binman: Ignore hash*, signature* nodes in sections

Switch to str.startswith for matching like the FIT etype does since the
current version doesn't ignore 'hash-1', 'hash-2', etc.

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

diff --git a/tools/binman/etype/section.py b/tools/binman/etype/section.py
index 73c5553c8120e88cb10c695fb9ab06a31687a0d3..c5166a5b579c8986739674576f0349beb4ab7261 100644 (file)
--- a/tools/binman/etype/section.py
+++ b/tools/binman/etype/section.py
@@ -83,7 +83,7 @@ class Entry_section(Entry):
 
     def _ReadEntries(self):
         for node in self._node.subnodes:
-            if node.name == 'hash':
+            if node.name.startswith('hash') or node.name.startswith('signature'):
                 continue
             entry = Entry.Create(self, node)
             entry.ReadNode()

diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py
index 5f650b5f94c0d895ad5f8e8c2766ea18e07cd4b4..ab88ee96ab4217ff33af0f2f63143b1c372afcd8 100644 (file)
--- a/tools/binman/ftest.py
+++ b/tools/binman/ftest.py
@@ -3477,5 +3477,11 @@ class TestFunctional(unittest.TestCase):
         fnode = dtb.GetNode('/images/kernel')
         self.assertNotIn('data', fnode.props)
 
+    def testSectionIgnoreHashSignature(self):
+        """Test that sections ignore hash, signature nodes for its data"""
+        data = self._DoReadFile('165_section_ignore_hash_signature.dts')
+        expected = (U_BOOT_DATA + U_BOOT_DATA)
+        self.assertEqual(expected, data)
+
 if __name__ == "__main__":
     unittest.main()

diff --git a/tools/binman/test/165_section_ignore_hash_signature.dts b/tools/binman/test/165_section_ignore_hash_signature.dts
new file mode 100644 (file)
index 0000000..8adbe25
--- /dev/null
+++ b/tools/binman/test/165_section_ignore_hash_signature.dts
@@ -0,0 +1,40 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/dts-v1/;
+
+/ {
+       #address-cells = <1>;
+       #size-cells = <1>;
+
+       binman {
+               section@0 {
+                       u-boot {
+                       };
+                       hash {
+                               algo = "sha256";
+                       };
+                       signature {
+                               algo = "sha256,rsa2048";
+                               key-name-hint = "dev";
+                       };
+               };
+               section@1 {
+                       u-boot {
+                       };
+                       hash-1 {
+                               algo = "sha1";
+                       };
+                       hash-2 {
+                               algo = "sha256";
+                       };
+                       signature-1 {
+                               algo = "sha1,rsa2048";
+                               key-name-hint = "dev";
+                       };
+                       signature-2 {
+                               algo = "sha256,rsa2048";
+                               key-name-hint = "dev";
+                       };
+               };
+       };
+};