scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-12-24 16:57:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't check the firmware body when USE_RO_NORMAL preamble flag is presented.

Browse Source 
Since the firmware supporting RO normal boot doesn't contains any valid RW
firmware body. Skipping the check avoids unnecessary failure.

BUG=chromium-os:19451
TEST=manual

Picked a firmware supporting RO normal boot and extracted its sections. Ran:
$ vbutil_firmware --verify VBLOCK_A --signpubkey \
> /usr/share/vboot/devkeys/root_key.vbpubk --fv RW_SECTION_A
Key block:
  Size:                2232
  Flags:               7 (ignored)
  Data key algorithm:  7 RSA4096 SHA256
  Data key version:    1
  Data key sha1sum:    e2c1c92d7d7aa7dfed5e8375edd30b7ae52b7450
Preamble:
  Size:                  2164
  Header version:        2.1
  Firmware version:      1
  Kernel key algorithm:  7 RSA4096 SHA256
  Kernel key version:    1
  Kernel key sha1sum:    5d2b220899c4403d564092ada3f12d3cc4483223
  Firmware body size:    456411
  Preamble flags:        1
Preamble requests USE_RO_NORMAL; skipping body verification.

Change-Id: I8b81e679016f2946198396c5627415fe979c0a4f
Reviewed-on: http://gerrit.chromium.org/gerrit/6396
Tested-by: Tom Wai-Hong Tam <waihong@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This commit is contained in:
Tom Wai-Hong Tam
2011-08-22 18:45:31 +08:00
parent 69b88dc99b
commit efea801390
1 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
utility/vbutil_firmware.c
View File

@@ -180,6 +180,7 @@ static int Verify(const char* infile, const char* signpubkey,
uint8_t* fv_data;
uint64_t fv_size;
uint64_t now = 0;
uint32_t flags;
if (!infile || !signpubkey || !fv_file) {
VbExError("Must specify filename, signpubkey, and fv\n");
@@ -243,6 +244,7 @@ static int Verify(const char* infile, const char* signpubkey,
}
now += preamble->preamble_size;
flags = VbGetFirmwarePreambleFlags(preamble);
printf("Preamble:\n");
printf(" Size: %" PRIu64 "\n", preamble->preamble_size);
printf(" Header version: %" PRIu32 ".%" PRIu32"\n",
@@ -260,17 +262,20 @@ static int Verify(const char* infile, const char* signpubkey,
printf("\n");
printf(" Firmware body size: %" PRIu64 "\n",
preamble->body_signature.data_size);
printf(" Preamble flags: %" PRIu32 "\n",
VbGetFirmwarePreambleFlags(preamble));
printf(" Preamble flags: %" PRIu32 "\n", flags);
/* TODO: verify body size same as signature size */
/* Verify body */
if (0 != VerifyData(fv_data, fv_size, &preamble->body_signature, rsa)) {
VbExError("Error verifying firmware body.\n");
return 1;
if (flags & VB_FIRMWARE_PREAMBLE_USE_RO_NORMAL) {
printf("Preamble requests USE_RO_NORMAL; skipping body verification.\n");
} else {
if (0 != VerifyData(fv_data, fv_size, &preamble->body_signature, rsa)) {
VbExError("Error verifying firmware body.\n");
return 1;
}
printf("Body verification succeeded.\n");
}
printf("Body verification succeeded.\n");
if (kernelkey_file) {
if (0 != PublicKeyWrite(kernelkey_file, kernel_subkey)) {