From 4f427a421fcba92b0325907fe79464c9791e85d5 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Mon, 2 Jun 2014 22:04:51 -0600 Subject: fdt: Update functions which write to an FDT to return -ENOSPC When writing values into an FDT it is possible that there will be insufficient space. If the caller gets a useful error then it can potentially deal with the situation. Adjust these functions to return -ENOSPC when the FDT is full. Signed-off-by: Simon Glass --- lib/rsa/rsa-sign.c | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'lib/rsa') diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index ca8c120d97c..48f31972096 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -429,20 +429,30 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) ret = fdt_setprop_string(keydest, node, "key-name-hint", info->keyname); - ret |= fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); - ret |= fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv); - ret |= fdt_add_bignum(keydest, node, "rsa,modulus", modulus, bits); - ret |= fdt_add_bignum(keydest, node, "rsa,r-squared", r_squared, bits); - ret |= fdt_setprop_string(keydest, node, FIT_ALGO_PROP, - info->algo->name); + if (!ret) + ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); + if (!ret) + ret = fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv); + if (!ret) { + ret = fdt_add_bignum(keydest, node, "rsa,modulus", modulus, + bits); + } + if (!ret) { + ret = fdt_add_bignum(keydest, node, "rsa,r-squared", r_squared, + bits); + } + if (!ret) { + ret = fdt_setprop_string(keydest, node, FIT_ALGO_PROP, + info->algo->name); + } if (info->require_keys) { - fdt_setprop_string(keydest, node, "required", - info->require_keys); + ret = fdt_setprop_string(keydest, node, "required", + info->require_keys); } BN_free(modulus); BN_free(r_squared); if (ret) - return -EIO; + return ret == FDT_ERR_NOSPACE ? -ENOSPC : -EIO; return 0; } -- cgit v1.2.3 From 597a8b2c68574970dc38c55abe07712b6045776a Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 12 Jun 2014 07:24:42 -0600 Subject: mkimage: Automatically expand FDT in more cases The original code did not cover every case and there was a missing negative sign in one case. Expand the coverage and fix the bug. Signed-off-by: Simon Glass --- lib/rsa/rsa-sign.c | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'lib/rsa') diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 48f31972096..83f5e878389 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -405,11 +405,15 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) if (parent == -FDT_ERR_NOTFOUND) { parent = fdt_add_subnode(keydest, 0, FIT_SIG_NODENAME); if (parent < 0) { - fprintf(stderr, "Couldn't create signature node: %s\n", - fdt_strerror(parent)); - return -EINVAL; + ret = parent; + if (ret != -FDT_ERR_NOSPACE) { + fprintf(stderr, "Couldn't create signature node: %s\n", + fdt_strerror(parent)); + } } } + if (ret) + goto done; /* Either create or overwrite the named key node */ snprintf(name, sizeof(name), "key-%s", info->keyname); @@ -417,18 +421,22 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) if (node == -FDT_ERR_NOTFOUND) { node = fdt_add_subnode(keydest, parent, name); if (node < 0) { - fprintf(stderr, "Could not create key subnode: %s\n", - fdt_strerror(node)); - return -EINVAL; + ret = node; + if (ret != -FDT_ERR_NOSPACE) { + fprintf(stderr, "Could not create key subnode: %s\n", + fdt_strerror(node)); + } } } else if (node < 0) { fprintf(stderr, "Cannot select keys parent: %s\n", fdt_strerror(node)); - return -ENOSPC; + ret = node; } - ret = fdt_setprop_string(keydest, node, "key-name-hint", + if (!ret) { + ret = fdt_setprop_string(keydest, node, "key-name-hint", info->keyname); + } if (!ret) ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); if (!ret) @@ -449,10 +457,11 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) ret = fdt_setprop_string(keydest, node, "required", info->require_keys); } +done: BN_free(modulus); BN_free(r_squared); if (ret) - return ret == FDT_ERR_NOSPACE ? -ENOSPC : -EIO; + return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO; return 0; } -- cgit v1.2.3 From 2b9912e6a7df7b1f60beb7942bd0e6fa5f9d0167 Mon Sep 17 00:00:00 2001 From: Jeroen Hofstee Date: Thu, 12 Jun 2014 22:27:12 +0200 Subject: includes: move openssl headers to include/u-boot commit 18b06652cd "tools: include u-boot version of sha256.h" unconditionally forced the sha256.h from u-boot to be used for tools instead of the host version. This is fragile though as it will also include the host version. Therefore move it to include/u-boot to join u-boot/md5.h etc which were renamed for the same reason. cc: Simon Glass Signed-off-by: Jeroen Hofstee --- lib/rsa/rsa-checksum.c | 6 +++--- lib/rsa/rsa-verify.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'lib/rsa') diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c index 32d6602e975..8d8b59f779a 100644 --- a/lib/rsa/rsa-checksum.c +++ b/lib/rsa/rsa-checksum.c @@ -13,9 +13,9 @@ #else #include "fdt_host.h" #endif -#include -#include -#include +#include +#include +#include /* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */ diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 587da5b4706..bcb906368d0 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -17,9 +17,9 @@ #include "mkimage.h" #include #endif -#include -#include -#include +#include +#include +#include #define UINT64_MULT32(v, multby) (((uint64_t)(v)) * ((uint32_t)(multby))) -- cgit v1.2.3