[U-Boot] Integity validation (checksum) of a squashfs root file system
Pascal Levesque
pascl at live.ca
Tue Feb 7 15:24:20 CET 2012
Hi M,
this is very similar to my actual solution with iminfo (see below).
In fact, the main question is: Is it generic enough to be integrated in
u-boot development tree?
Is it better to modify sha1sum instead?
Or finally, a more generic approach is to offer a command to set an
environment variable from memory content like:
md [.b, .w, .l] address [# of objects] [environment variable name]
So, when a variable name is specified, "md" sets env. variable with the
memory content.
Regards,
Pascal
--- a/common/cmd_bootm.c
+++ b/common/cmd_bootm.c
@@ -1097,6 +1097,7 @@
static int image_info(ulong addr)
{
void *hdr = (void *)addr;
+ char str[80];
printf("\n## Checking Image at %08lx ...\n", addr);
@@ -1120,6 +1121,16 @@
puts(" Bad Data CRC\n");
return 1;
}
+
+ sprintf(str, "%lx", image_get_data_size(hdr)); /* write data size
into string */
+ setenv("image_data_size", str);
+ sprintf(str, "%lx", image_get_dcrc(hdr)); /* write data crc into
string */
+ setenv("image_data_crc", str);
+ sprintf(str, "%lx", image_get_data(hdr)); /* write data start
address into string */
+ setenv("image_data_addr");
+ sprintf(str, "%lx", image_get_time(hdr)); /* write image timestamp
into string */
+ setenv("image_timestamp", str);
+
puts("OK\n");
return 0;
#if defined(CONFIG_FIT)
-----Original Message-----
From: Marek Vasut
Sent: Monday, February 06, 2012 1:41 PM
To: Pascal Levesque
Cc: u-boot at lists.denx.de
Subject: Re: [U-Boot] Integity validation (checksum) of a squashfs root file
system
> Hi M,
>
> sha1sum does provide a console output but nothing that could be used for
> an
> automated check like crc32 -v...
Make it export an env. variable?
M
>
> Pascal
>
> -----Original Message-----
> From: Marek Vasut
> Sent: Monday, February 06, 2012 11:34 AM
> To: u-boot at lists.denx.de
> Cc: Pascal Levesque
> Subject: Re: [U-Boot] Integity validation (checksum) of a squashfs root
> file system
>
> > Hi,
> >
> > I would like to validate the integrity (checksum) of a squashfs root
> > file
> > system before starting Linux.
> >
> > Current strategy I am using is:
> > - Wrap squashfs rootfs inside a u-boot image
> > - TFTP download on the target
> > - Download validation using iminfo
> > - Save squashfs rootfs in flash without the image header (Linux failed
> > to
> > load squashfs rootfs if u-boot image is present)
> >
> > Problems:
> > - I need to hardcode squashfs rootfs offset in u-boot image in order to
> > be able to flash it - U-Boot image header information (size, crc, ...)
> > is lost after a reboot. It is not possible to check the integrity of the
> > flash content.
> >
> > I would like to save some fields of u-boot image header (size, crc, ...)
> > in u-boot environment variables. And then do an integrity check at boot
> > time.
> >
> > I have not find a way to extract those fields and save them without
> > changing u-boot code. I have added some code to “iminfo” command to set
> > environment variables for CRC, size, payload offset, timestamp.
> >
> > Is it an acceptable way of doing it?
> > Is there a better way of doing it?
> >
> > Thanks in advance,
> >
> > Pascal
>
> Use sha1sum integrated into uboot and stick it at the end?
>
> M
More information about the U-Boot
mailing list