OFW unsecure kernel/initramfs load from zip file
Daniel Drake
dsd at laptop.org
Wed Sep 21 10:20:19 EDT 2011
On Mon, Sep 19, 2011 at 3:40 PM, Daniel Drake <dsd at laptop.org> wrote:
> Hi,
>
> Right now, our signed images included in the boot partition:
> signed initramfs and kernel (runrd.zip runos.zip), used for secure boot
> unsigned initramfs and kernel (vmlinuz initrd.img), used in unsecure
> mode, but identical the the files in the signed tarballs
>
> I'd like to change the unsecure boot path logic to be:
> - use initrd.img and vmlinuz (as now) if they are present
> - otherwise, load initrd.img from the 'data.img' file inside
> runrd.zip, and load vmlinuz from the 'data.img' file inside runos.zip
> i.e. it would use the signed kernel/initramfs but wouldn't do any
> signature checking
Thanks Mitch for the sample code, I'm attaching what I have now, which
seems to be working, and implements the above.
It also allows for a mix of (e.g.) vmlinuz and runrd.zip, always
preferring the unzipped version even if its partner ramdisk/kernel can
only be found in a zip file.
Could you take a quick look, does this look solid?
Thanks,
Daniel
-------------- next part --------------
: unsecure-load-ramdisk ( -- )
0 to /ramdisk
['] load-path behavior >r ( r: xt )
['] ramdisk-buf to load-path ( r: xt )
\ cn-buf is already set
" rd" bundle-present? if
r> to load-path
img$ place-ramdisk
exit
then
r> to load-path
;
: olpc-fth-boot-me
set-path-macros
" last:" dn-buf place
" run" cn-buf place
?ofw-reflash
" last:\boot\initrd.img" 2dup $file-exists? if
to ramdisk
else
2drop
['] unsecure-load-ramdisk to load-ramdisk
then
" last:\boot\vmlinuz" 2dup $file-exists? if
to boot-device
" rw console=ttyS0,115200 console=tty0 root=/dev/mmcblk0p2 rootwait rootfstype=ext4 rd_NO_FSTAB" expand$ to boot-file
boot
else
2drop
" os" bundle-present? if
img$ tuck load-base swap move !load-size
" init-program" $find if
set-cmdline
execute
sound-end
go
then
then
then
;
olpc-fth-boot-me
More information about the Devel
mailing list