Changeset 3317


Ignore:
Timestamp:
Sep 19, 2012, 7:06:03 AM (3 years ago)
Author:
wmb
Message:

OLPC - Implemented ?ofw-reflash in security.fth so that the version in /boot/olpc.fth will not be used. This has the effect of extending the rule of "bootfw.zip" must be named "bootfw4.zip" for XO-4 to the unsecure boot domain too.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpu/x86/pc/olpc/security.fth

    r3315 r3317  
    887887   base @ >r  d# 36 base !
    888888   fw#buf 5 $number  if
    889       show-x
    890       " Invalid firmware version number"  .security-failure
     889      secure?  if
     890         show-x
     891         " Invalid firmware version number"  .security-failure
     892      else
     893         0
     894      then
    891895   then
    892896   pop-base
    893897;
    894898: (fw-version)  ( base-adr -- n )
    895    h# f.ffc7 +  ((fw-version))
     899   signature-offset +  7 +  ((fw-version))
    896900;
    897901
     
    905909: firmware-up-to-date?  ( img$ -- flag )
    906910   /flash <>  if  show-x  " Invalid Firmware image" .security-failure  then  ( adr )
    907    h# f.ffc7 + ((fw-version))       ( file-version# )
    908    ofw-version-int                  ( file-version# rom-version# )
     911   signature-offset + 7 + ((fw-version))   ( file-version# )
     912   ofw-version-int                         ( file-version# rom-version# )
    909913   u<=
    910914;
     
    10241028   show-x
    10251029   " Reflash returned, unexpectedly" .security-failure
     1030;
     1031
     1032\ Check for new firmware.  Used by /boot/olpc.fth.
     1033\ Before calling, set dn-buf to the device, e.g. " int:"
     1034\ and pn-buf to the path, e.g. " \boot"
     1035: ?ofw-reflash  ( -- )
     1036   \ It is okay to overwrite cn-buf here, as ?ofw-reflash is used for non-secure
     1037   \ boot from olpc.fth.  cn-buf is used for the secure boot path.
     1038   null$ cn-buf place
     1039   " bootfw" bundle-present?  if
     1040      img$  firmware-up-to-date?  0=  if
     1041         img$ do-firmware-update
     1042      then
     1043   then
    10261044;
    10271045
Note: See TracChangeset for help on using the changeset viewer.