-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add uboot CRC32 checks for kernel and device-tree #3141
Conversation
meta-balena-common/recipes-bsp/u-boot/files/balena_check_crc32.c
Outdated
Show resolved
Hide resolved
c78814c
to
62b4553
Compare
62b4553
to
b94cb82
Compare
@resin-jenkins retest this please |
b94cb82
to
16c7cb8
Compare
c1e6515
to
7901e76
Compare
Pull request was converted to draft
Fixed in device-repository |
7901e76
to
08cabed
Compare
Fixed the iot-gate-imx8 SPL crash in the device repository with balena-os/balena-iot-gate-imx8#326 This PR is ready for review |
Hi @alexgg, does this look good, shall I re-base, merge and then update device repositories to use the checks? |
This helper command saves and compares crc32 sum for a memory area where the kernel image or the device-tree is loaded. Can be used after loading the kernel and the dtb, and also prior to calling booti. Signed-off-by: Alexandru Costache <alexandru@balena.io> Change-type: patch
... and provide default values for the kernel and fdt address variables which can be modified by device repositories. Signed-off-by: Alexandru Costache <alexandru@balena.io>
…validity The balena_kernel_load_crc_save / balena_fdt_load_crc_check functions can be used in the device repository right after the kernel or dtb is loaded and prior to calling the main boot function, to verify if the memory areas of the kernel or fdt overlap or may otherwise be re-written. These functions will save create a file named overlap_detected in the boot partition, which can be checked during automated testing. These checks should not prevent booting in any way. Signed-off-by: Alexandru Costache <alexandru@balena.io>
If a kernel or dtb overlap or overwrite is detected in u-boot, a file named overlap_detected is created in the boot partition. In this test we check for the presence of this file. Signed-off-by: Alexandru Costache <alexandru@balena.io>
08cabed
to
446bd6d
Compare
This PR adds the possibility of checking if the areas where the kernel image and the device-tree have been loaded were tampered during boot, like for instance if there is a kernel - dtb overlap. Upon any potential failure, a file named overlap_detected is created in the boot partition, and its presence can be checked by the automated tests.
These scripts should not cause any boot failures however, for cases where an overlap exists but does not halt booting nor is reproducible in the test rig.
Since device repositories may have the device-specific boot scripts in various places which are not standard (i.e script header for the board, BOOT_COMMAND config variable, etc) and the kernel and fdt load address variables are not unique for all devices (some use fdtaddr, others fdt_addr), the device repositories can override these variable names and run the balena crc checks on a case by case basis, after loading the kernel/dtb and prior to calling the final boot command (i.e booti)
Tested manually on:
Contributor checklist
Change-type
present on at least one commitSigned-off-by
is presentReviewer Guidelines