All of lore.kernel.org
 help / color / mirror / Atom feed
* [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name
@ 2018-06-20 20:10 Alex Kiernan
  2018-06-20 20:10 ` [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures Alex Kiernan
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Alex Kiernan @ 2018-06-20 20:10 UTC (permalink / raw)
  To: u-boot

So we can use imagetool_get_source_date() from callers who do not have
the image tool params struct, just pass in the command name for the error
message.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---

 tools/default_image.c | 2 +-
 tools/fit_image.c     | 3 ++-
 tools/imagetool.c     | 4 ++--
 tools/imagetool.h     | 4 ++--
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/tools/default_image.c b/tools/default_image.c
index 4abff4543a..4b7d1ed4a1 100644
--- a/tools/default_image.c
+++ b/tools/default_image.c
@@ -100,7 +100,7 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd,
 				sizeof(image_header_t)),
 			sbuf->st_size - sizeof(image_header_t));
 
-	time = imagetool_get_source_date(params, sbuf->st_mtime);
+	time = imagetool_get_source_date(params->cmdname, sbuf->st_mtime);
 	ep = params->ep;
 	addr = params->addr;
 
diff --git a/tools/fit_image.c b/tools/fit_image.c
index e55a8943e7..6f09a66106 100644
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -51,7 +51,8 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
 
 	/* for first image creation, add a timestamp at offset 0 i.e., root  */
 	if (params->datafile) {
-		time_t time = imagetool_get_source_date(params, sbuf.st_mtime);
+		time_t time = imagetool_get_source_date(params->cmdname,
+							sbuf.st_mtime);
 		ret = fit_set_timestamp(ptr, 0, time);
 	}
 
diff --git a/tools/imagetool.c b/tools/imagetool.c
index a4e39b24bc..b3e628f612 100644
--- a/tools/imagetool.c
+++ b/tools/imagetool.c
@@ -116,7 +116,7 @@ int imagetool_get_filesize(struct image_tool_params *params, const char *fname)
 }
 
 time_t imagetool_get_source_date(
-	 struct image_tool_params *params,
+	 const char *cmdname,
 	 time_t fallback)
 {
 	char *source_date_epoch = getenv("SOURCE_DATE_EPOCH");
@@ -128,7 +128,7 @@ time_t imagetool_get_source_date(
 
 	if (gmtime(&time) == NULL) {
 		fprintf(stderr, "%s: SOURCE_DATE_EPOCH is not valid\n",
-			params->cmdname);
+			cmdname);
 		time = 0;
 	}
 
diff --git a/tools/imagetool.h b/tools/imagetool.h
index d191b9cfe7..63c08ebc09 100644
--- a/tools/imagetool.h
+++ b/tools/imagetool.h
@@ -216,12 +216,12 @@ int imagetool_get_filesize(struct image_tool_params *params, const char *fname);
  * an error message if SOURCE_DATE_EPOCH contains an invalid value and returns
  * 0.
  *
- * @params:	mkimage parameters
+ * @cmdname:	command name
  * @fallback:	timestamp to use if SOURCE_DATE_EPOCH isn't set
  * @return timestamp based on SOURCE_DATE_EPOCH
  */
 time_t imagetool_get_source_date(
-	struct image_tool_params *params,
+	const char *cmdname,
 	time_t fallback);
 
 /*
-- 
2.17.1

^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures
  2018-06-20 20:10 [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Alex Kiernan
@ 2018-06-20 20:10 ` Alex Kiernan
  2018-06-21 19:45   ` Simon Glass
  2018-07-11 12:43   ` [U-Boot] [U-Boot, " Tom Rini
  2018-06-21 19:45 ` [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Simon Glass
  2018-07-11 12:43 ` [U-Boot] [U-Boot, " Tom Rini
  2 siblings, 2 replies; 6+ messages in thread
From: Alex Kiernan @ 2018-06-20 20:10 UTC (permalink / raw)
  To: u-boot

When generating timestamps in signatures, use imagetool_get_source_date()
so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
images.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---

 include/image.h    |  3 ++-
 tools/fit_image.c  |  3 ++-
 tools/image-host.c | 34 ++++++++++++++++++++--------------
 3 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/include/image.h b/include/image.h
index 420b8ff576..3bb7d29ef2 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1009,6 +1009,7 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
  * @comment:	Comment to add to signature nodes
  * @require_keys: Mark all keys as 'required'
  * @engine_id:	Engine to use for signing
+ * @cmdname:	Command name used when reporting errors
  *
  * Adds hash values for all component images in the FIT blob.
  * Hashes are calculated for all component images which have hash subnodes
@@ -1022,7 +1023,7 @@ int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
  */
 int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
 			      const char *comment, int require_keys,
-			      const char *engine_id);
+			      const char *engine_id, const char *cmdname);
 
 int fit_image_verify_with_data(const void *fit, int image_noffset,
 			       const void *data, size_t size);
diff --git a/tools/fit_image.c b/tools/fit_image.c
index 6f09a66106..3c265357ae 100644
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -60,7 +60,8 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
 		ret = fit_add_verification_data(params->keydir, dest_blob, ptr,
 						params->comment,
 						params->require_keys,
-						params->engine_id);
+						params->engine_id,
+						params->cmdname);
 	}
 
 	if (dest_blob) {
diff --git a/tools/image-host.c b/tools/image-host.c
index 8e43671714..faa5e23c79 100644
--- a/tools/image-host.c
+++ b/tools/image-host.c
@@ -106,7 +106,7 @@ static int fit_image_process_hash(void *fit, const char *image_name,
  */
 static int fit_image_write_sig(void *fit, int noffset, uint8_t *value,
 		int value_len, const char *comment, const char *region_prop,
-		int region_proplen)
+		int region_proplen, const char *cmdname)
 {
 	int string_size;
 	int ret;
@@ -128,8 +128,12 @@ static int fit_image_write_sig(void *fit, int noffset, uint8_t *value,
 	}
 	if (comment && !ret)
 		ret = fdt_setprop_string(fit, noffset, "comment", comment);
-	if (!ret)
-		ret = fit_set_timestamp(fit, noffset, time(NULL));
+	if (!ret) {
+		time_t timestamp = imagetool_get_source_date(cmdname,
+							     time(NULL));
+
+		ret = fit_set_timestamp(fit, noffset, timestamp);
+	}
 	if (region_prop && !ret) {
 		uint32_t strdata[2];
 
@@ -200,7 +204,8 @@ static int fit_image_setup_sig(struct image_sign_info *info,
 static int fit_image_process_sig(const char *keydir, void *keydest,
 		void *fit, const char *image_name,
 		int noffset, const void *data, size_t size,
-		const char *comment, int require_keys, const char *engine_id)
+		const char *comment, int require_keys, const char *engine_id,
+		const char *cmdname)
 {
 	struct image_sign_info info;
 	struct image_region region;
@@ -228,7 +233,7 @@ static int fit_image_process_sig(const char *keydir, void *keydest,
 	}
 
 	ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
-			NULL, 0);
+			NULL, 0, cmdname);
 	if (ret) {
 		if (ret == -FDT_ERR_NOSPACE)
 			return -ENOSPC;
@@ -295,7 +300,7 @@ static int fit_image_process_sig(const char *keydir, void *keydest,
  */
 int fit_image_add_verification_data(const char *keydir, void *keydest,
 		void *fit, int image_noffset, const char *comment,
-		int require_keys, const char *engine_id)
+		int require_keys, const char *engine_id, const char *cmdname)
 {
 	const char *image_name;
 	const void *data;
@@ -332,7 +337,7 @@ int fit_image_add_verification_data(const char *keydir, void *keydest,
 				strlen(FIT_SIG_NODENAME))) {
 			ret = fit_image_process_sig(keydir, keydest,
 				fit, image_name, noffset, data, size,
-				comment, require_keys, engine_id);
+				comment, require_keys, engine_id, cmdname);
 		}
 		if (ret)
 			return ret;
@@ -573,7 +578,7 @@ static int fit_config_get_data(void *fit, int conf_noffset, int noffset,
 static int fit_config_process_sig(const char *keydir, void *keydest,
 		void *fit, const char *conf_name, int conf_noffset,
 		int noffset, const char *comment, int require_keys,
-		const char *engine_id)
+		const char *engine_id, const char *cmdname)
 {
 	struct image_sign_info info;
 	const char *node_name;
@@ -608,7 +613,7 @@ static int fit_config_process_sig(const char *keydir, void *keydest,
 	}
 
 	ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
-				region_prop, region_proplen);
+				region_prop, region_proplen, cmdname);
 	if (ret) {
 		if (ret == -FDT_ERR_NOSPACE)
 			return -ENOSPC;
@@ -637,7 +642,7 @@ static int fit_config_process_sig(const char *keydir, void *keydest,
 
 static int fit_config_add_verification_data(const char *keydir, void *keydest,
 		void *fit, int conf_noffset, const char *comment,
-		int require_keys, const char *engine_id)
+		int require_keys, const char *engine_id, const char *cmdname)
 {
 	const char *conf_name;
 	int noffset;
@@ -656,7 +661,7 @@ static int fit_config_add_verification_data(const char *keydir, void *keydest,
 			     strlen(FIT_SIG_NODENAME))) {
 			ret = fit_config_process_sig(keydir, keydest,
 				fit, conf_name, conf_noffset, noffset, comment,
-				require_keys, engine_id);
+				require_keys, engine_id, cmdname);
 		}
 		if (ret)
 			return ret;
@@ -667,7 +672,7 @@ static int fit_config_add_verification_data(const char *keydir, void *keydest,
 
 int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
 			      const char *comment, int require_keys,
-			      const char *engine_id)
+			      const char *engine_id, const char *cmdname)
 {
 	int images_noffset, confs_noffset;
 	int noffset;
@@ -690,7 +695,8 @@ int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
 		 * i.e. component image node.
 		 */
 		ret = fit_image_add_verification_data(keydir, keydest,
-				fit, noffset, comment, require_keys, engine_id);
+				fit, noffset, comment, require_keys, engine_id,
+				cmdname);
 		if (ret)
 			return ret;
 	}
@@ -714,7 +720,7 @@ int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
 		ret = fit_config_add_verification_data(keydir, keydest,
 						       fit, noffset, comment,
 						       require_keys,
-						       engine_id);
+						       engine_id, cmdname);
 		if (ret)
 			return ret;
 	}
-- 
2.17.1

^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name
  2018-06-20 20:10 [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Alex Kiernan
  2018-06-20 20:10 ` [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures Alex Kiernan
@ 2018-06-21 19:45 ` Simon Glass
  2018-07-11 12:43 ` [U-Boot] [U-Boot, " Tom Rini
  2 siblings, 0 replies; 6+ messages in thread
From: Simon Glass @ 2018-06-21 19:45 UTC (permalink / raw)
  To: u-boot

On 20 June 2018 at 14:10, Alex Kiernan <alex.kiernan@gmail.com> wrote:
> So we can use imagetool_get_source_date() from callers who do not have
> the image tool params struct, just pass in the command name for the error
> message.
>
> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
> ---
>
>  tools/default_image.c | 2 +-
>  tools/fit_image.c     | 3 ++-
>  tools/imagetool.c     | 4 ++--
>  tools/imagetool.h     | 4 ++--
>  4 files changed, 7 insertions(+), 6 deletions(-)

Reviewed-by: Simon Glass <sjg@chromum.org>

^ permalink raw reply	[flat|nested] 6+ messages in thread
* [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures
  2018-06-20 20:10 ` [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures Alex Kiernan
@ 2018-06-21 19:45   ` Simon Glass
  2018-07-11 12:43   ` [U-Boot] [U-Boot, " Tom Rini
  1 sibling, 0 replies; 6+ messages in thread
From: Simon Glass @ 2018-06-21 19:45 UTC (permalink / raw)
  To: u-boot

On 20 June 2018 at 14:10, Alex Kiernan <alex.kiernan@gmail.com> wrote:
> When generating timestamps in signatures, use imagetool_get_source_date()
> so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
> images.
>
> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
> ---
>
>  include/image.h    |  3 ++-
>  tools/fit_image.c  |  3 ++-
>  tools/image-host.c | 34 ++++++++++++++++++++--------------
>  3 files changed, 24 insertions(+), 16 deletions(-)

Reviewed-by: Simon Glass <sjg@chromum.org>

^ permalink raw reply	[flat|nested] 6+ messages in thread
* [U-Boot] [U-Boot, 1/2] mkimage: Refactor imagetool_get_source_date to take command name
  2018-06-20 20:10 [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Alex Kiernan
  2018-06-20 20:10 ` [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures Alex Kiernan
  2018-06-21 19:45 ` [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Simon Glass
@ 2018-07-11 12:43 ` Tom Rini
  2 siblings, 0 replies; 6+ messages in thread
From: Tom Rini @ 2018-07-11 12:43 UTC (permalink / raw)
  To: u-boot

On Wed, Jun 20, 2018 at 08:10:51PM +0000, Alex Kiernan wrote:

> So we can use imagetool_get_source_date() from callers who do not have
> the image tool params struct, just pass in the command name for the error
> message.
> 
> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
> Reviewed-by: Simon Glass <sjg@chromum.org>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180711/60f531c0/attachment.sig>

^ permalink raw reply	[flat|nested] 6+ messages in thread
* [U-Boot] [U-Boot, 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures
  2018-06-20 20:10 ` [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures Alex Kiernan
  2018-06-21 19:45   ` Simon Glass
@ 2018-07-11 12:43   ` Tom Rini
  1 sibling, 0 replies; 6+ messages in thread
From: Tom Rini @ 2018-07-11 12:43 UTC (permalink / raw)
  To: u-boot

On Wed, Jun 20, 2018 at 08:10:52PM +0000, Alex Kiernan wrote:

> When generating timestamps in signatures, use imagetool_get_source_date()
> so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
> images.
> 
> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
> Reviewed-by: Simon Glass <sjg@chromum.org>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180711/ee1c2079/attachment.sig>

^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-07-11 12:43 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-20 20:10 [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Alex Kiernan
2018-06-20 20:10 ` [U-Boot] [PATCH 2/2] mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures Alex Kiernan
2018-06-21 19:45   ` Simon Glass
2018-07-11 12:43   ` [U-Boot] [U-Boot, " Tom Rini
2018-06-21 19:45 ` [U-Boot] [PATCH 1/2] mkimage: Refactor imagetool_get_source_date to take command name Simon Glass
2018-07-11 12:43 ` [U-Boot] [U-Boot, " Tom Rini

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.