On Mon, 14 Apr 2025 at 04:51, Quentin Schulz <foss+ub...@0leil.net> wrote:
>
> From: Quentin Schulz <quentin.sch...@cherry.de>
>
> mkimage doesn't fail if it cannot find the public key but it prints to
> stderr. Considering that btool.run() discards stderr, it means binman
> happily returns an unsigned FIT and doesn't tell you something went
> wrong.
>
> Binman will actually find the file if there's a path in the
> key-name-hint property but the current logic expects key-name-hint to be
> a filename and thus returns the dirname of the found path for the key,
> but with the original key-name-hint appended. This means we can have the
> following:
>
> - key-name-hint = "keys/dev"
> - name = "/home/qschulz/work/upstream/u-boot/keys/"
>
> so we pass /home/qschulz/work/upstream/u-boot/keys/ to the -k option of
> mkimage but the FIT still contains "keys/dev" in key-name-hint which
> means mkimage will try to find the key at
> /home/qschulz/work/upstream/u-boot/keys/keys/, which doesn't exist.
>
> Let's assume paths are simply not supported (it is named key-name-hint
> and not key-path-hint after all) and raise an error if the property
> contains a path so that the build fails and not quietly.
>
> Fixes: 133c000ca334 ("binman: implement signing FIT images during image
> build")
> Signed-off-by: Quentin Schulz <quentin.sch...@cherry.de>
> ---
> tools/binman/etype/fit.py | 3 +++
> 1 file changed, 3 insertions(+)
I might be missing it, but this needs a test or you will break code coverage.
Regards,
Simon
