lib/flash: Check if the partition is signed

In more recent firmware images built by op-build the VERSION partition
is signed, and includes a 'secure header'. Check for this and skip it if
found so we parse the version strings properly.

Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
(cherry picked from commit 6a9c33fe705a479325b47e518f0eedab3239a6b4)

diff --git a/lib/flash/flash.c b/lib/flash/flash.c
index 464b8760b54db8cdd2d8b51564f9dbdcf5a81b26..707e8007f12e642ff11d52c44575dffb02181065 100644 (file)
--- a/lib/flash/flash.c
+++ b/lib/flash/flash.c
@@ -31,6 +31,8 @@
 #include <libflash/file.h>
 #include <libflash/ecc.h>
 
+#define SECURE_BOOT_HEADERS_SIZE 4096
+#define ROM_MAGIC_NUMBER 0x17082011
 
 struct flash_info {
        /* Device information */
@@ -148,6 +150,16 @@ out:
        return NULL;
 }
 
+/* See stb_is_container() in Skiboot */
+static bool is_signed(char *buffer, uint32_t len)
+{
+       if (!buffer || len <= SECURE_BOOT_HEADERS_SIZE)
+               return false;
+       if (be32_to_cpu(*(uint32_t *)buffer) != ROM_MAGIC_NUMBER)
+               return false;
+       return true;
+}
+
 int flash_parse_version(void *ctx, char ***versions, bool current)
 {
        char *saveptr, *tok,  **tmp, *buffer;
@@ -182,6 +194,10 @@ int flash_parse_version(void *ctx, char ***versions, bool current)
                goto out;
        }
 
+       /* Check if this partition is signed */
+       if (is_signed(buffer, len))
+               buffer += SECURE_BOOT_HEADERS_SIZE;
+
        /* open-power-platform */
        tok = strtok_r(buffer, delim, &saveptr);
        if (tok) {