From e6aac8d98f5663be99163f9e61dad23ad657b7ed Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Mon, 15 Feb 2021 14:37:17 +0000 Subject: image: add support for building FIT image with filesystem Allow for single (external-data) FIT image to hold kernel, dtb and squashfs. In that way, the bootloader verifies the system integrity including the rootfs, because what's the point of checking that the hash of the kernel is correct if it won't boot in case of squashfs being corrupted? Better allow bootloader to check everything needed to make it at least up to failsafe mode. As a positive side effect this change also makes the sysupgrade process on nand potentially much easier as it is now. In short: mkimage has a parameter '-E' which allows generating FIT images with 'external' data rather than embedding the data into the device-tree blob itself. In this way, the FIT structure itself remains small and can be parsed easily (rather than having to page around megabytes of image content). This patch makes use of that and adds support for adding sub-images of type 'filesystem' which are used to store the squashfs. Now U-Boot can verify the whole OS and the new partition parsers added in the Linux kernel can detect the filesystem sub-images, create partitions for them, and select the active rootfs volume based on the configuration in FIT (passing configuration via device tree could be implemented easily at a later stage). This new FIT partition parser works for NOR flash (on top of mtdblock), NAND flash (on top of ubiblock) as well as classic block devices (ie. eMMC, SDcard, SATA, NVME, ...). It could even be used to mount such FIT images via `losetup -P` on a user PC if this patch gets included in Linux upstream one day ;) Signed-off-by: John Crispin Signed-off-by: Daniel Golle --- target/linux/generic/files/block/partitions/fit.c | 233 ++++++++++++++++++++++ 1 file changed, 233 insertions(+) create mode 100644 target/linux/generic/files/block/partitions/fit.c (limited to 'target/linux/generic/files/block') diff --git a/target/linux/generic/files/block/partitions/fit.c b/target/linux/generic/files/block/partitions/fit.c new file mode 100644 index 0000000000..8ccbcf2fc2 --- /dev/null +++ b/target/linux/generic/files/block/partitions/fit.c @@ -0,0 +1,233 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * fs/partitions/fit.c + * Copyright (C) 2021 Daniel Golle + * + * headers extracted from U-Boot mkimage sources + * (C) Copyright 2008 Semihalf + * (C) Copyright 2000-2005 + * Wolfgang Denk, DENX Software Engineering, wd@denx.de. + * + * based on existing partition parsers + * Copyright (C) 1991-1998 Linus Torvalds + * Re-organised Feb 1998 Russell King + */ + +#define pr_fmt(fmt) fmt + +#include +#include +#include +#include +#include + +#include "check.h" + +#define FIT_IMAGES_PATH "/images" +#define FIT_CONFS_PATH "/configurations" + +/* hash/signature/key node */ +#define FIT_HASH_NODENAME "hash" +#define FIT_ALGO_PROP "algo" +#define FIT_VALUE_PROP "value" +#define FIT_IGNORE_PROP "uboot-ignore" +#define FIT_SIG_NODENAME "signature" +#define FIT_KEY_REQUIRED "required" +#define FIT_KEY_HINT "key-name-hint" + +/* cipher node */ +#define FIT_CIPHER_NODENAME "cipher" +#define FIT_ALGO_PROP "algo" + +/* image node */ +#define FIT_DATA_PROP "data" +#define FIT_DATA_POSITION_PROP "data-position" +#define FIT_DATA_OFFSET_PROP "data-offset" +#define FIT_DATA_SIZE_PROP "data-size" +#define FIT_TIMESTAMP_PROP "timestamp" +#define FIT_DESC_PROP "description" +#define FIT_ARCH_PROP "arch" +#define FIT_TYPE_PROP "type" +#define FIT_OS_PROP "os" +#define FIT_COMP_PROP "compression" +#define FIT_ENTRY_PROP "entry" +#define FIT_LOAD_PROP "load" + +/* configuration node */ +#define FIT_KERNEL_PROP "kernel" +#define FIT_FILESYSTEM_PROP "filesystem" +#define FIT_RAMDISK_PROP "ramdisk" +#define FIT_FDT_PROP "fdt" +#define FIT_LOADABLE_PROP "loadables" +#define FIT_DEFAULT_PROP "default" +#define FIT_SETUP_PROP "setup" +#define FIT_FPGA_PROP "fpga" +#define FIT_FIRMWARE_PROP "firmware" +#define FIT_STANDALONE_PROP "standalone" + +#define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE + +int fit_partition(struct parsed_partitions *state) +{ + struct address_space *mapping = state->bdev->bd_inode->i_mapping; + struct page *page = read_mapping_page(mapping, 0, NULL); + void *fit, *init_fit; + struct partition_meta_info *info; + char tmp[sizeof(info->volname)]; + u64 dsize, dsectors; + u32 size, image_pos, image_len; + const u32 *image_offset_be, *image_len_be, *image_pos_be; + int ret = 1, node, images, config, slot; + const char *image_name, *image_type, *image_description, *config_default, + *config_description, *config_loadables; + int image_name_len, image_type_len, image_description_len, config_default_len, + config_description_len, config_loadables_len; + sector_t start_sect, nr_sects; + size_t label_min; + + if (!page) + return -ENOMEM; + + init_fit = page_address(page); + + if (!init_fit) { + put_page(page); + return -EFAULT; + } + + if (fdt_check_header(init_fit)) { + put_page(page); + return 0; + } + + dsectors = get_capacity(state->bdev->bd_disk); + dsize = dsectors << SECTOR_SHIFT; + printk(KERN_DEBUG "FIT: volume size: %llu sectors (%llu bytes)\n", dsectors, dsize); + + size = fdt_totalsize(init_fit); + printk(KERN_DEBUG "FIT: FDT structure size: %u bytes\n", size); + if (size > PAGE_SIZE) { + printk(KERN_ERR "FIT: FDT structure beyond page boundaries, use 'mkimage -E ...'!\n"); + put_page(page); + return -ENOTSUPP; + } + + if (size >= dsize) { + put_page(page); + state->access_beyond_eod = (size >= dsize); + return 0; + } + + fit = kmemdup(init_fit, size, GFP_KERNEL); + put_page(page); + if (!fit) + return -ENOMEM; + + config = fdt_path_offset(fit, FIT_CONFS_PATH); + if (config < 0) { + printk(KERN_ERR "FIT: Cannot find %s node: %d\n", FIT_CONFS_PATH, images); + ret = -ENOENT; + goto ret_out; + } + + config_default = fdt_getprop(fit, config, FIT_DEFAULT_PROP, &config_default_len); + + if (!config_default) { + printk(KERN_ERR "FIT: Cannot find default configuration\n"); + ret = -ENOENT; + goto ret_out; + } + + node = fdt_subnode_offset(fit, config, config_default); + if (node < 0) { + printk(KERN_ERR "FIT: Cannot find %s node: %d\n", config_default, node); + ret = -ENOENT; + goto ret_out; + } + + config_description = fdt_getprop(fit, node, FIT_DESC_PROP, &config_description_len); + config_loadables = fdt_getprop(fit, node, FIT_LOADABLE_PROP, &config_loadables_len); + + printk(KERN_DEBUG "FIT: Default configuration: %s%s%s%s\n", config_default, + config_description?" (":"", config_description?:"", config_description?")":""); + + images = fdt_path_offset(fit, FIT_IMAGES_PATH); + if (images < 0) { + printk(KERN_ERR "FIT: Cannot find %s node: %d\n", FIT_IMAGES_PATH, images); + ret = -EINVAL; + goto ret_out; + } + + slot = 1; + fdt_for_each_subnode(node, fit, images) { + image_name = fdt_get_name(fit, node, &image_name_len); + image_type = fdt_getprop(fit, node, FIT_TYPE_PROP, &image_type_len); + image_offset_be = fdt_getprop(fit, node, FIT_DATA_OFFSET_PROP, NULL); + image_pos_be = fdt_getprop(fit, node, FIT_DATA_POSITION_PROP, NULL); + image_len_be = fdt_getprop(fit, node, FIT_DATA_SIZE_PROP, NULL); + if (!image_name || !image_type || !image_len_be) + continue; + + image_len = be32_to_cpu(*image_len_be); + if (!image_len) + continue; + + if (image_offset_be) + image_pos = be32_to_cpu(*image_offset_be) + size; + else if (image_pos_be) + image_pos = be32_to_cpu(*image_pos_be); + else + continue; + + image_description = fdt_getprop(fit, node, FIT_DESC_PROP, &image_description_len); + + printk(KERN_DEBUG "FIT: %16s sub-image 0x%08x - 0x%08x '%s' %s%s%s\n", + image_type, image_pos, image_pos + image_len, image_name, + image_description?"(":"", image_description?:"", image_description?") ":""); + + if (strcmp(image_type, FIT_FILESYSTEM_PROP)) + continue; + + if (image_pos & ((1 << PAGE_SHIFT)-1)) { + printk(KERN_ERR "FIT: image %s start not aligned to page boundaries, skipping\n", image_name); + continue; + } + + if (image_len & ((1 << PAGE_SHIFT)-1)) { + printk(KERN_ERR "FIT: sub-image %s end not aligned to page boundaries, skipping\n", image_name); + continue; + } + + start_sect = image_pos >> SECTOR_SHIFT; + nr_sects = image_len >> SECTOR_SHIFT; + + if (start_sect + nr_sects > dsectors) { + state->access_beyond_eod = 1; + continue; + } + + put_partition(state, slot, start_sect, nr_sects); + state->parts[slot].flags = 0; + info = &state->parts[slot].info; + + label_min = min_t(int, sizeof(info->volname) - 1, image_name_len); + strncpy(info->volname, image_name, label_min); + info->volname[label_min] = '\0'; + + snprintf(tmp, sizeof(tmp), "(%s)", info->volname); + strlcat(state->pp_buf, tmp, PAGE_SIZE); + + state->parts[slot].has_info = true; + + if (config_loadables && !strcmp(image_name, config_loadables)) { + printk(KERN_DEBUG "FIT: selecting configured loadable %s to be root filesystem\n", image_name); + state->parts[slot].flags |= ADDPART_FLAG_ROOTDEV; + } + + ++slot; + } + +ret_out: + kfree(fit); + return ret; +} -- cgit v1.2.3