[PATCH 2/2] images: add function to verify checksum in barebox header

Mon May 23 04:48:42 PDT 2016

From: Jan Luebbe <jlu at pengutronix.de>

Signed-off-by: Jan Luebbe <jlu at pengutronix.de>
Signed-off-by: Ulrich Ölmann <u.oelmann at pengutronix.de>
---
 common/Kconfig         |  9 ++++++
 common/Makefile        |  1 +
 common/barebox-image.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++
 include/common.h       |  9 ++++++
 4 files changed, 104 insertions(+)
 create mode 100644 common/barebox-image.c

diff --git a/common/Kconfig b/common/Kconfig
index 928db0a159e1..bebbb614509d 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -580,6 +580,15 @@ config IMD_TARGET
 	depends on IMD
 	depends on !SANDBOX
 
+config VERIFY_EMBEDDED_CRC
+	prompt "Verify the CRC checksum embedded into barebox images"
+	bool
+	select CRC32
+	help
+	  If you say Y here, the CRC checksum that is embedded into every
+	  barebox image directly after the header can be verified to guarantee
+	  the integrity of the image.
+
 config KERNEL_INSTALL_TARGET
 	bool
 	depends on !SANDBOX
diff --git a/common/Makefile b/common/Makefile
index 99681e21215b..0106f0fe7bd9 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -48,6 +48,7 @@ obj-$(CONFIG_STATE)		+= state.o
 obj-$(CONFIG_RATP)		+= ratp.o
 obj-$(CONFIG_UIMAGE)		+= image.o uimage.o
 obj-$(CONFIG_FITIMAGE)		+= image-fit.o
+obj-$(CONFIG_VERIFY_EMBEDDED_CRC) += barebox-image.o
 obj-$(CONFIG_MENUTREE)		+= menutree.o
 obj-$(CONFIG_EFI_GUID)		+= efi-guid.o
 obj-$(CONFIG_EFI_DEVICEPATH)	+= efi-devicepath.o
diff --git a/common/barebox-image.c b/common/barebox-image.c
new file mode 100644
index 000000000000..733d9ea2ecdf
--- /dev/null
+++ b/common/barebox-image.c
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2016 Pengutronix, Jan Luebbe <j.luebbe at pengutronix.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+#include <common.h>
+#include <io.h>
+#include <filetype.h>
+
+static inline size_t get_barebox_head_size(const void *buf)
+{
+	if (is_barebox_arm_head(buf))
+		return ARM_HEAD_SIZE;
+	else if (is_barebox_mips_head(buf))
+		return MIPS_HEAD_SIZE;
+
+	return 0;
+}
+
+static inline size_t get_barebox_head_size_offset(const void *buf)
+{
+	if (is_barebox_arm_head(buf))
+		return ARM_HEAD_SIZE_OFFSET;
+	else if (is_barebox_mips_head(buf))
+		return MIPS_HEAD_SIZE_OFFSET;
+
+	return 0;
+}
+
+bool barebox_verify_image(void *buf, size_t bufsize)
+{
+	unsigned int *psize;
+	size_t head_size;
+	uint32_t crc = 0;
+	uint32_t *p;
+
+	if (bufsize < ARM_HEAD_SIZE) {
+		pr_err("buffer is smaller than ARM_HEAD_SIZE\n");
+		return false;
+	}
+
+	head_size = get_barebox_head_size(buf);
+	if (!head_size) {
+		pr_err("image does not contain a barebox header\n");
+		return false;
+	}
+
+	psize = buf + get_barebox_head_size_offset(buf);
+
+	if (bufsize < *psize) {
+		pr_err("buffer is too small for image\n");
+		return false;
+	}
+
+	if (*psize < head_size + 2 * sizeof(uint32_t)) {
+		pr_err("image is too small\n");
+		return false;
+	}
+
+	p = buf + head_size;
+
+	if (strcmp((const char*) p, BAREBOX_CRC_MAGIC_VALUE)) {
+		pr_debug("image does not contain a checksum\n");
+		return true;
+	}
+
+	crc = crc32(crc, buf, head_size + sizeof(uint32_t));
+	crc = crc32(crc, buf + head_size + 2 * sizeof(uint32_t),
+			*psize - (head_size + 2 * sizeof(uint32_t)));
+	crc = cpu_to_be32(crc);
+
+	if (crc != *(p + 1)) {
+		pr_err("embedded checksum is faulty\n");
+		return false;
+	}
+
+	return true;
+}
diff --git a/include/common.h b/include/common.h
index 680a0affb6bc..9200328c3e10 100644
--- a/include/common.h
+++ b/include/common.h
@@ -164,4 +164,13 @@ static inline bool region_overlap(unsigned long starta, unsigned long lena,
 	return 1;
 }
 
+#ifdef CONFIG_VERIFY_EMBEDDED_CRC
+bool barebox_verify_image(void*, size_t);
+#else
+static inline bool barebox_verify_image(void *buf, size_t bufsize)
+{
+	return true;
+}
+#endif
+
 #endif	/* __COMMON_H_ */
-- 
2.8.1


