[PATCH] ARM: i.MX: HAB: Allow for semicolons in HAB environment variables

Bastian Krause bst at pengutronix.de
Thu Jan 16 06:34:34 PST 2025 

On 1/16/25 2:50 PM, Ahmad Fatoum wrote:
> On 16.01.25 12:26, Bastian Krause wrote:
>> On 1/16/25 12:12 PM, Ahmad Fatoum wrote:
>>> On 16.01.25 10:38, Sascha Hauer wrote:
>>>> With CONFIG_HAB_CERTS_ENV=y, paths and PKCS#11 URIs to the HAB
>>>> certificates are taken from environment variables (allowing for better
>>>> integration with build systems). In this case these values are passed
>>>> internally via compiler macros (-D) to the imx-image host tool. PKCS#11
>>>> URIs usually contain semicolons. The semicolons didn't make it through
>>>> to the imx-image configuration file due to wrong escapes. Fix this by
>>>> expanding the environment variables using make rather than shell.
>>>>
>>>> Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
>>>> ---
>>>>    scripts/Makefile.lib | 2 +-
>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
>>>> index f195ddb7e8..7dcd8c9892 100644
>>>> --- a/scripts/Makefile.lib
>>>> +++ b/scripts/Makefile.lib
>>>> @@ -579,7 +579,7 @@ cmd_imximage_S_dcd=                        \
>>>>    overwrite-hab-env = $(shell set -e; \
>>>>          test -n "$(CONFIG_HAB_CERTS_ENV)"; \
>>>>          test -n "$$$(1)"; \
>>>> -      echo -D$(1)=\\\"$(shell echo $$$(1))\\\")
>>>> +      echo -D$(1)=\''"${${1}}"'\')
>>>
>>> Does {} and () make a difference here?
>>
>> I don't think so. This also works:
>>
>> -      echo -D$(1)=\''"${${1}}"'\')
>> +      echo -D$(1)=\''"$($(1))"'\')
> 
> Thanks for testing. @Sascha, can you switch to using () instead?
> Otherwise it's confusing to have $(1) on the left-hand side,
> but ${1} on the right.

Makes sense.

> 
> (My personal favorite would be -D$(1)=$(call stringify,$($(1))) FWIW,
> provided that it works as intended)

Unfortunately..

-      echo -D$(1)=\''"${${1}}"'\')
+      echo -D$(1)=$(call stringify,$($(1))))

..does not work if the value contains a semicolon.

Regards,
Bastian

> 
> Thanks,
> Ahmad
> 
>>
>> Bastian
>>
>>>
>>>>      overwrite-fit-env = $(shell set -e; \
>>>>          test -n "$(CONFIG_BOOTM_FITIMAGE_PUBKEY_ENV)"; \
>>>
>>>
>>
>>
> 
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

More information about the barebox mailing list