On Tuesday 23 August 2022 12:28:48 Stefan Roese wrote: > Hi Pali, > > On 09.08.22 21:42, Pali Rohár wrote: > > Currently for A38x image is checked only header checksum. > > So check also for image data checksum to prevent flashing broken image. > > > > Signed-off-by: Pali Rohár <p...@kernel.org> > > > > --- > > Changes in v2: > > * Compile fix (move code chunk from patch 2/2 to 1/2) > > --- > > cmd/mvebu/bubt.c | 45 ++++++++++++++++++++++++++++++++++++++++++++- > > 1 file changed, 44 insertions(+), 1 deletion(-) > > > > diff --git a/cmd/mvebu/bubt.c b/cmd/mvebu/bubt.c > > index 2136af64163c..3b6ffb7ffd1f 100644 > > --- a/cmd/mvebu/bubt.c > > +++ b/cmd/mvebu/bubt.c > > @@ -688,9 +688,24 @@ static uint8_t image_checksum8(const void *start, > > size_t len) > > return csum; > > } > > +static uint32_t image_checksum32(const void *start, size_t len) > > +{ > > + u32 csum = 0; > > + const u32 *p = start; > > + > > + while (len) { > > + csum += *p; > > + ++p; > > + len -= sizeof(u32); > > + } > > + > > + return csum; > > +} > > + > > static int check_image_header(void) > > { > > u8 checksum; > > + u32 checksum32, exp_checksum32; > > const struct a38x_main_hdr_v1 *hdr = > > (struct a38x_main_hdr_v1 *)get_load_addr(); > > const size_t image_size = a38x_header_size(hdr); > > @@ -701,11 +716,39 @@ static int check_image_header(void) > > checksum = image_checksum8(hdr, image_size); > > checksum -= hdr->checksum; > > if (checksum != hdr->checksum) { > > - printf("Error: Bad A38x image checksum. 0x%x != 0x%x\n", > > + printf("Error: Bad A38x image header checksum. 0x%x != 0x%x\n", > > checksum, hdr->checksum); > > return -ENOEXEC; > > } > > + offset = le32_to_cpu(hdr->srcaddr); > > + size = le32_to_cpu(hdr->blocksize); > > While running a world Azure CI build, I get these errors: > > $ make clearfog_defconfig > $ make -sj > ... > cmd/mvebu/bubt.c: In function 'check_image_header': > cmd/mvebu/bubt.c:724:9: error: 'offset' undeclared (first use in this > function); did you mean 'off_t'? > 724 | offset = le32_to_cpu(hdr->srcaddr); > | ^~~~~~ > | off_t > cmd/mvebu/bubt.c:724:9: note: each undeclared identifier is reported only > once for each function it appears in > cmd/mvebu/bubt.c:725:9: error: 'size' undeclared (first use in this > function); did you mean 'size_t'? > 725 | size = le32_to_cpu(hdr->blocksize); > | ^~~~ > | size_t > make[2]: *** [scripts/Makefile.build:258: cmd/mvebu/bubt.o] Error 1 > make[1]: *** [scripts/Makefile.build:398: cmd/mvebu] Error 2 > make[1]: *** Waiting for unfinished jobs.... > make: *** [Makefile:1916: cmd] Error 2 > make: *** Waiting for unfinished jobs.... > > Could you please take a look and fix these issues?
It took me some time to find where is the issue, because I was not able to reproduce it. But finally I was able to trigger it. The issue is that changes are incorrectly split into patch 1/2 and 2/2. So if you apply both patches, there is no issue. I will try to fix it and send a v3. > Thanks, > Stefan > > > + > > + if (hdr->blockid == 0x78) { /* SATA id */ > > + if (offset < 1) { > > + printf("Error: Bad A38x image srcaddr.\n"); > > + return -ENOEXEC; > > + } > > + offset -= 1; > > + offset *= 512; > > + } > > + > > + if (hdr->blockid == 0xAE) /* SDIO id */ > > + offset *= 512; > > + > > + if (offset % 4 != 0 || size < 4 || size % 4 != 0) { > > + printf("Error: Bad A38x image blocksize.\n"); > > + return -ENOEXEC; > > + } > > + > > + checksum32 = image_checksum32((u8 *)hdr + offset, size - 4); > > + exp_checksum32 = *(u32 *)((u8 *)hdr + offset + size - 4); > > + if (checksum32 != exp_checksum32) { > > + printf("Error: Bad A38x image data checksum. 0x%08x != > > 0x%08x\n", > > + checksum32, exp_checksum32); > > + return -ENOEXEC; > > + } > > + > > printf("Image checksum...OK!\n"); > > return 0; > > } > > Viele Grüße, > Stefan Roese > > -- > DENX Software Engineering GmbH, Managing Director: Wolfgang Denk > HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany > Phone: (+49)-8142-66989-51 Fax: (+49)-8142-66989-80 Email: s...@denx.de