diff options
author | Vignesh Raghavendra <vigneshr@ti.com> | 2023-07-03 21:02:55 +0530 |
---|---|---|
committer | Praneeth Bajjuri <praneeth@ti.com> | 2023-07-03 11:20:23 -0500 |
commit | 78e7d297ef43defe7c1ce51d5375bbc3c284a3fd (patch) | |
tree | 5facf45f1e8e6e20a44d5ad8929e6da3e17af97a /tools | |
parent | 04925df43802a45889d87b8936dde5abbe4eddb7 (diff) |
HACK: binman: etype: ti_secure*.py: Don't regenerate certificates
ObtainContents and ProcessContents are called multiple times during
image packing in a multi pass assembly, dont regenerate cert data
every-time, else we end up creating racy updates that can mess up
already packed partial images.
This can easily be observed with
export BINMAN_DEBUG=1
export BINMAN_VERBOSE=5
where openssl x509 cert generation happens multiple times per image.
Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
Diffstat (limited to 'tools')
-rw-r--r-- | tools/binman/etype/ti_secure.py | 8 | ||||
-rw-r--r-- | tools/binman/etype/ti_secure_rom.py | 8 |
2 files changed, 12 insertions, 4 deletions
diff --git a/tools/binman/etype/ti_secure.py b/tools/binman/etype/ti_secure.py index d115b2e1a9..b1f5d89198 100644 --- a/tools/binman/etype/ti_secure.py +++ b/tools/binman/etype/ti_secure.py @@ -60,7 +60,9 @@ class Entry_ti_secure(Entry_x509_cert): return super().GetCertificate(required=required, type='sysfw') def ObtainContents(self): - data = self.GetCertificate(False) + data = self.data + if data is None: + data = self.GetCertificate(False) if data is None: return False self.SetContents(data) @@ -68,7 +70,9 @@ class Entry_ti_secure(Entry_x509_cert): def ProcessContents(self): # The blob may have changed due to WriteSymbols() - data = self.GetCertificate(True) + data = self.data + if data is None: + data = self.GetCertificate(True) return self.ProcessContentsUpdate(data) def AddBintools(self, btools): diff --git a/tools/binman/etype/ti_secure_rom.py b/tools/binman/etype/ti_secure_rom.py index 36c026800d..da03c90ef1 100644 --- a/tools/binman/etype/ti_secure_rom.py +++ b/tools/binman/etype/ti_secure_rom.py @@ -237,7 +237,9 @@ shaValue = FORMAT:HEX,OCT:{hashval_dm_data}""" return self.NonCombinedGetCertificate(required) def ObtainContents(self): - data = self.GetCertificate(False) + data = self.data + if data is None: + data = self.GetCertificate(False) if data is None: return False self.SetContents(data) @@ -245,7 +247,9 @@ shaValue = FORMAT:HEX,OCT:{hashval_dm_data}""" def ProcessContents(self): # The blob may have changed due to WriteSymbols() - data = self.GetCertificate(True) + data = self.data + if data is None: + data = self.GetCertificate(True) return self.ProcessContentsUpdate(data) def AddBintools(self, btools): |