From patchwork Fri Feb 3 22:03:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sander Vanheule X-Patchwork-Id: 1737320 X-Patchwork-Delegate: sander@svanheule.net Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=leOyqBVF; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=svanheule.net header.i=@svanheule.net header.a=rsa-sha256 header.s=mail1707 header.b=39X1RUa7; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4P7qbJ3lnjz23hh for ; Sat, 4 Feb 2023 09:10:20 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DxfZzxNoNQTqdbAy2jkccO3A1h/xra48qxRAvT2/1HI=; b=leOyqBVFLIeV0a gSyNFNAnqvbEbxvw9G1jW1i/L+WyfVmh+ci86PZisHHrSfn+j5tpNAK6sTTFY7KVZ5liCh/YMedjK 032lbnXPTtRqJbIxln46U94/BA0MOOuj1LahFS43NHxfvxx/X60fXQNQP3Oer4FXml4qZoroObWol 1E4wKJfyh3QNBEUK52/oSA698LYshnxstONQWKi3lTUn6bZglRKsJnu4BRBEXDElXx99dsdwwjqhD 0jExvkh13/rOhdFap89pckZ7LIJpWsAuygQWX6rR1NmbAE0dy8rhh3IvqPELAd4n59lZn4SIPj79I sZmou+nzSiAXrsqlF3bw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pO4Dq-003kn7-CM; Fri, 03 Feb 2023 22:07:59 +0000 Received: from polaris.svanheule.net ([84.16.241.116]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pO4AE-003jEC-OI for openwrt-devel@lists.openwrt.org; Fri, 03 Feb 2023 22:04:13 +0000 Received: from terra.lan (cust-41-49-110-94.dyn.as47377.net [94.110.49.41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: sander@svanheule.net) by polaris.svanheule.net (Postfix) with ESMTPSA id 2BBD13775E1; Fri, 3 Feb 2023 23:04:00 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=svanheule.net; s=mail1707; t=1675461840; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=gZ/L2DeksLYWMKt8Ssz1iCyXJLhnpNCKSzesIYQoytg=; b=39X1RUa7GojC3LyocXtsFBKo8XRvafzPPE32luueqVBqAp2Cmp6Rqec5l9ulftMyeX5I1u 6xhn5G5oAryBy86tqBhuoyLbxbXurRJed1GGHQw9HLR8Cmn6DFuu82wnWpPo5QmN4wUOCv BeEVzVqV9VqP1uhv1PsqXtb/BxsD1Y907Ekyyeql2RzdWw3zGKTAEtHd144WzU8l/jPgL0 xMNWL+JpiI84J7rE8Ce2wzYwtBcWpffN9Ar/6OOduO2yqPLfi91XgzVWtvxD8fI+s4rILu SrAlWB1v/D0VCqaNLYFfNTQ073rDO0RSQq0o4BIBmSKHD6dB9bPo5IsfBi39ZQ== From: Sander Vanheule To: openwrt-devel@lists.openwrt.org Cc: Sander Vanheule , =?utf-8?q?Andreas_B=C3=B6hler?= Subject: [PATCH firmware-utils v1 10/10] tplink-safeloader: add Cloud image detection Date: Fri, 3 Feb 2023 23:03:24 +0100 Message-Id: <4c2f468ebdf0e55f6c4430344c5b390e5d373716.1675461748.git.sander@svanheule.net> X-Mailer: git-send-email 2.39.0 In-Reply-To: References: MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230203_140411_675628_F3A0EF54 X-CRM114-Status: UNSURE ( 9.64 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The vendor info in the safeloader header for some images (e.g. Archer C60 v3) starts with "fw-type:Cloud" instead of a big endian data length. Only detection is implemented at this moment, as the full header format is not yet understood. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org The vendor info in the safeloader header for some images (e.g. Archer C60 v3) starts with "fw-type:Cloud" instead of a big endian data length. Only detection is implemented at this moment, as the full header format is not yet understood. Signed-off-by: Sander Vanheule --- src/tplink-safeloader.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/tplink-safeloader.c b/src/tplink-safeloader.c index 71dfe7910dbb..f39e7fe15f2a 100644 --- a/src/tplink-safeloader.c +++ b/src/tplink-safeloader.c @@ -143,6 +143,11 @@ struct __attribute__((__packed__)) soft_version { * UINT32 size, followed by that number of bytes containing (text) data. * Padded with 0xFF. Payload starts at offset 0x1014. * + * SAFELOADER_TYPE_CLOUD + * Standard preamble with size including preamble length, and checksum. + * Followed by the 'fw-type:Cloud' string and some (unknown) data. + * Payload starts at offset 0x1014. + * * SAFELOADER_TYPE_QNEW * Reversed order preamble, with (apparent) md5 checksum before the image * size. The size does not include the preamble length. @@ -153,6 +158,7 @@ struct __attribute__((__packed__)) soft_version { enum safeloader_image_type { SAFELOADER_TYPE_DEFAULT, SAFELOADER_TYPE_VENDOR, + SAFELOADER_TYPE_CLOUD, SAFELOADER_TYPE_QNEW, }; @@ -3858,6 +3864,7 @@ static void safeloader_read_partition(FILE *input_file, size_t payload_offset, static void safeloader_parse_image(FILE *input_file, struct safeloader_image_info *image) { + static const char *HEADER_ID_CLOUD = "fw-type:Cloud"; static const char *HEADER_ID_QNEW = "?NEW"; char buf[64]; @@ -3872,6 +3879,8 @@ static void safeloader_parse_image(FILE *input_file, struct safeloader_image_inf if (memcmp(HEADER_ID_QNEW, &buf[0], strlen(HEADER_ID_QNEW)) == 0) image->type = SAFELOADER_TYPE_QNEW; + else if (memcmp(HEADER_ID_CLOUD, &buf[0], strlen(HEADER_ID_CLOUD)) == 0) + image->type = SAFELOADER_TYPE_CLOUD; else if (ntohl(*((uint32_t *) &buf[0])) <= SAFELOADER_HEADER_SIZE) image->type = SAFELOADER_TYPE_VENDOR; else @@ -3880,6 +3889,7 @@ static void safeloader_parse_image(FILE *input_file, struct safeloader_image_inf switch (image->type) { case SAFELOADER_TYPE_DEFAULT: case SAFELOADER_TYPE_VENDOR: + case SAFELOADER_TYPE_CLOUD: image->payload_offset = SAFELOADER_PAYLOAD_OFFSET; break; case SAFELOADER_TYPE_QNEW: