[LEDE-DEV] [PATCH 3/3] ramips: backport TP-Link image checks from AR71xx

Sergey Ryazanov ryazanov.s.a at gmail.com
Sun Oct 1 16:33:18 PDT 2017 

Backport TP-Link image compatibility checks (verify hardware id &
revision) from AR71xx platform and adopt it for v2/v3 image header.

Use new functionality for Archer C20/C20i sysupgrade image verification.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a at gmail.com>
---
 target/linux/ramips/base-files/lib/ramips.sh       | 18 ++++++++++++
 .../ramips/base-files/lib/upgrade/platform.sh      | 32 ++++++++++++++++++++++
 2 files changed, 50 insertions(+)

diff --git a/target/linux/ramips/base-files/lib/ramips.sh b/target/linux/ramips/base-files/lib/ramips.sh
index d0b9bb1262..0e5d74908d 100755
--- a/target/linux/ramips/base-files/lib/ramips.sh
+++ b/target/linux/ramips/base-files/lib/ramips.sh
@@ -6,6 +6,24 @@
 RAMIPS_BOARD_NAME=
 RAMIPS_MODEL=
 
+tplink_get_v2_hwid() {
+	local part
+
+	part=$(find_mtd_part firmware)
+	[ -z "$part" ] && return 1
+
+	dd if=$part bs=4 count=1 skip=13 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"'
+}
+
+tplink_get_v2_mid() {
+	local part
+
+	part=$(find_mtd_part firmware)
+	[ -z "$part" ] && return 1
+
+	dd if=$part bs=4 count=1 skip=14 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"'
+}
+
 ramips_board_detect() {
 	local machine
 	local name
diff --git a/target/linux/ramips/base-files/lib/upgrade/platform.sh b/target/linux/ramips/base-files/lib/upgrade/platform.sh
index e08c45d8db..9892241358 100755
--- a/target/linux/ramips/base-files/lib/upgrade/platform.sh
+++ b/target/linux/ramips/base-files/lib/upgrade/platform.sh
@@ -2,8 +2,22 @@
 # Copyright (C) 2010 OpenWrt.org
 #
 
+. /lib/ramips.sh
+
 PART_NAME=firmware
 
+tplink_get_image_v2_hwid() {
+	get_image "$@" | dd bs=4 count=1 skip=13 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"'
+}
+
+tplink_get_image_v2_mid() {
+	get_image "$@" | dd bs=4 count=1 skip=14 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"'
+}
+
+tplink_get_image_v2_boot_size() {
+	get_image "$@" | dd bs=4 count=1 skip=34 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"'
+}
+
 platform_check_image() {
 	local board=$(board_name)
 	local magic="$(get_magic_long "$1")"
@@ -240,6 +254,24 @@ platform_check_image() {
 			echo "Invalid image type."
 			return 1
 		}
+
+		local hwid=$(tplink_get_v2_hwid)
+		local mid=$(tplink_get_v2_mid)
+		local imagehwid=$(tplink_get_image_v2_hwid "$1")
+		local imagemid=$(tplink_get_image_v2_mid "$1")
+
+		[ "$hwid" != "$imagehwid" -o "$mid" != "$imagemid" ] && {
+			echo "Invalid image, hardware ID mismatch, hw:$hwid $mid image:$imagehwid $imagemid."
+			return 1
+		}
+
+		local boot_size=$(tplink_get_image_v2_boot_size "$1")
+
+		[ "$boot_size" != "00000000" ] && {
+			echo "Invalid image, it contains a bootloader."
+			return 1
+		}
+
 		return 0
 		;;
 	cy-swr1100|\
-- 
2.13.0

More information about the Lede-dev mailing list