return default_list;
}
+static int fit_config_add_hash(void *fit, const char *conf_name, const char *sig_name,
+ struct strlist *node_inc, const char *iname, int image_noffset)
+{
+ char name[200], path[200];
+ int noffset;
+ int hash_count;
+ int ret;
+
+ ret = fdt_get_path(fit, image_noffset, path, sizeof(path));
+ if (ret < 0)
+ goto err_path;
+ if (strlist_add(node_inc, path))
+ goto err_mem;
+
+ snprintf(name, sizeof(name), "%s/%s", FIT_CONFS_PATH,
+ conf_name);
+
+ /* Add all this image's hashes */
+ hash_count = 0;
+ for (noffset = fdt_first_subnode(fit, image_noffset);
+ noffset >= 0;
+ noffset = fdt_next_subnode(fit, noffset)) {
+ const char *name = fit_get_name(fit, noffset, NULL);
+
+ if (strncmp(name, FIT_HASH_NODENAME,
+ strlen(FIT_HASH_NODENAME)))
+ continue;
+ ret = fdt_get_path(fit, noffset, path, sizeof(path));
+ if (ret < 0)
+ goto err_path;
+ if (strlist_add(node_inc, path))
+ goto err_mem;
+ hash_count++;
+ }
+
+ if (!hash_count) {
+ printf("Failed to find any hash nodes in configuration '%s/%s' image '%s' - without these it is not possible to verify this image\n",
+ conf_name, sig_name, iname);
+ return -ENOMSG;
+ }
+
+ /* Add this image's cipher node if present */
+ noffset = fdt_subnode_offset(fit, image_noffset,
+ FIT_CIPHER_NODENAME);
+ if (noffset != -FDT_ERR_NOTFOUND) {
+ if (noffset < 0) {
+ printf("Failed to get cipher node in configuration '%s/%s' image '%s': %s\n",
+ conf_name, sig_name, iname,
+ fdt_strerror(noffset));
+ return -EIO;
+ }
+ ret = fdt_get_path(fit, noffset, path, sizeof(path));
+ if (ret < 0)
+ goto err_path;
+ if (strlist_add(node_inc, path))
+ goto err_mem;
+ }
+
+ return 0;
+
+err_mem:
+ printf("Out of memory processing configuration '%s/%s'\n", conf_name,
+ sig_name);
+ return -ENOMEM;
+
+err_path:
+ printf("Failed to get path for image '%s' in configuration '%s/%s': %s\n",
+ iname, conf_name, sig_name, fdt_strerror(ret));
+ return -ENOENT;
+}
+
static int fit_config_get_hash_list(void *fit, int conf_noffset,
int sig_offset, struct strlist *node_inc)
{
int allow_missing;
const char *prop, *iname, *end;
const char *conf_name, *sig_name;
- char name[200], path[200];
+ char name[200];
int image_count;
int ret, len;
end = prop + len;
image_count = 0;
for (iname = prop; iname < end; iname += strlen(iname) + 1) {
- int noffset;
int image_noffset;
- int hash_count;
image_noffset = fit_conf_get_prop_node(fit, conf_noffset,
iname);
return -ENOENT;
}
- ret = fdt_get_path(fit, image_noffset, path, sizeof(path));
+ ret = fit_config_add_hash(fit, conf_name,
+ sig_name, node_inc,
+ iname, image_noffset);
if (ret < 0)
- goto err_path;
- if (strlist_add(node_inc, path))
- goto err_mem;
-
- snprintf(name, sizeof(name), "%s/%s", FIT_CONFS_PATH,
- conf_name);
-
- /* Add all this image's hashes */
- hash_count = 0;
- for (noffset = fdt_first_subnode(fit, image_noffset);
- noffset >= 0;
- noffset = fdt_next_subnode(fit, noffset)) {
- const char *name = fit_get_name(fit, noffset, NULL);
-
- if (strncmp(name, FIT_HASH_NODENAME,
- strlen(FIT_HASH_NODENAME)))
- continue;
- ret = fdt_get_path(fit, noffset, path, sizeof(path));
- if (ret < 0)
- goto err_path;
- if (strlist_add(node_inc, path))
- goto err_mem;
- hash_count++;
- }
-
- if (!hash_count) {
- printf("Failed to find any hash nodes in configuration '%s/%s' image '%s' - without these it is not possible to verify this image\n",
- conf_name, sig_name, iname);
- return -ENOMSG;
- }
-
- /* Add this image's cipher node if present */
- noffset = fdt_subnode_offset(fit, image_noffset,
- FIT_CIPHER_NODENAME);
- if (noffset != -FDT_ERR_NOTFOUND) {
- if (noffset < 0) {
- printf("Failed to get cipher node in configuration '%s/%s' image '%s': %s\n",
- conf_name, sig_name, iname,
- fdt_strerror(noffset));
- return -EIO;
- }
- ret = fdt_get_path(fit, noffset, path, sizeof(path));
- if (ret < 0)
- goto err_path;
- if (strlist_add(node_inc, path))
- goto err_mem;
- }
+ return ret;
image_count++;
}
printf("Out of memory processing configuration '%s/%s'\n", conf_name,
sig_name);
return -ENOMEM;
-
-err_path:
- printf("Failed to get path for image '%s' in configuration '%s/%s': %s\n",
- iname, conf_name, sig_name, fdt_strerror(ret));
- return -ENOENT;
}
static int fit_config_get_data(void *fit, int conf_noffset, int noffset,