[U-Boot,2/2] Implementation of a bootloader area protection during auto-update (new CONFIG_SYSTEM_START_ADDR necessary)
diff mbox

Message ID 1301671320-16131-2-git-send-email-christoph.koenig@ikt.uni-hannover.de
State Changes Requested
Headers show

Commit Message

Christoph Koenig April 1, 2011, 3:22 p.m. 
---
 common/update.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

Comments

Wolfgang Denk April 1, 2011, 5:51 p.m. | #1 
Dear Christoph Koenig,

In message <1301671320-16131-2-git-send-email-christoph.koenig@ikt.uni-hannover.de> you wrote:
> ---

Subjecxt too long.

Commit message missing.

No explanation given what the code is supposed to do.

SoB line missing.

> +#ifdef CONFIG_SYSTEM_START_ADDR
> +	if (addr_first < CONFIG_SYSTEM_START_ADDR) {
> +		printf("Error: auto-update does not allow to write a new bootloader\n");
> +		return 1;
> +	}
> +#endif

Explanation and documentation for new CONFIG_ option (in README)
missing.

I think this approach is too simplistic.  Some boards have the boot
loader at the beginning of the OR flash, some at the end, others right
in the middle.  Still others boot from NAND flash or SDCard.

Best regards,

Wolfgang Denk

Patch
diff mbox 

diff --git a/common/update.c b/common/update.c
index fe2139a..8b858bd 100644
--- a/common/update.c
+++ b/common/update.c
@@ -195,6 +195,13 @@  static int update_flash(ulong addr_source, ulong addr_first, ulong size)
 		return 1;
 	}
 
+#ifdef CONFIG_SYSTEM_START_ADDR
+	if (addr_first < CONFIG_SYSTEM_START_ADDR) {
+		printf("Error: auto-update does not allow to write a new bootloader\n");
+		return 1;
+	}
+#endif
+
 	/* remove protection on processed sectors */
 	if (update_flash_protect(0, addr_first, addr_last) > 0) {
 		printf("Error: could not unprotect flash sectors\n");