Hi Che-Liang, On 24 December 2016 at 10:09, Che-Liang Chiou <clch...@gmail.com> wrote: > Hi Simon, > > I notice one thing that I am curious about. At v2016.11, in > lib/rsa/rsa-verify.c:rsa_verify function: > > * The sig_node offset is computed from fdt_blob (at line 180): > sig_node = fdt_subnode_offset(blob, 0, FIT_SIG_NODENAME); > > * At the end of the rsa_verify function, sig_node is applied to > info->fit to compute next offset (at line 210): > noffset = fdt_next_node(info->fit, sig_node, &ndepth); > > blob (which is an alias of info->fdt_blob) and info->fit are two > different device tree blobs. And we probably should not call > fdt_next_node with offset from a different blob? (I'm not so sure > about fdt_next_node.)
Nice to hear from you again! Yes that looks wrong. I think we need a test to deal with the case when the signature hint does not match. Regards, Simon _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
