| Message ID | 20200318174408.77473-13-sjg@chromium.org |
|---|---|
| State | Accepted |
| Commit | 72188f546291cfadea99e9383c133d6aaa37d87d |
| Headers | show |
| Series | vboot: Fix forged-configuration vulnerability | expand |
> Objet: [PATCH v2 12/14] image: Use constants for 'required' and 'key-name-hint' > These are used in multiple places so update them to use a shared #define. > > Signed-off-by: Simon Glass <sjg at chromium.org> Reviewed-by: Philippe Reynes <philippe.reynes at softathome.com> > --- > > Changes in v2: None > > common/image-cipher.c | 2 +- > common/image-fit.c | 6 +++--- > common/image-sig.c | 8 +++++--- > include/image.h | 4 +++- > lib/rsa/rsa-sign.c | 6 +++--- > tools/image-host.c | 8 ++++---- > 6 files changed, 19 insertions(+), 15 deletions(-) > > diff --git a/common/image-cipher.c b/common/image-cipher.c > index cee3b03ee5..f50c3d31bd 100644 > --- a/common/image-cipher.c > +++ b/common/image-cipher.c > @@ -88,7 +88,7 @@ static int fit_image_setup_decrypt(struct image_cipher_info > *info, > return -1; > } > > - info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL); > + info->keyname = fdt_getprop(fit, cipher_noffset, FIT_KEY_HINT, NULL); > if (!info->keyname) { > printf("Can't get key name\n"); > return -1; > diff --git a/common/image-fit.c b/common/image-fit.c > index a5c85ede8d..c8ff77526c 100644 > --- a/common/image-fit.c > +++ b/common/image-fit.c > @@ -168,7 +168,7 @@ static void fit_image_print_data(const void *fit, int > noffset, const char *p, > int value_len; > char *algo; > const char *padding; > - int required; > + bool required; > int ret, i; > > debug("%s %s node: '%s'\n", p, type, > @@ -179,8 +179,8 @@ static void fit_image_print_data(const void *fit, int > noffset, const char *p, > return; > } > printf("%s", algo); > - keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); > - required = fdt_getprop(fit, noffset, "required", NULL) != NULL; > + keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); > + required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL; > if (keyname) > printf(":%s", keyname); > if (required) > diff --git a/common/image-sig.c b/common/image-sig.c > index 03143a4040..6563effcf3 100644 > --- a/common/image-sig.c > +++ b/common/image-sig.c > @@ -229,7 +229,7 @@ static int fit_image_setup_verify(struct image_sign_info > *info, > padding_name = RSA_DEFAULT_PADDING_NAME; > > memset(info, '\0', sizeof(*info)); > - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); > + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); > info->fit = (void *)fit; > info->node_offset = noffset; > info->name = algo_name; > @@ -340,7 +340,8 @@ int fit_image_verify_required_sigs(const void *fit, int > image_noffset, > const char *required; > int ret; > > - required = fdt_getprop(sig_blob, noffset, "required", NULL); > + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, > + NULL); > if (!required || strcmp(required, "image")) > continue; > ret = fit_image_verify_sig(fit, image_noffset, data, size, > @@ -557,7 +558,8 @@ int fit_config_verify_required_sigs(const void *fit, int > conf_noffset, > const char *required; > int ret; > > - required = fdt_getprop(sig_blob, noffset, "required", NULL); > + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, > + NULL); > if (!required || strcmp(required, "conf")) > continue; > ret = fit_config_verify_sig(fit, conf_noffset, sig_blob, > diff --git a/include/image.h b/include/image.h > index 512243f159..3ffc0fdd68 100644 > --- a/include/image.h > +++ b/include/image.h > @@ -939,12 +939,14 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong > *size, > #define FIT_IMAGES_PATH "/images" > #define FIT_CONFS_PATH "/configurations" > > -/* hash/signature node */ > +/* hash/signature/key node */ > #define FIT_HASH_NODENAME "hash" > #define FIT_ALGO_PROP "algo" > #define FIT_VALUE_PROP "value" > #define FIT_IGNORE_PROP "uboot-ignore" > #define FIT_SIG_NODENAME "signature" > +#define FIT_KEY_REQUIRED "required" > +#define FIT_KEY_HINT "key-name-hint" > > /* cipher node */ > #define FIT_CIPHER_NODENAME "cipher" > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c > index 6400ef63d6..580c744709 100644 > --- a/lib/rsa/rsa-sign.c > +++ b/lib/rsa/rsa-sign.c > @@ -792,8 +792,8 @@ int rsa_add_verify_data(struct image_sign_info *info, void > *keydest) > } > > if (!ret) { > - ret = fdt_setprop_string(keydest, node, "key-name-hint", > - info->keyname); > + ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT, > + info->keyname); > } > if (!ret) > ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); > @@ -815,7 +815,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void > *keydest) > info->name); > } > if (!ret && info->require_keys) { > - ret = fdt_setprop_string(keydest, node, "required", > + ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED, > info->require_keys); > } > done: > diff --git a/tools/image-host.c b/tools/image-host.c > index dfea48e894..4e57ddea96 100644 > --- a/tools/image-host.c > +++ b/tools/image-host.c > @@ -170,7 +170,7 @@ static int fit_image_setup_sig(struct image_sign_info *info, > > memset(info, '\0', sizeof(*info)); > info->keydir = keydir; > - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); > + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); > info->fit = fit; > info->node_offset = noffset; > info->name = strdup(algo_name); > @@ -249,7 +249,7 @@ static int fit_image_process_sig(const char *keydir, void > *keydest, > free(value); > > /* Get keyname again, as FDT has changed and invalidated our pointer */ > - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); > + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); > > /* > * Write the public key into the supplied FDT file; this might fail > @@ -337,7 +337,7 @@ static int fit_image_setup_cipher(struct image_cipher_info > *info, > info->keydir = keydir; > > /* Read the key name */ > - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); > + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); > if (!info->keyname) { > printf("Can't get key name for cipher '%s' in image '%s'\n", > node_name, image_name); > @@ -886,7 +886,7 @@ static int fit_config_process_sig(const char *keydir, void > *keydest, > free(region_prop); > > /* Get keyname again, as FDT has changed and invalidated our pointer */ > - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); > + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); > > /* Write the public key into the supplied FDT file */ > if (keydest) { > -- > 2.25.1.481.gfbce0eb801-goog
diff --git a/common/image-cipher.c b/common/image-cipher.c index cee3b03ee5..f50c3d31bd 100644 --- a/common/image-cipher.c +++ b/common/image-cipher.c @@ -88,7 +88,7 @@ static int fit_image_setup_decrypt(struct image_cipher_info *info, return -1; } - info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, cipher_noffset, FIT_KEY_HINT, NULL); if (!info->keyname) { printf("Can't get key name\n"); return -1; diff --git a/common/image-fit.c b/common/image-fit.c index a5c85ede8d..c8ff77526c 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -168,7 +168,7 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p, int value_len; char *algo; const char *padding; - int required; + bool required; int ret, i; debug("%s %s node: '%s'\n", p, type, @@ -179,8 +179,8 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p, return; } printf("%s", algo); - keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); - required = fdt_getprop(fit, noffset, "required", NULL) != NULL; + keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); + required = fdt_getprop(fit, noffset, FIT_KEY_REQUIRED, NULL) != NULL; if (keyname) printf(":%s", keyname); if (required) diff --git a/common/image-sig.c b/common/image-sig.c index 03143a4040..6563effcf3 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -229,7 +229,7 @@ static int fit_image_setup_verify(struct image_sign_info *info, padding_name = RSA_DEFAULT_PADDING_NAME; memset(info, '\0', sizeof(*info)); - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); info->fit = (void *)fit; info->node_offset = noffset; info->name = algo_name; @@ -340,7 +340,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, const char *required; int ret; - required = fdt_getprop(sig_blob, noffset, "required", NULL); + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, + NULL); if (!required || strcmp(required, "image")) continue; ret = fit_image_verify_sig(fit, image_noffset, data, size, @@ -557,7 +558,8 @@ int fit_config_verify_required_sigs(const void *fit, int conf_noffset, const char *required; int ret; - required = fdt_getprop(sig_blob, noffset, "required", NULL); + required = fdt_getprop(sig_blob, noffset, FIT_KEY_REQUIRED, + NULL); if (!required || strcmp(required, "conf")) continue; ret = fit_config_verify_sig(fit, conf_noffset, sig_blob, diff --git a/include/image.h b/include/image.h index 512243f159..3ffc0fdd68 100644 --- a/include/image.h +++ b/include/image.h @@ -939,12 +939,14 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong *size, #define FIT_IMAGES_PATH "/images" #define FIT_CONFS_PATH "/configurations" -/* hash/signature node */ +/* hash/signature/key node */ #define FIT_HASH_NODENAME "hash" #define FIT_ALGO_PROP "algo" #define FIT_VALUE_PROP "value" #define FIT_IGNORE_PROP "uboot-ignore" #define FIT_SIG_NODENAME "signature" +#define FIT_KEY_REQUIRED "required" +#define FIT_KEY_HINT "key-name-hint" /* cipher node */ #define FIT_CIPHER_NODENAME "cipher" diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index 6400ef63d6..580c744709 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -792,8 +792,8 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) } if (!ret) { - ret = fdt_setprop_string(keydest, node, "key-name-hint", - info->keyname); + ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT, + info->keyname); } if (!ret) ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits); @@ -815,7 +815,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest) info->name); } if (!ret && info->require_keys) { - ret = fdt_setprop_string(keydest, node, "required", + ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED, info->require_keys); } done: diff --git a/tools/image-host.c b/tools/image-host.c index dfea48e894..4e57ddea96 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -170,7 +170,7 @@ static int fit_image_setup_sig(struct image_sign_info *info, memset(info, '\0', sizeof(*info)); info->keydir = keydir; - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); info->fit = fit; info->node_offset = noffset; info->name = strdup(algo_name); @@ -249,7 +249,7 @@ static int fit_image_process_sig(const char *keydir, void *keydest, free(value); /* Get keyname again, as FDT has changed and invalidated our pointer */ - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); /* * Write the public key into the supplied FDT file; this might fail @@ -337,7 +337,7 @@ static int fit_image_setup_cipher(struct image_cipher_info *info, info->keydir = keydir; /* Read the key name */ - info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); if (!info->keyname) { printf("Can't get key name for cipher '%s' in image '%s'\n", node_name, image_name); @@ -886,7 +886,7 @@ static int fit_config_process_sig(const char *keydir, void *keydest, free(region_prop); /* Get keyname again, as FDT has changed and invalidated our pointer */ - info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL); + info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL); /* Write the public key into the supplied FDT file */ if (keydest) {
These are used in multiple places so update them to use a shared #define. Signed-off-by: Simon Glass <sjg at chromium.org> --- Changes in v2: None common/image-cipher.c | 2 +- common/image-fit.c | 6 +++--- common/image-sig.c | 8 +++++--- include/image.h | 4 +++- lib/rsa/rsa-sign.c | 6 +++--- tools/image-host.c | 8 ++++---- 6 files changed, 19 insertions(+), 15 deletions(-)