summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAidan MacDonald <amachronic@protonmail.com>2022-10-28 20:27:59 +0100
committerAidan MacDonald <amachronic@protonmail.com>2022-10-28 20:32:38 +0100
commit9e258652c47b0225730a19775304a33649f5c0a2 (patch)
tree41fe81749eee4fc833658208188d051141fe86c6
parent202eb8c06a0b2454b9b2ab0314fc43620f011e16 (diff)
downloadrockbox-9e258652c4.tar.gz
rockbox-9e258652c4.zip
x1000: Add a basic sanity check for bootloader backups
The bootloader backup is intentionally simple, but it's a little *too* simple. Add a sanity check to make sure what we're backing up or restoring contains the first 8 bytes of the SPL header. This isn't going to catch all possible problems, but it'll stop obviously non-functional backups from being restored. Change-Id: I6e80351aeb96c467f0514bd0ecd77d94ff72a8f8
-rw-r--r--firmware/target/mips/ingenic_x1000/installer-x1000.c16
-rw-r--r--firmware/target/mips/ingenic_x1000/installer-x1000.h1
2 files changed, 17 insertions, 0 deletions
diff --git a/firmware/target/mips/ingenic_x1000/installer-x1000.c b/firmware/target/mips/ingenic_x1000/installer-x1000.c
index ef5bbcd66a..acc1d7b711 100644
--- a/firmware/target/mips/ingenic_x1000/installer-x1000.c
+++ b/firmware/target/mips/ingenic_x1000/installer-x1000.c
@@ -62,6 +62,9 @@ static const struct update_part updates[] = {
static const int num_updates = sizeof(updates) / sizeof(struct update_part);
+static const uint8_t flash_sig_magic[8] =
+ {0x06, 0x05, 0x04, 0x03, 0x02, 0x55, 0xaa, 0x55};
+
/* calculate the offset and length of the update image; this is constant
* for a given target, based on the update parts and the NAND chip geometry.
*/
@@ -249,6 +252,12 @@ int backup_bootloader(const char* filename)
goto error;
}
+ /* bail if we're backing up something that looks like garbage */
+ if (memcmp(u.img_buf, flash_sig_magic, 8)) {
+ rc = IERR_CORRUPTED_BACKUP;
+ goto error;
+ }
+
/* write to file */
fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY);
if(fd < 0) {
@@ -293,6 +302,12 @@ int restore_bootloader(const char* filename)
goto error;
}
+ /* safety check to reduce risk of flashing complete garbage */
+ if (memcmp(u.img_buf, flash_sig_magic, 8)) {
+ rc = IERR_CORRUPTED_BACKUP;
+ goto error;
+ }
+
/* write image */
rc = nand_write_bytes(u.ndrv, u.img_off, u.img_len, u.img_buf);
if(rc != NAND_SUCCESS) {
@@ -320,6 +335,7 @@ const char* installer_strerror(int rc)
case IERR_NAND_OPEN: return "NAND open error";
case IERR_NAND_READ: return "NAND read error";
case IERR_NAND_WRITE: return "NAND write error";
+ case IERR_CORRUPTED_BACKUP: return "Backup is corrupt";
default: return "Unknown error!?";
}
}
diff --git a/firmware/target/mips/ingenic_x1000/installer-x1000.h b/firmware/target/mips/ingenic_x1000/installer-x1000.h
index b71839a907..9b0f1e4bd6 100644
--- a/firmware/target/mips/ingenic_x1000/installer-x1000.h
+++ b/firmware/target/mips/ingenic_x1000/installer-x1000.h
@@ -45,6 +45,7 @@ enum {
IERR_NAND_OPEN,
IERR_NAND_READ,
IERR_NAND_WRITE,
+ IERR_CORRUPTED_BACKUP,
};
extern int install_bootloader(const char* filename);