[OpenWrt-Devel,2/2] brcm47xx: extend firmware validation
diff mbox series

Message ID 20190823061524.28883-2-zajec5@gmail.com
State Changes Requested
Delegated to: Rafał Miłecki
Headers show
Series
  • [OpenWrt-Devel,1/2] base-files: use JSON for storing firmware validation info
Related show

Commit Message

Rafał Miłecki Aug. 23, 2019, 6:15 a.m. UTC
From: Rafał Miłecki <rafal@milecki.pl>

This provides TRX validation result, so final JSON may look like:
{
        "tests": {
                "fwtool_signature": true,
                "fwtool_device_match": true,
                "trx_valid": true
        },
        "valid": true,
        "forceable": true
}

It also prevents users from installing broken firmware files, e.g.:

$ sysupgrade -F /tmp/dhcp.leases
Image metadata not found
Invalid image type. Please use firmware specific for this device.
Image check failed. This firmware can't be installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
---
 .../brcm47xx/base-files/lib/upgrade/platform.sh      | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

Comments

Rafał Miłecki Aug. 30, 2019, 6:35 a.m. UTC | #1
On Fri, 23 Aug 2019 at 08:15, Rafał Miłecki <zajec5@gmail.com> wrote:
> This provides TRX validation result, so final JSON may look like:
> {
>         "tests": {
>                 "fwtool_signature": true,
>                 "fwtool_device_match": true,
>                 "trx_valid": true
>         },
>         "valid": true,
>         "forceable": true
> }
>
> It also prevents users from installing broken firmware files, e.g.:
>
> $ sysupgrade -F /tmp/dhcp.leases
> Image metadata not found
> Invalid image type. Please use firmware specific for this device.
> Image check failed. This firmware can't be installed.

I postponed this patch for now as commit message wasn't accurate
anymore. I decided to drop "forceable" check from /sbin/sysupgrade.

Patch
diff mbox series

diff --git a/target/linux/brcm47xx/base-files/lib/upgrade/platform.sh b/target/linux/brcm47xx/base-files/lib/upgrade/platform.sh
index dfd4e97ed2..cc3fabb7f4 100644
--- a/target/linux/brcm47xx/base-files/lib/upgrade/platform.sh
+++ b/target/linux/brcm47xx/base-files/lib/upgrade/platform.sh
@@ -98,7 +98,10 @@  platform_check_image() {
 
 			if ! otrx check "$1" -o "$header_len"; then
 				echo "No valid TRX firmware in the CHK image"
+				notify_check_test_result "trx_valid" 0
 				error=1
+			else
+				notify_check_test_result "trx_valid" 1
 			fi
 		;;
 		"cybertan")
@@ -113,17 +116,24 @@  platform_check_image() {
 
 			if ! otrx check "$1" -o 32; then
 				echo "No valid TRX firmware in the CyberTAN image"
+				notify_check_test_result "trx_valid" 0
 				error=1
+			else
+				notify_check_test_result "trx_valid" 1
 			fi
 		;;
 		"trx")
 			if ! otrx check "$1"; then
 				echo "Invalid (corrupted?) TRX firmware"
+				notify_check_test_result "trx_valid" 0
 				error=1
+			else
+				notify_check_test_result "trx_valid" 1
 			fi
 		;;
 		*)
-			echo "Invalid image type. Please use only .trx files"
+			echo "Invalid image type. Please use firmware specific for this device."
+			notify_check_broken
 			error=1
 		;;
 	esac