This change will fix warnings occurred during
compilation of sysupgrade source files
Change-Id: I0526da607b383064b4c5cea7462fe4c12c669a3b
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
(cherry picked from commit 6a7c18c463)
We observed a typo in rootfs image authentication
enabled message log and corrected it in this change.
Change-Id: Ie1aa07e0f45fdc3d802d87a03cfe376d7ac43e4e
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
This change adds support to authenticate signed
rootfs images if rootfs_auth is enabled. It will
authenticate kernel image when rootfs image is not
signed.
Change-Id: I5f9da1c033c5530ebce4bff9f0fb4f69aaca9213
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
We want to extract rootfs image from ubi without any
changes, as we are traversing through the rootfs image
for 0xdeadc0de in extract_rootfs_binary() to extract
the image till 0xdeadc0de offset.
Change-Id: Iefeec6db72b65310310d74835b68ec3d22144608
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
This change adds support to extract rootfs binary
till correct data-block offset and replaces the
binary for image authentication in both
EMMC and Nand flashtypes.
Change-Id: Ib56228a620ffc5bcfae8b51682377b68e273484f
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
We observed that ubi_rootfs volume id is different for ipq807x
and ipq95xx, so we use volume name instead of volume id for
rootfs extraction from ubi.
Change-Id: I0b536fbceae47279b81d76f8108ca8640c09657c
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
This change will add support for rootfs Authentication in all
flashtypes (Nor, Nand, Emmc and norplusnand) during sysupgrade.
Here we are adding support to sign rootfs image with sha384.
The rootfs metadata is available at the end of kernel image.
This change adds supports to extract rootfs metadata from
kernel image and stores in /tmp/metadata.bin.
It also calculates sha384 of rootfs binary and stores in /tmp/sha384_keyXXXXXX
After this we use below command to authenticate rootfs metadata:
echo -n "0x17 /tmp/metadata.bin /tmp/sha384_keyXXXXXX" > /sys/sec_upgrade/sec_auth
Change-Id: Iaf304d5edcd3bfff849fcb3705f5342f4c354b5b
Signed-off-by: Vijay Balaji <quic_vijbal@quicinc.com>
When we use root certificate count as four, then metadata
is generated with size as 0x4000, but for single root
certificate, metadata size will be less than 0x4000, hence
consider minimum metadata size as 0x1000
Change-Id: Ib713e5fd4bcfe493cf482efda54d20ca1604939b
Signed-off-by: Ram Chandra Jangir <quic_rjangir@quicinc.com>
Add rootfs section to authenticate signed rootfs image
Parse the hlos elf header and get the rootfs metadata offset
Reads metadata available at the end of hlos image and write to /tmp/metadata.bin
Calculate sha384 and write to /tmp/sha384_XXXXX file
Use /tmp/metadata.bin and /tmp/sha384_XXXXX to get rootfs auth by TZ
Change-Id: Iaa4bf6b0cfbae4f4a56187f80f2873cb69550051
Signed-off-by: Ram Chandra Jangir <quic_rjangir@quicinc.com>
This kw issue occurred with below message:
"Use of free memory (access) - possible".
In order to fix this issue, we have removed all
dereferenced buffer after freeing the buffer..
Change-Id: I080c45b17397333c3f897b960bdf6fca01b7a53e
Signed-off-by: Avinash Pandey <avinasv@codeaurora.org>
Kw issues occurred with below message:
"Array 'buf'of size 256 may use index value(s) -2..0".
In order to fix this issue, error message will be
returned with array index out of index if buffer
size isless than 0 or if it increases buffer size.
Change-Id: I5a7885b0ee2fd6e9c0ac3083b28366f1ae5ceaee
Signed-off-by: Avinash Pandey <avinasv@codeaurora.org>
Currently we are reading the .bin files who are having the type
in their image names, but this has problem when the image type
is overlapping in two file names ex. wififw_ubi.bin and ubi.bin.
To avoid this problem, we will take files whose names starts
with our image type.
Change-Id: Ib3ab64fb2bbf5c9c59b1ec644c409dee31be77a1
Signed-off-by: Avinash Pandey <avinasv@codeaurora.org>
For ipq807x, signature certificate size is dynamic and it is not fixed.
Hence we will treat signature certificate size check as warning.
Change-Id: I6528212aaf9297217b19cb34311fc96500a7f38f
Signed-off-by: Avinash Pandey <avinasv@codeaurora.org>
This change replaces banned function namely, strncat and
strncpy to strlcat and strlcpy respectively.
Change-Id: Ic02f59b29d1e58a937670f5e53dd1199cb55e53e
Signed-off-by: Avinash Pandey <avinasv@codeaurora.org>
Now we are adding preamble value to read SBL header if ubi section
is present in the image. But in case of NOR+NAND images, though we are
having SBL in NOR and ubi section is also present and NAND_PREAMBLE
is getting added. which is breaking NOR+NAND sysupgrade.
Added functionality to compare first 12 bytes of section with pre
defined PREAMBLE value. If values matches, add the NAND_PREAMBLE to
read SBL header.
Change-Id: I704ee86cc50aa3ce3b2ab6ec34beab866ffde4b9
Signed-off-by: Anto Norbert <norbrt@codeaurora.org>
This change adds the correct Sbl_Hdr instead of Mbn_Hdr, since
sbl header is different than normal Mbn_Hdr, and adds the sbl
header size as 80.
SBL in nand starts with preamble before the sbl header, so here
it adds the preamble for header start address as well as
src, sig and cert offset values.
Change-Id: I9a56d7b4a51890b74a5ee5fe3047a38801d23803
Signed-off-by: Ram Chandra Jangir <rjangir@codeaurora.org>
This change will look for existence of file /sys/sec_upgrade/sec_auth
if the file exists, it performs image authentication with the new
approach i.e TZ enabled mechanism.
It reads all the sections of the single image and writes each
section's type and image file path in /sys/sec_upgrade/sec_auth.
If a written section image is a proper signed image, then it will
return success else will cause the failure.
Change-Id: I649581e0ab74a66d677e5bfbf1c34fd83cb2465d
Signed-off-by: Avinash Pandey <avinasv@codeaurora.org>
This change adds support to check devcfg version and
allows sysupgrade only if the version is higher.
Change-Id: I7192f428c50c1b1b9eeddd1aac0d57d341d32436
Signed-off-by: Pavithra Palanisamy <pavip@codeaurora.org>
Currently our sysupgrade is comparing the calculated hash,
and referenced hash using strcmp(), A valid binary hash can
contain zeros or null, this can make strcmp() to stop when it
encounters a zero or null. To check the entire hash, not just
the bytes of the hash up to the first zero, we will use memcmp().
The existing code uses mbn_header->code_size for calculating
source offset from the image, this change adds mbn_header_size
for the calculation.
Change-Id: Iaae39d04e8e4aafc686a5acbc499b11b2b8d6602
Signed-off-by: Pavithra Palanisamy <pavip@codeaurora.org>
The existing sysupgrade treats all images as 32-bit image.
This change adds a check to signify the image class and
adds functions to process the headers respectively.
Change-Id: I04040fdc6e1a9c6c2df2407cd4b26dddaf4a008c
Signed-off-by: Pavithra Palanisamy <pavip@codeaurora.org>
