]> git.dujemihanovic.xyz Git - u-boot.git/commitdiff
fit: Fix verification of images with external data
authorJohn Keeping <john@metanate.com>
Tue, 20 Apr 2021 18:19:44 +0000 (19:19 +0100)
committerTom Rini <trini@konsulko.com>
Wed, 4 Aug 2021 19:57:13 +0000 (15:57 -0400)
The "-E" option to mkimage generates a FIT with external data using the
data-size and data-offset properties which must both be ignored when
verifying a signature.

Add "data-offset" to the list of excluded properties for signature
verification; since the line is now too long, re-format the list to
one-per-line and make it static since the data is constant.

Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
common/image-fit-sig.c

index 55ddf1879ed7b1d24b42cdd4d73307f65a5b2b7f..b979cd2a4b607df0954935d95a1f33cd59da2fa0 100644 (file)
@@ -245,7 +245,13 @@ static int fit_config_check_sig(const void *fit, int noffset,
                                int required_keynode, int conf_noffset,
                                char **err_msgp)
 {
-       char * const exc_prop[] = {"data", "data-size", "data-position"};
+       static char * const exc_prop[] = {
+               "data",
+               "data-size",
+               "data-position",
+               "data-offset"
+       };
+
        const char *prop, *end, *name;
        struct image_sign_info info;
        const uint32_t *strings;