| Message ID | 1460044642-7096-1-git-send-email-chunkeey@googlemail.com |
|---|---|
| State | Superseded, archived |
| Headers | show |
On 04/07/2016 05:57 PM, Christian Lamparter wrote: > Implement a crude but functioning sysupgrade image check for Raspberry Pi. > The code only checks if the master boot record boot signature (0x55aa) is > present in the first 512-bytes at the correct location. This can prevent > the odd, accidental bricking of a system when flashing the wrong file. > > The platform check supports both gzipped and raw images. > > Signed-off-by: Christian Lamparter <chunkeey@googlemail.com> > --- > .../linux/brcm2708/base-files/lib/upgrade/platform.sh | 17 ++++++++++++++++- > 1 file changed, 16 insertions(+), 1 deletion(-) > > diff --git a/target/linux/brcm2708/base-files/lib/upgrade/platform.sh b/target/linux/brcm2708/base-files/lib/upgrade/platform.sh > index 1d4b694..88c30cc 100644 > --- a/target/linux/brcm2708/base-files/lib/upgrade/platform.sh > +++ b/target/linux/brcm2708/base-files/lib/upgrade/platform.sh > @@ -1,5 +1,20 @@ > +get_magic_at() { > + local file=$1 > + local pos=$2 > + ( gunzip -c $file 2>/dev/null || cat $file 2>/dev/null ) | dd bs=1 count=2 skip=$pos 2>/dev/null | hexdump -v -n 2 -e '1/1 "%02x"' Instead of calling gunzip yourself, you should just use get_image (defined in package/base-files/files/lib/upgrade/common.sh ) as it is done on other targets, it will transparently deal with compressed and even remote files. Regards, Matthias > +} > + > platform_check_image() { > - # i know no way to verify the image > + local file=$1 > + local magic > + > + magic=$(get_magic_at $file 510) > + > + [ "$magic" != "55aa" ] && { > + echo "Failed to verify MBR boot signature." > + return 1 > + } > + > return 0; > } > >
diff --git a/target/linux/brcm2708/base-files/lib/upgrade/platform.sh b/target/linux/brcm2708/base-files/lib/upgrade/platform.sh index 1d4b694..88c30cc 100644 --- a/target/linux/brcm2708/base-files/lib/upgrade/platform.sh +++ b/target/linux/brcm2708/base-files/lib/upgrade/platform.sh @@ -1,5 +1,20 @@ +get_magic_at() { + local file=$1 + local pos=$2 + ( gunzip -c $file 2>/dev/null || cat $file 2>/dev/null ) | dd bs=1 count=2 skip=$pos 2>/dev/null | hexdump -v -n 2 -e '1/1 "%02x"' +} + platform_check_image() { - # i know no way to verify the image + local file=$1 + local magic + + magic=$(get_magic_at $file 510) + + [ "$magic" != "55aa" ] && { + echo "Failed to verify MBR boot signature." + return 1 + } + return 0; }
Implement a crude but functioning sysupgrade image check for Raspberry Pi. The code only checks if the master boot record boot signature (0x55aa) is present in the first 512-bytes at the correct location. This can prevent the odd, accidental bricking of a system when flashing the wrong file. The platform check supports both gzipped and raw images. Signed-off-by: Christian Lamparter <chunkeey@googlemail.com> --- .../linux/brcm2708/base-files/lib/upgrade/platform.sh | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-)