[U-Boot] [PATCH 1/4] bootm: allow to disable legacy image format

Heiko Schocher hs at denx.de
Thu May 8 13:05:15 CEST 2014 

Disabling legacy image format is useful when using
signed FIT images with required signature check.
Use CONFIG_DISABLE_IMAGE_FORMAT_LEGACY in the board
config file.

Signed-off-by: Heiko Schocher <hs at denx.de>
Cc: Simon Glass <sjg at chromium.org>
Cc: Lars Steubesand <lars.steubesand at philips.com>
Cc: Mike Pearce <mike at kaew.be>
Cc: Wolfgang Denk <wd at denx.de>
---
 README                       |  5 +++++
 common/cmd_bootm.c           | 14 ++++++++++++++
 common/cmd_disk.c            |  4 ++++
 common/cmd_fdc.c             |  4 ++++
 common/cmd_fpga.c            |  2 ++
 common/cmd_nand.c            |  4 ++++
 common/cmd_source.c          |  4 ++++
 common/cmd_ximg.c            |  7 ++++++-
 common/image-fdt.c           | 10 ++++++++--
 common/image.c               | 23 ++++++++++++++++-------
 doc/uImage.FIT/signature.txt |  3 +++
 include/image.h              |  2 ++
 12 files changed, 72 insertions(+), 10 deletions(-)

diff --git a/README b/README
index b973344..b1f0ea3 100644
--- a/README
+++ b/README
@@ -3152,6 +3152,11 @@ FIT uImage format:
 		using a hash signed and verified using RSA. See
 		doc/uImage.FIT/signature.txt for more details.
 
+		CONFIG_DISABLE_IMAGE_FORMAT_LEGACY
+		WARNING: When relying on signed FIT images with required
+		signature check the legacy image format should be disabled by
+		using this define.
+
 - Standalone program support:
 		CONFIG_STANDALONE_LOAD_ADDR
 
diff --git a/common/cmd_bootm.c b/common/cmd_bootm.c
index c243a5b..69b86ee 100644
--- a/common/cmd_bootm.c
+++ b/common/cmd_bootm.c
@@ -233,6 +233,7 @@ static int bootm_find_os(cmd_tbl_t *cmdtp, int flag, int argc,
 
 	/* get image parameters */
 	switch (genimg_get_format(os_hdr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		images.os.type = image_get_type(os_hdr);
 		images.os.comp = image_get_comp(os_hdr);
@@ -241,6 +242,7 @@ static int bootm_find_os(cmd_tbl_t *cmdtp, int flag, int argc,
 		images.os.end = image_get_image_end(os_hdr);
 		images.os.load = image_get_load(os_hdr);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		if (fit_image_get_type(images.fit_hdr_os,
@@ -838,6 +840,7 @@ int bootm_maybe_autostart(cmd_tbl_t *cmdtp, const char *cmd)
 	return 0;
 }
 
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 /**
  * image_get_kernel - verify legacy format kernel image
  * @img_addr: in RAM address of the legacy format image to be verified
@@ -888,6 +891,7 @@ static image_header_t *image_get_kernel(ulong img_addr, int verify)
 	}
 	return hdr;
 }
+#endif
 
 /**
  * boot_get_kernel - find kernel image
@@ -905,7 +909,9 @@ static const void *boot_get_kernel(cmd_tbl_t *cmdtp, int flag, int argc,
 		char * const argv[], bootm_headers_t *images, ulong *os_data,
 		ulong *os_len)
 {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	image_header_t	*hdr;
+#endif
 	ulong		img_addr;
 	const void *buf;
 #if defined(CONFIG_FIT)
@@ -943,6 +949,7 @@ static const void *boot_get_kernel(cmd_tbl_t *cmdtp, int flag, int argc,
 	*os_data = *os_len = 0;
 	buf = map_sysmem(img_addr, 0);
 	switch (genimg_get_format(buf)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		printf("## Booting kernel from Legacy Image at %08lx ...\n",
 				img_addr);
@@ -985,6 +992,7 @@ static const void *boot_get_kernel(cmd_tbl_t *cmdtp, int flag, int argc,
 		images->legacy_hdr_valid = 1;
 		bootstage_mark(BOOTSTAGE_ID_DECOMP_IMAGE);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		os_noffset = fit_image_load(images, FIT_KERNEL_PROP,
@@ -1114,6 +1122,7 @@ static int image_info(ulong addr)
 	printf("\n## Checking Image at %08lx ...\n", addr);
 
 	switch (genimg_get_format(hdr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		puts("   Legacy image found\n");
 		if (!image_check_magic(hdr)) {
@@ -1135,6 +1144,7 @@ static int image_info(ulong addr)
 		}
 		puts("OK\n");
 		return 0;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		puts("   FIT image found\n");
@@ -1194,6 +1204,7 @@ static int do_imls_nor(void)
 				goto next_sector;
 
 			switch (genimg_get_format(hdr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 			case IMAGE_FORMAT_LEGACY:
 				if (!image_check_hcrc(hdr))
 					goto next_sector;
@@ -1208,6 +1219,7 @@ static int do_imls_nor(void)
 					puts("OK\n");
 				}
 				break;
+#endif
 #if defined(CONFIG_FIT)
 			case IMAGE_FORMAT_FIT:
 				if (!fit_check_format(hdr))
@@ -1342,12 +1354,14 @@ static int do_imls_nand(void)
 			}
 
 			switch (genimg_get_format(buffer)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 			case IMAGE_FORMAT_LEGACY:
 				header = (const image_header_t *)buffer;
 
 				len = image_get_image_size(header);
 				nand_imls_legacyimage(nand, nand_dev, off, len);
 				break;
+#endif
 #if defined(CONFIG_FIT)
 			case IMAGE_FORMAT_FIT:
 				len = fit_get_size(buffer);
diff --git a/common/cmd_disk.c b/common/cmd_disk.c
index 3e457f6..9b1ba7f 100644
--- a/common/cmd_disk.c
+++ b/common/cmd_disk.c
@@ -17,7 +17,9 @@ int common_diskboot(cmd_tbl_t *cmdtp, const char *intf, int argc,
 	ulong addr = CONFIG_SYS_LOAD_ADDR;
 	ulong cnt;
 	disk_partition_t info;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	image_header_t *hdr;
+#endif
 	block_dev_desc_t *dev_desc;
 
 #if defined(CONFIG_FIT)
@@ -62,6 +64,7 @@ int common_diskboot(cmd_tbl_t *cmdtp, const char *intf, int argc,
 	bootstage_mark(BOOTSTAGE_ID_IDE_PART_READ);
 
 	switch (genimg_get_format((void *) addr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		hdr = (image_header_t *) addr;
 
@@ -78,6 +81,7 @@ int common_diskboot(cmd_tbl_t *cmdtp, const char *intf, int argc,
 
 		cnt = image_get_image_size(hdr);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		fit_hdr = (const void *) addr;
diff --git a/common/cmd_fdc.c b/common/cmd_fdc.c
index 1cfb656..409a216 100644
--- a/common/cmd_fdc.c
+++ b/common/cmd_fdc.c
@@ -635,7 +635,9 @@ int do_fdcboot (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 	FD_GEO_STRUCT *pFG = (FD_GEO_STRUCT *)floppy_type;
 	FDC_COMMAND_STRUCT *pCMD = &cmd;
 	unsigned long addr,imsize;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	image_header_t *hdr;  /* used for fdc boot */
+#endif
 	unsigned char boot_drive;
 	int i,nrofblk;
 #if defined(CONFIG_FIT)
@@ -689,12 +691,14 @@ int do_fdcboot (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 	}
 
 	switch (genimg_get_format ((void *)addr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		hdr = (image_header_t *)addr;
 		image_print_contents (hdr);
 
 		imsize = image_get_image_size (hdr);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		fit_hdr = (const void *)addr;
diff --git a/common/cmd_fpga.c b/common/cmd_fpga.c
index 010cd24..34eb3f0 100644
--- a/common/cmd_fpga.c
+++ b/common/cmd_fpga.c
@@ -155,6 +155,7 @@ int do_fpga(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 
 	case FPGA_LOADMK:
 		switch (genimg_get_format(fpga_data)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 		case IMAGE_FORMAT_LEGACY:
 			{
 				image_header_t *hdr =
@@ -182,6 +183,7 @@ int do_fpga(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
 				rc = fpga_load(dev, (void *)data, data_size);
 			}
 			break;
+#endif
 #if defined(CONFIG_FIT)
 		case IMAGE_FORMAT_FIT:
 			{
diff --git a/common/cmd_nand.c b/common/cmd_nand.c
index 04ab0f1..67d0796 100644
--- a/common/cmd_nand.c
+++ b/common/cmd_nand.c
@@ -904,7 +904,9 @@ static int nand_load_image(cmd_tbl_t *cmdtp, nand_info_t *nand,
 	int r;
 	char *s;
 	size_t cnt;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	image_header_t *hdr;
+#endif
 #if defined(CONFIG_FIT)
 	const void *fit_hdr = NULL;
 #endif
@@ -930,6 +932,7 @@ static int nand_load_image(cmd_tbl_t *cmdtp, nand_info_t *nand,
 	bootstage_mark(BOOTSTAGE_ID_NAND_HDR_READ);
 
 	switch (genimg_get_format ((void *)addr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		hdr = (image_header_t *)addr;
 
@@ -938,6 +941,7 @@ static int nand_load_image(cmd_tbl_t *cmdtp, nand_info_t *nand,
 
 		cnt = image_get_image_size (hdr);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		fit_hdr = (const void *)addr;
diff --git a/common/cmd_source.c b/common/cmd_source.c
index 54ffd16..51043a1 100644
--- a/common/cmd_source.c
+++ b/common/cmd_source.c
@@ -29,7 +29,9 @@ int
 source (ulong addr, const char *fit_uname)
 {
 	ulong		len;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	const image_header_t *hdr;
+#endif
 	ulong		*data;
 	int		verify;
 	void *buf;
@@ -44,6 +46,7 @@ source (ulong addr, const char *fit_uname)
 
 	buf = map_sysmem(addr, 0);
 	switch (genimg_get_format(buf)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 		hdr = buf;
 
@@ -84,6 +87,7 @@ source (ulong addr, const char *fit_uname)
 		 */
 		while (*data++);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		if (fit_uname == NULL) {
diff --git a/common/cmd_ximg.c b/common/cmd_ximg.c
index 65a8319..527b1bd 100644
--- a/common/cmd_ximg.c
+++ b/common/cmd_ximg.c
@@ -32,10 +32,13 @@ do_imgextract(cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[])
 {
 	ulong		addr = load_addr;
 	ulong		dest = 0;
-	ulong		data, len, count;
+	ulong		data, len;
 	int		verify;
 	int		part = 0;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
+	ulong		count;
 	image_header_t	*hdr = NULL;
+#endif
 #if defined(CONFIG_FIT)
 	const char	*uname = NULL;
 	const void*	fit_hdr;
@@ -64,6 +67,7 @@ do_imgextract(cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[])
 	}
 
 	switch (genimg_get_format((void *)addr)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	case IMAGE_FORMAT_LEGACY:
 
 		printf("## Copying part %d from legacy image "
@@ -114,6 +118,7 @@ do_imgextract(cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[])
 
 		image_multi_getimg(hdr, part, &data, &len);
 		break;
+#endif
 #if defined(CONFIG_FIT)
 	case IMAGE_FORMAT_FIT:
 		if (uname == NULL) {
diff --git a/common/image-fdt.c b/common/image-fdt.c
index a54a919..2a3262d 100644
--- a/common/image-fdt.c
+++ b/common/image-fdt.c
@@ -29,6 +29,7 @@ static void fdt_error(const char *msg)
 	puts(" - must RESET the board to recover.\n");
 }
 
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 static const image_header_t *image_get_fdt(ulong fdt_addr)
 {
 	const image_header_t *fdt_hdr = map_sysmem(fdt_addr, 0);
@@ -61,6 +62,7 @@ static const image_header_t *image_get_fdt(ulong fdt_addr)
 	}
 	return fdt_hdr;
 }
+#endif
 
 /**
  * boot_fdt_add_mem_rsv_regions - Mark the memreserve sections as unusable
@@ -220,11 +222,13 @@ error:
 int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch,
 		bootm_headers_t *images, char **of_flat_tree, ulong *of_size)
 {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	const image_header_t *fdt_hdr;
+	ulong		load, load_end;
+	ulong		image_start, image_data, image_end;
+#endif
 	ulong		fdt_addr;
 	char		*fdt_blob = NULL;
-	ulong		image_start, image_data, image_end;
-	ulong		load, load_end;
 	void		*buf;
 #if defined(CONFIG_FIT)
 	const char	*fit_uname_config = images->fit_uname_cfg;
@@ -298,6 +302,7 @@ int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch,
 		 */
 		buf = map_sysmem(fdt_addr, 0);
 		switch (genimg_get_format(buf)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 		case IMAGE_FORMAT_LEGACY:
 			/* verify fdt_addr points to a valid image header */
 			printf("## Flattened Device Tree from Legacy Image at %08lx\n",
@@ -337,6 +342,7 @@ int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch,
 
 			fdt_addr = load;
 			break;
+#endif
 		case IMAGE_FORMAT_FIT:
 			/*
 			 * This case will catch both: new uImage format
diff --git a/common/image.c b/common/image.c
index 9c6bec5..ae7105e 100644
--- a/common/image.c
+++ b/common/image.c
@@ -44,8 +44,10 @@ extern int do_bdinfo(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]);
 
 DECLARE_GLOBAL_DATA_PTR;
 
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 static const image_header_t *image_get_ramdisk(ulong rd_addr, uint8_t arch,
 						int verify);
+#endif
 #else
 #include "mkimage.h"
 #include <u-boot/md5.h>
@@ -328,6 +330,7 @@ void image_print_contents(const void *ptr)
 
 
 #ifndef USE_HOSTCC
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 /**
  * image_get_ramdisk - get and verify ramdisk image
  * @rd_addr: ramdisk image start address
@@ -389,6 +392,7 @@ static const image_header_t *image_get_ramdisk(ulong rd_addr, uint8_t arch,
 
 	return rd_hdr;
 }
+#endif
 #endif /* !USE_HOSTCC */
 
 /*****************************************************************************/
@@ -652,20 +656,19 @@ int genimg_get_comp_id(const char *name)
  */
 int genimg_get_format(const void *img_addr)
 {
-	ulong format = IMAGE_FORMAT_INVALID;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	const image_header_t *hdr;
 
 	hdr = (const image_header_t *)img_addr;
 	if (image_check_magic(hdr))
-		format = IMAGE_FORMAT_LEGACY;
+		return IMAGE_FORMAT_LEGACY;
+#endif
 #if defined(CONFIG_FIT) || defined(CONFIG_OF_LIBFDT)
-	else {
-		if (fdt_check_header(img_addr) == 0)
-			format = IMAGE_FORMAT_FIT;
-	}
+	if (fdt_check_header(img_addr) == 0)
+			return IMAGE_FORMAT_FIT;
 #endif
 
-	return format;
+	return IMAGE_FORMAT_INVALID;
 }
 
 /**
@@ -707,12 +710,14 @@ ulong genimg_get_image(ulong img_addr)
 
 		/* get data size */
 		switch (genimg_get_format(buf)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 		case IMAGE_FORMAT_LEGACY:
 			d_size = image_get_data_size(buf);
 			debug("   Legacy format image found at 0x%08lx, "
 					"size 0x%08lx\n",
 					ram_addr, d_size);
 			break;
+#endif
 #if defined(CONFIG_FIT)
 		case IMAGE_FORMAT_FIT:
 			d_size = fit_get_size(buf) - h_size;
@@ -788,7 +793,9 @@ int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images,
 {
 	ulong rd_addr, rd_load;
 	ulong rd_data, rd_len;
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 	const image_header_t *rd_hdr;
+#endif
 	void *buf;
 #ifdef CONFIG_SUPPORT_RAW_INITRD
 	char *end;
@@ -871,6 +878,7 @@ int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images,
 		 */
 		buf = map_sysmem(rd_addr, 0);
 		switch (genimg_get_format(buf)) {
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 		case IMAGE_FORMAT_LEGACY:
 			printf("## Loading init Ramdisk from Legacy "
 					"Image at %08lx ...\n", rd_addr);
@@ -886,6 +894,7 @@ int boot_get_ramdisk(int argc, char * const argv[], bootm_headers_t *images,
 			rd_len = image_get_data_size(rd_hdr);
 			rd_load = image_get_load(rd_hdr);
 			break;
+#endif
 #if defined(CONFIG_FIT)
 		case IMAGE_FORMAT_FIT:
 			rd_noffset = fit_image_load(images, FIT_RAMDISK_PROP,
diff --git a/doc/uImage.FIT/signature.txt b/doc/uImage.FIT/signature.txt
index 9502037..4e32aa0 100644
--- a/doc/uImage.FIT/signature.txt
+++ b/doc/uImage.FIT/signature.txt
@@ -328,6 +328,9 @@ be enabled:
 CONFIG_FIT_SIGNATURE - enable signing and verfication in FITs
 CONFIG_RSA - enable RSA algorithm for signing
 
+WARNING: When relying on signed FIT images with required signature check
+the legacy image format should be disabled by using
+CONFIG_DISABLE_IMAGE_FORMAT_LEGACY
 
 Testing
 -------
diff --git a/include/image.h b/include/image.h
index 2508d7d..c46b1e0 100644
--- a/include/image.h
+++ b/include/image.h
@@ -410,7 +410,9 @@ enum fit_load_op {
 #ifndef USE_HOSTCC
 /* Image format types, returned by _get_format() routine */
 #define IMAGE_FORMAT_INVALID	0x00
+#if !defined(CONFIG_DISABLE_IMAGE_FORMAT_LEGACY)
 #define IMAGE_FORMAT_LEGACY	0x01	/* legacy image_header based format */
+#endif
 #define IMAGE_FORMAT_FIT	0x02	/* new, libfdt based format */
 
 int genimg_get_format(const void *img_addr);
-- 
1.8.3.1

More information about the U-Boot mailing list