From: John Keeping Date: Tue, 20 Apr 2021 18:19:44 +0000 (+0100) Subject: fit: Fix verification of images with external data X-Git-Tag: v2021.10~65^2~5 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8edecd3110e65ca96a50a37bf7ca65ed45070452;p=platform%2Fkernel%2Fu-boot.git fit: Fix verification of images with external data The "-E" option to mkimage generates a FIT with external data using the data-size and data-offset properties which must both be ignored when verifying a signature. Add "data-offset" to the list of excluded properties for signature verification; since the line is now too long, re-format the list to one-per-line and make it static since the data is constant. Signed-off-by: John Keeping Reviewed-by: Simon Glass --- diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c index 55ddf18..b979cd2 100644 --- a/common/image-fit-sig.c +++ b/common/image-fit-sig.c @@ -245,7 +245,13 @@ static int fit_config_check_sig(const void *fit, int noffset, int required_keynode, int conf_noffset, char **err_msgp) { - char * const exc_prop[] = {"data", "data-size", "data-position"}; + static char * const exc_prop[] = { + "data", + "data-size", + "data-position", + "data-offset" + }; + const char *prop, *end, *name; struct image_sign_info info; const uint32_t *strings;