tools: use read-only mmap in fit_check_sign

Add an option to open files in read-only mode in mmap_fdt so
that fit_check_sign can be used to inspect files on read-only
filesystems.
For example, this is useful when a key is shipped in a read-only
rootfs or squashfs.

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>

diff --git a/tools/fit_check_sign.c b/tools/fit_check_sign.c
index 62adc751cbce4a8ab236ee2abd627e91c4912a44..45287437928cceae95863b18bda1a7775eb0268c 100644 (file)
--- a/tools/fit_check_sign.c
+++ b/tools/fit_check_sign.c
@@ -70,10 +70,10 @@ int main(int argc, char **argv)
                usage(*argv);
        }
 
-       ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false);
+       ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false, true);
        if (ffd < 0)
                return EXIT_FAILURE;
-       kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false);
+       kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false, true);
        if (kfd < 0)
                return EXIT_FAILURE;
 

diff --git a/tools/fit_common.c b/tools/fit_common.c
index 9506390214ce028bbe0045d88161538ec652da2d..cdf987d3c1389004ccf98135cd1d88aa54e174ff 100644 (file)
--- a/tools/fit_common.c
+++ b/tools/fit_common.c
@@ -41,13 +41,14 @@ int fit_check_image_types(uint8_t type)
 }
 
 int mmap_fdt(const char *cmdname, const char *fname, size_t size_inc,
-            void **blobp, struct stat *sbuf, bool delete_on_error)
+            void **blobp, struct stat *sbuf, bool delete_on_error,
+            bool read_only)
 {
        void *ptr;
        int fd;
 
        /* Load FIT blob into memory (we need to write hashes/signatures) */
-       fd = open(fname, O_RDWR | O_BINARY);
+       fd = open(fname, (read_only ? O_RDONLY : O_RDWR) | O_BINARY);
 
        if (fd < 0) {
                fprintf(stderr, "%s: Can't open %s: %s\n",
@@ -71,7 +72,9 @@ int mmap_fdt(const char *cmdname, const char *fname, size_t size_inc,
        }
 
        errno = 0;
-       ptr = mmap(0, sbuf->st_size, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
+       ptr = mmap(0, sbuf->st_size,
+                  (read_only ? PROT_READ : PROT_READ | PROT_WRITE), MAP_SHARED,
+                  fd, 0);
        if ((ptr == MAP_FAILED) || (errno != 0)) {
                fprintf(stderr, "%s: Can't read %s: %s\n",
                        cmdname, fname, strerror(errno));

diff --git a/tools/fit_common.h b/tools/fit_common.h
index 9e09624f64eea18989d3cfc0f5d96f985ee70dbd..1e81d4c68b61eafd6f91635ae3fe205bed57b213 100644 (file)
--- a/tools/fit_common.h
+++ b/tools/fit_common.h
@@ -32,9 +32,11 @@ int fit_check_image_types(uint8_t type);
  * @blobp:     Returns pointer to FDT blob
  * @sbuf:      File status information is stored here
  * @delete_on_error:   true to delete the file if we get an error
+ * @read_only: true to open in read-only mode
  * @return 0 if OK, -1 on error.
  */
 int mmap_fdt(const char *cmdname, const char *fname, size_t size_inc,
-            void **blobp, struct stat *sbuf, bool delete_on_error);
+            void **blobp, struct stat *sbuf, bool delete_on_error,
+            bool read_only);
 
 #endif /* _FIT_COMMON_H_ */

diff --git a/tools/fit_image.c b/tools/fit_image.c
index 3b867e06564e34e2e80f4997b3ce84967fd35f76..5aca634b5e935e6baf95312eef48f028f7cd8f2e 100644 (file)
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -33,7 +33,8 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
        void *ptr;
        int ret = 0;
 
-       tfd = mmap_fdt(params->cmdname, tmpfile, size_inc, &ptr, &sbuf, true);
+       tfd = mmap_fdt(params->cmdname, tmpfile, size_inc, &ptr, &sbuf, true,
+                      false);
        if (tfd < 0)
                return -EIO;
 
@@ -41,7 +42,8 @@ static int fit_add_file_data(struct image_tool_params *params, size_t size_inc,
                struct stat dest_sbuf;
 
                destfd = mmap_fdt(params->cmdname, params->keydest, size_inc,
-                                 &dest_blob, &dest_sbuf, false);
+                                 &dest_blob, &dest_sbuf, false,
+                                 false);
                if (destfd < 0) {
                        ret = -EIO;
                        goto err_keydest;
@@ -420,7 +422,7 @@ static int fit_extract_data(struct image_tool_params *params, const char *fname)
        int images;
        int node;
 
-       fd = mmap_fdt(params->cmdname, fname, 0, &fdt, &sbuf, false);
+       fd = mmap_fdt(params->cmdname, fname, 0, &fdt, &sbuf, false, false);
        if (fd < 0)
                return -EIO;
        fit_size = fdt_totalsize(fdt);
@@ -531,7 +533,7 @@ static int fit_import_data(struct image_tool_params *params, const char *fname)
        int images;
        int node;
 
-       fd = mmap_fdt(params->cmdname, fname, 0, &old_fdt, &sbuf, false);
+       fd = mmap_fdt(params->cmdname, fname, 0, &old_fdt, &sbuf, false, false);
        if (fd < 0)
                return -EIO;
        fit_size = fdt_totalsize(old_fdt);

diff --git a/tools/fit_info.c b/tools/fit_info.c
index 45e0b310f778791e1c4d53e8b2cf136f5db5bb62..b2642ec5b763a606408ff4422da64e7f26b151ec 100644 (file)
--- a/tools/fit_info.c
+++ b/tools/fit_info.c
@@ -80,7 +80,7 @@ int main(int argc, char **argv)
                fprintf(stderr, "%s: Missing property name\n", *argv);
                usage(*argv);
        }
-       ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false);
+       ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false, false);
 
        if (ffd < 0) {
                printf("Could not open %s\n", fdtfile);