- add function fit_all_image_check_hashes() that verifies if all hashes of all images in the FIT are valid - improve output of fit_image_check_hashes() when the hash check fails

Signed-off-by: Bartlomiej Sieka tur@semihalf.com --- common/image.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++---- include/image.h | 1 + 2 files changed, 57 insertions(+), 5 deletions(-)

diff --git a/common/image.c b/common/image.c index 94f01ad..7f55695 100644 --- a/common/image.c +++ b/common/image.c @@ -2645,27 +2645,29 @@ int fit_image_check_hashes (const void *fit, int image_noffset) continue;

if (fit_image_hash_get_algo (fit, noffset, &algo)) { - err_msg = "Can't get hash algo property"; + err_msg = " error!\nCan't get hash algo " + "property"; goto error; } printf ("%s", algo);

if (fit_image_hash_get_value (fit, noffset, &fit_value, &fit_value_len)) { - err_msg = "Can't get hash value property"; + err_msg = " error!\nCan't get hash value " + "property"; goto error; }

if (calculate_hash (data, size, algo, value, &value_len)) { - err_msg = "Unsupported hash algorithm"; + err_msg = " error!\nUnsupported hash algorithm"; goto error; }

if (value_len != fit_value_len) { - err_msg = "Bad hash value len"; + err_msg = " error !\nBad hash value len"; goto error; } else if (memcmp (value, fit_value, value_len) != 0) { - err_msg = "Bad hash value"; + err_msg = " error!\nBad hash value"; goto error; } printf ("+ "); @@ -2682,6 +2684,55 @@ error: }

/** + * fit_all_image_check_hashes - verify data intergity for all images + * @fit: pointer to the FIT format image header + * + * fit_all_image_check_hashes() goes over all images in the FIT and + * for every images checks if all it's hashes are valid. + * + * returns: + * 1, if all hashes of all images are valid + * 0, otherwise (or on error) + */ +int fit_all_image_check_hashes (const void *fit) +{ + int images_noffset; + int noffset; + int ndepth; + int count; + + /* Find images parent node offset */ + images_noffset = fdt_path_offset (fit, FIT_IMAGES_PATH); + if (images_noffset < 0) { + printf ("Can't find images parent node '%s' (%s)\n", + FIT_IMAGES_PATH, fdt_strerror (images_noffset)); + return 0; + } + + /* Process all image subnodes, check hashes for each */ + printf ("## Checking hash(es) for FIT Image at %08lx ...\n", + (ulong)fit); + for (ndepth = 0, count = 0, + noffset = fdt_next_node (fit, images_noffset, &ndepth); + (noffset >= 0) && (ndepth > 0); + noffset = fdt_next_node (fit, noffset, &ndepth)) { + if (ndepth == 1) { + /* + * Direct child node of the images parent node, + * i.e. component image node. + */ + printf (" Hash(es) for Image %u (%s): ", count++, + fit_get_name (fit, noffset, NULL)); + + if (!fit_image_check_hashes (fit, noffset)) + return 0; + printf ("\n"); + } + } + return 1; +} + +/** * fit_image_check_os - check whether image node is of a given os type * @fit: pointer to the FIT format image header * @noffset: component image node offset diff --git a/include/image.h b/include/image.h index 9be806e..e4de513 100644 --- a/include/image.h +++ b/include/image.h @@ -573,6 +573,7 @@ int fit_image_hash_set_value (void *fit, int noffset, uint8_t *value, int value_len);

int fit_image_check_hashes (const void *fit, int noffset); +int fit_all_image_check_hashes (const void *fit); int fit_image_check_os (const void *fit, int noffset, uint8_t os); int fit_image_check_arch (const void *fit, int noffset, uint8_t arch); int fit_image_check_type (const void *fit, int noffset, uint8_t type);

Signed-off-by: Bartlomiej Sieka tur@semihalf.com --- common/cmd_bootm.c | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/common/cmd_bootm.c b/common/cmd_bootm.c index 8dbab02..e537418 100644 --- a/common/cmd_bootm.c +++ b/common/cmd_bootm.c @@ -854,6 +854,12 @@ static int image_info (ulong addr) }

fit_print_contents (hdr); + + if (!fit_all_image_check_hashes (hdr)) { + puts ("Bad hash in FIT image!\n"); + return 1; + } + return 0; #endif default: