diff options
author | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2018-05-17 16:08:06 +1000 |
---|---|---|
committer | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2019-01-08 12:27:51 +1100 |
commit | 017aada974ef9c322cad412a9832fa1df265267b (patch) | |
tree | b316be7a85a97ca6bbe821f015d2e3e6393b3e24 | |
parent | 93d41f97eedca3684922f4c3cae82d4c74b04210 (diff) | |
download | talos-petitboot-017aada974ef9c322cad412a9832fa1df265267b.tar.gz talos-petitboot-017aada974ef9c322cad412a9832fa1df265267b.zip |
lib/flash: Check if the partition is signed
In more recent firmware images built by op-build the VERSION partition
is signed, and includes a 'secure header'. Check for this and skip it if
found so we parse the version strings properly.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
(cherry picked from commit 6a9c33fe705a479325b47e518f0eedab3239a6b4)
-rw-r--r-- | lib/flash/flash.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/flash/flash.c b/lib/flash/flash.c index 464b876..707e800 100644 --- a/lib/flash/flash.c +++ b/lib/flash/flash.c @@ -31,6 +31,8 @@ #include <libflash/file.h> #include <libflash/ecc.h> +#define SECURE_BOOT_HEADERS_SIZE 4096 +#define ROM_MAGIC_NUMBER 0x17082011 struct flash_info { /* Device information */ @@ -148,6 +150,16 @@ out: return NULL; } +/* See stb_is_container() in Skiboot */ +static bool is_signed(char *buffer, uint32_t len) +{ + if (!buffer || len <= SECURE_BOOT_HEADERS_SIZE) + return false; + if (be32_to_cpu(*(uint32_t *)buffer) != ROM_MAGIC_NUMBER) + return false; + return true; +} + int flash_parse_version(void *ctx, char ***versions, bool current) { char *saveptr, *tok, **tmp, *buffer; @@ -182,6 +194,10 @@ int flash_parse_version(void *ctx, char ***versions, bool current) goto out; } + /* Check if this partition is signed */ + if (is_signed(buffer, len)) + buffer += SECURE_BOOT_HEADERS_SIZE; + /* open-power-platform */ tok = strtok_r(buffer, delim, &saveptr); if (tok) { |