[LEDE-DEV] [PATCH 3/3] ramips: backport TP-Link image checks from AR71xx

Mathias Kresin dev at kresin.me
Mon Oct 2 02:31:55 PDT 2017

2017-10-02 11:10 GMT+02:00 Sergey Ryazanov <ryazanov.s.a at gmail.com>:
> On Mon, Oct 2, 2017 at 9:43 AM, Mathias Kresin <dev at kresin.me> wrote:
>> 02.10.2017 01:33, Sergey Ryazanov:
>>> Backport TP-Link image compatibility checks (verify hardware id &
>>> revision) from AR71xx platform and adopt it for v2/v3 image header.
>>> Use new functionality for Archer C20/C20i sysupgrade image verification.
>> NAK.
>> The image metadata (more precisely the boardname) are used to ensure that
>> the image matches the board. We do not need any additional board checks.
>> Even if the image metadata are not yet enforced on ramips (due to handful of
>> boards still using the old image build code), flashing an image with
>> metadata not matching the current board is refused. Flashing an image
>> without metadata is still possible till metadata are enforced.
> Ok. This code path is also used to flash vendor firmware (return back
> to original firmware). By forbidding checks of vendor image header do
> we say to users that the selection of proper image (e.g. without
> bootloader) is on their own risk?

If you ask for my personal opinion, yes it is up to the user to ensure
(s)he is using a matching stock firmware image file.

Otherwise we have to add/keep/maintain barely used code for each
vendor image format. I'm really glad that we got rid of all the vendor
image checks already for some targets. It makes the whole sysupgrade
code way easier to read and better to understand.


More information about the Lede-dev mailing list