Use instance unique temporary files to allow parallel execution master
authorAndrew F. Davis <afd@ti.com>
Tue, 19 Nov 2019 14:42:24 +0000 (09:42 -0500)
committerAndrew F. Davis <afd@ti.com>
Tue, 19 Nov 2019 14:42:24 +0000 (09:42 -0500)
This script generates, uses, and then removes some temporary files. When
multiple instance of this script are run this can cause a race between
these actions on the same file. Use 'mktemp' to generate unique temporary
files to prevent this issue and make this tool multi-invocation safe.

Signed-off-by: Andrew F. Davis <afd@ti.com>
scripts/secure-binary-image.sh

index a8080f7acf8d32daa75cca3deb6a0b640c046b6e..36d5da1ac3500eac28a8cb094a1f6ef944ac0f6a 100755 (executable)
@@ -72,13 +72,16 @@ HS_IMAGE_SIZE=$(cat $INPUT_FILE | wc -c)
 # Parameters to get populated into the x509 template
 HS_SED_OPTS="-e s/TEST_IMAGE_LENGTH/${HS_IMAGE_SIZE}/ "
 HS_SED_OPTS+="-e s/TEST_IMAGE_SHA_VAL/${HS_SHA_VALUE}/"
+TMPX509=$(mktemp) || exit 1
+cat ${PREFIX}/scripts/x509-template.txt | sed ${HS_SED_OPTS} > ${TMPX509}
 
 # Generate x509 certificate
-cat ${PREFIX}/scripts/x509-template.txt | sed ${HS_SED_OPTS} > temp-x509.txt
-openssl req -new -x509 -key ${PREFIX}/keys/custMpk.pem -nodes -outform DER -out temp-x509.cert -config temp-x509.txt -sha512
+TMPCERT=$(mktemp) || exit 1
+
+openssl req -new -x509 -key ${PREFIX}/keys/custMpk.pem -nodes -outform DER -out ${TMPCERT} -config ${TMPX509} -sha512
 
 # Append x509 certificate
-cat temp-x509.cert $INPUT_FILE > $OUTPUT_FILE
+cat ${TMPCERT} $INPUT_FILE > $OUTPUT_FILE
 
 # Cleanup
-rm -f temp-x509.txt temp-x509.cert
+rm -f ${TMPX509} ${TMPCERT}