From patchwork Tue Feb 7 14:24:20 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Pascal Levesque X-Patchwork-Id: 139939 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from theia.denx.de (theia.denx.de [85.214.87.163]) by ozlabs.org (Postfix) with ESMTP id 262B0B7205 for ; Wed, 8 Feb 2012 01:24:39 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id C04C328102; Tue, 7 Feb 2012 15:24:36 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mqft8-VFgxA7; Tue, 7 Feb 2012 15:24:36 +0100 (CET) Received: from theia.denx.de (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id B66F1280FD; Tue, 7 Feb 2012 15:24:35 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by theia.denx.de (Postfix) with ESMTP id 61142280FD for ; Tue, 7 Feb 2012 15:24:33 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at theia.denx.de Received: from theia.denx.de ([127.0.0.1]) by localhost (theia.denx.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LhGdk0cqCz73 for ; Tue, 7 Feb 2012 15:24:32 +0100 (CET) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 (only DNSBL check requested) Received: from snt0-omc3-s22.snt0.hotmail.com (snt0-omc3-s22.snt0.hotmail.com [65.55.90.161]) by theia.denx.de (Postfix) with ESMTP id 79BE6280FB for ; Tue, 7 Feb 2012 15:24:31 +0100 (CET) Received: from SNT129-DS20 ([65.55.90.137]) by snt0-omc3-s22.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 7 Feb 2012 06:24:26 -0800 X-Originating-IP: [174.93.133.145] X-Originating-Email: [pascl@live.ca] Message-ID: From: "Pascal Levesque" To: "Marek Vasut" References: <201202061734.52127.marek.vasut@gmail.com> <201202061941.20781.marek.vasut@gmail.com> In-Reply-To: <201202061941.20781.marek.vasut@gmail.com> Date: Tue, 7 Feb 2012 09:24:20 -0500 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal Importance: Normal X-Mailer: Microsoft Windows Live Mail 15.4.3538.513 X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3538.513 X-OriginalArrivalTime: 07 Feb 2012 14:24:26.0525 (UTC) FILETIME=[321FE4D0:01CCE5A4] Cc: u-boot@lists.denx.de Subject: Re: [U-Boot] Integity validation (checksum) of a squashfs root file system X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.11 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: u-boot-bounces@lists.denx.de Errors-To: u-boot-bounces@lists.denx.de Hi M, this is very similar to my actual solution with iminfo (see below). In fact, the main question is: Is it generic enough to be integrated in u-boot development tree? Is it better to modify sha1sum instead? Or finally, a more generic approach is to offer a command to set an environment variable from memory content like: md [.b, .w, .l] address [# of objects] [environment variable name] So, when a variable name is specified, "md" sets env. variable with the memory content. Regards, Pascal + puts("OK\n"); return 0; #if defined(CONFIG_FIT) -----Original Message----- From: Marek Vasut Sent: Monday, February 06, 2012 1:41 PM To: Pascal Levesque Cc: u-boot@lists.denx.de Subject: Re: [U-Boot] Integity validation (checksum) of a squashfs root file system > Hi M, > > sha1sum does provide a console output but nothing that could be used for > an > automated check like crc32 -v... Make it export an env. variable? M > > Pascal > > -----Original Message----- > From: Marek Vasut > Sent: Monday, February 06, 2012 11:34 AM > To: u-boot@lists.denx.de > Cc: Pascal Levesque > Subject: Re: [U-Boot] Integity validation (checksum) of a squashfs root > file system > > > Hi, > > > > I would like to validate the integrity (checksum) of a squashfs root > > file > > system before starting Linux. > > > > Current strategy I am using is: > > - Wrap squashfs rootfs inside a u-boot image > > - TFTP download on the target > > - Download validation using iminfo > > - Save squashfs rootfs in flash without the image header (Linux failed > > to > > load squashfs rootfs if u-boot image is present) > > > > Problems: > > - I need to hardcode squashfs rootfs offset in u-boot image in order to > > be able to flash it - U-Boot image header information (size, crc, ...) > > is lost after a reboot. It is not possible to check the integrity of the > > flash content. > > > > I would like to save some fields of u-boot image header (size, crc, ...) > > in u-boot environment variables. And then do an integrity check at boot > > time. > > > > I have not find a way to extract those fields and save them without > > changing u-boot code. I have added some code to “iminfo” command to set > > environment variables for CRC, size, payload offset, timestamp. > > > > Is it an acceptable way of doing it? > > Is there a better way of doing it? > > > > Thanks in advance, > > > > Pascal > > Use sha1sum integrated into uboot and stick it at the end? > > M --- a/common/cmd_bootm.c +++ b/common/cmd_bootm.c @@ -1097,6 +1097,7 @@ static int image_info(ulong addr) { void *hdr = (void *)addr; + char str[80]; printf("\n## Checking Image at %08lx ...\n", addr); @@ -1120,6 +1121,16 @@ puts(" Bad Data CRC\n"); return 1; } + + sprintf(str, "%lx", image_get_data_size(hdr)); /* write data size into string */ + setenv("image_data_size", str); + sprintf(str, "%lx", image_get_dcrc(hdr)); /* write data crc into string */ + setenv("image_data_crc", str); + sprintf(str, "%lx", image_get_data(hdr)); /* write data start address into string */ + setenv("image_data_addr"); + sprintf(str, "%lx", image_get_time(hdr)); /* write image timestamp into string */ + setenv("image_timestamp", str);