2.27.0

Regards, Philippe