On Fri, 18 Apr 2025 at 05:26, Quentin Schulz <foss+ub...@0leil.net> wrote:
>
> From: Quentin Schulz <quentin.sch...@cherry.de>
>
> mkimage doesn't fail if it cannot find the public key but it prints to
> stderr. Considering that btool.run() discards stderr, it means binman
> happily returns an unsigned FIT and doesn't tell you something went
> wrong.
>
> Binman will actually find the file if there's a path in the
> key-name-hint property but the current logic expects key-name-hint to be
> a filename and thus returns the dirname of the found path for the key,
> but with the original key-name-hint appended. This means we can have the
> following:
>
> - key-name-hint = "keys/dev"
> - name = "/home/qschulz/work/upstream/u-boot/keys/"
>
> so we pass /home/qschulz/work/upstream/u-boot/keys/ to the -k option of
> mkimage but the FIT still contains "keys/dev" in key-name-hint which
> means mkimage will try to find the key at
> /home/qschulz/work/upstream/u-boot/keys/keys/, which doesn't exist.
>
> Let's assume paths are simply not supported (it is named key-name-hint
> and not key-path-hint after all) and raise an error if the property
> contains a path so that the build fails and not quietly.
>
> Fixes: 133c000ca334 ("binman: implement signing FIT images during image
> build")
> Signed-off-by: Quentin Schulz <quentin.sch...@cherry.de>
> ---
> tools/binman/etype/fit.py | 3 +
> tools/binman/ftest.py | 18 ++++
> .../test/347_key_name_hint_dir_fit_signature.dts | 98
> ++++++++++++++++++++++
> 3 files changed, 119 insertions(+)
Reviewed-by: Simon Glass <s...@chromium.org>
