mail archive of the barebox mailing list
 help / color / mirror / Atom feed
* [PATCH 1/3] bootstrap_read_devfs(): optionally inform the caller of the buffer size
@ 2020-11-05 11:56 Sascha Hauer
  2020-11-05 11:56 ` [PATCH 2/3] bootstrap_read_disk(): " Sascha Hauer
  2020-11-05 11:56 ` [PATCH 3/3] ARM: socfpga: xload: evaluate integrity of second stage barebox images Sascha Hauer
  0 siblings, 2 replies; 3+ messages in thread
From: Sascha Hauer @ 2020-11-05 11:56 UTC (permalink / raw)
  To: Barebox List

From: Ulrich Ölmann <u.oelmann@pengutronix.de>

The size of the buffer allocated in the function is needed if it shall be
inspected more closely later. Therefore optionally return it via a new pointer
argument.

Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
---
 arch/arm/boards/tny-a926x/tny_a9263_bootstrap.c |  2 +-
 arch/arm/boards/usb-a926x/usb_a9263_bootstrap.c |  2 +-
 arch/arm/mach-at91/bootstrap.c                  |  2 +-
 arch/arm/mach-socfpga/xload.c                   |  2 +-
 include/bootstrap.h                             |  8 ++++----
 lib/bootstrap/devfs.c                           | 11 +++++++----
 6 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/arch/arm/boards/tny-a926x/tny_a9263_bootstrap.c b/arch/arm/boards/tny-a926x/tny_a9263_bootstrap.c
index 368c67744f..f26f1eaecb 100644
--- a/arch/arm/boards/tny-a926x/tny_a9263_bootstrap.c
+++ b/arch/arm/boards/tny-a926x/tny_a9263_bootstrap.c
@@ -11,6 +11,6 @@
 #ifdef CONFIG_MTD_DATAFLASH
 void * bootstrap_board_read_dataflash(void)
 {
-	return bootstrap_read_devfs("dataflash0", false, 0xffc0, 204864, 204864);
+	return bootstrap_read_devfs("dataflash0", false, 0xffc0, 204864, 204864, NULL);
 }
 #endif
diff --git a/arch/arm/boards/usb-a926x/usb_a9263_bootstrap.c b/arch/arm/boards/usb-a926x/usb_a9263_bootstrap.c
index 368c67744f..f26f1eaecb 100644
--- a/arch/arm/boards/usb-a926x/usb_a9263_bootstrap.c
+++ b/arch/arm/boards/usb-a926x/usb_a9263_bootstrap.c
@@ -11,6 +11,6 @@
 #ifdef CONFIG_MTD_DATAFLASH
 void * bootstrap_board_read_dataflash(void)
 {
-	return bootstrap_read_devfs("dataflash0", false, 0xffc0, 204864, 204864);
+	return bootstrap_read_devfs("dataflash0", false, 0xffc0, 204864, 204864, NULL);
 }
 #endif
diff --git a/arch/arm/mach-at91/bootstrap.c b/arch/arm/mach-at91/bootstrap.c
index 5d21b2d021..90b7b33fc9 100644
--- a/arch/arm/mach-at91/bootstrap.c
+++ b/arch/arm/mach-at91/bootstrap.c
@@ -78,7 +78,7 @@ static void at91bootstrap_boot_nand(bool is_barebox)
 	kernel_entry_func func = NULL;
 
 	printf("Boot %s from nand\n", name);
-	func = bootstrap_read_devfs("nand0", true, SZ_128K, SZ_256K, SZ_1M);
+	func = bootstrap_read_devfs("nand0", true, SZ_128K, SZ_256K, SZ_1M, NULL);
 	bootstrap_boot(func, is_barebox);
 	bootstrap_err("... failed\n");
 	free(func);
diff --git a/arch/arm/mach-socfpga/xload.c b/arch/arm/mach-socfpga/xload.c
index ee7d194427..8be2827e62 100644
--- a/arch/arm/mach-socfpga/xload.c
+++ b/arch/arm/mach-socfpga/xload.c
@@ -53,7 +53,7 @@ static __noreturn int socfpga_xload(void)
 		socfpga_cyclone5_qspi_init();
 		for (part = barebox_parts; part->nor_size; part++) {
 			buf = bootstrap_read_devfs("mtd0", false,
-					part->nor_offset, part->nor_size, SZ_1M);
+					part->nor_offset, part->nor_size, SZ_1M, NULL);
 			if (!buf) {
 				pr_info("failed to load barebox from QSPI NOR flash at offset %#x\n",
 					part->nor_offset);
diff --git a/include/bootstrap.h b/include/bootstrap.h
index 05734a920c..8b3bb34a03 100644
--- a/include/bootstrap.h
+++ b/include/bootstrap.h
@@ -14,11 +14,11 @@ typedef void (*kernel_entry_func)(int zero, int arch, void *params);
 void bootstrap_boot(kernel_entry_func func, bool barebox);
 
 #ifdef CONFIG_BOOTSTRAP_DEVFS
-void* bootstrap_read_devfs(const char *devname, bool use_bb, int offset,
-			   int default_size, int max_size);
+void* bootstrap_read_devfs(char *devname, bool use_bb, int offset,
+			   int default_size, int max_size, size_t *bufsize);
 #else
-static inline void* bootstrap_read_devfs(const char *devname, bool use_bb, int offset,
-			   int default_size, int max_size)
+static inline void* bootstrap_read_devfs(char *devname, bool use_bb, int offset,
+			   int default_size, int max_size, size_t *bufsize)
 {
 	return NULL;
 }
diff --git a/lib/bootstrap/devfs.c b/lib/bootstrap/devfs.c
index 6a3dd76cdd..6d28b1cb4d 100644
--- a/lib/bootstrap/devfs.c
+++ b/lib/bootstrap/devfs.c
@@ -80,8 +80,8 @@ static unsigned int get_image_size(void *head)
 }
 #endif
 
-void* bootstrap_read_devfs(const char *devname, bool use_bb, int offset,
-			   int default_size, int max_size)
+void* bootstrap_read_devfs(char *devname, bool use_bb, int offset,
+			   int default_size, int max_size, size_t *bufsize)
 {
 	int ret;
 	int size = 0;
@@ -133,10 +133,13 @@ void* bootstrap_read_devfs(const char *devname, bool use_bb, int offset,
 	ret = cdev_read(cdev, to, size, 0, 0);
 	cdev_close(cdev);
 
-	if (ret != size)
+	if (ret != size) {
 		bootstrap_err("%s: failed to read from %s\n", devname, partname);
-	else
+	} else {
 		result = to;
+		if (bufsize)
+			*bufsize = size;
+	}
 
 free_memory:
 	free(header);
-- 
2.20.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH 2/3] bootstrap_read_disk(): optionally inform the caller of the buffer size
  2020-11-05 11:56 [PATCH 1/3] bootstrap_read_devfs(): optionally inform the caller of the buffer size Sascha Hauer
@ 2020-11-05 11:56 ` Sascha Hauer
  2020-11-05 11:56 ` [PATCH 3/3] ARM: socfpga: xload: evaluate integrity of second stage barebox images Sascha Hauer
  1 sibling, 0 replies; 3+ messages in thread
From: Sascha Hauer @ 2020-11-05 11:56 UTC (permalink / raw)
  To: Barebox List

From: Ulrich Ölmann <u.oelmann@pengutronix.de>

The size of the buffer allocated in the function is needed if it shall be
inspected more closely later. Therefore optionally return it via a new pointer
argument.

Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
---
 arch/arm/mach-at91/bootstrap.c | 2 +-
 arch/arm/mach-socfpga/xload.c  | 2 +-
 include/bootstrap.h            | 4 ++--
 lib/bootstrap/disk.c           | 5 ++++-
 4 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/arch/arm/mach-at91/bootstrap.c b/arch/arm/mach-at91/bootstrap.c
index 90b7b33fc9..0b1567cd23 100644
--- a/arch/arm/mach-at91/bootstrap.c
+++ b/arch/arm/mach-at91/bootstrap.c
@@ -89,7 +89,7 @@ static void at91bootstrap_boot_mmc(void)
 	kernel_entry_func func = NULL;
 
 	printf("Boot from mmc\n");
-	func = bootstrap_read_disk("disk0.0", NULL);
+	func = bootstrap_read_disk("disk0.0", NULL, NULL);
 	bootstrap_boot(func, false);
 	bootstrap_err("... failed\n");
 	free(func);
diff --git a/arch/arm/mach-socfpga/xload.c b/arch/arm/mach-socfpga/xload.c
index 8be2827e62..1131cfee41 100644
--- a/arch/arm/mach-socfpga/xload.c
+++ b/arch/arm/mach-socfpga/xload.c
@@ -37,7 +37,7 @@ static __noreturn int socfpga_xload(void)
 		socfpga_cyclone5_mmc_init();
 
 		for (part = barebox_parts; part->mmc_disk; part++) {
-			buf = bootstrap_read_disk(barebox_parts->mmc_disk, "fat");
+			buf = bootstrap_read_disk(barebox_parts->mmc_disk, "fat", NULL);
 			if (!buf) {
 				pr_info("failed to load barebox from MMC %s\n",
 					part->mmc_disk);
diff --git a/include/bootstrap.h b/include/bootstrap.h
index 8b3bb34a03..3e006d3cc9 100644
--- a/include/bootstrap.h
+++ b/include/bootstrap.h
@@ -25,9 +25,9 @@ static inline void* bootstrap_read_devfs(char *devname, bool use_bb, int offset,
 #endif
 
 #ifdef CONFIG_BOOTSTRAP_DISK
-void* bootstrap_read_disk(const char *devname, const char *fstype);
+void* bootstrap_read_disk(const char *devname, char *fstype, size_t *bufsize);
 #else
-static inline void* bootstrap_read_disk(const char *devname, const char *fstype)
+static inline void* bootstrap_read_disk(const char *devname, char *fstype, size_t *bufsize)
 {
 	return NULL;
 }
diff --git a/lib/bootstrap/disk.c b/lib/bootstrap/disk.c
index fd016166e6..ed8b1aa407 100644
--- a/lib/bootstrap/disk.c
+++ b/lib/bootstrap/disk.c
@@ -14,7 +14,7 @@
 #include <libfile.h>
 #include <bootstrap.h>
 
-void* bootstrap_read_disk(const char *dev, const char *fstype)
+void* bootstrap_read_disk(const char *dev, char *fstype, size_t *bufsize)
 {
 	int ret;
 	void *buf;
@@ -34,5 +34,8 @@ void* bootstrap_read_disk(const char *dev, const char *fstype)
 		return NULL;
 	}
 
+	if (bufsize)
+		*bufsize = len;
+
 	return buf;
 }
-- 
2.20.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH 3/3] ARM: socfpga: xload: evaluate integrity of second stage barebox images
  2020-11-05 11:56 [PATCH 1/3] bootstrap_read_devfs(): optionally inform the caller of the buffer size Sascha Hauer
  2020-11-05 11:56 ` [PATCH 2/3] bootstrap_read_disk(): " Sascha Hauer
@ 2020-11-05 11:56 ` Sascha Hauer
  1 sibling, 0 replies; 3+ messages in thread
From: Sascha Hauer @ 2020-11-05 11:56 UTC (permalink / raw)
  To: Barebox List

From: Ulrich Ölmann <u.oelmann@pengutronix.de>

Do not hand over control to a second stage barebox if its embedded CRC checksum
is invalid.

Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
---
 arch/arm/mach-socfpga/xload.c | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/arch/arm/mach-socfpga/xload.c b/arch/arm/mach-socfpga/xload.c
index 1131cfee41..5c611ac6e1 100644
--- a/arch/arm/mach-socfpga/xload.c
+++ b/arch/arm/mach-socfpga/xload.c
@@ -8,6 +8,8 @@
 #include <fs.h>
 #include <io.h>
 
+#include <image-metadata.h>
+
 #include <linux/clkdev.h>
 #include <linux/stat.h>
 #include <linux/clk.h>
@@ -31,13 +33,14 @@ static __noreturn int socfpga_xload(void)
 	enum bootsource bootsource = bootsource_get();
 	const struct socfpga_barebox_part *part;
 	void *buf = NULL;
+	size_t bufsize;
 
 	switch (bootsource) {
 	case BOOTSOURCE_MMC:
 		socfpga_cyclone5_mmc_init();
 
 		for (part = barebox_parts; part->mmc_disk; part++) {
-			buf = bootstrap_read_disk(barebox_parts->mmc_disk, "fat", NULL);
+			buf = bootstrap_read_disk(barebox_parts->mmc_disk, "fat", &bufsize);
 			if (!buf) {
 				pr_info("failed to load barebox from MMC %s\n",
 					part->mmc_disk);
@@ -48,17 +51,35 @@ static __noreturn int socfpga_xload(void)
 			pr_err("failed to load barebox.bin from MMC\n");
 			hang();
 		}
+
+		if (IS_ENABLED(CONFIG_IMD))
+			if (imd_verify_crc32(buf, bufsize) == -EILSEQ) {
+				pr_err("failed to verify barebox.bin loaded from eMMC\n");
+				hang();
+			}
+
 		break;
 	case BOOTSOURCE_SPI:
 		socfpga_cyclone5_qspi_init();
 		for (part = barebox_parts; part->nor_size; part++) {
 			buf = bootstrap_read_devfs("mtd0", false,
-					part->nor_offset, part->nor_size, SZ_1M, NULL);
+					part->nor_offset, part->nor_size, SZ_1M, &bufsize);
 			if (!buf) {
 				pr_info("failed to load barebox from QSPI NOR flash at offset %#x\n",
 					part->nor_offset);
 				continue;
 			}
+
+			if (IS_ENABLED(CONFIG_IMD))
+				if (imd_verify_crc32(buf, bufsize) == -EILSEQ) {
+					pr_err("failed to verify barebox loaded from "
+					       "QSPI NOR flash at offset %#x\n",
+					       part->nor_offset);
+					free(buf);
+					buf = NULL;
+					continue;
+				}
+
 			break;
 		}
 
-- 
2.20.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-11-05 11:56 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-05 11:56 [PATCH 1/3] bootstrap_read_devfs(): optionally inform the caller of the buffer size Sascha Hauer
2020-11-05 11:56 ` [PATCH 2/3] bootstrap_read_disk(): " Sascha Hauer
2020-11-05 11:56 ` [PATCH 3/3] ARM: socfpga: xload: evaluate integrity of second stage barebox images Sascha Hauer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox