On 09/02/2015 03:19 PM, Jimmy Zhang wrote:
Added routines to allow updating pkc pubkey and rsa pss signatures.
"pkc" and "pss" should be explained.
Specifically, added following configuration keywords:
RsaKeyModulus: set pubkey
RsaPssSigBl: set bootloader rsa pss signature
RsaPssSigBct: set bct rsa pss signature
Sample Configuration file update_bl_sig.cfg
RsaKeyModulus = pubkey.mod;
RsaPssSigBl = bl.sig;
Oh, RsaKeyModulus is a file not an inline value? Better put "File" or
"Filename" into the keywords then?
How can the user generate the value for RsaPssSigBct if this tool is
generating the BCT? Why doesn't this tool generate the signatures itself
internally?
Commandline example:
$ cbootimage -s tegra210 -u update_bl_sig.cfg image.bin image.bin-bl-signed
This commit appears to be two unrelated changes squashed into one. This
commit description is entirely unrelated to the commit subject for example.
diff --git a/src/cbootimage.c b/src/cbootimage.c
printf(" -u|--update Copy input image data and update bct\n");
printf(" configs into new image file.\n");
- printf(" This feature is only for tegra114/124.\n");
+ printf(" This feature is only for tegra114/124/210.\n");
I assume this feature will be enabled by default going forward. I think
it'd be better to rephrase that as "This feature is not supported on
Tegra20/30".
BTW, is there a particular reason the feature won't work there? If not,
can we simply enable it for all chips?
if (context->boot_data_version != BOOTDATA_VERSION_T114 &&
- context->boot_data_version != BOOTDATA_VERSION_T124) {
- printf("Update image feature is only for Tegra114 and Tegra124.\n");
+ context->boot_data_version != BOOTDATA_VERSION_T124 &&
+ context->boot_data_version != BOOTDATA_VERSION_T210) {
+ printf("Update image feature is only for Tegra114, Tegra124"
+ " and Tegra210.\n");
return -EINVAL;
To avoid that if expanding forever, can it not check for == T20/30
rather than != all other chips?
diff --git a/src/cbootimage.h b/src/cbootimage.h
@@ -105,6 +109,7 @@ typedef struct build_image_context_rec
u_int32_t mts_attr;
char *bct_filename;
+ char *rsa_filename;
RSA *what* filename? This patch introduces 3 different RSA-related
keywords. A more complete variable name would be useful so it's obvious
which keyword's value is being stored here. Comments would be useful too.
diff --git a/src/parse.c b/src/parse.c
@@ -116,6 +118,9 @@ static parse_item s_top_level_items[] = {
{ "ChipUid=", token_unique_chip_id, parse_value_chipuid },
{ "JtagCtrl=", token_secure_jtag_control, parse_value_u32 },
{ "DebugCtrl=", token_secure_debug_control, parse_value_u32 },
+ { "RsaKeyModulus=", token_pub_key_modulus, parse_rsa_param },
Why "RsaKey" in the keyword name but "pub_key" in the enumeration?
diff --git a/src/set.c b/src/set.c
+int
+set_rsa_param(build_image_context *context, parse_token token,
+ const char *filename)
...
+ if (result || (actual_size != ARSE_RSA_PARAM_MAX_BYTES)) {
+ if (result)
+ printf("Error reading file %s.\n", filename);
+ else
+ printf("Error: invalid size, file %s.\n", filename);
+ exit(1);
+ }
Since those are two entirely separate error cases, writing two entirely
separate if conditions would be better:
if (result) {
printf
exit
}
if (actual_size != ... {
printf
exit
}
diff --git a/src/t210/nvbctlib_t210.c b/src/t210/nvbctlib_t210.c
@@ -2198,6 +2201,21 @@ t210_bct_set_value(parse_token id, void *data, u_int8_t *bct)
memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
break;
+ case token_pub_key_modulus:
+ memcpy(&bct_ptr->key, data, sizeof(nvboot_rsa_key_modulus));
+ break;
+
+ case token_rsa_pss_sig_bl:
+ /* ONLY support one bl */
+ memcpy(&bct_ptr->bootloader[0].signature.rsa_pss_sig,
+ data, sizeof(nvboot_rsa_pss_sig));
That comment is unfortunate. Can we not make this keyword an array, so
that this limitation does not exist? If not, won't this require a
non-backwards-compatible syntax change when we add support for more than
one bootloader (which incidentally is a feature I expect will be
implemented not too far down the road...)
--
To unsubscribe from this list: send the line "unsubscribe linux-tegra" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
