Hi Sasha, Maik, Sascha Hauer <s.hauer@xxxxxxxxxxxxxx> writes: > On Wed, Dec 18, 2019 at 01:57:17PM +0100, Maik Otto wrote: >> the whole barebox with mbr and partition table were be signed by default. >> change the signing to the executed image without signing the mbr, >> partition table and header_gap by imx8mq >> additional delete option full, from-dcdofs and skip-mbr >> >> Signed-off-by: Maik Otto <m.otto@xxxxxxxxx> >> --- >> Changes in v2: >> - change subject from habv4: add the possibility to changing the signing >> area from Kconfig to >> - delete KConfig entries >> - delete changes habv4-imx6-gencsf.h >> - delete full, from-dcdofs and skip-mbr options >> --- >> scripts/imx/imx.c | 33 +++++++++------------------------ >> 1 file changed, 9 insertions(+), 24 deletions(-) > > Applied, thanks. > > @Marcin, as you introduced the "from-dcdofs" and "full" options, are you > happy with this patch? It removes the options, but should default to > what you originally wanted to archieve, right? I think that when adding separate skip-mbr and from-dcdofs I wanted to protect (with skip-mbr) first bytes of generated image, which contain barebox header (with its version?) from what I remember. I never used that information from there, so I am quite okay with dropping skip-mbr support in favor of only from-dcdofs. However I wonder why offset_load_address is hardcoded to 0x400. Shouldn't we leave from-dcdofs as is and simply dropping all other options (full and skip-mbr)? Regards, Marcin > > Regards > Sascha > >> >> diff --git a/scripts/imx/imx.c b/scripts/imx/imx.c >> index b3e8d62..b2dd25c 100644 >> --- a/scripts/imx/imx.c >> +++ b/scripts/imx/imx.c >> @@ -338,16 +338,13 @@ static int do_hab_blocks(struct config_data *data, int argc, char *argv[]) >> char *str; >> int ret; >> uint32_t signed_size = data->load_size; >> - uint32_t offset = 0; >> + uint32_t offset_load_address = 0x400; //skip MBR and Partition Table >> + uint32_t offset_size = offset_load_address; >> + uint32_t offset = offset_load_address; >> >> if (!data->csf) >> return -EINVAL; >> >> - if (argc < 2) >> - type = "full"; >> - else >> - type = argv[1]; >> - >> /* >> * In case of encrypted image we reduce signed area to beginning >> * of encrypted area. >> @@ -359,31 +356,19 @@ static int do_hab_blocks(struct config_data *data, int argc, char *argv[]) >> * Ensure we only sign the PBL for i.MX8MQ >> */ >> if (data->pbl_code_size && data->cpu_type == IMX_CPU_IMX8MQ) { >> - offset = data->header_gap; >> + offset += data->header_gap; >> signed_size = roundup(data->pbl_code_size + HEADER_LEN, 0x1000); >> if (data->signed_hdmi_firmware_file) >> offset += PLUGIN_HDMI_SIZE; >> } >> >> - if (!strcmp(type, "full")) { >> + if (signed_size > 0) { >> ret = asprintf(&str, "Blocks = 0x%08x 0x%08x 0x%08x \"%s\"\n", >> - data->image_load_addr, offset, signed_size, >> - data->outfile); >> - } else if (!strcmp(type, "from-dcdofs")) { >> - ret = asprintf(&str, "Blocks = 0x%08x 0x%x %d \"%s\"\n", >> - data->image_load_addr + data->image_dcd_offset, >> - data->image_dcd_offset, >> - signed_size - data->image_dcd_offset, >> - data->outfile); >> - } else if (!strcmp(type, "skip-mbr")) { >> - ret = asprintf(&str, >> - "Blocks = 0x%08x 0 440 \"%s\", \\\n" >> - " 0x%08x 512 %d \"%s\"\n", >> - data->image_load_addr, data->outfile, >> - data->image_load_addr + 512, >> - signed_size - 512, data->outfile); >> + data->image_load_addr + offset_load_address, offset, >> + signed_size - offset_size, data->outfile); >> } else { >> - fprintf(stderr, "Invalid hab_blocks option: %s\n", type); >> + fprintf(stderr, "Invalid signed size area 0x%08x\n", >> + signed_size); >> return -EINVAL; >> } >> >> -- >> 2.7.4 >> >> >> _______________________________________________ >> barebox mailing list >> barebox@xxxxxxxxxxxxxxxxxxx >> http://lists.infradead.org/mailman/listinfo/barebox >> -- Marcin Niestrój _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox