From: Michael Olbrich <m.olbrich@pengutronix.de>
To: barebox@lists.infradead.org
Subject: Re: [PATCH 01/13] bootm: move open to image_handler
Date: Sun, 26 Mar 2017 09:57:51 +0200 [thread overview]
Message-ID: <20170326075751.i2b7jpo2nscpqvew@pengutronix.de> (raw)
In-Reply-To: <1490496304-30850-1-git-send-email-plagnioj@jcrosoft.com>
On Sun, Mar 26, 2017 at 04:44:52AM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> ---
> arch/arm/lib/bootm.c | 2 +
> arch/blackfin/lib/blackfin_linux.c | 1 +
> arch/nios2/lib/bootm.c | 1 +
> arch/ppc/lib/ppclinux.c | 1 +
> common/bootm.c | 79 ++++++++++++--------------------------
> common/image-fit.c | 14 +++++++
> common/misc.c | 1 +
> common/uimage.c | 32 +++++++++++++++
> include/bootm.h | 1 +
> include/image-fit.h | 1 +
> include/image.h | 2 +
> 11 files changed, 80 insertions(+), 55 deletions(-)
>
> diff --git a/arch/arm/lib/bootm.c b/arch/arm/lib/bootm.c
> index 8068a53be..204344f87 100644
> --- a/arch/arm/lib/bootm.c
> +++ b/arch/arm/lib/bootm.c
> @@ -217,6 +217,7 @@ static int do_bootm_linux(struct image_data *data)
>
> static struct image_handler uimage_handler = {
> .name = "ARM Linux uImage",
> + .open = uimage_bootm_open,
> .bootm = do_bootm_linux,
> .filetype = filetype_uimage,
> .ih_os = IH_OS_LINUX,
> @@ -579,6 +580,7 @@ BAREBOX_MAGICVAR(aimage_noverwrite_tags, "Disable overwrite of the tags addr wit
>
> static struct image_handler arm_fit_handler = {
> .name = "FIT image",
> + .open = fit_bootm_open,
> .bootm = do_bootm_linux,
> .filetype = filetype_oftree,
> };
> diff --git a/arch/blackfin/lib/blackfin_linux.c b/arch/blackfin/lib/blackfin_linux.c
> index 5ebd284d1..27002eadb 100644
> --- a/arch/blackfin/lib/blackfin_linux.c
> +++ b/arch/blackfin/lib/blackfin_linux.c
> @@ -68,6 +68,7 @@ static int do_bootm_linux(struct image_data *idata)
>
> static struct image_handler handler = {
> .name = "Blackfin Linux",
> + .open = uimage_bootm_open,
> .bootm = do_bootm_linux,
> .filetype = filetype_uimage,
> .ih_os = IH_OS_LINUX,
> diff --git a/arch/nios2/lib/bootm.c b/arch/nios2/lib/bootm.c
> index 34908bde3..f1b3c2624 100644
> --- a/arch/nios2/lib/bootm.c
> +++ b/arch/nios2/lib/bootm.c
> @@ -69,6 +69,7 @@ static int do_bootm_linux(struct image_data *idata)
>
> static struct image_handler handler = {
> .name = "NIOS2 Linux",
> + .open = uimage_bootm_open,
> .bootm = do_bootm_linux,
> .filetype = filetype_uimage,
> .ih_os = IH_OS_LINUX,
> diff --git a/arch/ppc/lib/ppclinux.c b/arch/ppc/lib/ppclinux.c
> index 3fca6b272..c882938fa 100644
> --- a/arch/ppc/lib/ppclinux.c
> +++ b/arch/ppc/lib/ppclinux.c
> @@ -100,6 +100,7 @@ error:
>
> static struct image_handler handler = {
> .name = "PowerPC Linux",
> + .open = uimage_bootm_open,
> .bootm = do_bootm_linux,
> .filetype = filetype_uimage,
> .ih_os = IH_OS_LINUX,
> diff --git a/common/bootm.c b/common/bootm.c
> index 81625d915..64c933b3c 100644
> --- a/common/bootm.c
> +++ b/common/bootm.c
> @@ -34,7 +34,7 @@ int register_image_handler(struct image_handler *handler)
> }
>
> static struct image_handler *bootm_find_handler(enum filetype filetype,
> - struct image_data *data)
> + struct image_data *data, int enforce_os)
> {
> struct image_handler *handler;
>
> @@ -42,9 +42,16 @@ static struct image_handler *bootm_find_handler(enum filetype filetype,
> if (filetype != filetype_uimage &&
> handler->filetype == filetype)
> return handler;
> - if (filetype == filetype_uimage &&
> - handler->ih_os == data->os->header.ih_os)
> - return handler;
> + if (filetype == filetype_uimage) {
> + /*
> + * we can take the first one as open is the same
> + * not matter the OS
> + */
> + if (enforce_os && handler->ih_os == data->os->header.ih_os)
> + return handler;
> + else
> + return handler;
> + }
> }
>
> return NULL;
> @@ -441,38 +448,6 @@ int bootm_get_os_size(struct image_data *data)
> return -EINVAL;
> }
>
> -static int bootm_open_os_uimage(struct image_data *data)
> -{
> - int ret;
> -
> - data->os = uimage_open(data->os_file);
> - if (!data->os)
> - return -EINVAL;
> -
> - if (bootm_get_verify_mode() > BOOTM_VERIFY_NONE) {
> - ret = uimage_verify(data->os);
> - if (ret) {
> - printf("Checking data crc failed with %s\n",
> - strerror(-ret));
> - uimage_close(data->os);
> - return ret;
> - }
> - }
> -
> - uimage_print_contents(data->os);
> -
> - if (data->os->header.ih_arch != IH_ARCH) {
> - printf("Unsupported Architecture 0x%x\n",
> - data->os->header.ih_arch);
> - return -EINVAL;
> - }
> -
> - if (data->os_address == UIMAGE_SOME_ADDRESS)
> - data->os_address = data->os->header.ih_load;
> -
> - return 0;
> -}
> -
> static void bootm_print_info(struct image_data *data)
> {
> if (data->os_res)
> @@ -548,6 +523,14 @@ int bootm_boot(struct bootm_data *bootm_data)
> goto err_out;
> }
>
> + handler = bootm_find_handler(os_type, data, 0);
> + if (!handler) {
> + printf("no image handler found for image type %s\n",
> + file_type_to_string(os_type));
> + ret = -ENODEV;
> + goto err_out;
> + }
I get that the handler needs to be found here for the open callback, but
what's 'enforce_os' for?
We need a handler that can start the image later anyways, so that's the
use-case for this?
> +
> if (IS_ENABLED(CONFIG_BOOTM_FORCE_SIGNED_IMAGES)) {
> data->verify = BOOTM_VERIFY_SIGNATURE;
>
> @@ -565,25 +548,11 @@ int bootm_boot(struct bootm_data *bootm_data)
> }
> }
>
> - if (IS_ENABLED(CONFIG_FITIMAGE) && os_type == filetype_oftree) {
> - struct fit_handle *fit;
> -
> - fit = fit_open(data->os_file, data->os_part, data->verbose, data->verify);
> - if (IS_ERR(fit)) {
> - printf("Loading FIT image %s failed with: %s\n", data->os_file,
> - strerrorp(fit));
> - ret = PTR_ERR(fit);
> - goto err_out;
> - }
> -
> - data->os_fit = fit;
> - }
> -
> - if (os_type == filetype_uimage) {
> - ret = bootm_open_os_uimage(data);
> + if (handler->open) {
> + ret = handler->open(data);
> if (ret) {
> - printf("Loading OS image failed with: %s\n",
> - strerror(-ret));
> + printf("Loading OS image %s failed with: %s\n",
> + handler->name, strerror(-ret));
> goto err_out;
> }
> }
> @@ -610,7 +579,7 @@ int bootm_boot(struct bootm_data *bootm_data)
> if (data->os_address == UIMAGE_SOME_ADDRESS)
> data->os_address = UIMAGE_INVALID_ADDRESS;
>
> - handler = bootm_find_handler(os_type, data);
> + handler = bootm_find_handler(os_type, data, 1);
> if (!handler) {
> printf("no image handler found for image type %s\n",
> file_type_to_string(os_type));
> diff --git a/common/image-fit.c b/common/image-fit.c
> index 6a01c614c..5c014d66b 100644
> --- a/common/image-fit.c
> +++ b/common/image-fit.c
> @@ -583,6 +583,19 @@ struct fit_handle *fit_open(const char *filename, const char *config, bool verbo
> return ERR_PTR(ret);
> }
>
> +int fit_bootm_open(struct image_data *data)
> +{
> + struct fit_handle *fit;
> +
> + fit = fit_open(data->os_file, data->os_part, data->verbose, data->verify);
> + if (IS_ERR(fit))
> + return PTR_ERR(fit);
> +
> + data->os_fit = fit;
> +
> + return 0;
> +}
> +
> void fit_close(struct fit_handle *handle)
> {
> if (handle->root)
> @@ -604,6 +617,7 @@ static int do_bootm_sandbox_fit(struct image_data *data)
>
> static struct image_handler sandbox_fit_handler = {
> .name = "FIT image",
> + .open = fit_bootm_open,
> .bootm = do_bootm_sandbox_fit,
> .filetype = filetype_oftree,
> };
> diff --git a/common/misc.c b/common/misc.c
> index f0f0b808b..60acbd009 100644
> --- a/common/misc.c
> +++ b/common/misc.c
> @@ -101,6 +101,7 @@ const char *strerror(int errnum)
> case EISNAM : str = "Is a named type file"; break;
> case EREMOTEIO : str = "Remote I/O error"; break;
> #endif
> + case ESECVIOLATION : str = "Security Violation"; break;
ESECVIOLATION is introduced in the next patch, so this hunk should be in
that patch.
Regards,
Michael
> default:
> sprintf(errno_string, "error %d", errnum);
> return errno_string;
> diff --git a/common/uimage.c b/common/uimage.c
> index 28a25bba2..72c868882 100644
> --- a/common/uimage.c
> +++ b/common/uimage.c
> @@ -527,3 +527,35 @@ out:
>
> return buf;
> }
> +
> +int uimage_bootm_open(struct image_data *data)
> +{
> + int ret;
> +
> + data->os = uimage_open(data->os_file);
> + if (!data->os)
> + return -EINVAL;
> +
> + if (bootm_get_verify_mode() > BOOTM_VERIFY_NONE) {
> + ret = uimage_verify(data->os);
> + if (ret) {
> + printf("Checking data crc failed with %s\n",
> + strerror(-ret));
> + uimage_close(data->os);
> + return ret;
> + }
> + }
> +
> + uimage_print_contents(data->os);
> +
> + if (data->os->header.ih_arch != IH_ARCH) {
> + printf("Unsupported Architecture 0x%x\n",
> + data->os->header.ih_arch);
> + return -EINVAL;
> + }
> +
> + if (data->os_address == UIMAGE_SOME_ADDRESS)
> + data->os_address = data->os->header.ih_load;
> +
> + return 0;
> +}
> diff --git a/include/bootm.h b/include/bootm.h
> index 6e9777a9a..1c7a145c6 100644
> --- a/include/bootm.h
> +++ b/include/bootm.h
> @@ -92,6 +92,7 @@ struct image_handler {
>
> enum filetype filetype;
> int (*bootm)(struct image_data *data);
> + int (*open)(struct image_data *data);
> };
>
> int register_image_handler(struct image_handler *handle);
> diff --git a/include/image-fit.h b/include/image-fit.h
> index c49f95826..e817ebfae 100644
> --- a/include/image-fit.h
> +++ b/include/image-fit.h
> @@ -38,6 +38,7 @@ struct fit_handle {
> unsigned long initrd_size;
> };
>
> +int fit_bootm_open(struct image_data *data);
> struct fit_handle *fit_open(const char *filename, const char *config, bool verbose,
> enum bootm_verify verify);
> void fit_close(struct fit_handle *handle);
> diff --git a/include/image.h b/include/image.h
> index 3e75d49b8..9ed265658 100644
> --- a/include/image.h
> +++ b/include/image.h
> @@ -229,6 +229,8 @@ struct uimage_handle_data {
> ulong len;
> };
>
> +struct image_data;
> +int uimage_bootm_open(struct image_data *data);
> struct uimage_handle *uimage_open(const char *filename);
> void uimage_close(struct uimage_handle *handle);
> int uimage_verify(struct uimage_handle *handle);
> --
> 2.11.0
>
>
> _______________________________________________
> barebox mailing list
> barebox@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/barebox
>
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
prev parent reply other threads:[~2017-03-26 7:58 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-25 8:31 [PATCH 00/13] add efi secure boot support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 01/13] bootm: move open to image_handler Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 02/13] boot_verify: use a new error ESECVIOLATION Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 7:59 ` Michael Olbrich
2017-03-26 2:44 ` [PATCH 03/13] bootm: make security generic Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 04/13] boot: invert the secure boot forcing support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 05/13] move boot verify to generic code Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 06/13] boot_verify: make it modifiable at start time Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:16 ` Michael Olbrich
2017-03-26 2:44 ` [PATCH 07/13] go: only use it if boot signature is not required Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:23 ` Michael Olbrich
2017-03-27 11:50 ` Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:44 ` [PATCH 08/13] boot_verify: allow to force unsigned image to boot Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:25 ` Michael Olbrich
2017-03-26 2:45 ` [PATCH 09/13] boot_verify: add password request support Jean-Christophe PLAGNIOL-VILLARD
2017-03-27 6:11 ` Sascha Hauer
2017-03-26 2:45 ` [PATCH 10/13] efi: add more security related guid for the efivars Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:45 ` [PATCH 11/13] efi: fix lds for secure boot support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 8:30 ` Michael Olbrich
2017-03-26 2:45 ` [PATCH 12/13] efi: fix secure and setup mode report Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 2:45 ` [PATCH 13/13] efi: enable sercure boot support Jean-Christophe PLAGNIOL-VILLARD
2017-03-26 7:57 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170326075751.i2b7jpo2nscpqvew@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox