Changeset 3317


Ignore:
Timestamp:
Sep 19, 2012, 9:06:03 AM (22 months ago)
Author:
wmb
Message:

OLPC - Implemented ?ofw-reflash in security.fth so that the version in /boot/olpc.fth will not be used. This has the effect of extending the rule of "bootfw.zip" must be named "bootfw4.zip" for XO-4 to the unsecure boot domain too.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpu/x86/pc/olpc/security.fth

    r3315 r3317  
    887887   base @ >r  d# 36 base ! 
    888888   fw#buf 5 $number  if 
    889       show-x 
    890       " Invalid firmware version number"  .security-failure 
     889      secure?  if 
     890         show-x 
     891         " Invalid firmware version number"  .security-failure 
     892      else 
     893         0 
     894      then 
    891895   then 
    892896   pop-base 
    893897; 
    894898: (fw-version)  ( base-adr -- n ) 
    895    h# f.ffc7 +  ((fw-version)) 
     899   signature-offset +  7 +  ((fw-version)) 
    896900; 
    897901 
     
    905909: firmware-up-to-date?  ( img$ -- flag ) 
    906910   /flash <>  if  show-x  " Invalid Firmware image" .security-failure  then  ( adr ) 
    907    h# f.ffc7 + ((fw-version))       ( file-version# ) 
    908    ofw-version-int                  ( file-version# rom-version# ) 
     911   signature-offset + 7 + ((fw-version))   ( file-version# ) 
     912   ofw-version-int                         ( file-version# rom-version# ) 
    909913   u<= 
    910914; 
     
    10241028   show-x 
    10251029   " Reflash returned, unexpectedly" .security-failure 
     1030; 
     1031 
     1032\ Check for new firmware.  Used by /boot/olpc.fth. 
     1033\ Before calling, set dn-buf to the device, e.g. " int:" 
     1034\ and pn-buf to the path, e.g. " \boot" 
     1035: ?ofw-reflash  ( -- ) 
     1036   \ It is okay to overwrite cn-buf here, as ?ofw-reflash is used for non-secure 
     1037   \ boot from olpc.fth.  cn-buf is used for the secure boot path. 
     1038   null$ cn-buf place 
     1039   " bootfw" bundle-present?  if 
     1040      img$  firmware-up-to-date?  0=  if 
     1041         img$ do-firmware-update 
     1042      then 
     1043   then 
    10261044; 
    10271045 
Note: See TracChangeset for help on using the changeset viewer.