Merge branch 'for-next/bootm'

author: Sascha Hauer <s.hauer@pengutronix.de> 2016-06-14 09:13:35 +0200
committer: Sascha Hauer <s.hauer@pengutronix.de> 2016-06-14 09:13:35 +0200
commit: 2b948a834c04fb76ca8319c11ee57d752c6e00da (patch)
tree: 41f14595b68447a8854a49b1db15c149ebb0b8f7 /common
parent: bfcdde155359436a95e72d6f1606571a75a0a4ed (diff)
parent: d323e9f6e79bbda21affa663d1974cf23979756a (diff)
download: barebox-2b948a834c04fb76ca8319c11ee57d752c6e00da.tar.gz
barebox-2b948a834c04fb76ca8319c11ee57d752c6e00da.tar.xz
5 files changed, 170 insertions, 28 deletions
diff --git a/common/Kconfig b/common/Kconfig
index c321090de0..679954e4db 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -40,10 +40,6 @@ config HAS_DMA
 config GENERIC_GPIO
 	bool
 
-config BOOTM
-	select UIMAGE
-	bool
-
 config BLOCK
 	bool
 
@@ -546,6 +542,100 @@ config TIMESTAMP
 	  commands like bootm or iminfo. This option is
 	  automatically enabled when you select CFG_CMD_DATE .
 
+menuconfig BOOTM
+	select UIMAGE
+	default y if COMMAND_SUPPORT
+	bool "bootm support"
+
+config BOOTM_SHOW_TYPE
+	bool
+	depends on BOOTM
+	prompt "show image information"
+	help
+	  Displays some tags from the uImage:
+
+	  - OS type
+	  - architecture,
+	  - type
+	  - compression method.
+
+config BOOTM_VERBOSE
+	bool
+	prompt "verbose support"
+	depends on BOOTM
+	help
+	  Adds the verbose (-v switch) command line option.
+
+config BOOTM_INITRD
+	bool
+	prompt "initial RAM disk (initrd) support"
+	depends on BOOTM
+	help
+	  Adds support for initial RAM disk and this two command line options:
+
+	  -r INITRD  specify an initrd image
+	  -L ADDR    specify initrd load address
+
+config BOOTM_OFTREE
+	bool
+	depends on BOOTM
+	select OFTREE
+	prompt "device tree (oftree) support"
+	help
+	  Add support to pass a device tree (a.k.a Open Firmware Tree, oftree). Adds
+	  this command line option:
+
+	  -o DTS  specify device tree
+
+config BOOTM_OFTREE_UIMAGE
+	bool
+	prompt "support passing device tree (oftree) uImages"
+	depends on BOOTM_OFTREE
+	help
+	  Support using oftree uImages. Without this only raw oftree
+	  blobs can be used.
+
+config BOOTM_AIMAGE
+	bool
+	prompt "Android image support"
+	depends on BOOTM && ARM
+	help
+	  Support using Android Images.
+
+config BOOTM_FITIMAGE
+	bool
+	prompt "FIT image support"
+	select FITIMAGE
+	depends on BOOTM && ARM
+	help
+	  Support using Flattened Image Tree (FIT) Images. FIT is an image
+	  format introduced by U-Boot. A FIT image contains one or multiple
+	  kernels, device trees and initrds. The FIT image itself is a flattened
+	  device tree binary. Have a look at the u-boot source tree
+	  in the "doc/uImage.FIT" folder for more information:
+	  http://git.denx.de/?p=u-boot.git;a=tree;f=doc/uImage.FIT
+
+config BOOTM_FITIMAGE_SIGNATURE
+	bool
+	prompt "support verifying signed FIT images"
+	depends on BOOTM_FITIMAGE
+	select FITIMAGE_SIGNATURE
+	help
+	  Support verifying signed FIT images. This requires FIT images
+	  as described in:
+	  http://git.denx.de/?p=u-boot.git;a=blob;f=doc/uImage.FIT/signature.txt
+	  Additionally the barebox device tree needs a /signature node with the
+	  public key with which the image has been signed.
+
+config BOOTM_FORCE_SIGNED_IMAGES
+	bool
+	prompt "Force booting of signed images"
+	depends on BOOTM_FITIMAGE_SIGNATURE
+	help
+	  With this option enabled only signed images can be booted, unsigned images
+	  are refused to boot. Effectively this means only FIT images can be booted
+	  since they are the only supported image type that support signing.
+
 config BLSPEC
 	depends on BLOCK
 	depends on FLEXIBLE_BOOTARGS
diff --git a/common/bootm.c b/common/bootm.c
index cad8c73efe..27d20f2c72 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -21,6 +21,7 @@
 #include <globalvar.h>
 #include <init.h>
 #include <linux/stat.h>
+#include <magicvar.h>
 
 static LIST_HEAD(handler_list);
 
@@ -49,6 +50,7 @@ static struct image_handler *bootm_find_handler(enum filetype filetype,
 }
 
 static int bootm_appendroot;
+static int bootm_verbosity;
 
 void bootm_data_init_defaults(struct bootm_data *data)
 {
@@ -61,6 +63,7 @@ void bootm_data_init_defaults(struct bootm_data *data)
 	data->initrd_file = getenv_nonempty("global.bootm.initrd");
 	data->verify = bootm_get_verify_mode();
 	data->appendroot = bootm_appendroot;
+	data->verbose = bootm_verbosity;
 }
 
 static enum bootm_verify bootm_verify_mode = BOOTM_VERIFY_HASH;
@@ -74,6 +77,7 @@ static const char * const bootm_verify_names[] = {
 #ifndef CONFIG_BOOTM_FORCE_SIGNED_IMAGES
 	[BOOTM_VERIFY_NONE] = "none",
 	[BOOTM_VERIFY_HASH] = "hash",
+	[BOOTM_VERIFY_AVAILABLE] = "available",
 #endif
 	[BOOTM_VERIFY_SIGNATURE] = "signature",
 };
@@ -142,7 +146,7 @@ int bootm_load_os(struct image_data *data, unsigned long load_address)
 
 bool bootm_has_initrd(struct image_data *data)
 {
-	if (!IS_ENABLED(CONFIG_CMD_BOOTM_INITRD))
+	if (!IS_ENABLED(CONFIG_BOOTM_INITRD))
 		return false;
 
 	if (data->os_fit && data->os_fit->initrd)
@@ -196,7 +200,7 @@ int bootm_load_initrd(struct image_data *data, unsigned long load_address)
 	enum filetype type;
 	int ret;
 
-	if (!IS_ENABLED(CONFIG_CMD_BOOTM_INITRD))
+	if (!IS_ENABLED(CONFIG_BOOTM_INITRD))
 		return -ENOSYS;
 
 	if (!bootm_has_initrd(data))
@@ -274,7 +278,7 @@ static int bootm_open_oftree_uimage(struct image_data *data, size_t *size,
 
 	printf("Loading devicetree from '%s'@%d\n", oftree, num);
 
-	if (!IS_ENABLED(CONFIG_CMD_BOOTM_OFTREE_UIMAGE))
+	if (!IS_ENABLED(CONFIG_BOOTM_OFTREE_UIMAGE))
 		return -EINVAL;
 
 	if (!strcmp(data->os_file, oftree)) {
@@ -651,13 +655,29 @@ static int bootm_init(void)
 	globalvar_add_simple("bootm.image.loadaddr", NULL);
 	globalvar_add_simple("bootm.oftree", NULL);
 	globalvar_add_simple_bool("bootm.appendroot", &bootm_appendroot);
-	if (IS_ENABLED(CONFIG_CMD_BOOTM_INITRD)) {
+	if (IS_ENABLED(CONFIG_BOOTM_INITRD)) {
 		globalvar_add_simple("bootm.initrd", NULL);
 		globalvar_add_simple("bootm.initrd.loadaddr", NULL);
 	}
+
+	if (IS_ENABLED(CONFIG_BOOTM_FORCE_SIGNED_IMAGES))
+		bootm_verify_mode = BOOTM_VERIFY_SIGNATURE;
+
+	globalvar_add_simple_int("bootm.verbose", &bootm_verbosity, "%u");
+
 	globalvar_add_simple_enum("bootm.verify", (unsigned int *)&bootm_verify_mode,
 				  bootm_verify_names, ARRAY_SIZE(bootm_verify_names));
 
 	return 0;
 }
 late_initcall(bootm_init);
+
+BAREBOX_MAGICVAR(bootargs, "Linux kernel parameters");
+BAREBOX_MAGICVAR_NAMED(global_bootm_image, global.bootm.image, "bootm default boot image");
+BAREBOX_MAGICVAR_NAMED(global_bootm_image_loadaddr, global.bootm.image.loadaddr, "bootm default boot image loadaddr");
+BAREBOX_MAGICVAR_NAMED(global_bootm_initrd, global.bootm.initrd, "bootm default initrd");
+BAREBOX_MAGICVAR_NAMED(global_bootm_initrd_loadaddr, global.bootm.initrd.loadaddr, "bootm default initrd loadaddr");
+BAREBOX_MAGICVAR_NAMED(global_bootm_oftree, global.bootm.oftree, "bootm default oftree");
+BAREBOX_MAGICVAR_NAMED(global_bootm_verify, global.bootm.verify, "bootm default verify level");
+BAREBOX_MAGICVAR_NAMED(global_bootm_verbose, global.bootm.verify, "bootm default verbosity level (0=quiet)");
+BAREBOX_MAGICVAR_NAMED(global_bootm_appendroot, global.bootm.appendroot, "Add root= option to Kernel to mount rootfs from the device the Kernel comes from");
diff --git a/common/image-fit.c b/common/image-fit.c
index 4f5c1f16c8..9b6c40fbf8 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -428,7 +428,10 @@ static int fit_open_image(struct fit_handle *handle, const char *unit, const voi
 	}
 
 	if (handle->verify > BOOTM_VERIFY_NONE) {
-		ret = -EINVAL;
+		if (handle->verify == BOOTM_VERIFY_AVAILABLE)
+			ret = 0;
+		else
+			ret = -EINVAL;
 		for_each_child_of_node(image, hash) {
 			if (handle->verbose)
 				of_print_nodes(hash, 0);
@@ -436,9 +439,12 @@ static int fit_open_image(struct fit_handle *handle, const char *unit, const voi
 			if (ret < 0)
 				return ret;
 		}
+
+		if (ret < 0) {
+			pr_err("image '%s': '%s' does not have hashes\n", unit, desc);
+			return ret;
+		}
 	}
-	if (ret < 0)
-		return ret;
 
 	*outdata = data;
 	*outsize = data_len;
@@ -446,9 +452,46 @@ static int fit_open_image(struct fit_handle *handle, const char *unit, const voi
 	return 0;
 }
 
+static int fit_config_verify_signature(struct fit_handle *handle, struct device_node *conf_node)
+{
+	struct device_node *sig_node;
+	int ret = -EINVAL;
+
+	if (!IS_ENABLED(CONFIG_FITIMAGE_SIGNATURE))
+		return 0;
+
+	switch (handle->verify) {
+	case BOOTM_VERIFY_NONE:
+	case BOOTM_VERIFY_HASH:
+		return 0;
+	case BOOTM_VERIFY_SIGNATURE:
+		ret = -EINVAL;
+		break;
+	case BOOTM_VERIFY_AVAILABLE:
+		ret = 0;
+		break;
+	}
+
+	for_each_child_of_node(conf_node, sig_node) {
+		if (handle->verbose)
+			of_print_nodes(sig_node, 0);
+		ret = fit_verify_signature(sig_node, handle->fit);
+		if (ret < 0)
+			return ret;
+	}
+
+	if (ret < 0) {
+		pr_err("configuration '%s' does not have a signature\n",
+		       conf_node->full_name);
+		return ret;
+	}
+
+	return ret;
+}
+
 static int fit_open_configuration(struct fit_handle *handle, const char *name)
 {
-	struct device_node *conf_node = NULL, *sig_node;
+	struct device_node *conf_node = NULL;
 	const char *unit, *desc = "(no description)";
 	int ret;
 
@@ -471,20 +514,9 @@ static int fit_open_configuration(struct fit_handle *handle, const char *name)
 	of_property_read_string(conf_node, "description", &desc);
 	pr_info("configuration '%s': %s\n", unit, desc);
 
-	if (IS_ENABLED(CONFIG_FITIMAGE_SIGNATURE) &&
-	    handle->verify == BOOTM_VERIFY_SIGNATURE) {
-		ret = -EINVAL;
-		for_each_child_of_node(conf_node, sig_node) {
-			if (handle->verbose)
-				of_print_nodes(sig_node, 0);
-			ret = fit_verify_signature(sig_node, handle->fit);
-			if (ret < 0)
-				return ret;
-		}
-
-		if (ret < 0)
-			return ret;
-	}
+	ret = fit_config_verify_signature(handle, conf_node);
+	if (ret)
+		return ret;
 
 	if (of_property_read_string(conf_node, "kernel", &unit) == 0) {
 		ret = fit_open_image(handle, unit, &handle->kernel, &handle->kernel_size);
diff --git a/common/image.c b/common/image.c
index 9252d5e775..f3ec071ee1 100644
--- a/common/image.c
+++ b/common/image.c
@@ -31,7 +31,7 @@
 #include <time.h>
 #endif
 
-#if defined(CONFIG_CMD_BOOTM_SHOW_TYPE) || !defined(__BAREBOX__)
+#if defined(CONFIG_BOOTM_SHOW_TYPE) || !defined(__BAREBOX__)
 typedef struct table_entry {
 	int	id;		/* as defined in image.h	*/
 	char	*sname;		/* short (input) name		*/
diff --git a/common/uimage.c b/common/uimage.c
index 34daf70dc1..28a25bba2d 100644
--- a/common/uimage.c
+++ b/common/uimage.c
@@ -50,7 +50,7 @@ void uimage_print_contents(struct uimage_handle *handle)
 			tm.tm_year, tm.tm_mon, tm.tm_mday,
 			tm.tm_hour, tm.tm_min, tm.tm_sec);
 #endif
-#if defined(CONFIG_CMD_BOOTM_SHOW_TYPE)
+#if defined(CONFIG_BOOTM_SHOW_TYPE)
 	printf("   OS:           %s\n", image_get_os_name(hdr->ih_os));
 	printf("   Architecture: %s\n", image_get_arch_name(hdr->ih_arch));
 	printf("   Type:         %s\n", image_get_type_name(hdr->ih_type));
author	Sascha Hauer <s.hauer@pengutronix.de>	2016-06-14 09:13:35 +0200
committer	Sascha Hauer <s.hauer@pengutronix.de>	2016-06-14 09:13:35 +0200
commit	2b948a834c04fb76ca8319c11ee57d752c6e00da (patch)
tree	41f14595b68447a8854a49b1db15c149ebb0b8f7 /common
parent	bfcdde155359436a95e72d6f1606571a75a0a4ed (diff)
parent	d323e9f6e79bbda21affa663d1974cf23979756a (diff)
download	barebox-2b948a834c04fb76ca8319c11ee57d752c6e00da.tar.gz barebox-2b948a834c04fb76ca8319c11ee57d752c6e00da.tar.xz