break;
}
- ffd = mmap_fdt(cmdname, fdtfile, &fit_blob, &fsbuf, false);
+ ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false);
if (ffd < 0)
return EXIT_FAILURE;
- kfd = mmap_fdt(cmdname, keyfile, &key_blob, &ksbuf, false);
+ kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false);
if (ffd < 0)
return EXIT_FAILURE;
return EXIT_FAILURE;
}
-int mmap_fdt(const char *cmdname, const char *fname, void **blobp,
- struct stat *sbuf, bool delete_on_error)
+int mmap_fdt(const char *cmdname, const char *fname, size_t size_inc,
+ void **blobp, struct stat *sbuf, bool delete_on_error)
{
void *ptr;
int fd;
goto err;
}
+ if (size_inc) {
+ sbuf->st_size += size_inc;
+ if (ftruncate(fd, sbuf->st_size)) {
+ fprintf(stderr, "%s: Can't expand %s: %s\n",
+ cmdname, fname, strerror(errno));
+ goto err;
+ }
+ }
+
errno = 0;
ptr = mmap(0, sbuf->st_size, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
if ((ptr == MAP_FAILED) || (errno != 0)) {
goto err;
}
+ /* expand if needed */
+ if (size_inc) {
+ int ret;
+
+ ret = fdt_open_into(ptr, ptr, sbuf->st_size);
+ if (ret) {
+ fprintf(stderr, "%s: Cannot expand FDT: %s\n",
+ cmdname, fdt_strerror(ret));
+ goto err;
+ }
+ }
+
*blobp = ptr;
return fd;
*
* @cmdname: Tool name (for displaying with error messages)
* @fname: Filename containing FDT
+ * @size_inc: Amount to increase size by (0 = leave it alone)
* @blobp: Returns pointer to FDT blob
* @sbuf: File status information is stored here
* @delete_on_error: true to delete the file if we get an error
* @return 0 if OK, -1 on error.
*/
-int mmap_fdt(const char *cmdname, const char *fname, void **blobp,
- struct stat *sbuf, bool delete_on_error);
+int mmap_fdt(const char *cmdname, const char *fname, size_t size_inc,
+ void **blobp, struct stat *sbuf, bool delete_on_error);
#endif /* _FIT_COMMON_H_ */
static image_header_t header;
+static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
+ const char *tmpfile)
+{
+ int tfd, destfd = 0;
+ void *dest_blob = NULL;
+ off_t destfd_size = 0;
+ struct stat sbuf;
+ void *ptr;
+ int ret = 0;
+
+ tfd = mmap_fdt(params->cmdname, tmpfile, size_inc, &ptr, &sbuf, true);
+ if (tfd < 0)
+ return -EIO;
+
+ if (params->keydest) {
+ struct stat dest_sbuf;
+
+ destfd = mmap_fdt(params->cmdname, params->keydest, size_inc,
+ &dest_blob, &dest_sbuf, false);
+ if (destfd < 0) {
+ ret = -EIO;
+ goto err_keydest;
+ }
+ destfd_size = dest_sbuf.st_size;
+ }
+
+ /* for first image creation, add a timestamp at offset 0 i.e., root */
+ if (params->datafile)
+ ret = fit_set_timestamp(ptr, 0, sbuf.st_mtime);
+
+ if (!ret) {
+ ret = fit_add_verification_data(params->keydir, dest_blob, ptr,
+ params->comment,
+ params->require_keys);
+ }
+
+ if (dest_blob) {
+ munmap(dest_blob, destfd_size);
+ close(destfd);
+ }
+
+err_keydest:
+ munmap(ptr, sbuf.st_size);
+ close(tfd);
+
+ return ret;
+}
+
/**
* fit_handle_file - main FIT file processing function
*
{
char tmpfile[MKIMAGE_MAX_TMPFILE_LEN];
char cmd[MKIMAGE_MAX_DTC_CMDLINE_LEN];
- int tfd, destfd = 0;
- void *dest_blob = NULL;
- struct stat sbuf;
- void *ptr;
- off_t destfd_size = 0;
+ size_t size_inc;
+ int ret;
/* Flattened Image Tree (FIT) format handling */
debug ("FIT format handling\n");
goto err_system;
}
- if (params->keydest) {
- destfd = mmap_fdt(params->cmdname, params->keydest,
- &dest_blob, &sbuf, 1);
- if (destfd < 0)
- goto err_keydest;
- destfd_size = sbuf.st_size;
+ /*
+ * Set hashes for images in the blob. Unfortunately we may need more
+ * space in either FDT, so keep trying until we succeed.
+ *
+ * Note: this is pretty inefficient for signing, since we must
+ * calculate the signature every time. It would be better to calculate
+ * all the data and then store it in a separate step. However, this
+ * would be considerably more complex to implement. Generally a few
+ * steps of this loop is enough to sign with several keys.
+ */
+ for (size_inc = 0; size_inc < 64 * 1024; size_inc += 1024) {
+ ret = fit_add_file_data(params, size_inc, tmpfile);
+ if (!ret || ret != -ENOSPC)
+ break;
}
- tfd = mmap_fdt(params->cmdname, tmpfile, &ptr, &sbuf, 1);
- if (tfd < 0)
- goto err_mmap;
-
- /* set hashes for images in the blob */
- if (fit_add_verification_data(params->keydir,
- dest_blob, ptr, params->comment,
- params->require_keys)) {
+ if (ret) {
fprintf(stderr, "%s Can't add hashes to FIT blob\n",
params->cmdname);
- goto err_add_hashes;
- }
-
- /* for first image creation, add a timestamp at offset 0 i.e., root */
- if (params->datafile && fit_set_timestamp(ptr, 0, sbuf.st_mtime)) {
- fprintf (stderr, "%s: Can't add image timestamp\n",
- params->cmdname);
- goto err_add_timestamp;
- }
- debug ("Added timestamp successfully\n");
-
- munmap ((void *)ptr, sbuf.st_size);
- close (tfd);
- if (dest_blob) {
- munmap(dest_blob, destfd_size);
- close(destfd);
+ goto err_system;
}
if (rename (tmpfile, params->imagefile) == -1) {
strerror (errno));
unlink (tmpfile);
unlink (params->imagefile);
- return (EXIT_FAILURE);
+ return EXIT_FAILURE;
}
- return (EXIT_SUCCESS);
+ return EXIT_SUCCESS;
-err_add_timestamp:
-err_add_hashes:
- munmap(ptr, sbuf.st_size);
-err_mmap:
- if (dest_blob)
- munmap(dest_blob, destfd_size);
-err_keydest:
err_system:
unlink(tmpfile);
return -1;
break;
}
- ffd = mmap_fdt(cmdname, fdtfile, &fit_blob, &fsbuf, false);
+ ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false);
if (ffd < 0) {
printf("Could not open %s\n", fdtfile);
ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
NULL, 0);
if (ret) {
- printf("Can't write signature for '%s' signature node in '%s' image node: %s\n",
+ if (ret == -FDT_ERR_NOSPACE)
+ return -ENOSPC;
+ printf("Can't write signature for '%s' signature node in '%s' conf node: %s\n",
node_name, image_name, fdt_strerror(ret));
return -1;
}
return -1;
}
- if (fit_image_write_sig(fit, noffset, value, value_len, comment,
- region_prop, region_proplen)) {
- printf("Can't write signature for '%s' signature node in '%s' conf node\n",
- node_name, conf_name);
+ ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
+ region_prop, region_proplen);
+ if (ret) {
+ if (ret == -FDT_ERR_NOSPACE)
+ return -ENOSPC;
+ printf("Can't write signature for '%s' signature node in '%s' conf node: %s\n",
+ node_name, conf_name, fdt_strerror(ret));
return -1;
}
free(value);
info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
/* Write the public key into the supplied FDT file */
- if (keydest && info.algo->add_verify_data(&info, keydest)) {
- printf("Failed to add verification data for '%s' signature node in '%s' image node\n",
- node_name, conf_name);
- return -1;
+ if (keydest) {
+ ret = info.algo->add_verify_data(&info, keydest);
+ if (ret) {
+ printf("Failed to add verification data for '%s' signature node in '%s' image node\n",
+ node_name, conf_name);
+ return ret == FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
+ }
}
return 0;