mail archive of the barebox mailing list
 help / color / mirror / Atom feed
From: "Ulrich Ölmann" <u.oelmann@pengutronix.de>
To: Barebox List <barebox@lists.infradead.org>
Subject: [PATCH 2/2] images: add function to verify checksum in barebox header
Date: Mon, 23 May 2016 13:48:42 +0200	[thread overview]
Message-ID: <1464004122-15815-3-git-send-email-u.oelmann@pengutronix.de> (raw)
In-Reply-To: <1464004122-15815-1-git-send-email-u.oelmann@pengutronix.de>

From: Jan Luebbe <jlu@pengutronix.de>

Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
---
 common/Kconfig         |  9 ++++++
 common/Makefile        |  1 +
 common/barebox-image.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++
 include/common.h       |  9 ++++++
 4 files changed, 104 insertions(+)
 create mode 100644 common/barebox-image.c

diff --git a/common/Kconfig b/common/Kconfig
index 928db0a159e1..bebbb614509d 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -580,6 +580,15 @@ config IMD_TARGET
 	depends on IMD
 	depends on !SANDBOX
 
+config VERIFY_EMBEDDED_CRC
+	prompt "Verify the CRC checksum embedded into barebox images"
+	bool
+	select CRC32
+	help
+	  If you say Y here, the CRC checksum that is embedded into every
+	  barebox image directly after the header can be verified to guarantee
+	  the integrity of the image.
+
 config KERNEL_INSTALL_TARGET
 	bool
 	depends on !SANDBOX
diff --git a/common/Makefile b/common/Makefile
index 99681e21215b..0106f0fe7bd9 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -48,6 +48,7 @@ obj-$(CONFIG_STATE)		+= state.o
 obj-$(CONFIG_RATP)		+= ratp.o
 obj-$(CONFIG_UIMAGE)		+= image.o uimage.o
 obj-$(CONFIG_FITIMAGE)		+= image-fit.o
+obj-$(CONFIG_VERIFY_EMBEDDED_CRC) += barebox-image.o
 obj-$(CONFIG_MENUTREE)		+= menutree.o
 obj-$(CONFIG_EFI_GUID)		+= efi-guid.o
 obj-$(CONFIG_EFI_DEVICEPATH)	+= efi-devicepath.o
diff --git a/common/barebox-image.c b/common/barebox-image.c
new file mode 100644
index 000000000000..733d9ea2ecdf
--- /dev/null
+++ b/common/barebox-image.c
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2016 Pengutronix, Jan Luebbe <j.luebbe@pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+#include <common.h>
+#include <io.h>
+#include <filetype.h>
+
+static inline size_t get_barebox_head_size(const void *buf)
+{
+	if (is_barebox_arm_head(buf))
+		return ARM_HEAD_SIZE;
+	else if (is_barebox_mips_head(buf))
+		return MIPS_HEAD_SIZE;
+
+	return 0;
+}
+
+static inline size_t get_barebox_head_size_offset(const void *buf)
+{
+	if (is_barebox_arm_head(buf))
+		return ARM_HEAD_SIZE_OFFSET;
+	else if (is_barebox_mips_head(buf))
+		return MIPS_HEAD_SIZE_OFFSET;
+
+	return 0;
+}
+
+bool barebox_verify_image(void *buf, size_t bufsize)
+{
+	unsigned int *psize;
+	size_t head_size;
+	uint32_t crc = 0;
+	uint32_t *p;
+
+	if (bufsize < ARM_HEAD_SIZE) {
+		pr_err("buffer is smaller than ARM_HEAD_SIZE\n");
+		return false;
+	}
+
+	head_size = get_barebox_head_size(buf);
+	if (!head_size) {
+		pr_err("image does not contain a barebox header\n");
+		return false;
+	}
+
+	psize = buf + get_barebox_head_size_offset(buf);
+
+	if (bufsize < *psize) {
+		pr_err("buffer is too small for image\n");
+		return false;
+	}
+
+	if (*psize < head_size + 2 * sizeof(uint32_t)) {
+		pr_err("image is too small\n");
+		return false;
+	}
+
+	p = buf + head_size;
+
+	if (strcmp((const char*) p, BAREBOX_CRC_MAGIC_VALUE)) {
+		pr_debug("image does not contain a checksum\n");
+		return true;
+	}
+
+	crc = crc32(crc, buf, head_size + sizeof(uint32_t));
+	crc = crc32(crc, buf + head_size + 2 * sizeof(uint32_t),
+			*psize - (head_size + 2 * sizeof(uint32_t)));
+	crc = cpu_to_be32(crc);
+
+	if (crc != *(p + 1)) {
+		pr_err("embedded checksum is faulty\n");
+		return false;
+	}
+
+	return true;
+}
diff --git a/include/common.h b/include/common.h
index 680a0affb6bc..9200328c3e10 100644
--- a/include/common.h
+++ b/include/common.h
@@ -164,4 +164,13 @@ static inline bool region_overlap(unsigned long starta, unsigned long lena,
 	return 1;
 }
 
+#ifdef CONFIG_VERIFY_EMBEDDED_CRC
+bool barebox_verify_image(void*, size_t);
+#else
+static inline bool barebox_verify_image(void *buf, size_t bufsize)
+{
+	return true;
+}
+#endif
+
 #endif	/* __COMMON_H_ */
-- 
2.8.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

  parent reply	other threads:[~2016-05-23 11:49 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-23 11:48 [PATCH 0/2] evaluate integrity of a barebox image Ulrich Ölmann
2016-05-23 11:48 ` [PATCH 1/2] images: write checksum into barebox header Ulrich Ölmann
2016-05-23 11:48 ` Ulrich Ölmann [this message]
2016-05-30  6:06   ` [PATCH 2/2] images: add function to verify checksum in " Sascha Hauer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1464004122-15815-3-git-send-email-u.oelmann@pengutronix.de \
    --to=u.oelmann@pengutronix.de \
    --cc=barebox@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox