summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrick Oppenlander <patrick.oppenlander@gmail.com>2020-07-30 14:22:15 +1000
committerTom Rini <trini@konsulko.com>2020-08-07 11:47:18 -0400
commitb33e5cc18263d438d11bb9a728b4117cc560cae4 (patch)
tree9f2dc27543df7ba6adeb659f6838574626f34382
parent04aeebb131081698204ad38bd8aba7140cd3ba22 (diff)
mkimage: fit: don't cipher ciphered data
Previously, mkimage -F could be run multiple times causing already ciphered image data to be ciphered again. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
-rw-r--r--tools/image-host.c15
1 files changed, 14 insertions, 1 deletions
diff --git a/tools/image-host.c b/tools/image-host.c
index b4603c5f01..e5417beee5 100644
--- a/tools/image-host.c
+++ b/tools/image-host.c
@@ -482,7 +482,7 @@ int fit_image_cipher_data(const char *keydir, void *keydest,
const char *image_name;
const void *data;
size_t size;
- int cipher_node_offset;
+ int cipher_node_offset, len;
/* Get image name */
image_name = fit_get_name(fit, image_noffset, NULL);
@@ -497,6 +497,19 @@ int fit_image_cipher_data(const char *keydir, void *keydest,
return -1;
}
+ /*
+ * Don't cipher ciphered data.
+ *
+ * If the data-size-unciphered property is present the data for this
+ * image is already encrypted. This is important as 'mkimage -F' can be
+ * run multiple times on a FIT image.
+ */
+ if (fdt_getprop(fit, image_noffset, "data-size-unciphered", &len))
+ return 0;
+ if (len != -FDT_ERR_NOTFOUND) {
+ printf("Failure testing for data-size-unciphered\n");
+ return -1;
+ }
/* Process cipher node if present */
cipher_node_offset = fdt_subnode_offset(fit, image_noffset,