[U-Boot] [PATCH 10/11] Enhance fit_check_sign to check all images

Simon Glass sjg at chromium.org
Tue Jun 3 06:39:50 CEST 2014 

At present this tool only checks the configuration signing. Have it also
look at each of the images in the configuration and confirm that they
verify.

Signed-off-by: Simon Glass <sjg at chromium.org>
---

 common/bootm.c         | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++
 common/image-fit.c     |  3 ++-
 include/bootm.h        |  2 ++
 include/image.h        |  5 +++-
 tools/fit_check_sign.c |  7 +++--
 tools/image-host.c     | 12 ++++++---
 6 files changed, 93 insertions(+), 7 deletions(-)

diff --git a/common/bootm.c b/common/bootm.c
index 0cfb7f8..a01b7b8 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -242,6 +242,7 @@ static int bootm_find_other(cmd_tbl_t *cmdtp, int flag, int argc,
 
 	return 0;
 }
+#endif /* USE_HOSTCC */
 
 /**
  * decomp_image() - decompress the operating system
@@ -351,6 +352,7 @@ static int decomp_image(int comp, ulong load, ulong image_start, int type,
 	return 0;
 }
 
+#ifndef USE_HOSTCC
 static int bootm_load_os(bootm_headers_t *images, unsigned long *load_end,
 			 int boot_progress)
 {
@@ -830,5 +832,74 @@ static const void *boot_get_kernel(cmd_tbl_t *cmdtp, int flag, int argc,
 
 	return buf;
 }
+#else /* USE_HOSTCC */
+
+void memmove_wd(void *to, void *from, size_t len, ulong chunksz)
+{
+	memmove(to, from, len);
+}
+
+static int bootm_host_load_image(const void *fit, int req_image_type)
+{
+	const char *fit_uname_config = NULL;
+	ulong data, len;
+	bootm_headers_t images;
+	int noffset;
+	ulong load_end;
+	uint8_t image_type;
+	uint8_t imape_comp;
+	void *load_buf;
+	int ret;
+
+	memset(&images, '\0', sizeof(images));
+	images.verify = 1;
+	noffset = fit_image_load(&images, (ulong)fit,
+		NULL, &fit_uname_config,
+		IH_ARCH_DEFAULT, req_image_type, -1,
+		FIT_LOAD_IGNORED, &data, &len);
+	if (noffset < 0)
+		return noffset;
+	if (fit_image_get_type(fit, noffset, &image_type)) {
+		puts("Can't get image type!\n");
+		return -EINVAL;
+	}
+
+	if (fit_image_get_comp(fit, noffset, &imape_comp)) {
+		puts("Can't get image compression!\n");
+		return -EINVAL;
+	}
+
+	/* Allow the image to expand by a factor of 4, should be safe */
+	load_buf = malloc((1 << 20) + len * 4);
+	ret = decomp_image(imape_comp, 0, data, image_type, load_buf,
+			   (void *)data, len, &load_end);
+	free(load_buf);
+	if (ret && ret != BOOTM_ERR_UNIMPLEMENTED)
+		return ret;
+
+	return 0;
+}
+
+int bootm_host_load_images(const void *fit, int cfg_noffset)
+{
+	static uint8_t image_types[] = {
+		IH_TYPE_KERNEL,
+		IH_TYPE_FLATDT,
+		IH_TYPE_RAMDISK,
+	};
+	int err = 0;
+	int i;
+
+	for (i = 0; i < ARRAY_SIZE(image_types); i++) {
+		int ret;
+
+		ret = bootm_host_load_image(fit, image_types[i]);
+		if (!err && ret && ret != -ENOENT)
+			err = ret;
+	}
+
+	/* Return the first error we found */
+	return err;
+}
 
 #endif /* ndef USE_HOSTCC */
diff --git a/common/image-fit.c b/common/image-fit.c
index 83fac9a..3311343 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -1591,12 +1591,13 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
 	}
 
 	bootstage_mark(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
+#ifndef USE_HOSTCC
 	if (!fit_image_check_target_arch(fit, noffset)) {
 		puts("Unsupported Architecture\n");
 		bootstage_error(bootstage_id + BOOTSTAGE_SUB_CHECK_ARCH);
 		return -ENOEXEC;
 	}
-
+#endif
 	if (image_type == IH_TYPE_FLATDT &&
 	    !fit_image_check_comp(fit, noffset, IH_COMP_NONE)) {
 		puts("FDT image is compressed");
diff --git a/include/bootm.h b/include/bootm.h
index 0a3ec56..4a308d8 100644
--- a/include/bootm.h
+++ b/include/bootm.h
@@ -41,6 +41,8 @@ void lynxkdi_boot(image_header_t *hdr);
 
 boot_os_fn *bootm_os_get_boot_func(int os);
 
+int bootm_host_load_images(const void *fit, int cfg_noffset);
+
 int boot_selected_os(int argc, char * const argv[], int state,
 		     bootm_headers_t *images, boot_os_fn *boot_fn);
 
diff --git a/include/image.h b/include/image.h
index 142c647..7164a98 100644
--- a/include/image.h
+++ b/include/image.h
@@ -422,6 +422,7 @@ ulong genimg_get_image(ulong img_addr);
 
 int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images,
 		uint8_t arch, ulong *rd_start, ulong *rd_end);
+#endif
 
 /**
  * fit_image_load() - load an image from a FIT
@@ -451,12 +452,14 @@ int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images,
  * @param load_op	Decribes what to do with the load address
  * @param datap		Returns address of loaded image
  * @param lenp		Returns length of loaded image
+ * @return node offset of image, or -ve error code on error
  */
 int fit_image_load(bootm_headers_t *images, ulong addr,
 		   const char **fit_unamep, const char **fit_uname_configp,
 		   int arch, int image_type, int bootstage_id,
 		   enum fit_load_op load_op, ulong *datap, ulong *lenp);
 
+#ifndef USE_HOSTCC
 /**
  * fit_get_node_from_config() - Look up an image a FIT by type
  *
@@ -601,8 +604,8 @@ int image_check_dcrc(const image_header_t *hdr);
 ulong getenv_bootm_low(void);
 phys_size_t getenv_bootm_size(void);
 phys_size_t getenv_bootm_mapsize(void);
-void memmove_wd(void *to, void *from, size_t len, ulong chunksz);
 #endif
+void memmove_wd(void *to, void *from, size_t len, ulong chunksz);
 
 static inline int image_check_magic(const image_header_t *hdr)
 {
diff --git a/tools/fit_check_sign.c b/tools/fit_check_sign.c
index 768be2f..69e99c0 100644
--- a/tools/fit_check_sign.c
+++ b/tools/fit_check_sign.c
@@ -80,10 +80,13 @@ int main(int argc, char **argv)
 
 	image_set_host_blob(key_blob);
 	ret = fit_check_sign(fit_blob, key_blob);
-	if (!ret)
+	if (!ret) {
 		ret = EXIT_SUCCESS;
-	else
+		fprintf(stderr, "Signature check OK\n");
+	} else {
 		ret = EXIT_FAILURE;
+		fprintf(stderr, "Signature check Bad (error %d)\n", ret);
+	}
 
 	(void) munmap((void *)fit_blob, fsbuf.st_size);
 	(void) munmap((void *)key_blob, ksbuf.st_size);
diff --git a/tools/image-host.c b/tools/image-host.c
index 2be5e80..c7fc94b 100644
--- a/tools/image-host.c
+++ b/tools/image-host.c
@@ -10,6 +10,7 @@
  */
 
 #include "mkimage.h"
+#include <bootm.h>
 #include <image.h>
 #include <version.h>
 
@@ -705,16 +706,21 @@ int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
 }
 
 #ifdef CONFIG_FIT_SIGNATURE
-int fit_check_sign(const void *working_fdt, const void *key)
+int fit_check_sign(const void *fit, const void *key)
 {
 	int cfg_noffset;
 	int ret;
 
-	cfg_noffset = fit_conf_get_node(working_fdt, NULL);
+	cfg_noffset = fit_conf_get_node(fit, NULL);
 	if (!cfg_noffset)
 		return -1;
 
-	ret = fit_config_verify(working_fdt, cfg_noffset);
+	printf("Verifying Hash Integrity ... ");
+	ret = fit_config_verify(fit, cfg_noffset);
+	if (ret)
+		return ret;
+	ret = bootm_host_load_images(fit, cfg_noffset);
+
 	return ret;
 }
 #endif
-- 
1.9.1.423.g4596e3a

More information about the U-Boot mailing list