[PATCH 1/5] scripts: imx: add optional argument to hab_blocks command

Marcin Niestroj m.niestroj at grinn-global.com
Mon Sep 3 03:57:11 PDT 2018


hab_blocks command is used to specify image authentication blocks for
HAB. Currently it was configured to authenticate full barebox
image. However in case of booting from SD card and adding MBR
partition table, HAB authentication fails, as final boot image is
modified.

Add an optional argument to hab_blocks command, to select between
3 types of authentication areas:
 - full: whole barebox image will be authenticated (this is default to
   keep compatibility),
 - from-dcdofs: image area up to dcdofs is not authenticated, so any
   changes up to dcdofs are possible,
 - skip-mbr: image area from 440 to 512 bytes is excluded from beeing
   authenticated, which allows to add / modify MBR partition table
   after building barebox image.

Signed-off-by: Marcin Niestroj <m.niestroj at grinn-global.com>
---
Changes rfc -> v1: none

 scripts/imx/imx.c | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/scripts/imx/imx.c b/scripts/imx/imx.c
index d3786b6e1..21206387e 100644
--- a/scripts/imx/imx.c
+++ b/scripts/imx/imx.c
@@ -317,15 +317,40 @@ static int do_hab(struct config_data *data, int argc, char *argv[])
 
 static int do_hab_blocks(struct config_data *data, int argc, char *argv[])
 {
+	const char *type;
 	char *str;
 	int ret;
 
 	if (!data->csf)
 		return -EINVAL;
 
-	ret = asprintf(&str, "Blocks = 0x%08x 0 %d \"%s\"\n",
-		       data->image_load_addr,
-		       data->load_size, data->outfile);
+	if (argc < 2)
+		type = "full";
+	else
+		type = argv[1];
+
+	if (!strcmp(type, "full")) {
+		ret = asprintf(&str, "Blocks = 0x%08x 0 %d \"%s\"\n",
+			       data->image_load_addr, data->load_size,
+			       data->outfile);
+	} else if (!strcmp(type, "from-dcdofs")) {
+		ret = asprintf(&str, "Blocks = 0x%08x 0x%x %d \"%s\"\n",
+			       data->image_load_addr + data->image_dcd_offset,
+			       data->image_dcd_offset,
+			       data->load_size - data->image_dcd_offset,
+			       data->outfile);
+	} else if (!strcmp(type, "skip-mbr")) {
+		ret = asprintf(&str,
+			       "Blocks = 0x%08x 0 440 \"%s\", \\\n"
+			       "         0x%08x 512 %d \"%s\"\n",
+			       data->image_load_addr, data->outfile,
+			       data->image_load_addr + 512,
+			       data->load_size - 512, data->outfile);
+	} else {
+		fprintf(stderr, "Invalid hab_blocks option: %s\n", type);
+		return -EINVAL;
+	}
+
 	if (ret < 0)
 		return -ENOMEM;
 
-- 
2.18.0




More information about the barebox mailing list