x1000: Add a basic sanity check for bootloader backups
The bootloader backup is intentionally simple, but it's a little *too* simple. Add a sanity check to make sure what we're backing up or restoring contains the first 8 bytes of the SPL header. This isn't going to catch all possible problems, but it'll stop obviously non-functional backups from being restored. Change-Id: I6e80351aeb96c467f0514bd0ecd77d94ff72a8f8
This commit is contained in:
parent
202eb8c06a
commit
9e258652c4
2 changed files with 17 additions and 0 deletions
|
@ -62,6 +62,9 @@ static const struct update_part updates[] = {
|
||||||
|
|
||||||
static const int num_updates = sizeof(updates) / sizeof(struct update_part);
|
static const int num_updates = sizeof(updates) / sizeof(struct update_part);
|
||||||
|
|
||||||
|
static const uint8_t flash_sig_magic[8] =
|
||||||
|
{0x06, 0x05, 0x04, 0x03, 0x02, 0x55, 0xaa, 0x55};
|
||||||
|
|
||||||
/* calculate the offset and length of the update image; this is constant
|
/* calculate the offset and length of the update image; this is constant
|
||||||
* for a given target, based on the update parts and the NAND chip geometry.
|
* for a given target, based on the update parts and the NAND chip geometry.
|
||||||
*/
|
*/
|
||||||
|
@ -249,6 +252,12 @@ int backup_bootloader(const char* filename)
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* bail if we're backing up something that looks like garbage */
|
||||||
|
if (memcmp(u.img_buf, flash_sig_magic, 8)) {
|
||||||
|
rc = IERR_CORRUPTED_BACKUP;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
/* write to file */
|
/* write to file */
|
||||||
fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY);
|
fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY);
|
||||||
if(fd < 0) {
|
if(fd < 0) {
|
||||||
|
@ -293,6 +302,12 @@ int restore_bootloader(const char* filename)
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* safety check to reduce risk of flashing complete garbage */
|
||||||
|
if (memcmp(u.img_buf, flash_sig_magic, 8)) {
|
||||||
|
rc = IERR_CORRUPTED_BACKUP;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
/* write image */
|
/* write image */
|
||||||
rc = nand_write_bytes(u.ndrv, u.img_off, u.img_len, u.img_buf);
|
rc = nand_write_bytes(u.ndrv, u.img_off, u.img_len, u.img_buf);
|
||||||
if(rc != NAND_SUCCESS) {
|
if(rc != NAND_SUCCESS) {
|
||||||
|
@ -320,6 +335,7 @@ const char* installer_strerror(int rc)
|
||||||
case IERR_NAND_OPEN: return "NAND open error";
|
case IERR_NAND_OPEN: return "NAND open error";
|
||||||
case IERR_NAND_READ: return "NAND read error";
|
case IERR_NAND_READ: return "NAND read error";
|
||||||
case IERR_NAND_WRITE: return "NAND write error";
|
case IERR_NAND_WRITE: return "NAND write error";
|
||||||
|
case IERR_CORRUPTED_BACKUP: return "Backup is corrupt";
|
||||||
default: return "Unknown error!?";
|
default: return "Unknown error!?";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,6 +45,7 @@ enum {
|
||||||
IERR_NAND_OPEN,
|
IERR_NAND_OPEN,
|
||||||
IERR_NAND_READ,
|
IERR_NAND_READ,
|
||||||
IERR_NAND_WRITE,
|
IERR_NAND_WRITE,
|
||||||
|
IERR_CORRUPTED_BACKUP,
|
||||||
};
|
};
|
||||||
|
|
||||||
extern int install_bootloader(const char* filename);
|
extern int install_bootloader(const char* filename);
|
||||||
|
|
Loading…
Reference in a new issue