From 748ffed314d6e1613ef0aa7a22a48e5deb573b2a Mon Sep 17 00:00:00 2001 From: David Escalona Date: Wed, 22 Mar 2017 14:42:03 +0100 Subject: [PATCH] trustfence-sign-kernel: fix the IVT table address padding - The IVT table address inside the kernel image must be aligned at 0x1000 bytes. The calculation of this offset was not working when the kernel image size was multiple of 0x1000 bytes. In this case the IVT table was moved an extra offset of 0x1000 bytes, causing U-Boot to fail to validate the image as the IVT table was not in the expected location. This fix uses the same offset calculation algorithm as U-Boot, ensuring both, the sign script and U-Boot will look for the IVT at the same address. https://jira.digi.com/browse/DEL-3972 Signed-off-by: David Escalona --- .../trustfence/trustfence-sign-tools/trustfence-sign-kernel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-kernel.sh b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-kernel.sh index c4c5129ee..93e0629fd 100755 --- a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-kernel.sh +++ b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-kernel.sh @@ -156,7 +156,7 @@ dek_blob_offset="$((CONFIG_KERNEL_LOADADDR - DEK_BLOB_OFFSET))" # Compute the layout: sizes and offsets. uimage_size="$(stat -L -c %s ${UIMAGE_PATH})" uimage_offset="0x0" -pad_len="$((uimage_size - uimage_size % 0x1000 + 0x1000))" +pad_len="$(((uimage_size + 0x1000 - 1) & ~(0x1000 - 1)))" auth_len="$((pad_len + 0x20))" sig_len="$((auth_len + CONFIG_CSF_SIZE))"