From: "Ulrich Ölmann" <u.oelmann@pengutronix.de>
To: Barebox List <barebox@lists.infradead.org>
Subject: [PATCH 2/2] images: add function to verify checksum in barebox header
Date: Mon, 23 May 2016 13:48:42 +0200 [thread overview]
Message-ID: <1464004122-15815-3-git-send-email-u.oelmann@pengutronix.de> (raw)
In-Reply-To: <1464004122-15815-1-git-send-email-u.oelmann@pengutronix.de>
From: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
---
common/Kconfig | 9 ++++++
common/Makefile | 1 +
common/barebox-image.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++
include/common.h | 9 ++++++
4 files changed, 104 insertions(+)
create mode 100644 common/barebox-image.c
diff --git a/common/Kconfig b/common/Kconfig
index 928db0a159e1..bebbb614509d 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -580,6 +580,15 @@ config IMD_TARGET
depends on IMD
depends on !SANDBOX
+config VERIFY_EMBEDDED_CRC
+ prompt "Verify the CRC checksum embedded into barebox images"
+ bool
+ select CRC32
+ help
+ If you say Y here, the CRC checksum that is embedded into every
+ barebox image directly after the header can be verified to guarantee
+ the integrity of the image.
+
config KERNEL_INSTALL_TARGET
bool
depends on !SANDBOX
diff --git a/common/Makefile b/common/Makefile
index 99681e21215b..0106f0fe7bd9 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -48,6 +48,7 @@ obj-$(CONFIG_STATE) += state.o
obj-$(CONFIG_RATP) += ratp.o
obj-$(CONFIG_UIMAGE) += image.o uimage.o
obj-$(CONFIG_FITIMAGE) += image-fit.o
+obj-$(CONFIG_VERIFY_EMBEDDED_CRC) += barebox-image.o
obj-$(CONFIG_MENUTREE) += menutree.o
obj-$(CONFIG_EFI_GUID) += efi-guid.o
obj-$(CONFIG_EFI_DEVICEPATH) += efi-devicepath.o
diff --git a/common/barebox-image.c b/common/barebox-image.c
new file mode 100644
index 000000000000..733d9ea2ecdf
--- /dev/null
+++ b/common/barebox-image.c
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2016 Pengutronix, Jan Luebbe <j.luebbe@pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ */
+#include <common.h>
+#include <io.h>
+#include <filetype.h>
+
+static inline size_t get_barebox_head_size(const void *buf)
+{
+ if (is_barebox_arm_head(buf))
+ return ARM_HEAD_SIZE;
+ else if (is_barebox_mips_head(buf))
+ return MIPS_HEAD_SIZE;
+
+ return 0;
+}
+
+static inline size_t get_barebox_head_size_offset(const void *buf)
+{
+ if (is_barebox_arm_head(buf))
+ return ARM_HEAD_SIZE_OFFSET;
+ else if (is_barebox_mips_head(buf))
+ return MIPS_HEAD_SIZE_OFFSET;
+
+ return 0;
+}
+
+bool barebox_verify_image(void *buf, size_t bufsize)
+{
+ unsigned int *psize;
+ size_t head_size;
+ uint32_t crc = 0;
+ uint32_t *p;
+
+ if (bufsize < ARM_HEAD_SIZE) {
+ pr_err("buffer is smaller than ARM_HEAD_SIZE\n");
+ return false;
+ }
+
+ head_size = get_barebox_head_size(buf);
+ if (!head_size) {
+ pr_err("image does not contain a barebox header\n");
+ return false;
+ }
+
+ psize = buf + get_barebox_head_size_offset(buf);
+
+ if (bufsize < *psize) {
+ pr_err("buffer is too small for image\n");
+ return false;
+ }
+
+ if (*psize < head_size + 2 * sizeof(uint32_t)) {
+ pr_err("image is too small\n");
+ return false;
+ }
+
+ p = buf + head_size;
+
+ if (strcmp((const char*) p, BAREBOX_CRC_MAGIC_VALUE)) {
+ pr_debug("image does not contain a checksum\n");
+ return true;
+ }
+
+ crc = crc32(crc, buf, head_size + sizeof(uint32_t));
+ crc = crc32(crc, buf + head_size + 2 * sizeof(uint32_t),
+ *psize - (head_size + 2 * sizeof(uint32_t)));
+ crc = cpu_to_be32(crc);
+
+ if (crc != *(p + 1)) {
+ pr_err("embedded checksum is faulty\n");
+ return false;
+ }
+
+ return true;
+}
diff --git a/include/common.h b/include/common.h
index 680a0affb6bc..9200328c3e10 100644
--- a/include/common.h
+++ b/include/common.h
@@ -164,4 +164,13 @@ static inline bool region_overlap(unsigned long starta, unsigned long lena,
return 1;
}
+#ifdef CONFIG_VERIFY_EMBEDDED_CRC
+bool barebox_verify_image(void*, size_t);
+#else
+static inline bool barebox_verify_image(void *buf, size_t bufsize)
+{
+ return true;
+}
+#endif
+
#endif /* __COMMON_H_ */
--
2.8.1
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
next prev parent reply other threads:[~2016-05-23 11:49 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-23 11:48 [PATCH 0/2] evaluate integrity of a barebox image Ulrich Ölmann
2016-05-23 11:48 ` [PATCH 1/2] images: write checksum into barebox header Ulrich Ölmann
2016-05-23 11:48 ` Ulrich Ölmann [this message]
2016-05-30 6:06 ` [PATCH 2/2] images: add function to verify checksum in " Sascha Hauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1464004122-15815-3-git-send-email-u.oelmann@pengutronix.de \
--to=u.oelmann@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox