Static layout: support image verification
Add support of image verification for static layout PNOR code update.
Tested: Verify the PNOR code update succeeds with valid-signed PNOR;
and fails with invalid-signed PNOR or a PNOR tarball without
signature.
Change-Id: I1aafeb4e8e07eaa16c170f33f4f21940f7c9c146
Signed-off-by: Lei YU <mine260309@gmail.com>
diff --git a/ubi/activation_ubi.cpp b/ubi/activation_ubi.cpp
index 9ce7085..5c57c4b 100644
--- a/ubi/activation_ubi.cpp
+++ b/ubi/activation_ubi.cpp
@@ -40,7 +40,7 @@
#ifdef WANT_SIGNATURE_VERIFY
// Validate the signed image.
- if (!validateSignature())
+ if (!validateSignature(squashFSImage))
{
// Cleanup
activationBlocksTransition.reset(nullptr);
diff --git a/ubi/activation_ubi.hpp b/ubi/activation_ubi.hpp
index c0ffa01..a6ef436 100644
--- a/ubi/activation_ubi.hpp
+++ b/ubi/activation_ubi.hpp
@@ -9,6 +9,8 @@
namespace updater
{
+constexpr auto squashFSImage = "pnor.xz.squashfs";
+
class RedundancyPriorityUbi : public RedundancyPriority
{
public:
diff --git a/ubi/item_updater_ubi.cpp b/ubi/item_updater_ubi.cpp
index 188b0bf..227bc1a 100644
--- a/ubi/item_updater_ubi.cpp
+++ b/ubi/item_updater_ubi.cpp
@@ -30,8 +30,6 @@
using namespace sdbusplus::xyz::openbmc_project::Common::Error;
using namespace phosphor::logging;
-constexpr auto squashFSImage = "pnor.xz.squashfs";
-
std::unique_ptr<Activation> ItemUpdaterUbi::createActivationObject(
const std::string& path, const std::string& versionId,
const std::string& extVersion,