[openwrt/openwrt] base-files: verify nand sysupgrade images
LEDE Commits
lede-commits at lists.infradead.org
Sun Oct 30 07:48:10 PDT 2022
dangole pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/9d1e687da3e11785e633c37b30ddcfabb885c657
commit 9d1e687da3e11785e633c37b30ddcfabb885c657
Author: Rodrigo Balerdi <lanchon at gmail.com>
AuthorDate: Tue May 3 23:54:58 2022 -0300
base-files: verify nand sysupgrade images
For nand sysupgrade image files having tar/gzip/tgz envelopes, verify
envelope integrity before starting sysupgrade.
Signed-off-by: Rodrigo Balerdi <lanchon at gmail.com>
---
package/base-files/files/lib/upgrade/nand.sh | 76 +++++++++++++++++++++-------
package/base-files/files/lib/upgrade/stage2 | 2 +-
2 files changed, 58 insertions(+), 20 deletions(-)
diff --git a/package/base-files/files/lib/upgrade/nand.sh b/package/base-files/files/lib/upgrade/nand.sh
index 496e5bf7fb..d9cfeede9c 100644
--- a/package/base-files/files/lib/upgrade/nand.sh
+++ b/package/base-files/files/lib/upgrade/nand.sh
@@ -60,7 +60,7 @@ nand_get_magic_long() {
}
get_magic_long_tar() {
- (tar x${3}f "$1" "$2" -O | dd bs=4 count=1 | hexdump -v -n 4 -e '1/1 "%02x"') 2> /dev/null
+ (tar xO${3}f "$1" "$2" | dd bs=4 count=1 | hexdump -v -n 4 -e '1/1 "%02x"') 2> /dev/null
}
identify_magic() {
@@ -172,7 +172,7 @@ nand_detach_ubi() {
nand_upgrade_prepare_ubi() {
local rootfs_length="$1"
local rootfs_type="$2"
- local rootfs_data_max="$(fw_printenv -n rootfs_data_max 2>/dev/null)"
+ local rootfs_data_max="$(fw_printenv -n rootfs_data_max 2> /dev/null)"
[ -n "$rootfs_data_max" ] && rootfs_data_max=$((rootfs_data_max))
local kernel_length="$3"
@@ -313,10 +313,10 @@ nand_upgrade_tar() {
local kernel_mtd kernel_length
if [ "$CI_KERNPART" != "none" ]; then
kernel_mtd="$(find_mtd_index "$CI_KERNPART")"
- kernel_length=$( (tar x${gz}f "$tar_file" "$board_dir/kernel" -O | wc -c) 2> /dev/null)
+ kernel_length=$( (tar xO${gz}f "$tar_file" "$board_dir/kernel" | wc -c) 2> /dev/null)
[ "$kernel_length" = 0 ] && kernel_length=
fi
- local rootfs_length=$( (tar x${gz}f "$tar_file" "$board_dir/root" -O | wc -c) 2> /dev/null)
+ local rootfs_length=$( (tar xO${gz}f "$tar_file" "$board_dir/root" | wc -c) 2> /dev/null)
[ "$rootfs_length" = 0 ] && rootfs_length=
local rootfs_type
[ "$rootfs_length" ] && rootfs_type="$(identify_tar "$tar_file" "$board_dir/root" "$gz")"
@@ -327,7 +327,7 @@ nand_upgrade_tar() {
# On some devices, the raw kernel and ubi partitions overlap.
# These devices brick if the kernel partition is erased.
# Hence only invalidate kernel for now.
- dd if=/dev/zero bs=4096 count=1 2>/dev/null | \
+ dd if=/dev/zero bs=4096 count=1 2> /dev/null | \
mtd write - "$CI_KERNPART"
else
ubi_kernel_length="$kernel_length"
@@ -339,16 +339,16 @@ nand_upgrade_tar() {
local ubidev="$( nand_find_ubi "$CI_UBIPART" )"
if [ "$rootfs_length" ]; then
local root_ubivol="$( nand_find_volume $ubidev "$CI_ROOTPART" )"
- tar x${gz}f "$tar_file" "$board_dir/root" -O | \
+ tar xO${gz}f "$tar_file" "$board_dir/root" | \
ubiupdatevol /dev/$root_ubivol -s "$rootfs_length" -
fi
if [ "$kernel_length" ]; then
if [ "$kernel_mtd" ]; then
- tar x${gz}f "$tar_file" "$board_dir/kernel" -O | \
+ tar xO${gz}f "$tar_file" "$board_dir/kernel" | \
mtd write - "$CI_KERNPART"
else
local kern_ubivol="$( nand_find_volume $ubidev "$CI_KERNPART" )"
- tar x${gz}f "$tar_file" "$board_dir/kernel" -O | \
+ tar xO${gz}f "$tar_file" "$board_dir/kernel" | \
ubiupdatevol /dev/$kern_ubivol -s "$kernel_length" -
fi
fi
@@ -356,21 +356,55 @@ nand_upgrade_tar() {
return 0
}
+nand_verify_if_gzip_file() {
+ local file="$1"
+ local gz="$2"
+
+ if [ "$gz" = z ]; then
+ echo "verifying compressed sysupgrade file integrity"
+ if ! gzip -t "$file"; then
+ echo "corrupted compressed sysupgrade file"
+ return 1
+ fi
+ fi
+}
+
+nand_verify_tar_file() {
+ local file="$1"
+ local gz="$2"
+
+ echo "verifying sysupgrade tar file integrity"
+ if ! tar xO${gz}f "$file" > /dev/null; then
+ echo "corrupted sysupgrade tar file"
+ return 1
+ fi
+}
+
nand_do_flash_file() {
local file="$1"
local gz="$(identify_if_gzip "$file")"
local file_type="$(identify "$file" "" "$gz")"
- [ "$gz" = z ] && echo "detected compressed firmware file"
-
[ ! "$(find_mtd_index "$CI_UBIPART")" ] && CI_UBIPART=rootfs
case "$file_type" in
- "fit") nand_upgrade_fit "$file" "$gz";;
- "ubi") nand_upgrade_ubinized "$file" "$gz";;
- "ubifs") nand_upgrade_ubifs "$file" "$gz";;
- *) nand_upgrade_tar "$file" "$gz";;
+ "fit")
+ nand_verify_if_gzip_file "$file" "$gz" || return 1
+ nand_upgrade_fit "$file" "$gz"
+ ;;
+ "ubi")
+ nand_verify_if_gzip_file "$file" "$gz" || return 1
+ nand_upgrade_ubinized "$file" "$gz"
+ ;;
+ "ubifs")
+ nand_verify_if_gzip_file "$file" "$gz" || return 1
+ nand_upgrade_ubifs "$file" "$gz"
+ ;;
+ *)
+ nand_verify_tar_file "$file" "$gz" || return 1
+ nand_upgrade_tar "$file" "$gz"
+ ;;
esac
}
@@ -415,12 +449,16 @@ nand_do_platform_check() {
local gz="$(identify_if_gzip "$file")"
local file_type="$(identify "$file" "" "$gz")"
+ local control_length=$( (tar xO${gz}f "$file" "sysupgrade-$board_name/CONTROL" | wc -c) 2> /dev/null)
- local control_length=$( (tar x${gz}f "$file" "sysupgrade-$board_name/CONTROL" -O | wc -c) 2> /dev/null)
-
- if [ "$file_type" != "fit" -a "$file_type" != "ubi" -a "$file_type" != "ubifs" -a "$control_length" = 0 ]; then
- echo "invalid sysupgrade file"
- return 1
+ if [ "$control_length" != 0 ]; then
+ nand_verify_tar_file "$file" "$gz" || return 1
+ else
+ nand_verify_if_gzip_file "$file" "$gz" || return 1
+ if [ "$file_type" != "fit" -a "$file_type" != "ubi" -a "$file_type" != "ubifs" ]; then
+ echo "invalid sysupgrade file"
+ return 1
+ fi
fi
return 0
diff --git a/package/base-files/files/lib/upgrade/stage2 b/package/base-files/files/lib/upgrade/stage2
index 97e0b881e9..6314d40646 100755
--- a/package/base-files/files/lib/upgrade/stage2
+++ b/package/base-files/files/lib/upgrade/stage2
@@ -39,7 +39,7 @@ switch_to_ramfs() {
for binary in \
/bin/busybox /bin/ash /bin/sh /bin/mount /bin/umount \
pivot_root mount_root reboot sync kill sleep \
- md5sum hexdump cat zcat dd tar \
+ md5sum hexdump cat zcat dd tar gzip \
ls basename find cp mv rm mkdir rmdir mknod touch chmod \
'[' printf wc grep awk sed cut sort \
mtd partx losetup mkfs.ext4 nandwrite flash_erase \
More information about the lede-commits
mailing list