From 4f427a421fcba92b0325907fe79464c9791e85d5 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Mon, 2 Jun 2014 22:04:51 -0600 Subject: fdt: Update functions which write to an FDT to return -ENOSPC When writing values into an FDT it is possible that there will be insufficient space. If the caller gets a useful error then it can potentially deal with the situation. Adjust these functions to return -ENOSPC when the FDT is full. Signed-off-by: Simon Glass --- lib/rsa/rsa-sign.c | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index ca8c120d97..48f3197209 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -429,20 +429,30 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) ret = fdt_setprop_string(keydest, node, "key-name-hint", info->keyname); - ret |= fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); - ret |= fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv); - ret |= fdt_add_bignum(keydest, node, "rsa,modulus", modulus, bits); - ret |= fdt_add_bignum(keydest, node, "rsa,r-squared", r_squared, bits); - ret |= fdt_setprop_string(keydest, node, FIT_ALGO_PROP, - info->algo->name); + if (!ret) + ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); + if (!ret) + ret = fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv); + if (!ret) { + ret = fdt_add_bignum(keydest, node, "rsa,modulus", modulus, + bits); + } + if (!ret) { + ret = fdt_add_bignum(keydest, node, "rsa,r-squared", r_squared, + bits); + } + if (!ret) { + ret = fdt_setprop_string(keydest, node, FIT_ALGO_PROP, + info->algo->name); + } if (info->require_keys) { - fdt_setprop_string(keydest, node, "required", - info->require_keys); + ret = fdt_setprop_string(keydest, node, "required", + info->require_keys); } BN_free(modulus); BN_free(r_squared); if (ret) - return -EIO; + return ret == FDT_ERR_NOSPACE ? -ENOSPC : -EIO; return 0; } -- cgit From 867abdac5effde660ac1ca9db8c43994edc01c09 Mon Sep 17 00:00:00 2001 From: Jeroen Hofstee Date: Tue, 10 Jun 2014 23:37:23 +0200 Subject: LzmaTools: don't self assign values It seems the code tries to trick the compiler the argument is actually used. However compilers became too smart to fool them so easily an now warn. Gcc and clang don't seem to emit a warning when the argument is unused. If so it should be decorated with unused / (void). Signed-off-by: Jeroen Hofstee --- lib/lzma/LzmaTools.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/lzma/LzmaTools.c b/lib/lzma/LzmaTools.c index 90d31cdcf8..cfc7cb02f7 100644 --- a/lib/lzma/LzmaTools.c +++ b/lib/lzma/LzmaTools.c @@ -34,8 +34,8 @@ #include #include -static void *SzAlloc(void *p, size_t size) { p = p; return malloc(size); } -static void SzFree(void *p, void *address) { p = p; free(address); } +static void *SzAlloc(void *p, size_t size) { return malloc(size); } +static void SzFree(void *p, void *address) { free(address); } int lzmaBuffToBuffDecompress (unsigned char *outStream, SizeT *uncompressedSize, unsigned char *inStream, SizeT length) -- cgit From af67b25250e5dd636a844d869bba8ce698422145 Mon Sep 17 00:00:00 2001 From: Jon Nalley Date: Wed, 26 Feb 2014 11:32:21 -0500 Subject: libfdt: Fix segfault when calling fit_check_format() on corrupt FIT images It has been observed that fit_check_format() will fail when passed a corrupt FIT image. This was tracked down to _fdt_string_eq(): return (strlen(p) == len) && (memcmp(p, s, len) == 0); In the case of a corrupt FIT image one can't depend on 'p' being NULL terminated. I changed it to use strnlen() to fix the issue. Signed-off-by: Tom Rini --- lib/libfdt/fdt_ro.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/libfdt/fdt_ro.c b/lib/libfdt/fdt_ro.c index f2154e8370..36af043525 100644 --- a/lib/libfdt/fdt_ro.c +++ b/lib/libfdt/fdt_ro.c @@ -44,7 +44,7 @@ static int _fdt_string_eq(const void *fdt, int stroffset, { const char *p = fdt_string(fdt, stroffset); - return (strlen(p) == len) && (memcmp(p, s, len) == 0); + return (strnlen(p, len + 1) == len) && (memcmp(p, s, len) == 0); } int fdt_get_mem_rsv(const void *fdt, int n, uint64_t *address, uint64_t *size) -- cgit From 597a8b2c68574970dc38c55abe07712b6045776a Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 12 Jun 2014 07:24:42 -0600 Subject: mkimage: Automatically expand FDT in more cases The original code did not cover every case and there was a missing negative sign in one case. Expand the coverage and fix the bug. Signed-off-by: Simon Glass --- lib/rsa/rsa-sign.c | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 48f3197209..83f5e87838 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -405,11 +405,15 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) if (parent == -FDT_ERR_NOTFOUND) { parent = fdt_add_subnode(keydest, 0, FIT_SIG_NODENAME); if (parent < 0) { - fprintf(stderr, "Couldn't create signature node: %s\n", - fdt_strerror(parent)); - return -EINVAL; + ret = parent; + if (ret != -FDT_ERR_NOSPACE) { + fprintf(stderr, "Couldn't create signature node: %s\n", + fdt_strerror(parent)); + } } } + if (ret) + goto done; /* Either create or overwrite the named key node */ snprintf(name, sizeof(name), "key-%s", info->keyname); @@ -417,18 +421,22 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) if (node == -FDT_ERR_NOTFOUND) { node = fdt_add_subnode(keydest, parent, name); if (node < 0) { - fprintf(stderr, "Could not create key subnode: %s\n", - fdt_strerror(node)); - return -EINVAL; + ret = node; + if (ret != -FDT_ERR_NOSPACE) { + fprintf(stderr, "Could not create key subnode: %s\n", + fdt_strerror(node)); + } } } else if (node < 0) { fprintf(stderr, "Cannot select keys parent: %s\n", fdt_strerror(node)); - return -ENOSPC; + ret = node; } - ret = fdt_setprop_string(keydest, node, "key-name-hint", + if (!ret) { + ret = fdt_setprop_string(keydest, node, "key-name-hint", info->keyname); + } if (!ret) ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); if (!ret) @@ -449,10 +457,11 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) ret = fdt_setprop_string(keydest, node, "required", info->require_keys); } +done: BN_free(modulus); BN_free(r_squared); if (ret) - return ret == FDT_ERR_NOSPACE ? -ENOSPC : -EIO; + return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO; return 0; } -- cgit From 2b9912e6a7df7b1f60beb7942bd0e6fa5f9d0167 Mon Sep 17 00:00:00 2001 From: Jeroen Hofstee Date: Thu, 12 Jun 2014 22:27:12 +0200 Subject: includes: move openssl headers to include/u-boot commit 18b06652cd "tools: include u-boot version of sha256.h" unconditionally forced the sha256.h from u-boot to be used for tools instead of the host version. This is fragile though as it will also include the host version. Therefore move it to include/u-boot to join u-boot/md5.h etc which were renamed for the same reason. cc: Simon Glass Signed-off-by: Jeroen Hofstee --- lib/rsa/rsa-checksum.c | 6 +++--- lib/rsa/rsa-verify.c | 6 +++--- lib/sha1.c | 2 +- lib/sha256.c | 2 +- lib/tpm.c | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/rsa/rsa-checksum.c b/lib/rsa/rsa-checksum.c index 32d6602e97..8d8b59f779 100644 --- a/lib/rsa/rsa-checksum.c +++ b/lib/rsa/rsa-checksum.c @@ -13,9 +13,9 @@ #else #include "fdt_host.h" #endif -#include -#include -#include +#include +#include +#include /* PKCS 1.5 paddings as described in the RSA PKCS#1 v2.1 standard. */ diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 587da5b470..bcb906368d 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -17,9 +17,9 @@ #include "mkimage.h" #include #endif -#include -#include -#include +#include +#include +#include #define UINT64_MULT32(v, multby) (((uint64_t)(v)) * ((uint32_t)(multby))) diff --git a/lib/sha1.c b/lib/sha1.c index a121224855..0a5f68864c 100644 --- a/lib/sha1.c +++ b/lib/sha1.c @@ -36,7 +36,7 @@ #include #endif /* USE_HOSTCC */ #include -#include "sha1.h" +#include /* * 32-bit integer manipulation macros (big endian) diff --git a/lib/sha256.c b/lib/sha256.c index b1085ea791..bb338baefa 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -13,7 +13,7 @@ #include #endif /* USE_HOSTCC */ #include -#include +#include /* * 32-bit integer manipulation macros (big endian) diff --git a/lib/tpm.c b/lib/tpm.c index 967c8e6515..d9789b022a 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -7,7 +7,7 @@ #include #include -#include +#include #include #include -- cgit From b047d671dbf60beab9822349f794a0152b97ac31 Mon Sep 17 00:00:00 2001 From: Heiko Schocher Date: Sun, 22 Jun 2014 06:33:29 +0200 Subject: lib, fdt: move fdtdec_get_int() out of lib/fdtdec.c move fdtdec_get_int() out of lib/fdtdec.c into lib/fdtdec_common.c as this function is also used, if CONFIG_OF_CONTROL is not used. Poped up on the ids8313 board using signed FIT images, and activating CONFIG_SYS_GENERIC_BOARD. Without this patch it shows on boot: No valid FDT found - please append one to U-Boot binary, use u-boot-dtb.bin or define CONFIG_OF_EMBED. For sandbox, use -d With this patch, it boots again with CONFIG_SYS_GENERIC_BOARD enabled. Signed-off-by: Heiko Schocher Acked-by: Simon Glass Cc: Tom Rini --- lib/Makefile | 2 ++ lib/fdtdec.c | 36 ------------------------------------ lib/fdtdec_common.c | 38 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 40 insertions(+), 36 deletions(-) create mode 100644 lib/fdtdec_common.c (limited to 'lib') diff --git a/lib/Makefile b/lib/Makefile index 377ab134ba..68210a59b7 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -23,6 +23,8 @@ obj-$(CONFIG_USB_TTY) += circbuf.o obj-y += crc7.o obj-y += crc8.o obj-y += crc16.o +obj-$(CONFIG_FIT) += fdtdec_common.o +obj-$(CONFIG_OF_CONTROL) += fdtdec_common.o obj-$(CONFIG_OF_CONTROL) += fdtdec.o obj-$(CONFIG_TEST_FDTDEC) += fdtdec_test.o obj-$(CONFIG_GZIP) += gunzip.o diff --git a/lib/fdtdec.c b/lib/fdtdec.c index 13d3d2f522..aaa6620cc3 100644 --- a/lib/fdtdec.c +++ b/lib/fdtdec.c @@ -111,24 +111,6 @@ fdt_addr_t fdtdec_get_addr(const void *blob, int node, return fdtdec_get_addr_size(blob, node, prop_name, NULL); } -s32 fdtdec_get_int(const void *blob, int node, const char *prop_name, - s32 default_val) -{ - const s32 *cell; - int len; - - debug("%s: %s: ", __func__, prop_name); - cell = fdt_getprop(blob, node, prop_name, &len); - if (cell && len >= sizeof(s32)) { - s32 val = fdt32_to_cpu(cell[0]); - - debug("%#x (%d)\n", val, val); - return val; - } - debug("(not found)\n"); - return default_val; -} - uint64_t fdtdec_get_uint64(const void *blob, int node, const char *prop_name, uint64_t default_val) { @@ -648,22 +630,4 @@ int fdtdec_read_fmap_entry(const void *blob, int node, const char *name, return 0; } -#else -#include "libfdt.h" -#include "fdt_support.h" - -int fdtdec_get_int(const void *blob, int node, const char *prop_name, - int default_val) -{ - const int *cell; - int len; - - cell = fdt_getprop_w((void *)blob, node, prop_name, &len); - if (cell && len >= sizeof(int)) { - int val = fdt32_to_cpu(cell[0]); - - return val; - } - return default_val; -} #endif diff --git a/lib/fdtdec_common.c b/lib/fdtdec_common.c new file mode 100644 index 0000000000..757931a9cb --- /dev/null +++ b/lib/fdtdec_common.c @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2014 + * Heiko Schocher, DENX Software Engineering, hs@denx.de. + * + * Based on lib/fdtdec.c: + * Copyright (c) 2011 The Chromium OS Authors. + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#ifndef USE_HOSTCC +#include +#include +#include +#else +#include "libfdt.h" +#include "fdt_support.h" + +#define debug(...) +#endif + +int fdtdec_get_int(const void *blob, int node, const char *prop_name, + int default_val) +{ + const int *cell; + int len; + + debug("%s: %s: ", __func__, prop_name); + cell = fdt_getprop(blob, node, prop_name, &len); + if (cell && len >= sizeof(int)) { + int val = fdt32_to_cpu(cell[0]); + + debug("%#x (%d)\n", val, val); + return val; + } + debug("(not found)\n"); + return default_val; +} -- cgit